California Introduces Bill To Ban Strong Encryption In Smartphones

California’s Assembly member, Jim Cooper, introduced legislation to ban smartphones that come with strong encryption and can only be encrypted by the owners of those devices. The bill would fine the sellers of the devices $2,500 per unit if they receive law enforcement requests for decryption and aren’t able to deliver. The bill would affect all iPhones with iOS 8 and above, as well as many Android devices (especially the ones that come installed with Android 6.0).

The bill would essentially legislate that the encryption for these devices should be weaker than it is, to the point where someone else, besides the owner of the phone, can unlock the devices. This is a dangerous proposition, especially in light of all the smartphone thefts that were highlighted by law enforcement and state legislators, such as the ones from California and New York, not too long ago.

If the encryption of the devices becomes weaker, then smartphone thieves won’t find it as difficult to unlock the devices anymore.

The bill doesn’t seem to have come out of nowhere, either. Just last week, the New York Senate introduced an almost identical bill, which could mean some law enforcement agency is trying to push this into law across the states. FBI’s chief, James Comey, has made no secret of the fact that he doesn’t like smartphones that can’t be decrypted, and he even asked for backdoors in encryption throughout the entirety of last year.

However, in New York’s case, its citizens can sign up on the state's official website to express their approval or disapproval of the new legislation by clicking on the Aye on Nay buttons. As of now, California doesn’t have such a site, which means that if you disagree with the bill, you’ll still have to contact your local representatives in California directly.

As device makers cannot cost-effectively build devices with different features for each American state, if the law passes in one or multiple states, it probably means this encryption weakness will be enabled in all smartphones across the U.S., and perhaps even globally. Some French politicians tried to pass a similar law, but the amendment was rejected as it would weaken security and trust in companies.

Lucian Armasu is a Contributing Writer for Tom's Hardware. You can follow him at @lucian_armasu. 

Follow us on FacebookGoogle+RSSTwitter and YouTube.

Create a new thread in the US News comments forum about this subject
This thread is closed for comments
Comment from the forums
    Your comment
    Top Comments
  • dstarr3
    Ban deadbolt locks while you're at it. No one needs basic protection in today's world.
  • JimmiG
    Just stop selling smartphones in California then.They can have flip phones or move to another state/country that's less backwards and more developed.
  • surphninja
    The criminal justice system has become to accustomed to letting criminals hand over all the evidence they need on their smart phones.

    If you put cameras in everyone's homes, kept records of all their conversations and where they are at all times and whom they associate with, you could virtually put a stop to all crime, or at the very least solve crimes instantly. But just because something makes the job of law enforcement easier doesn't mean that it's right, or even constitutional. People have the right to privacy. People have the right to keep secrets.

    I'm sick of legislators arguing that "such and such method is effective in law enforcement." Effective does not equal constitutional.
  • Other Comments
  • dstarr3
    Ban deadbolt locks while you're at it. No one needs basic protection in today's world.
  • hpram99
    I'm not sure why this wouldn't include windows phone or other mobile operating systems, but it's not an encryption bill, it's a mandate for a backdoor method of unlocking a phone. The encryption strength is irrelevant.
  • Gam3r01
    Seriously? Why do people keep thinking this will solve anything?
    Have politicians never read 1984? If they "need" the information on that device they can get it, but weakening the security of devices state wide for a few incidents is not the way to handle anything.
    Im from, and still live in California and I am dissapointed.
    This makes me wonder how long it will take them to attack the UC (University of California) system as well. The 10 UCs use encrypted wifi for the students, wonder if they will take that from us.