This new bill called the “Compliance with Court Orders Act of 2016” (“Burr Encryption Bill – Discussion Draft,” n.d.) is going to destroy the foundation of encryption. Encryption was created to protect data and was not intended to have backdoors built into their designs. As mentioned by “Keys Under Doormats” (Adelson et al., 2015), any backdoor created for law enforcement also creates a potential risk for hackers and cyberspies (Greenberg, 2016). The title “Keys Under Doormats” is appropriately named because how secure is your house if the key is under the doormat. If encryption is designed with a backdoor in mind, then why even build it. Creating a master key that would decrypt any other key would also prove pointless.
The Senate and House must seek the appropriate technical assistance before attempting to write this type of garbage up as a law. Does Congress realize what they are demanding in the full scope or are they just creating a bill that is a fix for only a few issues that are currently preventing further investigation from the U.S Government? If this is voted into law every American should just use an FTP to store all there information, change all current passwords to “password” or “1234”, where t-shirts custom made to display your credit card information, and do not lock your cars. Why should American’s do these things? Without encryption these things will not matter anyway. So much of out lives depends on encryption and the government is trying to build up its’ wall while they tear down ours. Any files that may be stored in the cloud are protected by encryption, or authentication. Passwords are transmitted using encryption so that a spying eye cannot capture them. Credit card information is secured through encrypted transactions, secure tunnels, or digital certificates.
Cars? Why mention not locking your vehicle? It’s not protected by an encrypted key, a physical key must be used to unlock and start my car. The Swiss Federal Institute of Technologies test 8 cars that used key less fobs for unlocking and starting a vehicle, and they successfully started all 8 vehicles (Hyde, 2011). What does this have to do with encryption? If encryption is required to have a way for court ordered law enforcement to gain access to it, then the encryption is flawed from the start. It takes one person to find the key and all devices from that manufacturer are now unsecured. American is becoming the land of free information, and the home of the weak security.
By: Grant Ryan