The future of encrypted technology was a focus in San Francisco Wednesday with a new five-pronged proposal from Sen. Ron Wyden, D-Ore., that, if enacted, would have far-reaching implications for privacy law in the U.S. Dubbed the "New Compact for Privacy and Security in the Digital Age," Wyden’s proposal is predicated on five distinct calls to action, including legislation that would prevent the government from compelling companies to weaken encryption, and an overhaul of the so-called Third Party Doctrine, among others.
“I think weakening encryption will be a horrible mistake,” Wyden said to a cheering crowd gathered at the CryptoSummit in San Francisco. He then later said during an official announcement at RightsCon that building in backdoors to encrypted technology would be a “lose-lose situation” for all involved.
“For centuries, individual liberty was protected by technological limitations,” Wyden explained during his official announcement at RightsCon. “Gathering real-time personal information about a country’s entire population was impossible. It would have required more resources than any government could muster. Now those physical limitations have largely disappeared.”
Wyden’s five-part compact calls forth his Secure Data Act, legislation he originally proposed in 2014. The bill would prevent government from demanding that companies weaken the encryption protections built into their products and services.
Significantly, Wyden also calls for a re-thinking of the Third Party Doctrine, the U.S. legal concept that states when an individual shares information with a third party – such as a telecommunications service – she loses her expectation of privacy. The legal concept was originally questioned by Supreme Court Justice Sonia Sotomayor in her concurring opinion to the U.S. v Jones case in 2012. In his proposal, Wyden said he wants to make it clear to U.S. citizens that their privacy expectations do not disappear “just because they share some of their personal information with a particular company.”
The senator also proposed that Congress hold more scheduled hearings throughout the course of a calendar year that would focus on the privacy impacts of government surveillance. Additionally, Wyden wants to prevent the Justice Department from changing warrant rules to track hackers, saying the change would give the DOJ access to millions of people’s devices with just one warrant.
Wyden, who has been a vocal critic of U.S. government bulk surveillance, also called on government to hire more technologists that understand the privacy implications of weakening encryption. During his appearance at the CryptoSummit, just before his official announcement at RightsCon, Wyden said many attendees in the room would be the type of employees the government needs. Of course, that won the crowd over.
“Let me be clear at the outset that the debate about data security is not about choosing security or choosing privacy,” he said during his official announcement. “It’s about choosing less security or choosing more security.”
Wyden compared the current tensions around law enforcement access to encrypted data to the introduction of Miranda rights in the U.S. in the 1960s.
“Fifty years ago this summer, the Supreme Court handed down a landmark decision in the case of Miranda v. Arizona, in which the Court ruled that before law enforcement officers interrogate a suspect, they must advise that person of his or her constitutional rights.” At the time, Wyden pointed out, prosecutors claimed the decision meant “the sky was falling,” while The New York Times featured the headline, “Miranda Decision Said to End Effective Use of Confessions.” The Times article quoted “some of the most respected prosecutors and law enforcement officials in the country warning that this decision was an absolute catastrophe.”
Fifty years later, Wyden said, “the sky did not fall.”
Wyden continued: “Just as our justice system successfully adapted to the Miranda ruling, law enforcement and intelligence agencies are going to find ways to adapt … in the age of strong encryption.”
Wyden’s proposal comes after a highly publicized court battle between the DOJ and Apple. On Monday, the DOJ dropped its case involving the phone used by one of the San Bernardino shooters after receiving help cracking into the iPhone from an unnamed third party. The DOJ has yet to share that exploit with Apple, at least publicly.
Adding more fuel to the debate Wednesday, the FBI agreed to provide similar assistance to an Arkansas prosecutor in a homicide case. It is not yet clear if the iPhone in this case is the same model as the one unlocked in San Bernardino.
On Wednesday, Wyden was clearly enthusiastic about his proposal and the need to maintain robust encryption in the U.S. “I’m going to use any power I have as a U.S. senator to block any plan to weaken encryption,” he said.
He called forth the recent protests surrounding the proposed SOPA and PIPA bills in 2012, neither of which passed after significant public outcry. “We did it once,” Wyden said Wednesday, “Let’s do it again.”
Photos taken by Jedidiah Bracy.
If you want to comment on this post, you need to login.