Burr And Feinstein Release Their Anti-Encryption Bill… And It's More Ridiculous Than Expected
from the are-they-serious? dept
They’ve been threatening this for months now, but Senators Richard Burr and Dianne Feinstein have finally released a “discussion draft” of their legislation to require backdoors in any encryption… and it’s even more ridiculous than originally expected. Yesterday, we noted that the White House had decided to neither endorse nor oppose the bill, raising at least some questions about whether or not it would actually be released. Previously, Feinstein had said she was waiting for the White House’s approval — but apparently she and Burr decided that a lack of opposition was enough.
The basics of the bill are exactly what you’d expect. It says that any “device manufacturer, software manufacturer, electronic communication service, remote computing service, provider of wire or electronic or any person who provides a product or method to facilitate communication or the processing or storage of data” must respond to legal orders demanding access to said information. First off, this actually covers a hell of a lot more than was originally expected. By my reading, anyone providing PGP email is breaking the law — because it’s not just about device encryption, but encryption of communications in transit as well. I wonder how they expect to put that genie back in the bottle.
But, let’s dig into a few other bits of insanity in the bill. It starts out with an insane assertion, right upfront:
It is the sense of Congress that–
- no person or entity is above the law;
- economic growth, prosperity, security, stability, and liberty require adherence to the rule of law;
What an absurd way to start the bill. As we’ve discussed over and over again, despite FBI director James Comey’s statements, no one is claiming to be “above the law” here. When they offer end-to-end encryption they’re not “above the law,” they’re just building a system to which they don’t have the key. That’s like saying that the safe maker who doesn’t keep copies of the keys to every safe they sell is above the law. But no one requires safemakers to keep copies of every key.
Next, the claim that economic growth, prosperity, security, stability and liberty somehow depend on all of this is ridiculous. The second this bill becomes law, the US loses a massive economic advantage. Basically all of our technology becomes suspect globally, and the entire cybersecurity industry moves off shore. It will devastate American businesses outside of the US. Burr and Feinstein are basically offering a bill that completely undermines the economic prosperity of the American tech industry. This is especially insane coming from Feinstein, given that she supposedly represents so many tech companies in California.
all providers of communications services and products (including software) should protect the privacy of United States persons through implementation of appropriate data security and still respect the rule of law and comply with all legal requirements and court orders;
And they do… when they can. But what this bill requires is for tech companies to undermine the basics of encryption to make everyone less safe. This is not about disrespecting the rule of law, but about building systems as secure as possible to protect people from malicious attacks. You know, the very kinds of attacks that Senators Burr and Feinstein kept screaming about just months ago when they were demanding a bogus cybersecurity (really: surveillance) bill get passed by Congress. And yet now they want to undermine the very core concept of cybersecurity in the US.
to uphold both the rule of law and protect the interests and security of the United States, all persons receiving an authorized judicial order for information or data must provide, in a timely manner, responsive, intelligible information or data, or appropriate technical assistance to obtain such information or data;
And if that’s literally impossible, as is the case with strong encryption or end-to-end encryption?
Let’s be clear, here. This bill makes effective cybersecurity illegal. Think about that for a second. This is insane.
Then there’s this kicker:
Nothing in this Act may be construed to authorize any government officer to require or prohibit any specific design or operating system to be adopted by any covered entity.
Yeah, except for the entire bill which absolutely prohibits the kind of design that basically all security experts say you need to adequately protect data and communications.
There are lots of other issues as well. As Jonathan Zdziarski notes, the bill is so ridiculously drafted that it doesn’t distinguish between encrypted data and deleted data. Thus, if someone deletes all their data, companies are still on the hook to magically get it back. It also requires that any information that is requested be delivered “in an intelligible format.” But what if the information itself is not intelligible? What if, prior to encrypting the data through technological means, the people doing the communications used some sort of cypher or code themselves to further obfuscate the information?
