California Bill Seeks Phone Crypto Backdoor
A week after a New York legislator introduced a bill that would require smartphone vendors to be able to decrypt users’ phones on demand from law enforcement, a California bill with the same intent has been introduced in that state’s assembly.
On Wednesday, California Assemblyman Jim Cooper submitted a bill that has remarkably similar language to the New York measure and would require that device manufacturers and operating system vendors such as Apple, Samsung, and Google be able to decrypt users’ devices. The law would apply to phones sold in California beginning Jan. 1, 2017.
“This bill would require a smartphone that is manufactured on or after January 1, 2017, and sold in California, to be capable of being decrypted and unlocked by its manufacturer or operating system vendor,” the bill says.
“You can get a warrant for pretty much anything and everything, but not for an iPhone or an iPad.”
Like the New York bill, Cooper’s measure would provide for a fine of $2,500 for each device that doesn’t comply. However, the California bill isn’t aimed at stopping terrorism, as the New York one ostensibly is. Cooper’s bill is designed to address the problem of human trafficking, which the legislator and law enforcement officials say is a major problem in the state and almost always is accomplished through the use of smartphones.
“You can get a warrant for pretty much anything and everything, but not for an iPhone or an iPad. That’s just mind-boggling,” Cooper, a former law enforcement officer, said during a press conference.
“Ninety-nine percent of the public will never have their phone searched with a court order. It is an issue right now. Hopefully with this legislation we can do something about it and take it back and put the responsibility back on the tech industry.”
The California bill, like the New York one, could set up another battle in the long-running war between technology vendors and law enforcement agencies over the use of backdoors for encryption. Recent iPhones and Android devices have device encryption enabled by default and the vendors have told law enforcement agencies that they do not hold the encryption keys and can’t decrypt users’ devices, even with a court order. This has led to a lot of rhetoric and vitriol from both sides, and privacy advocates and security experts have said consistently that any backdoor or key escrow system for encryption schemes will weaken them and make them targets for attackers of all stripes.
Cooper’s proposed measure would need to pass both the state assembly and Senate before making it to the governor’s desk, and it likely will face stiff opposition from tech vendors such as Apple and Google, both of which are based in California.