New bill seeks to preempt state encryption rules

Rep. Ted Lieu (D-Calif.)

Rep. Ted Lieu (D-Calif.) is leading the charge on a bill to prevent states from making their own encryption laws.

States are beginning to address the issue of giving law enforcement access to encrypted electronic communications via warrant to resolve the "going dark" problem identified by FBI Director James Comey and many state and local police and prosecutors.

Already, legislatures in New York and California are considering measures that would give law enforcement new authority in those states.

Two members of Congress are hoping to avoid a potentially messy patchwork of state regulations with a new bill that would preempt states from making their own laws regarding access to encrypted communications. The Encrypt Act of 2016 (short for Ensuring National Constitutional Rights for Your Private Telecommunications) would prevent states from requiring device manufacturers and communications service providers to alter their products and services to create backdoors for law enforcement searches. The bill is backed by Reps. Ted Lieu (D-Calif.) and Blake Farenthold (R-Texas). Reps. Suzan DelBene (D-Wash.) and Mike Bishop (R-Mich.) have also signed on as supporters.

"We are deeply concerned that a patchwork system with different encryption requirements in every state would not only undermine national security, it would also threaten the competiveness of American companies and dampen innovation," Lieu and Farenthold wrote in a letter to members of Congress seeking support for the draft bill.

Lieu, who has a degree in computer science from Stanford University, is strongly opposed to government efforts to require device manufacturers and service providers to retain encryption keys to their customers' accounts. However, he is making the case to colleagues that even those who want some regulatory action on commercial encryption should support the bill to avoid the chaos of 50 separate rulebooks governing encryption.

"This should be settled at the federal level," said Jack d'Annibale, a senior aide to Lieu. He told FCW that the bill is likely to be referred to the House Judiciary Committee. It could also see secondary referral to the Energy and Commerce and the Homeland Security committees.

The bill has already attracted support from the IT industry, including the Information Technology Industry Council, the Internet Association, other groups representing hardware and software companies, and mobile application developers.

The widespread use of commercial encryption has sparked a controversy among policymakers. Rep. Michael McCaul (R-Texas), chairman of the House Homeland Security Committee, and Sen. Mark Warner (D-Va.) are backing legislation to create a national commission to study the issue and make recommendations to Congress about how to balance law enforcement access with privacy concerns.

Most encryption experts and computer scientists present the issue as a logical problem rather than one that can be "solved" by technology. They argue that the existence of master encryption keys held by third parties -- whether manufacturers, service providers or government -- makes communications less secure because those keys can be discovered and exploited by adversaries and used in ways not intended by policymakers.

U.S. CIO Tony Scott has been among those raising doubts about the value of mandating such access. "At the end of the day, I think the better policy is probably not to require these backdoors," he told FCW in an interview late last year.

About the Author

Adam Mazmanian is executive editor of FCW.

Before joining the editing team, Mazmanian was an FCW staff writer covering Congress, government-wide technology policy and the Department of Veterans Affairs. Prior to joining FCW, Mazmanian was technology correspondent for National Journal and served in a variety of editorial roles at B2B news service SmartBrief. Mazmanian has contributed reviews and articles to the Washington Post, the Washington City Paper, Newsday, New York Press, Architect Magazine and other publications.

Click here for previous articles by Mazmanian. Connect with him on Twitter at @thisismaz.


  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.