The whole thing is a mess and provides much more evidence for the fact that Feinstein and Burr have absolutely no clue what they’re talking about on this particular issue. Of course, there are lots of clueless people, but it’s pretty disturbing that these two particularly clueless people happen to be the highest ranking members on the Senate Intelligence Committee. Perhaps, like some others, they should talk to actual intelligence community professionals, who have also been arguing that backdooring encryption is a bad idea and puts Americans at much greater risk of being victims of computer attacks.
Filed Under: backdoors, dianne feinstein, encryption, richard burr
Comments on “Burr And Feinstein Release Their Anti-Encryption Bill… And It's More Ridiculous Than Expected”
Would this require Hasbro to be able decrypt the jumbled bag of unused letters in an electronic version of Scrabble?
Will image sharing services be illegal because the service provider won’t be able to decrypt steganographic messages that may or may not be in every image that’s shared?
Re: Response to: Anonymous Coward on Apr 8th, 2016 @ 8:59am
or a cyber pathogen of unknown origin?
Intelligence Committee lacking Intelligence
I can’t even see why this law would be so bad, it’s impossible to adhere to it, because it contradicts itself.
Re: Intelligence Committee lacking Intelligence
All laws that contradict themselves and are impossible to adhere to are inherently bad because it means you’re in violation of the law no matter what you do and they can fine or arrest you at their whim.
Re: Re: Intelligence Committee lacking Intelligence
Isn’t that the point. So that you can be arrested for anything?
Re: Re: Intelligence Committee lacking Intelligence
well you could stop using all electronic devices and all devices that use computers to control them…
Re: Re: Re: Intelligence Committee lacking Intelligence
What and give up my internet connected toothbrush!
Re: Re: Intelligence Committee lacking Intelligence
… it means you’re in violation of the law no matter what you do and they can fine or arrest you at their whim.
Yeah, ain’t it beautiful?
Re: Re: Intelligence Committee lacking Intelligence
which tends to be the desire of those who want their citizenry to have no rights
Feinstein is clearly under the thumb of the TLAs. Whether they are voluntarily so or not is unclear.
Re: Feinstein is clearly under the thumb of the TLAs.
Under the thumb of Three Letter Acronyms?!?
Outlawing forward secrecy
As other commenters elsewhere have quickly noted, the bill outlaws forward secrecy.
“Nothing in this Act may be construed to authorize any government officer to require or prohibit any specific design or operating system to be adopted by any covered entity. “
What was the point of this part? It’s like putting a comment in source code that completely contradicts what the source code actually does.
Re: Re:
A distractions for the stupid and the ‘news’ groups basically. By putting that in there they can try to dodge any criticism aimed at the bill by pointing to that line and saying ‘No, but see, we’re not requiring any changes or prohibiting any from being implemented’, and ‘conveniently’ leave out that the bill absolutely does impose restrictions and requirements.
Re: Re:
jedi hand wave… these are not the laws you are looking for…
we know it says it does this, but “trust us” it doesn’t require or prohibit any specific designs, see we even said that out loud
Beyond Belief
Thankfully, the proposal has been dropped. What continues to amaze me is that the positive legitimate uses of encryption are purposely ignored by those proposing a so-called “back door”.
The issue of encryption also raises “slippery slope” concerns. The argument is made that encryption has to be weak to facilitate law enforcement. By that train of logic, search warrants should be abolished as an impediment to “facilitating law enforcement”.
I hope that those proposing a “back door” will finally give-up based on logic. Unfortunately, I suspect that after a suitable waiting period, those proposing weak encryption will once again hysterically start beating the war drums and foaming at the mouth.
Re: Beyond Belief
Thankfully, the proposal has been dropped
I used “dropped” in the sense of “released.” The bill hasn’t been discarded — it’s been released. I changed the text in the post to clarify… sorry…
Re: Re: Beyond Belief
Dropped, like a guillotine. That worked, too, but the new wording won’t confuse some folks.
So now the NSA and other government agencies will be more transparent as it will be easier for Anonymous to hack into the backdoor of the federal encryption and show us what is really going on? And they thought Snowden was a threat to US security.
Except
“It is the sense of Congress that–
no person or entity is above the law;”
Unless you’re a member of the ruling class.
