Three Republican Senators have introduced a bill that would force tech companies to share user data and communications with law enforcement agencies targeting messaging services like WhatsApp, iMessage and FaceTime, which enable a form of secure communication that prevents anyone from accessing or intercepting a user’s messages without their consent.
The bill, introduced by Senators Lindsey Graham (R-S.C.), Tom Cotton (R-Ark.) and Marsha Blackburn (R-Tenn.), seeks to force technology companies into offering “lawful access” to encrypted information, something the companies say they are presently incapable of doing.
“End-to-end encryption”—used by the likes of Apple and Facebook—scrambles messages by encrypting it on a sender’s device, which is then sent over the network in an unreadable format, before message is finally decoded by the recipient’s device.
End-to-end encryption is designed to protect users’ privacy from hackers, government agencies and even the tech companies that run these platforms and services.
The bill says it targets service providers and manufacturers who are “refusing to cooperate with law enforcement to help recover encrypted data, even when presented with a lawful warrant.”
The companies have always argued they are incapable of doing so as they themselves don’t have access to this data.
Government agencies, including the FBI, have long proposed having access to an exclusive “encryption backdoor” that would allow them to peer into these communications, but privacy advocates have argued that a backdoor would create vulnerabilities that would compromise all users.
Influential tech commentator John Gruber, wrote on his blog, “At the risk of oversimplifying things, it’s worth pointing out that you can’t just ‘add a backdoor’ to a proper end-to-end encryption scheme. It’s the nature of the design not just that there are no backdoors but that there can be no backdoors. You can prove it, cryptographically, which is how you can trust it”. Gruber added that what the proposal is seeking is to effectively ban the development of end-to-end encrypted services.
End-to-end encryption has been a key sticking point between large tech companies and law enforcement. Last year, Attorney General William Barr in a keynote speech had pushed for access to an encryption backdoor, stating that information security “should not come at the expense of making us more vulnerable in the real world.” Citing the threat posed by violent criminals using encryption to hide their activities from law enforcement, Barr claimed that the net effect of unbreakable encryption “is to reduce the overall security of society.” Barr’s address was immediately refuted by former NSA Director Michael Hayden on Twitter. Tech companies have pushed back against requests for a “security backdoor” stating that it weakens overall user privacy. Alex Stamos, former chief security officer of Yahoo and Facebook, had previously likened the creation of an encryption back door to “drilling a hole in the windshield,” essentially cracking the structural integrity of the entire encryption shield. The first major issue around encryption emerged in 2015 when Apple refused to help the FBI in unlocking the San Bernardino shooter’s iPhone. Since then companies like Facebook, who had been under the scanner for not adequately protecting user privacy, have pushed for end-to-end encryption. Last year Facebook’s Mark Zuckerberg announced that the company would move all three of its messaging services — Instagram, WhatsApp and Facebook Messenger — to end-to-end encryption, a move that has since invited push back from multiple governments.