Cyber Security

“Dead” Senate Anti-Encryption Bill Not Actually Dead

A leaked draft shows possible minor changes to the controversial bill

Cyber Security
Photo Illustration: R. A. Di Ieso
Sep 09, 2016 at 6:00 PM ET

A controversial bill to ban American tech companies from fully encrypting their users’ messages is not actually “dead” this year, as was previously reported and celebrated.

The bill, a joint effort by senators Dianne Feinstein (D-Calif.) and Richard Burr (R-N.C.), addresses the problem of “going dark.” That’s the phenomenon law enforcement can encounter when they receive a warrant for a suspect’s communications, but can’t understand them because even the company doesn’t posses the ability to decrypt them. If a potential terrorist uses an iPhone to plan an attack, the argument goes, the FBI wouldn’t be able to read those communications even with a warrant, because iMessage uses what’s called end-to-end encryption. In that case, only the intended user, and not even Apple, would be able to read the message.

But critics point to technologists and cryptography experts, who resoundingly agree that a device that creates a “backdoor” for the government will inherently leave it exposed to hackers and foreign governments. Besides, the U.S. can’t pass laws preventing other countries from creating their own end-to-end encrypted messaging service. Heavy criticism of the wording of the Feinstein-Burr bill, as well as opposition from the tech community and privacy advocates, led to the senators reportedly conceding in May that the bill stood no chance of passing this year.

But the bill is kicking again. A source at Feinstein’s office told Vocativ that while there was no formal new draft of the bill, the senator is in the process of soliciting ideas and feedback from a number of sources in hopes of eventually creating a version more likely to pass.

Julian Sanchez, a senior fellow at the Cato institute, and critic of the original draft, has obtained a working version of proposed changes to the bill, and found that that a few areas had been slightly amended to narrow its broad scope and lessen the lengths it would allow the government to demand a U.S. company weaken its own security. But he found the changes relatively minor.

“Those changes aside, it’s the same bill,” Sanchez wrote.

Burr’s office didn’t immediately respond to request for comment. The issue, however, may hurt him. His reelection campaign, once thought to be a slam dunk, has narrowed against Democrat Deborah Ross. A Vocativ analysis found that some tech voters who donate to Ron Wyden (D-Oreg.), long regarded as one of the biggest privacy and encryption advocates in the Senate, had donated to Ross too.