Oh, but it is
“This is not about disrespecting the rule of law…”
If this law or any like it pass, I will have a tremendous amount of disrespect for the rule of law.
(I am already maxed out on my disrespect for these specific lawmakers.)
Keys
If the tech company has to provide the keys to the government why not just hand over a piece of paper that reads:
Encryption Keys in use by our technology include numbers from one to infinity. We do not track which key goes to which device so we have instead given you all of the keys.
Re: Keys
Ah, but this is where the bill’s writers were truly clever.
It doesn’t say they have to provide the keys. It says they have to provide the actual data. Completely removes any possibility of getting around it and making actually useful security.
Re: Re: Keys
The ideal response to the bill if it passes is to make the key so easy to remember it can be used across all hardware and platforms, and watch the system eat itself including those idiots in power.
“Sorry Senators Burr and Feinstein, but in order to properly facilitate access to decrypt the information in accordance with the Anti-Encryption Law that you put in place, your new passwords for all your current and future accounts shall be the following: 12345”
Malicious Compliance for the win.
If the little people are going down with the ship, make damn sure those responsible for hitting the iceberg go down with it too.
Re: Re: Keys
It also means any leaks of how the backdoor works, or leaks of keys are the software companies problem, and the TLA’s. An object lesson in how to weaken encryption and avoid any blame when the bad guys make use of what the governments demands.
Re: Re: Re: Keys
A bit like the UK IP Bill where the ISPs are responsible for holding the Internet Connection Record data so when it’s inevitably hacked and leaked the government can absolve itself of responsibility.
Re: Re: Keys
It doesn’t say they have to provide the keys. It says they have to provide the actual data.
We cannot decrypt the message, so our system will start emailing you every possible message that it could have been. This process will be complete in never.
Shakedown
This isn’t just a crazy bill, it’s a legislative shakedown.
device manufacturer, software manufacturer, electronic communication service, remote computing service, provider of wire or electronic or any person who provides a product or method to facilitate communication or the processing or storage of data
Bicycle manufacturers must provide a way to facilitate a government request to read something that was sent by messenger?
Re: Re:
Oh no! My pigeons!
"Above the law"
No, no you missed the point.
Whenever somebody trots out the old “no person or entity is above the law” argument outside of a superhero movie or a classroom, it is not to to reinforce that everybody is equal.
No, what they are saying is something entirely different: I am the Law and you are my subject.
Re: "Above the law"
I am the Law and you are my suspect.
FTFY.
Outlaw strong encryption then only.....
Outlaw strong encryption then only outlaws will have strong encryption.
section 1/1 file shortm~1.pgp
xbtoa5 78 shortm~1.pgp Begin
Vuojd:rXj)e’g)5″O6I’LqU7T45&QF
It seems to me that automatic bank machines communicate. I sure hope they use encrypted communications. The same for personal banking over the web. So this law requires a “backdoors” for such banking, making bank robbery so much easier and cheaper (as no firearms and/or/masks, getaway cars and so on will be required). But at least it will reduce the likelihood of modern bank robbers killing or injuring bystanders and bank employees.
Two traitors
The two dim bulb traitors are at it again proving their existence subtracts from the sum total of human knowledge.
this bill is counter-intuitive and counterproductive.
Part 1 is at odds with part 2, as has been stated, but lets take a closer look, shall we?
In regards to this bill, that means NO entity is above this law, that includes the FBI, Congress, The Pentagon, The White House, the CIA, NSA, etc. because they are entities, and they cannot be above the law.
I am sure that because of (1) that entities like China, Russia, Daesh, Al-Qaeda will take that with good will and NEVER EVER exploit those systems.
Bullshit, I am sure that Russia, China would LOVE to get their hands on NSA/CIA/Pentagon deep cover operatives/operations currently in the field or in planning. I am SURE Al-Qaeda and Daesh would LOVE to get into the FBI/NSA to see which of THEIR deep cover operatives are being monitored. I am *SURE* the Pentagon would LOVE to have AF1’s schematics broadcasted to the world.
