Ron Wyden Introduces Legislation Aimed At Preventing FBI-Mandated Backdoors In Cellphones And Computers
from the may-be-cited-as-'Up-Yours,-Comey-Act-of-2014' dept
The FBI had better start polishing up its "front door" pitch because Sen. Ron Wyden is pitching legislation that would prevent it from crafting its own backdoors.
The Secure Data Act will prohibit Federal agencies from requiring that private entities design or alter their commercial information technology products for the purpose of facilitating government surveillance.Wyden's one-page summary of the bill [pdf link] notes that FBI Director James Comey's ongoing push to create some sort of "law enforcement only" security holes in Apple and Google's on-by-default encryption undermines the government's push for better personal and professional security as well as does further damage to the limited amount of trust remaining in the wake of the Snowden leaks and increasing evidence of law enforcement overreach.
U.S. government and independent experts have extensively documented the multi-billion dollar threat posed by constant cyberattacks from criminal organizations and foreign government-sponsored hackers. The U.S. government also urges private companies and individuals to protect sensitive personal and business data, including through the use of data security technologies such as encryption. The recent proposals from U.S. law enforcement officials to undercut the development and deployment of strong data security technologies by compelling companies to build backdoors in the security features of their products work against the overwhelming economic and national security interest in better data security.Here's the actual wording of the backdoor ban [pdf link], which has a couple of loopholes in it.
Moreover, the decision of government officials to repeatedly misled the American public about domestic surveillance activities has resulted in an erosion of public trust. Requiring computer hardware and software companies to now create intentional gaps in their data security products to facilitate further government access to personal data will undermine the effort to restore trust in the U.S. digital economy.
Government-driven technology mandates to weaken data security for the purpose of aiding government investigations would compromise national security, economic security and personal privacy.
(a) IN GENERAL.—Except as provided in subsection (b), no agency may mandate that a manufacturer, developer, or seller of covered products design or alter the security functions in its product or service to allow the surveillance of any user of such product or service, or to allow the physical search of such product, by any agency.Subsection (b) presents the first loophole, naming the very act that Comey is pursuing to have amended in his agency's favor.
(b) EXCEPTION.—Subsection (a) shall not apply to mandates authorized under the Communications Assistance for Law Enforcement Act (47 U.S.C. 1001 et seq.).Comey wants to alter CALEA or, failing that, get a few legislators to run some sort of encryption-targeting legislation up the Congressional flagpole for him. Wyden's bill won't thwart these efforts and it does leave the NSA free to continue with its pre-existing homebrewed backdoor efforts -- the kind that don't require mandates because they're performed off-site without the manufacturer's knowledge.
This still in early draft form and will likely be finessed as it heads towards becoming a finished product, hopefully addressing a few of these issues on the way. If nothing else, it sends yet another message to James Comey and like-minded law enforcement officials that there's a whole bunch of legislators waiting to thwart their pushes for instant, permanent access to the American public's cellphones.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: backdoors, calea, encryption, james comey, ron wyden, wiretapping
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
It is appeasement and that is it.
[ link to this | view in thread ]
It's next to worthless and does nothing it proposes to do for restoring trust. Just more of the same BS.
[ link to this | view in thread ]
Sounds like a worthless bill
The government will not force manufactures to create back doors unless said back door is mandated by CALEA.
And effectively, they're also saying.
For those of you dealing with CALEA, be sure to use loose enough language to enable you to do anything you please in the future. We've got you covered with this little bit of appeasement camouflage.
[ link to this | view in thread ]
Whether or not this bill goes anywhere, it's better that it's proposed and shot down than for the over-surveillance trends to continue without attempts from actual lawmakers to counteract it. If this bill goes to the floor for a vote, you'll at least get to see which politicians you should vote for or against in the next election.
Personally, I'm voting for Wyden again because of this and all the other attempts he's made to bring reason and transparency to the government.
[ link to this | view in thread ]
Re: Re:
So he doesn't have to spend the next 4 years having to write this crap up to begin with.
Do you really think Wyden would allow these dictators, er, appointed representatives in the position in the first place?
He'd save himself a lot of time and energy if he could just nix it from his new office position.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
Basically the bill says, "You cannot do X unless Y says you can. Y currently says you can so feel free to do X unrestricted."
The bill is just a formality in attempt to calm people down while doing absolutely nothing.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Sen. Wyden's anti-backdoor legislation is a nice gesture. Unfortunately, I foresee a future where all the mainstream electronics average citizens buy are backdoored. While all the terrorists either build their own backdoor-free devices, or order from countries selling devices free of American backdoors.
The end game being terrorists using secure electronic devices. While law-abiding citizens are forced to use backdoored electronics; leading to their calls, texts, contact lists, and location information being slurped up by cyber criminals. Both foreign and domestic alike.
It's impossible to create a backdoor that's not exploitable to the rest of the world.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
Maybe terrorism is simply the means by which criminals can scam the world into opening Pandora's Box and making life easy as pie for the whole of organized crime.
The other explanation seems to be that nobody in government has more than three brain cells and cannot extrapolate facts directly in front of them, worth shit. Since they are, almost without exception, wealthy business-men and business-women, that explanation - while repeatedly offered - seems rather hard to swallow.
---
[ link to this | view in thread ]
Re: Re: Re:
I assume you're thinking that Wyden has a chance at becoming POTUS because of his apparent honesty and apparent willingness to reign in the over-reach of the surveillance state - thus making him the people's choice.
Snowflake.
Hell.
Reason:
He has no corporate sponsor and thus does not have the necessary permission to campaign for the position of POTUS in a fixed election. The public has very little to do with the selection of POTUS, as the vote is now completely controlled by corporate interests and is primarily a public relations placebo used to keep US citizens from realizing they are powerless, just like the citizens of Britain, Canada, Australia and New Zealand.
Sadly, even if he did have corporate permission to run and was indeed selected by the corporate bosses to be POTUS, he could never actually do anything about the surveillance state that was in any way detrimental to the income of his masters or that might in any way expose their operations to the public.
Only Whistle Blowers can fulfill that function once the state has been infiltrated by corporatists and their minions. And Whistle Blowers will soon be classified as "shoot on sight" terrorists.
Welcome to the United Banks of America. :)
---
[ link to this | view in thread ]