Stan Trollip - Thursday
Reading the Christian Science Monitor yesterday, I came across an article by Sascha Meinrath and Sean Vitka about a bill recently introduced by Senators Richard Burr (R) of North Carolina and Dianne Feinstein (D) of California, both members of the Senate Select Committee on Intelligence.
|Senators Feinstein and Burr|
I nearly choked on the pawpaw I was eating, and I had to check my calendar that it wasn’t April 1.
These two Senators, so far apart politically, have co-sponsored an anti-encryption bill that makes me wonder whether they have lost their minds. To me the bill is an insane proposal that is typical of the muddled thinking of our elected representatives and a frightening erosion of what few rights of privacy we have left.
To quote the writers of the article:
Amongst its many provisions, the draft bill mandates that tech companies make all of our online data "intelligible" when presented with a court order. The bill defines intelligible as "decrypted, deciphered, decoded, demodulated, or deobfuscated" to "the Government of the United States and the government of the District of Columbia, or any commonwealth or possession of the United States, of an Indian Tribe, or of any State or political subdivision thereof."
That is to say, almost any government entity, from the smallest Indian tribe to the government of a state, can with a court order require any corporation to provide “intelligible” data on any American under investigation for any one of a wide variety of offences.
If this passes, the USA will probably have the weakest encryption of any country in the world, making the data in the country much more susceptible to hacking and data theft.
I also just love the political gobbledygook associated with this bill. Here is co-sponsor Senator Burr: “I have long believed that data is too insecure, and feel strongly that consumers have a right to seek solutions that protect their information.” Just the opposite of what the bill proposes.
There are two other things of note.
First, the USA has for a long time (since 1996) forbidden the export of software using strong encryption – presumable the idea being that if the USA has the strong encryption and others don’t, then the country will be safer. The reality of this is that huge amounts of software, inside the USA as well as elsewhere, ended up using weak encryption, making it susceptible to hacking. This weak encryption enabled The Freak Attack of March 2015.
The order restricting the export of strong encryption is a good example of politicians doing something about which they know little or nothing. I suspect that Senators Burr and Feingold are technologically naïve and haven’t a clue about the ramifications of what they are proposing.
Second, not only do Senators Burr and Feingold want to weaken encryption laws, but they also want to prevent Congress knowing what is going on by imposing restrictions on what is reported to Congress. That is, they want the very body that is supposed to protect US citizens from having access to relevant data (click here for more information).
What is that sound I hear?