Not only is this bill counter to free speech, economic security, but it *WILL* put American lives and national security at risk. And before you go, “Oh, but WE, in Congress and the govt is not bound to this law.” read again that the law specifically says “NO ENTITY”, including the Entity of the US Govt. BY THE LETTER OF THE LAW.
Re: Re:
I quite agree – the ‘no entity is above the law’ would mean that all the federal ‘Except us’ language in various other laws doesn’t apply. Should (horrors) this abomination be passed, then I can only suggest that Lal, Shimpy, NSA, the Navy, et al be named as co-defendants to any suit brought under this. After all, as RSA, TOR, etc fail to provide backdoors in the algorithms employed – right?
Watching politicians writing security legislation is like watching dogs trying to understand quantum mechanics.
Re: Dogs are fairly harmless, politicians not so much
Not quite, because no matter how confused the dogs get the odds are against anything they do screwing over an entire country.
Re: Re: Dogs are fairly harmless, politicians not so much
Dogs might have a hard time destroying the world with a supercollider, but they’ll wreck your day if you’re a lamb grazing on the field.
The problem is in this case, that these are idiots out of their league, but with power enough to be destructive.
It’s the same problem as we have with many entrenched representatives who cannot be voted out of position (the GOP can’t even create a candidate liberal enough to be palatable to California) so long as they’re worse than Joffrey-Satan-Hitler, we won’t vote Joffrey-Satan-Hitler in to replace them.
But seriously, I’d really like someone that’s actually intelligent and actually means to run California not into the ground.
It’s a pipe dream.
Re: Re:
Pardon my crudity, but…
FTFY
Re: Re: Re:
actually, no.. dogs DO know how to poop. FTFY back
Sheep must not evolve armor, claws, or teeth
California — home of the embarrassing Ms. Feinstein — is an odd place. Far from being a Liberal paradise, it’s actually well on its way to becoming a feudal state, where the wealthy lords and ladies control the land, while peasants pay rent for the privilege of furthering the fortunes of their landlords. (Anybody who lives in the Bay Area knows exactly what I’m talking about.)
Her Majesty Lady Feinstein has decided that it’s too dangerous for the peasants to have secrets, and so she insists that we must divulge everything at the whims of her knights in blue. The wording of this bill suggests that she considers peasant vulnerability and rule of law to be inseparable.
This sort of attitude is not at all inconsistent with California law. This state has some of the most restrictive gun laws in the country. After all, an armed peasant is a less vulnerable peasant. Regardless of which side of the gun debate you happen to be on, though, you can probably agree that Lady Feinstein’s public pride in the fact of her own armed condition seems more than a little hypocritical. (Yes, Diane Feinstein famously has a permit to carry deadly weapons.) But of course self defense is a god-given right of the nobility, isn’t it?
We might excuse California if the restrictions stopped there; it’s easy to imagine that few people really need to own or carry firearms today. But in the spirit of keeping peasants vulnerable, California has even declared bullet-resistant clothing illegal. That’s right: apparently rule of law demands that peasants must be as vulnerable — i.e. easy to kill — as possible. Wear a bulletproof vest, go to jail.
So what’s next, Your Majesty? Are you going to take a cue from that silly David Lynch version of “Dune” and decree that all of us must be fitted with openly accessible “heart plugs” that allow our lives to be taken with the flick of the wrist from your deputized thugs? Or at the very least, should we all be forced by law to carry wrist restraints, so that we can truss up ourselves in an instant when so ordered?
Re: "Well on its way to becoming a feudal state"
The same is true of every state in the US. Ours is and has been for decades a corporate oligarchy in which the voters are disenfranchised unless they can rally tens of millions.
But yes, ours is a feudal state under Hollywood and Google that wishes it were a liberal democracy, rather than a feudal state under Monsanto or Pfizer or Chevron or Ford that wishes it were a conservative republic.
Re: Re: "Well on its way to becoming a feudal state"
Not exactly sure where you are going with this, but you do realize both parties answer to corporate interests? Its just that one is more open about it while the other lies about it.
What about postal letters?
So now every mailman in the country that handled my letter is liable for my secret decoder ring message I sent to my kid since they provided the method of commincation (Drink your Ovaltine!)
