WASHINGTON, The Hill, Feb 8, 2016- Sen. John McCain (R-Ariz.) is calling for legislation that would require tech firms to build their products in such a way that they can crack open encrypted content in response to legal requests from authorities.
"By taking advantage of widely available encryption technologies, terrorists and common criminals alike can carry out their agendas in cyber safe havens beyond the reach of our intelligence agency tools and law enforcement capabilities. This is unacceptable," the Senate Armed Services chairman writes in a Bloomberg op-ed.
McCain’s proposal would not dictate “what those systems should look like.” Instead, it would require “technological alternatives” to end-to-end encryption, which prevents even the manufacturer from accessing communications.
“This would allow companies to retain flexibility to design their technologies to meet both their business needs and our national security interests,” McCain said.
Following the deadly terrorist attacks on San Bernardino, Calif. and Paris, fears that terrorists were using encryption technology to plan attacks beyond the reach of U.S. surveillance sparked a number of lawmakers to call for new legislation.
Senate Intelligence Committee Chairman Richard Burr (R-N.C.) is working on a bill with his committee’s ranking member, Sen. Dianne Feinstein (D-Calif.), that would force companies to decrypt data under court order.
But tech companies and cryptologists have pushed back, arguing that providing any guaranteed access to law enforcement opens up the day-to-day functions of the Internet — like banking — to hackers.
Last fall, Apple rejected a court order to turn over communications sent using its iMessage feature, citing its encryption system.
McCain alluded to those concerns, but insisted “this is not the end of the analysis.”
“We recognize there may be risks to requiring such access, but we know there are risks to doing nothing,” McCain writes.
They’re pushing legislation that would establish a national committee to study the topic first, then present potential suggestions to Congress about how police could get at encrypted data without endangering Americans’ privacy or security.
McCain echoed FBI Director James Comey, who in recent months has sought to recast the question of how to provide access to encrypted data as a business challenge, not a technological one.
“We have to encourage companies and individuals who rely on encryption to recognize that our security is threatened, not encouraged, by technologies that place vital information outside the reach of law enforcement,” McCain wrote.
“Developing technologies that aid terrorists like Islamic State [in Iraq and Syria] is not only harmful to our security, but it is ultimately an unwise business model.”