The encryption bill being floated by Senators Richard Burr and Dianne Feinstein already seems marked for failure because of a promised filibuster, a hostile House of Representatives, an eventual POTUS veto, and universal opposition from Silicon Valley and privacy groups.
The bill, which was leaked last Friday and circulated Wednesday, mandates that U.S. technology companies establish an encryption “backdoor” through which government agencies can access user data on the power of a warrant or court order.
The main problem with the bill, sources say, is that it touches only U.S.-based hardware and software companies, and so will do little to curb terrorism. The Internet, after all, isn’t confined by borders, so bad actors could easily abandon tech products with backdoors and move to ones with better security. Terrorist networks are already known to use apps Telegram or Signal, which are operated by companies outside the United States and use strong, open-source encryption.
The Burr-Feinstein bill will next be discussed and marked up in the Senate Intelligence Committee, which Senator Burr chairs and of which Feinstein is the ranking member. If the marked-up bill passes a vote in the committee it could be introduced on the Senate floor.
But Senator Ron Wyden (D-Oregon)—the second-ranking Democrat on the Intelligence Committee—has vowed to be waiting there with a filibuster if that happens. Wyden does not believe the problems with the bill can be fixed with markups, a spokesman said.
Even without a filibuster, Congressman Darrell Issa (R-Calif.) said the bill almost certainly lacks the votes for passage in the Senate. It’s even more unlikely that a companion bill would be introduced in the House, where passage is next to impossible.
The White House has already said that it won’t support the Burr-Feinstein bill in its current form.
At least one Republican member of Senate Intelligence Committee—Senator Dan Coats (R-Indiana)—came out in support of the bill in an interview with NPR Wednesday night.
Other than Coats, it was difficult to find members of Congress who are in support of the bill. A Coats spokesman said in an email note he knew of no others supporting it.
“The discussion draft was released just yesterday and staff is in the process of talking to stakeholders,” said a Feinstein spokesman. “I’m sure we’ll be in a position to discuss support for the bill down the road.”
It was far easier finding people in Washington to speak out against the bill.
“The bill goes to an inherent constitutional question of do we have a right to produce a product that commits no crime, or provide a service that commits no crime, and guarantees security, or do we have to presume that locks have to be insecure so that law enforcement can get to them?” Issa told Fast Company Thursday.
The question still remains as to whether it’s really possible to write a viable law that would both allow the government access to encrypted data without seriously weakening personal data security in a time when hackers are becoming more resourceful and aggressive.
“People are trying to find the middle ground between encryption and national security,” Congresswoman Zoe Lofgren told Fast Company Thursday. “If there is some middle ground that I don’t know about I would be happy to hear it, but if you create holes in the encryption you make security weaker.”
Both Issa and Lofgren sit on the House Judiciary Committee, which held a hearing on encryption where both Apple and the FBI testified.
Both Senators pointed to an editorial in the San Jose Mercury News titled “Feinstein still clueless on technology after all these years.”
The language of the bill indeed does expose a big disconnect between the thinking of the national security community and the tech community.
Apple, which has been at the center of the encryption debate, also chose not to comment. Apple and the FBI will testify in front of another Congressional committee—the House Energy and Commerce Committee—next Tuesday.
Several members of Congress have told Fast Company that the political winds are blowing away from carte blanche government surveillance and toward stronger encryption in a broad sense. Just yesterday members of the House Judiciary Committee voted overwhelmingly to increase the personal data security protections in the Email Privacy Act.