[Infowarrior] - Fwd: How the Senate Encryption Bill Resembles Chinese Law (And How it Does Not)
Richard Forno
rforno at infowarrior.org
Mon Apr 18 07:47:37 CDT 2016
--
It's better to burn out than fade away.
> Begin forwarded message:
>
> From: Mark
>
>
> How the Senate Encryption Bill Resembles Chinese Law (And How it Does Not)
> By Patrick Tucker
> April 15, 2016
> http://www.defenseone.com/technology/2016/04/how-senate-encryption-bill-resembles-chinese-law-and-how-it-does-not/127546/ <http://www.defenseone.com/technology/2016/04/how-senate-encryption-bill-resembles-chinese-law-and-how-it-does-not/127546/>
> The Senate Intelligence Committee unveiled legislation this week that would require technology companies to give up your encrypted iPhone messages to law enforcement. The bill shares a bit with similar legislation China adopted last year.
> The Senate’s Compliance with Court Orders Act of 2016 <http://www.feinstein.senate.gov/public/index.cfm/press-releases?ID=EA927EA1-E098-4E62-8E61-DF55CBAC1649> wants to make technology companies like Apple comply with court orders and give “intelligible information or data, or appropriate technical assistance to obtain such information or data,” to law enforcement. In other words, the bill says that communications companies no longer could provide end-to-end encryption to consumers that the providers can’t break (even under court order.) That means that they can’t offer actual <https://dspace.mit.edu/bitstream/handle/1721.1/97690/MIT-CSAIL-TR-2015-026.pdf> end-to-end encryption.
> So far, the bill has earned predictable condemnation from the technology community, whose reaction has run the spectrum from mockery to alarm. Kevin Bankston, who directs New America’s Open Technology Institute, described it toWired <http://www.wired.com/2016/04/senates-draft-encryption-bill-privacy-nightmare/> as “easily the most ludicrous, dangerous, technically illiterate” proposal he had seen in 20 years. Reuters reports that the White House is hesitant <http://www.reuters.com/article/us-apple-encryption-legislation-idUSKCN0X32M4>.
> Two law-enforcement associations are backing the measure. The National District Attorneys Association and the International Association of Chiefs of Police sent a letter to committee heads Thursday, thanking them for their efforts to rein in Apple and other communications companies run amok (by offering security features that make devices safer for consumers to the inconvenience of law enforcement.)
> “We saw recently in the San Bernardino case, Apple refused to comply with a valid, legally issued search warrant obtained by establishing probable cause before a judge. This unfortunate decision by Apple only serves to highlight the fact that Apple and other companies currently have the ability to unilaterally decide who has access to evidence that is essential to day to day investigations. Simply put, this allows for profit companies to determine what they believe is the appropriate balance between customer data security, versus the security of our communities,” the groups argue in the letter.
> If the legislation were to pass, consumers from Boston to Beijing could lose security features that protect data from hackers and, yes, governments.
> The proposed law resembles new Chinese rules that also demand companies help authorities access user data.
> In 2014, a committee within the National People’s Congress was considering <http://blogs.wsj.com/chinarealtime/2015/02/28/u-s-tech-is-worried-that-chinas-antiterror-law-goes-too-far/>legislation that would have required technology companies to build encryption backdoors into systems and devices for the Chinese government to use as part of investigations into terrorism (though the definition of terrorism was fairly broad <http://www.bbc.com/news/world-asia-china-35188137>.) The rule also would have mandated that companies store customer data on servers located in China.
> U.S. Secretary of State John Kerry, U.S. Treasury Secretary Jacob Lew, and other U.S. officials objected <http://www.wsj.com/articles/us-presses-china-on-bank-technology-rules-1425009951> to the legislation. The U.S. technology community also presented a united front on the issue, and the pleas worked. The legislation that passed at the end of last year <http://www.wsj.com/articles/china-antiterror-law-doesnt-require-encryption-code-handovers-1451270383> removed the controversial part about housing data onshore in China, and forcing companies to share encryption keys with the government. But it did require them to offer “technical means of assistance” to law enforcement.
> Chinese parliament law division head Li Shouwei told <http://www.reuters.com/article/us-china-security-idUSKBN0UA07220151228> reporters that the law was “the same as what other major countries in the world do.”
> The Compliance With Court Orders Act is not expected to pass. If it does, companies like Apple will face similar pressure from the U.S. and China, the technology industry’s number one target market for future sales <http://www.theverge.com/2015/4/27/8505063/china-is-now-apples-second-biggest-market>. Smartphone penetration into the Chinese market is at about 50 percent. <http://www.statista.com/statistics/257045/smartphone-user-penetration-in-china/>
> If the legislation were to pass, consumers from Boston to Beijing could lose security features that protect data from hackers, and, yes, governments.
> Robert Atkinson, president of the Information Technology and Innovation Foundation, or ITIF, a Washington think tank, says the two bills differ substantially in terms of intent. “China’s legislation on encryption is in part designed to squelch free speech; our’s is designed to help prevent crime and terror,” he said, but added “that’s not to say that the Senate bill is the right bill. It’s not.”
> Reason? The bill overlooks the importance of “strong encryption to U.S. cybersecurity,” Atkinson argued, something that they cover in this new report. <https://itif.org/publications/2016/03/14/unlocking-encryption-information-security-and-rule-law>
> By Patrick Tucker // Patrick Tucker is technology editor for Defense One. He’s also the author of The Naked Future: What Happens in a World That Anticipates Your Every Move? (Current, 2014) <http://www.amazon.com/The-Naked-Future-Happens-Anticipates/dp/1591845866>. Previously, Tucker was deputy editor for The Futuristfor nine years. Tucker has written about emerging technology in Slate, The Sun, MIT Technology Review, Wilson Quarterly, The American Legion Magazine, BBC News Magazine, Utne Reader, and elsewhere.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://attrition.org/mailman/private/infowarrior/attachments/20160418/c29c3f53/attachment-0001.html>
More information about the Infowarrior
mailing list