CTA's Shapiro: Bill Would Make Cybersecurity Illegal

Consumer Technology Association president Gary Shapiro says a new Senate bill mandating government access to encrypted information would eviscerate cybersecurity.

A draft was leaked last week of legislation that would be introduced by Sens. Dianne Feinstein (D-Calif.) and Richard Burr (R-N.C.), the Compliance With Court Orders Act, that would make it clear that communications companies have to provide unencrypted versions of encrypted user information or help the government unencrypt it when ordered to by a court.

Speaking at a Media Institute luncheon in Washington, Shapiro said that the bill, or at least the draft, "is dangerously overreaching and technically unsophisticated" and would "essentially make effective cybersecurity illegal in the United States."

Shapiro says the bill would enable almost any government agency, federal, state or local, to demand encrypted information from ISPs, tech companies or software manufacturers.

Shapiro said the bill would push cybersecurity companies offshore, representing a huge hit on the U.S. economy.

"To be clear, if the government wants the authority to access private data in the interest of national security, investigators should turn to Congress, not industry," he said. "And in the absence of sane and sensible congressional action, Silicon Valley must protect and promote the responsibility tech companies have to their customers. That means making sure their customers’ data is secure. And they should be able to do this without fear of legal reprisal.

"We have to think long term about the benefits and challenges of data sharing. Is it better to create software which bad actors will likely obtain and exploit to compromise the security of our phones?"

The bill was prompted in part by the FBI's effort to force Apple to help it access encrypted info on the phone of one of the San Bernardino shooters. While the FBI ultimately did not need Apple's help and dropped its court effort to compel that assistance. There are other cases where the government wants legal help to compel decryption.

John Eggerton

Contributing editor John Eggerton has been an editor and/or writer on media regulation, legislation and policy for over four decades, including covering the FCC, FTC, Congress, the major media trade associations, and the federal courts. In addition to Multichannel News and Broadcasting + Cable, his work has appeared in Radio World, TV Technology, TV Fax, This Week in Consumer Electronics, Variety and the Encyclopedia Britannica.