NY State Legislator Proposes Ban On Sale Of Encrypted Smartphones

from the never-too-late-to-give-a-bad-idea-another-shot dept

It appears someone’s listening to local crackpot New York District Attorney Cyrus Vance’s demands that encryption be outlawed to make law enforcement easier. His “white paper” didn’t have the guts to make this demand, instead couching it in language stating he would be completely unopposed to a legislative ban on encryption, but that he wasn’t going to be the bad guy asking for it.

A month later, as the mockery of his encryption white paper died down, Vance decided he would be the bad guy and openly stated that if Apple wasn’t going to give him what he wanted, it could be forced to do so by the government. Lo and behold, New York Senator Assemblyman Matthew Titone has answered Vance’s call for action. In what is likely the nation’s first proposed ban on encryption, Titone’s introduced bill forbids the sale of smartphones that can’t be cracked by their manufacturers. (h/t Nate Cardozo)

ANY SMARTPHONE THAT IS MANUFACTURED ON OR AFTER JANUARY FIRST, TWO THOUSAND SIXTEEN, AND SOLD OR LEASED IN NEW YORK, SHALL BE CAPABLE OF BEING DECRYPTED AND UNLOCKED BY ITS MANUFACTURER OR ITS OPERATING SYSTEM PROVIDER.

THE SALE OR LEASE IN NEW YORK OF A SMARTPHONE MANUFACTURED ON OR AFTER JANUARY FIRST, TWO THOUSAND SIXTEEN THAT IS NOT CAPABLE OF BEING DECRYPTED AND UNLOCKED BY ITS MANUFACTURER OR ITS OPERATING SYSTEM PROVIDER SHALL SUBJECT THE SELLER OR LESSOR TO A CIVIL PENALTY OF TWO THOUSAND FIVE HUNDRED DOLLARS FOR EACH SMARTPHONE SOLD OR LEASED IF IT IS DEMONSTRATED THAT THE SELLER OR LESSOR OF THE SMARTPHONE KNEW AT THE TIME OF THE SALE OR LEASE THAT THE SMARTPHONE WAS NOT CAPABLE OF BEING DECRYPTED AND UNLOCKED BY ITS MANUFACTURER OR ITS OPERATING SYSTEM PROVIDER.

This isn’t Titone’s first attempt at this legislation, something that can be gleaned by the fact that the proposed legislation still contains wording suggesting January 1, 2016 is still somewhere off in the future. This bill made its debut last year, roughly nine months after Apple announced its plan to offer encryption by default.

The proposed legislation was introduced in the Committee on Consumer Affairs and Protection [wft?] on June 8th, 2015. Nothing happened then, but a new legislative session is upon us and Titone re-submitted his bill to the same committee last week.

There has been no fanfare accompanying this twice-submitted legislation, most likely due to it potentially toxic side effects. Even Titone’s own Senate page — where press releases seem to accompany all of his other sponsored bills — has nothing to say about this one. Still, the bill has attracted two co-sponsors: Walter Mosley and Patricia Fahy.

Interestingly, or perhaps more accurately, infuriatingly, the bill would hold retailers responsible for manufacturers’ actions. Apple Stores would apparently be unable to sell any smartphones and every service provider would have to eliminate any phones with default encryption from their lineups.

The wording isn’t a ban on encryption, per se. But it does make the sale of encrypted phones illegal — pretty much accomplishing the same thing without having to require backdoors or forbid manufacturers from offering default encryption in the other 49 states. That latter part is the loophole New York can’t close, even if this stupid piece of legislation passes.

New York’s sky-high tobacco taxes have turned New York City into a massive secondary market for cigarette cartons that fell off a truck/were purchased across state lines. This would basically do the same thing for smartphones, creating a market for phones purchased in other states but deployed in New York. The bill doesn’t even attempt to address this loophole, laying pretty much all of the culpability at the feet of local resellers. Purchasers aren’t forbidden from deploying their own encryption and secondhand phones containing built-in encryption can be bought and sold without fear of repercussion.

In all likelihood, Titone’s bill will die another death on the cold hard assembly floor. The bill is bad in multiple ways, but not in any of the ways immediately appealing to undecided politicians. The spiel accompanying the bill attempts to press all of the right buttons (“There is no reason criminals should also benefit, and they will, as people will be defrauded or threatened, and terrorists will use these encrypted devices to plot their next attack over FaceTime…“), but informing the nation’s largest phone manufacturers that their products can’t be sold in New York isn’t exactly the sort of message many legislators are willing to send

Filed Under: , , , , , , ,
Companies: apple

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “NY State Legislator Proposes Ban On Sale Of Encrypted Smartphones”

Subscribe: RSS Leave a comment
42 Comments
Richard (profile) says:

Easy

ANY SMARTPHONE THAT IS MANUFACTURED ON OR AFTER JANUARY FIRST, TWO THOUSAND SIXTEEN, AND SOLD OR LEASED IN NEW YORK, SHALL BE CAPABLE OF BEING DECRYPTED AND UNLOCKED BY ITS MANUFACTURER OR ITS OPERATING SYSTEM PROVIDER.

