The Future of Encryption Is in These Politicians’ Hands
Encryption is complicated. Legislating for it,
even more so. But after years of shrugging off the issue, Congress
finally seems motivated to create a legal framework for one of our most
critical digital security features. Here’s a quick rundown at some of
the politicians who are shaping the encryption debate—and the laws that
will come of them.
01
Sen. Richard Burr (R - NC)
Along with Dianne Feinstein (D - CA), Richard
Burr is the co-sponsor of the first encryption bill to make its way
public, and the current chairman of the Senate Intelligence Committee.
He's written separately about concerns over the ability of criminals to
"go dark," and was quick to assert that the terrorists responsible for
last fall's Paris attacks used end-to-end encryption (they did not). His
bill, which would essentially criminalize most common forms of
encryption, has been widely dismissed by security experts as "ludicrous"
and flawed "in every way possible." Fun fact: He's reportedly a very
distant cousin of Aaron Burr.
02
Sen. Dianne Feinstein (D - CA)
Burr's co-sponsor, Dianne Feinstein, was
chair of the Senate Intelligence Committee from 2009-2015, when
Democrats ceded control of the Senate. She has long been a proponent of
the NSA's mass surveillance capabilities, despite taking issue with
herself having been spied on on by the CIA. Again, the bill she has
co-sponsored is very, very bad.
03
Sen. Mark Warner (D - VA)
Taking a more measured approach is Mark
Warner, whose professional background as a tech-focused venture
capitalist garnered him both a small fortune and a firm grasp of the
issues at hand. Together with Rep. Michael McCaul (R - TX), Warner has
introduced legislation that would establish a commission of security
experts, businesses, digital rights advocates, and other encryption
stakeholders, which would in turn make recommendations to help guide any
future laws. The idea has won broad support, though notably not from the
Electronic Frontier Foundation, which argues that there's no possible
compromise that could be reached. The bill's future in Congress is also
unsure, due to territorial disputes that we'll address in a moment.
04
Rep. Mike McCaul (R - Tex)
While Mike McCaul has been the Chairmen of
the House Committee on Homeland Security for the last few years, his
interest in the intersection in tech and security extends back to his
previous career as a counterterrorism specialist in the Texas US
Attorney's office. He's taken the lead on cybersecurity in Congress
before, authoring the National Cybersecurity and Critical Infrastructure
Protection Act of 2013, which enabled stronger collaboration between
public and private entities to fight cyberattacks, and won both
bipartisan support and that of the ACLU.
05
Bob Goodlatte (R - Virginia)
As the Chairman of the House Judiciary
Committee, Bob Goodlatte has already overseen consequential hearings
about the role of encryption, featuring representatives from Apple, the
FBI, and the security community. In late March, he and several
colleagues took an even more prominent role in the debate. The leaders
of the House Judiciary Committee and House Energy and Commerce Committee
united to create a bipartisan "working group," comprising a panel of
four Republicans and four Democrats. Their mission is similar to the
proposed Warner-McCaul, except made up entirely of politicians, rather
than a wider field of experts.
06
Rep. Jim Sensenbrenner (R - WI)
One key member of that working group will be
Jim Sensenbrenner, whom many may remember as the man who introduced the
mass-surveillance-enabling Patriot Act in the House of Representatives,
a little over a month after the attacks of 9/11. But! He also authored
last year's USA Freedom Act, which curtailed some of those same, unfettered
bulk data-collection rights. If you're wondering which Jim will show up
in an encryption law, note that he recently excoriated Apple for not
proposing a legislative solution of its own. "We’ll be very happy to do
[make a law without input]," he said at a March hearing, "but I can
guarantee you won’t like the result."
07
Rep. Zoe Lofgren (D - CA)
Another member of the working group, Zoe
Lofgren, has been trying protect encryption since before it was cool. In
2014, she attempted to push through an amendment to the National Defense
Authorization Act that would have prevented any public institution from
requiring software, hardware, or standards organizations to "build in a
backdoor to circumvent the encryption or privacy protection of its
products." When that failed, she later co-sponsored as separate bill---the
Secure Data Act of 2014---to the same effect, which also did not pass.
Lofgren has been a staunch encryption advocate, though, and should continue
to be a powerful voice on the subject at a time when there's more
political will that matches her own.
08
Ted Lieu (D - CA)
One of a handful of bona fide computer
scientists in Congress, Ted Lieu holds the distinction of being the only
person to propose sensible encryption legislation this calendar year.
The ENCRYPT Act of 2016 recognizes that state-level encryption laws are
entirely unenforceable and ridiculous, and aims to preempt them before
any can get passed. Lieu has been a supporter of the Warner-McCaul plan,
though hopefully he'll have a voice from whatever corner a broader
encryption bill might come from.
09
Ron Wyden (D - Oregon)
The Burr-Feinstein bill won't pass. It's too
deeply, recognizably flawed. But if it were even to get close, longtime
encryption advocate Ron Wyden has already promised to filibuster it to
death. In fact, he also teamed up with Lofgren on the Secure Data Act, a
good encryption bill that Congress can turn to after it's done away with
the bad one.