Wyden introduces bill to ban U.S. government-mandated backdoors into Americans’ cellphones and computers

U.S. Senator Ron Wyden, D-Ore., today introduced the Secure Data Act to protect Americans’ privacy and data security. The bill prohibits government mandates to build backdoors or security vulnerabilities into U.S. software and electronics.

U.S. government officials have recently proposed to compel companies to build backdoors in the security features of their products. These proposals threaten to undermine the development and deployment of strong data security technologies and the overwhelming economic and national security interest in better data security.

“Strong encryption and sound computer security is the best way to keep Americans’ data safe from hackers and foreign threats. It is the best way to protect our constitutional rights at a time when a person’s whole life can often be found on his or her smartphone. And strong computer security can rebuild consumer trust that has been shaken by years of misstatements by intelligence agencies about mass surveillance of Americans,” Wyden said in a statement. “This bill sends a message to leaders of those agencies to stop recklessly pushing for new ways to vacuum up Americans’ private information, and instead put that effort into rebuilding public trust.”

Government-driven technology mandates to weaken data security for the purpose of aiding government investigations would compromise national security, economic security and personal privacy:

• Cyber vulnerabilities weaken cybersecurity. Once a backdoor is built in a security system, the security of the system is inherently compromised. For example, in 2005 it was revealed that an unknown entity had exploited a “lawful intercept” capability built into Greek cellphone systems and had used it to listen to users’ phone calls, including those of dozens of senior government officials.

• Technology mandates thwart innovation. Companies have less incentive to invest in the development and deployment of strong new data security technologies if they are required to compromise them from the outset.

• Mandating weak security would further erode trust in American products and services. Information technology companies are working to regain the trust of consumers upset by revelations of government intrusions into their personal communications. A mandate requiring companies to facilitate additional government surveillance would undermine those efforts.

Senator Wyden’s legislation builds on a bipartisan effort in the U.S. House of Representatives, which approved an amendment by Reps. Thomas Massie, R-Ky., and Zoe Lofgren, D-Calif., to prohibit electronic vulnerability mandates on a 293-123 vote in June 2014.

Source: U.S. Senator Ron Wyden, Oregon

[Thanks to MacDailyNews Reader “Albert P” for the heads up.]

63 Comments

          1. Evidence be damned, you just know it isn’t the case. NSA owes its entire existence to Reagan’s Executive Order, but go ahead and blame the current guy. That’s just your ideology, and ideology trumps evidence, reason, and fact.

            1. you’re dumber than a sack of hammers:

              Originating as a unit to decipher coded communications in World War II, it was officially formed as the NSA by Harry S. Truman in 1952. Since then, it has become one of the largest of U.S. intelligence organizations in terms of personnel and budget,[6][14] operating as part of the Department of Defense and simultaneously reporting to the Director of National Intelligence.

            2. Since then, it has become one of the largest. Enabled by Reagan’s executive order.

              Hint: Calling someone names or insulting them is not a good way to establish credibility, and undermines your position.

            3. PPS – “I considered it very important to this country to have a sound, well-organized intelligence system, both in the present and in the future. Properly developed, such a service would require new concepts as well as better trained and more competent personnel . . . it was imperative that we refrain from rushing into something that would produce harmful and unnecessary rivalries among the various intelligence agencies. I told Smith (Director of the Bureau of the Budget) that one thing was certain–this country wanted no Gestapo under any guise or for any reason.”

              President Harry S. Truman, Memoirs Vol I

            4. PS – Executive Order 12333 permits collection, retention, and dissemination of the following types of information concerning US persons, such as:

              • Information that is publicly available or collected WITH THE CONSENT of the person concerned.

    1. Which brings up a good point. Where are all those rootin’ tootin’ gun shooting faux patriots when actual constitutional rights are being trampled on? Why is it that the ammosexual’s are constantly reminding us that the federal government is an evil tyrant bent on complete and utter domination but when people are demonstrating in the streets for their constitutional rights, the ammosexual’s are nowhere to be found?

    2. I submit that it should not pass. Passing a low to obey the law is foolish. The intelligence services knew they were violating the Constitution, but they did it anyway. Passing another law that will be ignored is to pacify the public.

      If Congress wants to get the intelligence services to pay attention, Congress will cut the various line items in the budget that hide the costs. Eliminate the cost for a fighter aircraft from the Air Force budget, and tell the Air Force, “Don’t transfer that amount to NSA.” Then folks will listen.

  1. A link for those interested is included below.

    Wow, finally some voice of reason. I don’t know 5280420 you may be right, but certainly it’s nice to hear something sensible.

  2. The flip-side of not providing some way for even the legal owner/user to access said device when locked with a passcode and the passcode is forgotten is customer dissatisfaction. Basically electronic devices makers saying it’s not our concern to help you get your own stuff out again. 😛 There should still be some way for a user to safely recover from such a situation that requires the user to be actively participating.

      1. Yes, if they registered it on their phone. Does anyone know if you can use TouchID to unlock your phone when you have your lockscreen set for passcode unlock?