Apple could now commence selling smartphone kits.

The user then becomes the manufacturer and so is thus only one who must be able to decrypt it.

Anonymous Coward says:

Re: Easy

ANY SMARTPHONE THAT IS MANUFACTURED ON OR AFTER JANUARY FIRST, TWO THOUSAND SIXTEEN, AND SOLD OR LEASED IN NEW YORK, SHALL BE CAPABLE OF BEING DECRYPTED AND UNLOCKED BY ITS MANUFACTURER OR ITS OPERATING SYSTEM PROVIDER.

I just noticed something: this means that the iPhone 6S line can be encrypted by default, as long as they only sell phones in NY that were manufactured before January. The iPhone 7 will have other issues — Apple might finally get their wish and be allowed to exclusively sell the iPhone 7 online from out of state and have the local carrier simply activate it 🙂

Dan J. (profile) says:

Re: Easy

ANY SMARTPHONE THAT IS MANUFACTURED ON OR AFTER JANUARY FIRST, TWO THOUSAND SIXTEEN, AND SOLD OR LEASED IN NEW YORK, SHALL BE CAPABLE OF BEING DECRYPTED AND UNLOCKED BY ITS MANUFACTURER OR ITS OPERATING SYSTEM PROVIDER.

Apple could now commence selling smartphone kits.

The user then becomes the manufacturer and so is thus only one who must be able to decrypt it.

What the hell does it mean to “decrypt and unlock” a cellphone? What if I can install a 3rd party app that securely encrypts my data. Is that phone still illegal? If so, then isn’t ANY cell phone illegal to sell?

If not, then what if Apple (or anyone else) sells a cell phone with a minimal OS that includes no encryption at all, and, after the purchase is complete, offers a downloadable upgrade that installs a highly robust encryption feature? For that matter, they could provide a service to upgrade the phone at the Apple store as soon as the cash register ring echo dies away.

Vladilyich (profile) says:

Re: Re: Easy

Interesting that he includes the word “unlock”. A few years ago, SCOTUS (which overrides any state’s assembly) ruled that the government cannot force a person to insert their password or passcode to “unlock” a device. If your phone has a biometric lock (like a thumb print) they can force you, but you do NOT have to divulge any passcode. I think this can easily be projected to include providing the encryption password. A court of law vcan not order you to give your password.

Anonymous Coward says:

Re: correction to your headline/story

Party affiliation on this does not mean much.

Both are pro police state. The difference is that the Dems just already know they can lie like scum and not lose votes for it as much as GOP would. The fact the Hillary can attract votes despite being one of the most evil women to walk the earth makes it clear.

Anonymous Coward says:

Titone,Mosley and Fahey have been paid LARGE amounts of cash to try to drive people into purchasing cheap knock-off chinese phones.

FTFY:
Matthew Titone and the two -co-conspirators- are all members of the NYS *Assembly,* not the Senate.

And btw, they’re all -Sell-out treasonous scum that out to get the chair.-

streetlight (profile) says:

Provice the user with encryption software

As Tim suggests, nothing in the bill would prevent the purchaser from providing encryption software. I’m not sure if the encryption software could be provided by the phone’s manufacturer or an independent company set up by the manufacturer. Apple could set up Baldwin,Inc. or Granny Smith, Inc. Google – or is it Alphabet – could have a company called Green Robot, Inc. The 5th avenue Apple store might end up in New Jersey as well. Think of the sales tax losses. And, what about mail order purchases?

Personanongrata says:

Senator Know Nothing

NY State Senator Proposes Ban On Sale Of Encrypted Smartphones

Why stop at banning the sale of encrypted phones?

What about criminals/terrorists (they’re really one in the same) secretly planning their next moves behind the brick walls of their home/office?

Perhaps New York Senator Matthew Titone will propose a law that forces all New York State builders to construct only glass houses/offices for New Yorker’s to live/work in so the state may better monitor suspect persons for potential criminal activity.

Or.

What about criminals/terrorists who may be carrying a firearm or other weapon perhaps New York Senator Matthew Titone will propose a law that all garment wholesalers, men’s haberdasheries and women’s boutiques could only sell see through clothing to ensure no person were carrying a firearm in public?