Wrong analogy
“That’s like saying that the safe maker who doesn’t keep copies of the keys to every safe they sell is above the law.”
No, its like holding a paper manufacturer responsible for people burning letters after reading them.
Burning papers and mixing the ashes is what we did before digital communications. And they had a term for that: destruction of evidence. And it was still a bullshit charge as there was no clue as to what those papers really contained.
So now, we want to hold the paper manufacturers to blame for this huge problem (that really isn’t) and force them to make fire-proof paper or pay massive fines.
Brilliant!
Cannot wait to hear Steve Gibson or GRC.com (Security Now podcast) reaction to this….
Re: Re:
I suppose Steve and Leo will devote the whole podcast to it, Steve’s been harping about it for weeks.
Coverage
The bill covers a ridiculous scope.
It would ban paper shredders, data storage places(paper or datacenters) from having fire suppression systems that could potentially damage documents/data.
If you offer a product or service that touches documents or data and have anything even remotely in your control (fire sprinklers) that can render the data unreadable you are on the hook to provide a clean copy to the government.
Software which allows plugins
What about software used for communication or storage which provides for plugins/modules/hooks which can encrypt information? Does the bill not apply there? Would it require the software to somehow authenticate the plugins/etc as being on an approved list? Outlaw such extensibility altogether?
This bill is hilarious. I can’t wait until someone sues General Dynamics (or the like) over the products they produce and SELL TO THE US GOVERNMENT.
https://gdmissionsystems.com/cyber/products/
As a long time Californian, I can never understand how in the world my fellow citizens continue to elect the likes of Boxer (or Diane Feinstein either).
Re: Re:
This bill is hilarious. I can’t wait until someone sues General Dynamics (or the like) over the products they produce and SELL TO THE US GOVERNMENT.
Selective enforcement.
I wouldn’t worry about. It’s not like it’s gonna go anywhere. Burr and Feinstein are just grandstanding early, like Wyden.
Re: Re:
I agree that the bill will go nowhere, it’ll make the US a tech desert. But I take exception to your comment on Wyden; he’s no grandstander. I think he has principles, a rare quality for a politician.
It is the sense of Congress that–
no person or entity is above the law;
economic growth, prosperity, security, stability, and liberty require adherence to the rule of law;
Why the hell aren’t all laws started this way.
Re: Re:
‘It is the sense of Congress…‘
Run-time error ’11’:
Division by zero
Obama waffles
Notwithstanding yesterday’s Reuters report discussed in the previous Techdirt article, in a competing story from yesterday, The Hill’s Cory Bennett reports that deputy White House press secretary Eric Schultz says the President hasn’t reached any decision. (“Encryption bill sent back to White House for Obama review”)
This is at least a different spin than the Reuters story, and offers the highlighted statement from the White House deputy press secretary. (Contrast with the Reuters story, which says: “A White House spokesman declined to comment on the pending legislation, but referred to White House press secretary Josh Earnest’s statements on encryption legislation.”)
Re: Obama waffles
( Oh, and fwiw, h/t Max J. Rosenthal at Mother Jones
)
Re: Obama waffles
Yesterday’s Reuters report was bylined Mark Hosenball and Dustin Volz. In a story dated today (Friday) they update us with further information on the White House response to Burr-Feinstein.
“Leak of Senate encryption bill prompts swift backlash”, by Dustin Volz and Mark Hosenball, Reuters, Apr 8, 2016
Re: Re: Obama waffles
Interesting. We’ll probably get something out on that next week (or on the administration’s clear position, if it’s decided on one by then).
Re: Re: Obama waffles
But the administration remains deeply divided over encryption and views it as too controversial to offer public support or opposition for the bill as it is currently written, according to sources.
Yeah, nice attempt at a dodge on their part, but no, I’m not buying it. There has been plenty of time to become educated on the subject, and more than enough people in the field have spoken up saying how dangerous undermining encryption is that to claim to be ‘undecided’ at this point is just an attempt to avoid voicing an opinion counter to the evidence that’s been presented.
