A discussion draft of the “Compliance with Court Orders Act of 2016” has hit the web. This is a legislation being shopped around by Senators Dianne Feinstein of California and Richard Burr of North Carolina. Spelled like it sounds, the “Compliance with Court Orders Act of 2016” basically says that any entity that makes encrypted devices would have to hand over the information on those devices in an intelligible format when served with a legal order to do so. However, there seems to be an interesting case with the government wanting to having its cake and eat it too. While the law would require companies to jimmy the locks for the, the proposed legislation also states, “Nothing in this act may be construed to authorize any government officer to require or prohibit any specific design or operating system to be adapted by any covered entity.” If I’m reading that correctly, and it’s certainly possible that I’m not, it sounds as if the legislation says we’re not going to tell you what you can and cannot do with your software or hardware, but you do have to make it so we can get in when we want to.
The way Engadget sees it, the proposed legislation shies away from specific technical demands, but the wording of the Act itself, with no contingencies for inaccessible data, makes end to end encryption impossible. Any data encrypted by companies must also be able to be decrypted. It sounds as if they want what a lot of legislators have indicated they would like, a backdoor that would only work for the good guys. MacRumors says of the discussion draft, “It says that all providers of communication services and products, from hardware to software, must both protect the privacy of residents of the United States through “implementation of appropriate data security,” while still respecting the “rule of law” and complying with legal requirements and court orders to provide information stored either on devices or remotely.”
Now, hypothetically, let’s say a court order is issued to unlock your iPhone 9, Apple complies, and the authorities find you’ve been using WhatsApp or some other communications app that’s end to end encrypted. Well, you can relax. The legislators think that that won’t be possible. According to Engadget, “The bill also wants “license distributors” to ensure their products provide access to the government. As such, stores such as iTunes and Google Play would have to make sure the apps they sell have little to offer in terms of security features. WhatsApp with its new end-to-end encryption, for instance, wouldn’t pass the screening process.” And that’s how we thwart ISIS! Because they would never jailbreak a smartphone to side load an encrypted communications app. They’re terrorists, not monsters. I know they’re monsters, I’m making a point.