California’s Assembly member, Jim Cooper, introduced legislation to ban smartphones that come with strong encryption and can only be encrypted by the owners of those devices. The bill would fine the sellers of the devices $2,500 per unit if they receive law enforcement requests for decryption and aren’t able to deliver. The bill would affect all iPhones with iOS 8 and above, as well as many Android devices (especially the ones that come installed with Android 6.0).
The bill would essentially legislate that the encryption for these devices should be weaker than it is, to the point where someone else, besides the owner of the phone, can unlock the devices. This is a dangerous proposition, especially in light of all the smartphone thefts that were highlighted by law enforcement and state legislators, such as the ones from California and New York, not too long ago.
If the encryption of the devices becomes weaker, then smartphone thieves won’t find it as difficult to unlock the devices anymore.
The bill doesn’t seem to have come out of nowhere, either. Just last week, the New York Senate introduced an almost identical bill, which could mean some law enforcement agency is trying to push this into law across the states. FBI’s chief, James Comey, has made no secret of the fact that he doesn’t like smartphones that can’t be decrypted, and he even asked for backdoors in encryption throughout the entirety of last year.
However, in New York’s case, its citizens can sign up on the state's official website to express their approval or disapproval of the new legislation by clicking on the Aye on Nay buttons. As of now, California doesn’t have such a site, which means that if you disagree with the bill, you’ll still have to contact your local representatives in California directly.
As device makers cannot cost-effectively build devices with different features for each American state, if the law passes in one or multiple states, it probably means this encryption weakness will be enabled in all smartphones across the U.S., and perhaps even globally. Some French politicians tried to pass a similar law, but the amendment was rejected as it would weaken security and trust in companies.
Lucian Armasu is a Contributing Writer for Tom's Hardware. You can follow him at @lucian_armasu.