Another Senate bill that intends to regulate encryption in private devices is in the works.
Staffers for the Senate Judiciary Committee have been speaking with representatives of large U.S. technology companies in recent months to receive feedback for potential future legislation, three people familiar with the matter told CyberScoop. These representatives have so far included trade group associations and lobbyists for technology vendors.
The sources, who spoke on condition of anonymity to discuss private conversations, explained the process as a greater push within the Trump administration to tackle the “going dark” issue.
“Going dark” refers to law enforcement’s inability to bypass device encryption in order to access information that might be relevant to a criminal investigation. Last year, investigators were blocked from accessing evidence on 7,775 devices because of encryption, FBI Director Christopher Wray recently said.
It’s not clear when such a bill would be introduced, because discussions are still ongoing and in some cases, just beginning.
The congressional effort is being pioneered by a combination of the Justice Department and leaders of the Senate Judiciary Committee; specifically, Senate Judiciary Chairman Chuck Grassley, R-Iowa, and ranking member Dianne Feinstein, D-Calif. At the Justice Department, Deputy Attorney General Rod Rosenstein has become one of the leading voices regarding a legislative solution.
Feinstein was also previously involved with a big push for encryption legislation in 2016 following the San Bernardino terrorist attack. That incident resulted in a messy public relations fight between the FBI and Apple. As the former vice chair of the Senate Intelligence Committee, Feinstein helped draft legislation, along with Chairman Richard Burr, R-S.C., that was never introduced for a vote. The draft proposal was criticized for seeking to mandate “backdoors” in widely used consumer tech products.
Feinstein told Politico in November that she wanted to bring back the 2016 bill, which would effectively ban encryption as it currently exists.
Grassley has also repeatedly called for a “solution” to encryption, sending letters during the Obama administration to FBI Director James Comey and Deputy Attorney General Sally Yates asking to discuss options.
Advocacy groups, like the Electronic Frontier Foundation (EFF) and Access Now, have criticized officials’ efforts to bypass encryption. The groups are among a vocal population that says there is no “solution” to encryption that ultimately wouldn’t also weaken device security.
Discussions about a new bill in the Senate are primarily isolated to Grassley and Feinstein’s offices. CyberScoop spoke with multiple staffers from the Senate Judiciary Committee, who said they were only recently made aware of the larger legislative effort.
The disconnect shows how closely guarded and segmented the initial conversations have been so far.
In addition to speaking with the private sector, there have been internal discussions about a new law at multiple federal agencies. While DOJ is widely seen as the lead, various other government offices have a stake in a bill that could significantly impact the state of cybersecurity across the U.S. economy. These other agencies with an interest in the debate include the Department of Commerce, Department of Homeland Security, FBI and NSA.
The Justice Department declined to comment. Spokespeople for Grassley and Feinstein did not respond to multiple requests for comment.
The New York Times recently reported that FBI officials have been speaking with experts in academia about technical options that might convince U.S. technology companies to create confidential digital channels for law enforcement access to customer data.
Last week, Politico also reported that New York County District Attorney Cyrus Vance Jr., a vocal critic of so-called “warrantless encryption,” briefed Senate staffers in a closed door meeting about the difficulties underpinning most criminal investigations due to the proliferation of encryption technologies.
A spokesperson for Vance declined to comment.
The Chamber of Commerce, which represents Microsoft and various other major technology vendors, also declined to comment.