New Senate Bill Aims to Block Mandatory Backdoors in Tech Products
Ever since former NSA contractor Edward Snowden first exposed the extent of the agency’s bulk data collection programs in 2013, Americans’ privacy rights have been in a tug of war between civil libertarians and those who believe that security is more important than individual rights. Considering that the government programs that Snowden exposed over a year ago have yet to be outlawed, it would appear that supporters of the NSA’s spying programs have so far been winning the tug of war over Americans’ privacy rights. However, a new Senate bill introduced by U.S. Senator Ron Wyden this week aims to pull the rope a little more toward the civil libertarian side of the issue.
As explained by Senator Wyden via his official website, the Secure Data Act will help protect Americans’ privacy and data security by prohibiting the U.S. government from being able to force tech companies to install backdoors or other security vulnerabilities in their products. Wyden introduced the bill after some U.S. government officials proposed tech companies install mandatory backdoors in all software and electronic products in order to provide easier access for authorities.
While Wyden didn’t name any specific U.S. government officials, FBI director James Comey has been one the most outspoken critics of stronger security features in tech products. Earlier this year, Comey criticized Apple and Google for outfitting the latest versions of their mobile operating systems with default encryption. Soon after Apple and Google announced the new default encryption feature, Comey described it as “something expressly to allow people to place themselves beyond the law,” reports Huffington Post. “The notion that someone would market a closet that could never be opened — even if it involves a case involving a child kidnapper and a court order — to me does not make any sense,” added Comey.
As noted by Apple on its website, the default encryption feature in iOS 8 means that the company “cannot bypass your passcode and therefore cannot access this data. So it’s not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8.”
“I don’t want to tell people what to do, but I want to try to foster a national conversation about this,” said Comey at a conference last month, according to Mashable. “There has to be some solution that will allow us with lawful authority to be able to have the company unlock the device.”
Like many supporters of the government’s surveillance programs, Comey appears to believe that Americans must choose between string cybersecurity and protection from criminals. Senator Wyden addressed this false dichotomy on his website by noting that “Once a backdoor is built in a security system, the security of the system is inherently compromised.” In other words, if the government can use a backdoor, then so can a criminal.
“Strong encryption and sound computer security is the best way to keep Americans’ data safe from hackers and foreign threats. It is the best way to protect our constitutional rights at a time when a person’s whole life can often be found on his or her smartphone. And strong computer security can rebuild consumer trust that has been shaken by years of misstatements by intelligence agencies about mass surveillance of Americans,” said Wyden in a press release on his website. “This bill sends a message to leaders of those agencies to stop recklessly pushing for new ways to vacuum up Americans’ private information, and instead put that effort into rebuilding public trust.”
Besides protecting the privacy rights of individual Americans, Senator Wyden noted that there is also an “overwhelming economic and national security interest in better data security.” While tech companies like Apple and Google have often cited the importance of civil liberties as some of the reasons for making improvements to cybersecurity, the companies are also motivated by money.
The Consumer Electronics Association (CEA), a trade organization whose members include companies like Apple, Google, and Microsoft, recently penned an open letter that urged the Senate to rein in the NSA’s surveillance programs for economic reasons. “Many companies have lost business, or face laws designed to restrict data flows, due to foreign governments’ fear that the U.S. government can reach company-managed data at will,” wrote CEA president and CEO Gary Shapiro. “This distrust hurts U.S. companies competing globally for business, and could result in the loss of thousands of jobs.”
Unfortunately, the USA Freedom Act, S. 2685, the bill that the CEA was asking the Senate to pass, failed to move to a vote last month. The bill would have limited how the government collects data on U.S. citizens. While it remains to be seen if the Secure Data Act will meet the same fate as the USA Freedom Act, both bills demonstrate that the debate over the privacy and security of Americans’ online data and electronic products is far from settled.
Follow Nathanael on Twitter @ArnoldEtan_WSCS