I think the real ‘problem’ facing them is that they would really like to voice support for the bill, but they know the public backlash for doing so would likely be significant(and during election season at that), and so they’re stuck pretending to have to ‘consider the matter’ and ‘weigh the pros and cons’.
If by some disaster the bill does make it through and gets enough votes to pass I’m sure he will sign it, even as he pretends that he’s only doing so because he has to, the lawmakers have spoken and he has no choice but to go along with the general consensus.
Re: Re: Re: Obama waffles
Don’t overestimate the level of popular concern about the issue.
“Even in Silicon Valley, encryption battle yields more yawns than yelps”, by Bruce Newman, Mercury News, Apr 8, 2016
Perhaps even worse than overestimating the popular interest in the issue would be overestimating the level of popular opposition to something like Burr-Feinstein.
All too easy to get yourself in big room with a few thousand people mostly agreeing on something—and forget that a big room like that may not really be representative in a nation of 300 million and change.
Re: Re: Re: Obama waffles
If by some disaster the bill does make it through and gets enough votes to pass I’m sure he will sign it, even as he pretends that he’s only doing so because he has to, the lawmakers have spoken and he has no choice but to go along with the general consensus.
If Congress is in session when it hits his desk he can do nothing and hope nobody notices.
Re: Re: Re:2 Obama waffles
He could, but would he?
Either our President is a surveillance- / police-state- / national-security-maximalist, or the guy who has a gun to his head is.
We’ve not seen his opinion evolve until after it’s clear the direction the votes are going.
Re: Re: Re:3 Obama waffles
“Either our President is a surveillance- / police-state- / national-security-maximalist, or the guy who has a gun to his head is.”
Toe-may-toe, toe-mah-toe.
Yup
Feinstein is a big part of why I will never become a democrat.
Re: Yup
And Burr’s a republican. This isn’t a Democrat/Republican thing, this is a ‘Dangerous idiots who don’t know what they’re talking about’ thing, or perhaps a ‘Who cares what it does to the public, the power of the government is more important.’
sorry
I feel the need to apologize for Dianne Feinstein every time I hear of her doing something stupid. I didn’t vote for her, but I still feel responsible (being a California resident)
Get rid of this ridiculous bill and put one in place that says any Senator on the Senate Intelligence Committee has to actually be intelligent and also understand the damn technology they oversee.
How about a bill that makes it illegal for Feinstein to propose any bills? Even better, one that makes it illegal for her to even have a job in the government?
I’ll certainly need an array to store recorded traffic entering and leaving my VPN on my home server. Otherwise, who knows what my roommates get up to that LEO’s might want to see. And that’s only the beginning.
can someone please just “deal” with feinstein…like now? Every time I hear this goddamn witch’s name its something to do with weakening our privacy and killing piracy.
“(b) DESIGN LIMITATIONS.—Nothing in this Act may be construed to authorize any government officer to require or prohibit any specific design or operating system to be adopted by any covered entity.”
The inclusion of the above means, to me, that the requirement for providing the data or assistance with getting it applies only WHERE POSSIBLE, and does not mean systems or software must be dumbed down to provide for governmental wants later (no back-doors are required here). I admit I’ve only glossed over this so far, but am I misinterpreting anything here? If it does require back-doors, where exactly in the bill does it do so?
Re: Re:
Yes. It does indeed appear you are misinterpreting the bill. Try reading it a little bit more slowly and carefully.
If English is not your first language, then you should consider indicating particular words that you’re having trouble translating into your native language.
Re: Re: Re:
No need to be a dick about it…
Re: Re: Re: Re:
Sorry.
Re: Re: Re:2 Re:
“Sorry.”
Sorry assed, that is.
Re: Re: Re:
You were asked to point out exactly what part of this bill supersedes the quoted text. As of yet, you have failed to do the one and only thing asked of you. You’re about as helpful to society as an aged bottle of urine.
Re: Re:
The whole thing is ridiculous and very poorly written and even(hypothetically) if there isn’t something stating that there needs to be backdoors in there the government, law enforcement and the courts can very easily interpret it to mean that they will indeed have to have backdoors.
