California’s Assembly member, Jim Cooper, introduced legislation to ban smartphones that come with strong encryption and can only be encrypted by the owners of those devices. The bill would fine the sellers of the devices $2,500 per unit if they receive law enforcement requests for decryption and aren’t able to deliver. The bill would affect all iPhones with iOS 8 and above, as well as many Android devices (especially the ones that come installed with Android 6.0).
The bill would essentially legislate that the encryption for these devices should be weaker than it is, to the point where someone else, besides the owner of the phone, can unlock the devices. This is a dangerous proposition, especially in light of all the smartphone thefts that were highlighted by law enforcement and state legislators, such as the ones from California and New York, not too long ago.
If the encryption of the devices becomes weaker, then smartphone thieves won’t find it as difficult to unlock the devices anymore.
The bill doesn’t seem to have come out of nowhere, either. Just last week, the New York Senate introduced an almost identical bill, which could mean some law enforcement agency is trying to push this into law across the states. FBI’s chief, James Comey, has made no secret of the fact that he doesn’t like smartphones that can’t be decrypted, and he even asked for backdoors in encryption throughout the entirety of last year.
However, in New York’s case, its citizens can sign up on the state's official website to express their approval or disapproval of the new legislation by clicking on the Aye on Nay buttons. As of now, California doesn’t have such a site, which means that if you disagree with the bill, you’ll still have to contact your local representatives in California directly.
As device makers cannot cost-effectively build devices with different features for each American state, if the law passes in one or multiple states, it probably means this encryption weakness will be enabled in all smartphones across the U.S., and perhaps even globally. Some French politicians tried to pass a similar law, but the amendment was rejected as it would weaken security and trust in companies.
Lucian Armasu is a Contributing Writer for Tom's Hardware. You can follow him at @lucian_armasu.
Have politicians never read 1984? If they "need" the information on that device they can get it, but weakening the security of devices state wide for a few incidents is not the way to handle anything.
Im from, and still live in California and I am dissapointed.
This makes me wonder how long it will take them to attack the UC (University of California) system as well. The 10 UCs use encrypted wifi for the students, wonder if they will take that from us.
-we can only hope
Once this happens here, no secure system will truly be secure. One could have the strongest keys known to mankind, but, if there's a back door, it's like letting the fox into the henhouse via a small door...and the henhouse is otherwise locked tighter than Ft. Knox.
The smart phone/tablet companies will merely stop selling their products in California and since these phones are GPS enabled, someone buys the product in another state and takes it to Californoa, soon as the phone crossed into the state, the phone disables the carrier signal totally. No 4G, no Wifi, nothing.
Another example of liberal logic...
seems we the people need to start practicing law enforcement of our 4th amendment.
If you put cameras in everyone's homes, kept records of all their conversations and where they are at all times and whom they associate with, you could virtually put a stop to all crime, or at the very least solve crimes instantly. But just because something makes the job of law enforcement easier doesn't mean that it's right, or even constitutional. People have the right to privacy. People have the right to keep secrets.
I'm sick of legislators arguing that "such and such method is effective in law enforcement." Effective does not equal constitutional.