Since the Paris attacks last year, Senators Richard Burr and Dianne Feinstein have been working on legislation that would mandate backdoors in encryption. Reports from insiders suggest that the pair will be ready to introduce their legislation in the near future, possibly as early as next week. Tech companies which disobey a court order to circumvent their own encryption measures would be opened up to contempt of court penalties under the bill. The bill will not seek criminal penalties, but rather civil ones.
Since Burr and Feinstein are the most senior Republican and Democrat on the Senate Intelligence committee, there is some concern that they could use their influence to rally bipartisan support for the bill. However, another bill may undermine this proposal's chance of succeeding. Democratic Senator Mark Warner and Republican Representative Michael McCaul have recently introduced their own bill, which would create a commission to study the issue of encryption. They believe that it is important to study the issue and build a consensus before trying to get pass any other legislation regarding encryption.
The commission would be made up of 16 members. 8 commissioners will be appointed by the Speaker of the House and the Senate Majority Leader, and the other 8 will be appointed by the House Minority Leader and Senate Minority Leader. The Commission will conduct hearings and will even have subpoena authority. The commission will be required to give its final report within 12 months of its initial meeting. The commission is to be made up of experts, with two each from the following fields: cryptography, global commerce and economics, federal law enforcement, state and local law enforcement, consumer-facing technology sector, enterprise technology sector, intelligence community, privacy and civil liberties community.
This commission seems like it might be a good alternative to the proposal being cooked up by Burr and Feinstein. After all it doesn't propose any penalties on companies, and merely investigates the issue. If it does its job properly it should come to the conclusion that strong encryption is necessary and no laws should be passed undermining encryption. However the EFF has raised concerns about the commission, particularly its makeup. The EFF notes that both the subpoena authority of the commission as well as its final report require the approval of 12 members of the commission. Since law enforcement and the intelligence community are represented by 6 members, if they work together as a voting bloc within the commission, they can hinder its investigations and prevent the commission from advocating in favor of strong encryption.
Are you concerned about the proposed encryption commission? Leave your comments below.