Help

BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.

To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.

To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.

Login Register Subscribe

Lawmakers look to bar states from mandating encryption weaknesses

Reprints

(Reuters) — U.S. House of Representatives lawmakers will introduce bipartisan legislation on Wednesday that would prohibit states from requiring tech companies to build encryption weaknesses into their products.

The move marks the latest foray into an ongoing debate over encryption between Silicon Valley and Washington. While tech companies generally oppose weakened security standards, federal authorities have warned about a "going dark" phenomenon in which criminal suspects use powerful encryption in their communications so that investigators cannot access a phone's content, even with a warrant.

The ENCRYPT Act, sponsored by Democratic Representative Ted Lieu and Republican Blake Farenthold, would prevent any state or locality from mandating that a "manufacturer, developer, seller, or provider" design or alter the security of a product so it can be decrypted or surveilled by authorities, according to bill text viewed by Reuters.

The legislation is in response to proposals in recent months in New York and California that would require companies to be able to decrypt their smartphones manufactured after 2017, Lieu said.

"It is completely technologically unworkable for individual states to mandate different encryption standards in consumer products," Lieu told Reuters in an interview. "Apple can't make a different smartphone for California and New York and the rest of the country."

It is unclear how much momentum the bill will have in the House, though the chamber has staked out positions sympathetic to digital privacy in recent years.

Encryption has been an area of disagreement between tech companies and law enforcement authorities for decades, but it gained renewed scrutiny after Apple and Google began offering strong encryption by default on their products in 2014.

FBI Director James Comey told a Senate panel on Tuesday that federal investigators have still been unable to access the contents of a cellphone belonging to one of the killers in the Dec. 2 shootings in San Bernardino, California, because of encryption.

But technology companies, privacy advocates and cryptographers say any mandated vulnerability would expose data to hackers and jeopardize the overall integrity of the Internet.

A study from the Berkman Center for Internet and Society at Harvard University released last month, citing some current and former intelligence officials, concluded that fears about encryption are overstated in part because new technologies have given investigators unprecedented means to track suspects.

Read Next

  • Uber to pay $20,000 after stalling on data breach announcement

    Uber Technologies Inc., the ride-sharing service, has agreed to pay a $20,000 fine in connection with its alleged late notification of a data breach in a settlement under which it also agreed separately to adopt better data security protection of its riders' personal information, said New York attorney general Eric T. Schneiderman.