Digital Security Commission Act Seen As Possible Tool for Educating on Encryption Issues Amid Apple v. FBI
Enactment of the Digital Security Commission Act (HR-4651/S-2604) would likely improve understanding of the encryption issues in Apple's ongoing legal standoff with the FBI but may not mean long-lasting changes to the encryption debate within the federal government, cybersecurity law experts said Wednesday during a New America event. Apple formally objected last week to U.S. District Magistrate Judge Sheri Pym's order in Riverside, California, which tried to compel the company to help the FBI access an iPhone used by one of the alleged San Bernardino, California, mass shooters (see 1603020061). Though the tech sector is attempting to be publicly monolithic in its support of Apple, they're far less so behind the scenes, said Steptoe and Johnson lawyer Michael Vatis, former director of the FBI's National Infrastructure Protection Center.
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
HR-4651/S-2604, which would establish the 16-member National Commission on Security and Technology Challenges (NCSTC), is in many ways a “typical Washington solution” to addressing encryption issues, Vatis said. The NCSTC would be required to provide an interim report within six months on encryption issues (see 1602290074). The commission could be beneficial because it would “foster more knowledge” on encryption and privacy issues, “but it's hardly a solution,” he said. There was a serious effort to educate Congress in the late 1990s on encryption issues but that fell by the wayside to such a degree that a new education effort is now necessary, said Georgia Institute of Technology law professor Peter Swire, chief White House privacy adviser during the Clinton administration. “Education at some level is essential” whether it's accomplished via HR-4651/S-2604 or through another program, Swire said.
Many tech firms have decided to publicly back Apple in its standoff with the FBI because of perceptions the public has increasingly demanded encrypted communications in the more than two years since former NSA contractor Edward Snowden began leaking information in 2013 on NSA surveillance programs, Swire said. “We've seen a big shift” in tech companies' use of encryption since the start of the Snowden leaks because they believe it's necessary to maintain consumers' trust, he said. Tech firms may be publicly supportive of encryption but “behind closed doors I think their views are somewhat more mixed,” Vatis said.
Both Apple and the FBI have been “a little bit misleading ” in their portrayals of their legal dispute, Vatis said. Apple falsely claims the FBI wants the company to sell products with “a built-in weakness” because that claim fits in with Apple's broader policy objectives, he said. The FBI is trying to “extract this case” and portray it as a one-time request when it's much more of a “slippery slope issue,” Vatis said. “If you're breaking encryption at a wholesale level, that's a critical infrastructure problem,” Swire said.