    1. It’s called making regular backups of your data. For example icloud automatic backups. Right now if I was to forget my passcode (and lose all my fingers I guess), 99.9% of all my data would still be recoverable from a backup. Pass codes are not stored in the backup, so wiping the phone and restoring from backup is the customer’s method of removing a forgotten pass code.

      1. So the 99.9% of your data is just as secure in the iCloud? I guess that would eliminate any reason then for the police to require the iDevice for evidence other than physical evidence in/on the device. Instead it would be back to ‘asking’ Apple’s assistance in accessing that backed up data.

          1. That’s true, but at least there is something to hand over opposed to having to get past the lockscreen on the device first. One less level of encryption to deal with.

            1. The iCloud data has one more level of encryption to deal with. Apple adds an additional 256 bit AES to the already encrypted data that the device has already added. The authorities will just get so much gobbledegook that will take eons to decrypt without both Apple’s passcode AND the user’s passcode and UUID for the device.

    2. But at some point the user has to take responsibility for their own actions and data.

      I work for one of the largest data storage companies in the world (in support), and if you’re using or encryption feature and forget your password, we can’t help. Your data is simply gone. There is a no back door.

      Our customers are okay with that because it ensures complete security of their data. They know they have to take responsibility to NOT forget the password.

      1. I see, so that would mean your company doesn’t know if anything illegal is being stored on your servers since it is all encrypted. Does your company still get requests for the encrypted files/drive by legal enforcement anyway?

  3. Not that supporting the US Constitution should be hard! But I’m of course smiling away watching a bipartisan effort to stop the demolition of the Fourth Amendment.

    Now on to hoping that saner heads prevail and end this extreme naughtiness, breaking away from at least one element of stupidity within #MyStupidGovernment. Somewhere out there in my country, a few people apparently do NOT have lead poisoning. Hurrah.

  4. That’s my Senator. Great job Wyden!

    Unfortunately, with Udall losing his seat in Colorado, Rand Paul and Wyden seem to be the only Senators left who care about the privacy of US citizens.

  5. “This bill sends a message to leaders of those agencies to stop recklessly pushing for new ways to vacuum up Americans’ private information, and instead put that effort into rebuilding public trust.”

    I think that the “leaders of those agencies” have concluded that they simply don’t need “public trust”.

  6. Bottom line- speaking of back doors- is that our Constitution is essentially dead. Our Government under the control of members of both major parties has wiped their backsides with the Bill of Rights. Lawyers on both sides of the bench have so contorted the law so as to make justice a joke.

    The real issue is what will Americans do about it. Voting one corrupt party out just to install the other corrupt party will not improve results.

    1. It’s kind of a shame that ten simple rules about the limits of Government have become obstructions for those who would pretend to lead us, rather than shining, brightly drawn guidelines.

      What to do is the problem. Much as I don’t like the current situation, the assholes running around collecting guns to overthrow it scare me even more. Our main claim to fame so far is that the transfers of power have mostly been done at the ballot box, except for that one Supreme Court thing and the occasional State Attorney Secretary of State who figures out how to put his thumb on the scale (like restricted hours or limited voting machines in some precincts to surpress certain voting groups). Bad as it is, I’m at a loss to find a compelling alternative, so far.

      1. Sadly, I think the US is devolving into what will eventually become a number of independent states. I have no defined idea of timeline or ultimate outcome, but I think it is happening just like continental drift- we just cannot feel it on a daily basis.

        The interesting thing about all of that is that many of the most hyper-conservative states that fill Congress with people yammering about bootstraps and a smaller Federal Government are welfare queen basket cases that get more from Washington than they pay in via taxes. For the most part, Blue states get far less than they send to DC and Red states take in far more than they send- Mississippi is the grand champion at this.

        1. “…the US is devolving into what will eventually become a number of independent states..”

          That’s preferable to what I think is going to happen. To the contrary, I see an inevitable North American union, a Canamerico, a common currency and the end of true US sovereignty…the demise of that pesky Bill Of Rights.

        2. The haves and the have nots, it is a dilemma.

          Look at Canada, 10 provinces, (2 very populous, 2 populous, and the other 6, not very populous at all). There are also three territories with hardly any people living in them.

          Right now the three oil rich provinces, one populous and 2 not very populous, are sending truck loads of money to the 2 very populous provinces and all the poor provinces and territories.

          6 million people, mostly conservitive, are sending money to the other 30 million, mostly liberal.

          What a country.

          1. It’s mineral deposits, not the people living on top of them that are the source of the money. There is nothing special to having the luck to be living on top of some of the planets resources. It’s like being born to rich parents. It’s lucky for that person, but it doesn’t make them special.

      2. I wouldn’t be too concerned about the pants pissers that are afraid to go into at Target without a semi automatic rifle on their back. They rant and rave and talk tough and blither about conspiracies, but when push comes to shove of a handful of Harriers circling their houses will shut them down pretty fucking quick. They’re essentially cowards, hiding behind the flag and their own base fetishes regarding weapons.

        1. well, you gotta admit, Harriers circling your own home from your own government is downright pants-pissing scary. You don’t seem to have any problem with that scenario, and that mentality is the scariest thing of all.

        2. Those aren’t the ones that worry me. They are the members of Walrus Team Six and couldn’t fight their way out of a TV screen. There are others who are not so open.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.