House members on Thursday reintroduced a bipartisan bill that would prevent states from requiring technology companies to include encryption “backdoors” in their products that would allow governments to access data stored on those products.
The Ensuring National Constitutional Rights for Your Private Telecommunications (ENCRYPT) Act of 2018 was originally introduced in 2016 in response to a dispute between the Federal Bureau of Investigation and Apple in which the bureau sought to have the technology company provide access to the locked cellphone of a suspect in the 2015 San Bernardino, Calif., mass shooting.
The bill–which was reintroduced today in identical form save the date change–would bar states from mandating or requesting that companies “design or alter the security functions in its product or service to allow the surveillance of any user,” “allow the physical search of such product,” or “have the ability to decrypt or otherwise render intelligible information that is encrypted.”
“Any discussion of encryption and law enforcement access to data needs to happen at the Federal level,” said Rep. Ted Lieu, D-Calif., a sponsor of the bill, in a statement. “Encryption exists to protect us from bad actors, and can’t be weakened without also putting every American in harm’s way.”
Lieu was joined by fellow sponsors Reps. Mike Bishop, R-Mich., Suzan DelBene, D-Wash., and Jim Jordan, R-Ohio. They spoke collectively about the dangers of forced decryption that go beyond privacy concerns and open the potential for abuse by cybercriminals.
“We know Federal agencies have abused warrantless surveillance in the past,” said Jordan. “The current patchwork system for encryption makes it easier for further abuses of the system and increases the problem by creating potential opportunities for abuse by 3rd party actors.”
“The safety of our nation is the number one priority for this Congress, and establishing a pathway for decryption would create new vulnerabilities to be exploited by bad actors,” said Bishop.
The statement from Lieu includes comments of support from several private sector firms.
The bill marks another step in a concerted push by lawmakers to thwart government workarounds into private citizen technology. Lawmakers last month introduced the Secure Data Act of 2018, which would similarly prevent Federal government agencies from demanding encryption backdoors in devices.