Uncle Sam, Richard Burr want YOUR data.
The queen of gun-grabbing, Diane Feinstein and OUR senior senator Richard Burr have teamed up. And THAT is not good:
Last week, Re/code’s Dawn Chmielewski reported that Silicon Valley was already on the offensive against the then-unfinished Senate encryption bill. The legislation in the draft requires companies like Apple to comply with court orders to decrypt messages.
Today, Sens. Richard Burr and Dianne Feinstein (Republican and Democrat, respectively),unveiled their bill, the Compliance with Court Orders Act of 2016. Little in the language changed and, predictably, Silicon Valley still hates it.
The legislation aims to force tech companies to obey court orders to grant government investigators access to encrypted messages. This is, of course, the exact issue at hand in the fight between the FBI and Apple over an encrypted iPhone used by one of the San Bernardino attackers. The FBI was ultimately able to use what the Washington Post says was a one-time workaround that it paid a freelance group of hackers to deploy.
In a statement accompanying the release of the bill, Burr said that he believes “data is too insecure, and feel[s] strongly that consumers have a right to seek solutions that protect their information — which involves strong encryption.”
“I do not believe, however, that those solutions should be above the law,” he continued.[…]
Sooooooo — YOUR business is MY business. (Good ta’ know ….) Tech sources are suggesting that Burr’s bill will put device users and their privacy at further risk to criminal and government encroachment:
A generation ago—after America’s spy agencies were exposed as perpetrators of massive civil-rights violations, abuses of power, and misdeeds abroad—oversight committees were created to protect liberal democracy from the national security state. Senators Dianne Feinstein and Richard Burr now sit on one of those committees. And they are not just shirking their core duty, they are aggressively undermining it.
Rather than working to protect Americans from the prying eyes of government in this golden age for surveillance, when their every movement is tracked by the smart phones in their pockets, license plate readers on their roads, and supercomputers at NSA headquarters, they are pushing a new bill that would do more than any law in the country’s history to undermine privacy for virtually every American.
In effect, it would outlaw end-to-end cryptography. “The bill would make illegal the sort of user-controlled encryption that’s in every modern iPhone, in all billion devices that run Whatsapp’s messaging service, and dozens of other products,”Wired explains. There would be no easy way to email or text securely with your boyfriend or girlfriend, your best friend, your spouse, your boss, your doctor, or your psychiatrist.
And you’d never quite know who was spying on you, because the backdoor that the legislation effectively mandates could be exploited by any hacker savvy enough to open it.
The legislation is so poorly written that it would render many common products used without any ill-effect illegal, Isaac Potoczny-Jones explains. “It’s likely that these Senate members simply don’t realize that the technologies to make data unintelligible to anyone, including the government, are 1) The cornerstone of cybersecurity as we know it, and 2) already widely available, and have been for many years,” he writes.
A technology expert at The New America Foundation, the centrist Washington, D.C., policy think-tank, told Wired, “In my nearly 20 years of work in tech policy, this is easily the most ludicrous, dangerous, technically illiterate proposal I’ve ever seen.”
*Nice.* Creating a backdoor for the alleged good guys makes our devices incredibly vulnerable to the bad guys.
By the way, HOW many cases are there of tech companies refusing to help with a credible criminal investigation?
And if THAT doesn’t make you queasy enough, get a load of this:
Microsoft Corp. on Thursday filed a lawsuit against the Justice Department, challenging as unconstitutional the government’s authority to bar tech companies from telling customers when their data has been examined by federal agents.
The suit, filed in the federal court here, raises a fundamental question about the cloud computing era: Can the government force technology companies to remain silent about when and how federal agents search their customers’ data? Individuals would know if their home or hard drive were searched by investigators, but investigators now have the ability—and are using it in thousands of cases—to keep secret their searches of data stored on the cloud. […]
Microsoft says in its suit that it received 5,624 federal demands for customer information in the past 18 months, and nearly half—2,576—came with gag orders preventing the company from telling customers the government was looking at their data. Although the company “always complies with legally binding orders,” it said that 1,752 of those secrecy orders had no time limit, so it might never be able to tell customers that the government obtained their digital files.[…]
Wow. Your car is still your car — even if it is parked outside your workplace. I submit that putting your data on the cloud, encrypted behind a user name and password, is roughly equivalent to locking something in your car while at work. If the cops want to check your car, they need probable cause AND a warrant. (AND they need to tell you they are looking.)
You can change out the Rs and the Ds, but the megalomaniacal lust for power over people is always there.
The government doesn’t need to know all that we are doing. It’s much easier for us to keep them on their toes that way.
Tell ya what, Burr: YOU cut the FedGov down to the size mandated by Article 1 Section 8, and MAYBE we will consider giving you the power to do this for the TINY FedGov that would remain. MAYBE.
I sort of agree with both sides to a point. Encryption access with a valid warrant should be no less valid than getting access to your home or other venues in a true criminal investigation. I see those situations as “not above the law”. Although as we saw, hackers are wiling to sell out to the highest bidder anyway.
When it comes to requiring the government has access to the encryption key or whatever method it is to decrypt the information…unfettered access by the government can only have a bad outcome. Not being able to have strong encryption is the first step in giving everyone your information. The requirement to not tell consumers their data has been accessed…even worse.
Didn’t vote fit the scoundrel in the primary and will never vote for him in the future. He’s a Democrat and I can no longer hold my nose and vote for him.