Re: Re: Re:
It’s so pompous, I don’t think it stands a snowball’s chance in hell of passing. And even if it did, the chances of me abiding by it, are the same.
Re: Re:
If it does require back-doors, where exactly in the bill does it do so?
The very next provision after the one you quoted.
“A provider … shall ensure that any such products, services, applications or software … be capable of complying.”
At best, the two provisions contradict each other. More accurately, the one you quoted is a weak attempt to deny that they are doing exactly what they are doing: mandating how software and devices must be designed. It’s providing some tiny, meaningless leeway.
Basically the part you quoted is saying “You can give us a master key, or a separate entrance, or a hidden recording device, or an infrared camera, or a doorman with orders to let us in – it’s totally up to you!”
Re: Re: Re:
Thank you for laying that out clearly (and politely). So if I’m reading you correctly, you’re saying those two parts, taken together, require a back-door of some sort, but not of any particular sort. However, if I’m not mistaken, a court of law must also take into consideration “Notwithstanding any other provision of law”, in which, right off the bat, it conflicts with CALEA: “(1) Design of features and systems configurations. This subchapter does not authorize any law enforcement agency or office (a) to require any specific design of equipment, facilities, services, features, or system configurations to be adopted by any provider of a wire or electronic communication service, any manufacturer of telecommunications equipment, or any provider of telecommunications support services; (b) to prohibit the adoption of any equipment, facility, service, or feature by any provider of a wire or electronic communication service, any manufacturer of telecommunications equipment, or any provider of telecommunications support services.” I cant see the bill passing with such an immediate glaring conflict with existing law. Of course, I could be mistaken, but it just looks like they’re trying to project the illusion of doing something without actually doing anything (usually called grandstanding when so close to an election).
Re: Re: Re: Re:
This subchapter does not authorize…
Nor does it prohibit.
Re: Re: Re:2 Re:
Yeah… CALEA does not authorize law enforcement to require a specific design, and it does not authorize law enforcement to prohibit adoption of a specific design… And?
Re: Re: Re: Re:
I think they would argue that this new bill doesn’t require or prohibit any specific design or feature. The specific design is up to the phone maker, they just have to ensure they can comply with search orders.
Re: Re: Re:2 Re:
Which is why I said, “require a back-door of some sort, but not of any particular sort”. And why I subsequently brought up CALEA, which doesn’t authorize law enforcement to make a “per se” requirement, which is exactly what is happening when someone legislates against specific circumstances (inability to comply) that can only be avoided by the inclusion of a back door, seeing as the end result is the same as requiring one to begin with. Feinstein thinks she’s being slick, but Homie don’t play that shit, etc..
Re: Re: Re:3 Re:
I understand what you’re saying, I’m just pointing out that they have a path to make an argument that this bill does not in fact conflict with CALEA. Whether a court would buy that argument is unknown at this time.
Re: Re: Re:4 Re:
Why would a court care?
“Entrenchment of Ordinary Legislation: A Reply to Professors Posner and Vermeule”, by John C. Roberts and Erwin Chemerinsky, California Law Review, 2003, p.1783 (p.11 in PDF):
(Hyperlink added. Note that footnote 34, while citing 287 U.S. 315, 318, appears to get the year of the case wrong. Google shows this case as 1932.)
“The will of a particular Congress … does not impose itself upon those to follow in succeeding years.”
So why would a court care that a later legislative enactment sub silentio amends an earlier act?
Re: Re: Re:5 Re:
Incidentally, DePaul University College of Law Dean Emeritus and Professor of Law John C. Roberts should most probably NOT be confused with the more notorious John G. Roberts Jr.
Re: Re: Re:5 Re:
So why would a court care that a later legislative enactment sub silentio amends an earlier act?
The argument would be that this bill does NOT do that. Am I not explaining this clearly?
Re: Re: Re:6 Re:
You’re not explaining why it would matter whether it does or doesn’t.
I think that motivation is a necessary predicate for any worthwhile argument: Contrariwise, if it doesn’t matter, then it just doesn’t matter…
Re: Re: Re:7 Re:
You’re not explaining why it would matter whether it does or doesn’t.
