Privacy Advocates, Industry Say Burr/Feinstein Bill Undermines Security, Privacy
Privacy and industry groups criticized a leaked "discussion draft" from leaders of the Senate Select Committee on Intelligence, saying it would undermine people's privacy and security by forcing technology companies and others under a court order to provide information, data or technical assistance to get such data in a timely fashion. “This bill is a clear threat to everyone’s privacy and security," said Neema Singh Guliani, American Civil Liberties Union legislative counsel, in a statement. "Instead of heeding the warnings of experts, the senators have written a bill that ignores economic, security, and technical reality. It would force companies to deliberately weaken the security of their products by providing backdoors into the devices and services that everyone relies on." New America's Open Technology Institute (OTI) said the legislation from committee Chairman Richard Burr, R-N.C., and ranking member Dianne Feinstein, D-Calif., would mandate providers of electronic communications, storage or processing services, and software or hardware manufacturers to decrypt encrypted data of its users. "Not only does this bill undermine our security, it is also a massive Internet censorship bill, demanding that online platforms like Apple’s App Store and the Google Play Store police their platforms to stop the distribution of secure apps," said OTI Director Kevin Bankston in a statement. Information Technology and Innovation Foundation Vice President Daniel Castro said in a statement companies can't comply with lawful requests when their customers control "the only keys used to encrypt the data." He said the messaging app WhatsApp provides end-to-end encryption and can't comply unless it alters its system, but the bill "explicitly" wouldn't require such changes. "This bill sets up a legal paradox that would further muddy the waters about how and when the government can compel the private sector to assist in gaining access to private information," he said. TechNet CEO Linda Moore said in a statement if forcing companies to eliminate security features could be exploited by others lacking good intentions.