All joking aside New York Senator Matthew Titone proposal to ban the sale of encrypted phones in New York is in direct contravention of the New York State Constitution:

ARTICLE I

Bill Of Rights

§12. The right of the people to be secure in their persons, houses, papers and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

The right of the people to be secure against unreasonable interception of telephone and telegraph communications shall not be violated, and ex parte orders or warrants shall issue only upon oath or affirmation that there is reasonable ground to believe that evidence of crime may be thus obtained, and identifying the particular means of communication, and particularly describing the person or persons whose communications are to be intercepted and the purpose thereof. (New. Adopted by Constitutional Convention of 1938 and approved by vote of the people November 8, 1938.)

https://www.dos.ny.gov/info/constitution.htm

Mark Wing (user link) says:

Don’t forget to individually ban every encryption app by name to punctuate your futility. You’ll need to further vilify Google, lockup all the programmers, purge all knowledge related to computer software development and encryption, start seizing thousands of domains and possibly bomb a few countries into compliance, but it could work!

But seriously, one word: scope. Why the fuck does a shitty smelling, overrated city of narcissists like New York get to decide tech policy for the rest of us? Did you run out of hippies and black kids to frisk? You’re just a tiny speck on the map, so put it back in your pants.

Anonymous Coward says:

There is no reason criminals should also benefit, and they will, as people will be defrauded or threatened, and terrorists will use these encrypted devices to plot their next attack over FaceTime…

Is this just poorly worded, or is the bit about fraud/threats actually jibberish? Because it sounds like he’s saying that encrypted communications make people more vulnerable to crime. And for anyone who didn’t see the ‘Description’ part in the sales pitch, the above quote somehow links ‘consumer fraud’, terrorism, and IP law.

There’s also this:

In some cases, perpetrators take advantage of encryption and anonymizing technology to conceal contraband materials and disguise their locations.

That’s AND anonymizing technology. So this bill is about encryption, but he also seems to be creeping towards banning privacy in general and not just those bits that use encryption (although that’s most of em). Of course, only terrorists & filthy pirates need to hide their location.

I assume his next bill will involve recording & upload of all voice content to a cloud-based escrow service for potential later use. I suppose the government really should have access to all content, as long as proper warrants are issued: not just encrypted content, but all ‘temporally obfuscated’ content that’s been stashed away in what terrorists call ‘the past’.

streetlight (profile) says:

Others have noted...

I read that the recent Paris terrorists used unencrypted phone communictions which were obtained by the authorities but it was never recognized for what it was. Just because it’s readily available doesn’t mean it’ll be read and even then any action taken. One of the problems with all the enormous amount of information collected there’s just too much to analyze. When one collects billions and billions of phone calls, emails, SMSs, MMSs, etc., finding the 10 or 100 that might be significant is almost impossible. There’s information overload. Then again, the San Bernardino terrorists apparently never communicated about what they were intending using technology. My guess is that in the future terrorists will not use discoverable communication methods.

I’m not sure Bernie Madoff would be considered a terrorist but it is estimated his “clients” lost ~$18 billion over many years starting in 1970. His activities were in the open and the financial regulators didn’t find out until ~2008. If someone can hide their nefarious activities in one of the most highly regulated industries in the world, why can’t violent terrorists do the same despite the intense surveillance by all these three letter agencies?

Looking at everything isn’t going to work. Perhaps an implication of the quotation above from the NY state constitution and the US Constitution about probable cause and the sanctity of personal documents suggests a very narrow, focused search for the bad guys. It might even require spies infiltrating organizations before getting proper search warrants. It might even cost less than what’s being done now.

Anonymous Coward says:

I wonder if the person behind this uses encryption on their phone though. Every time I see someone trying to pass a law like this I am reminded how many anti gun advocates have armed bodyguards or a concealed gun carry license for themselves.

They believe only the few should have rights and everyone else should not have those same rights they want for themselves.

Anonymous Coward says:

Re: Re:

I wonder if the person behind this uses encryption on their phone though.

Something tells me he wouldn’t have the slightest clue one way or the other. This is the kinda guy that, when instructed to just stick with all the default settings on his new phone, responds with “OK. Which app do I use to change everything to ‘default’?”

teknosapien (profile) says:

Apple has a whle planet to sell to

What if Apple just refused to sell iPhones in New York if this law was passed? What would the outcome be? I’m guessing that some elected officials may be looking for new jobs after the next election. In the interim would the state of NY be willing to compensate those hack accounts compromised do to lack of encryption?
How would this affect the financial institutions based in NY?
Would they leave for another state that allowed encryption

How are these people in office proposing laws on something they don’t fully comprehend

JBDragon (profile) says:

All the terrorist has to do is sent a plain old text that says “GO” and the plan already set in motion plays out. Really of what benefit does a Un-encrypted phone give you? If you want Mass spying on everyone’s phone, ok, But right now under LAW, with a Court issued Warrant. They can in person make you unlock your phone. When they have real evidence against you. Not go fishing in the hope of finding something from anyone.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...