Are you saying it’s perfectly fine for this bill to conflict with CALEA, and that means CALEA is effectively amended? Maybe I misunderstood you.
Re: Re: Re:8 Re:
CALEA was enacted by the 103rd Congress, and was signed by President Clinton in 1994.
If the current, 114th Congress duly enacts a new law, then we get a new law. Tell me why it wouldn’t just be that simple—especially in any question regarding interpretation and construction of the new statute?
Re: Re: Re:9 Re:
I asked a yes or no question, you could just answer it…
As for your question, ask the AC who thought it would be a problem.
Re: Re: Re:10 Re:
Oh c’mon nasch. You’ve been hanging around here long enough to know the stock-off-the-shelf answer to any kind of question like that would usually be—
In this specific context, though, I’d continue to say that the question itself depends on whether its answer makes any kind of meaningful difference.
Dianne Feinstein has always been bad at maths.
Even without reading it I am certain it benefits them at the same time it makes everyone else less safe.
Those 2 have proven they are traitors through and through.
I wonder how this is going to affect open source.
When the code is available and no-one takes credit for providing the compiled version, or the company in question is outside the US, what happens then?
Can this be enforced?
Is this going to do anything but vector consumer dollars outside the US?
Finally, fantastic news for a change.
Re: Open trolling?
Or just saying My name’s Whatever and I endorse this message?
Because that’s not really a surprise.
Re: Re: Open trolling?
I don’t think that’s him, it’s not his usual avatar.
Re: Re: Re: Open trolling?
The tard’s logged out again.
I actually completely support this legislation. I think it is the best bill of the last 30 or so years. SSL is the worst thing that has ever happened to my business, An0nym0usH4x3rs4H1r3
When?
Get real California! When are you going to fire Feinstein? She represents a large part of California’s tech sector, and she ISN’T doing her job! Show her the door!
Typical Dem move
Burr and Feinstein are basically offering a bill that completely undermines the economic prosperity of the American tech industry.
Since when is the Democratic party every been concerned about the economy or America’s prosperity?
Re: "concerned about the economy or America's prosperity"
The GOP has? Ever? Reaganomics? Trickle-Down Theory? Opening the door for lobbyists? War-profiteering?
The problem with partisan thinking is that both sides are generally corporatist and protectionist and representatives need to be in order to get those sweet, sweet campaign contributions.
Our government is now intrinsically corrupt, and only serves the monied interests. It’s actually worse than Feudalism in a way since there is no acknowledgement of the value of the general population (as laborers, soldiers and consumers), so most of them are shortsighted enough to regard us shlubs as filth to be socially cleansed.
Burr-Feinstein bill
Suppose an encryption mechanism signed everything it encrypts with a unique pointer (unique to that data). That pointer only has meaning to the provider of the encryption mechanism. It is a pointer to the encryption key used to encrypt that data. The pointer is useless to anyone but the provider. When faced with a court order the provider may use the pointer to provide the required encryption key.
This should mean that I can encrypt my data with the confidence that it can only be read by me, some one I give the encryption key to, or someone who has a court order to read it. Of course, the provider has to be trustworthy, as my bank is now!
Re: Burr-Feinstein bill
Of course, the provider has to be trustworthy, as my bank is now!
Not just trustworthy, but secure. Criminal organizations and foreign nations would be trying to break in and steal the information needed to make use of the pointers you describe. And eventually one or more of them would probably succeed.
Re: Re: Burr-Feinstein bill
“trustworthy” would obviously include “secure”.
Criminal organizations can probably break any encryption if they think there’s enough money to be gained. We live in a world where everything has some risk. The goal is to reduce the risk while attaining other goals as well.
Re: Re: Re: Burr-Feinstein bill
I’m not sure your proposal is any better than regular old key escrow. It just adds another layer of misdirection.
expel them
this proposal cannot be forgiven, contact your senators, the only acceptable resolution to such an egriegious proposal is the expulsion of Barr and Feinstein from the US Senate.
If they want to propose utterly idiotic legislation there is plenty of room in the House of Representatives.