A California lawmaker’s proposal this week that all smartphones manufactured on or after January 1, 2017 and sold in California be capable of being decrypted and unlocked by their manufacturers or operating system providers has set off a firestorm of debate.
Assembly member Jim Cooper introduced the bill that would — if passed by State Assembly and Senate and signed into law by Governor Jerry Brown — affect current iOS and Android devices, most of which are encrypted by default. The bill is similar to one that has been proposed in New York state, and would penalize the manufacturer with a $2,500 fine for each smartphone that doesn’t abide by the law.
Proponents of this bill say it would provide law enforcement with helpful transparency into communications among terrorists and potentially human trafficking rings, among other criminal networks. Opponents say that it would have a devastating effect on the U.S.’s mobile industry, potentially forcing a pause in Apple sales in California and other devices that possess default encryption such as some Android phones.
The question of whether or not the government should get involved is also distantly reminiscent of the Unlocking Consumer Choice and Wireless Competition Act — which requires U.S. wireless carriers to allow phone owners to unlock their devices — at least in the sense that it is the government “interfering” with the mobile device market.
Cooper stated this week:
Human traffickers are using encrypted cell phones to run and conceal their criminal activities. Full-disk encrypted operating systems provide criminals an invaluable tool to prey on women, children, and threaten our freedoms while making the legal process of judicial court orders useless.
Apple CEO Tim Cook has historically come out against these proposed measures in the U.S. — ones that grow in popularity with the public after terrorist-based tragedies such as the shooting in San Bernardino, CA in December.
The debate has proven polarizing. The Director of the F.B.I. and Department of Justice officials have denounced encryption as highly dangerous. The director of the N.S.A. has said there’s no point in talking about it, basically, because encryption is here to stay. Cook has echoed that point by emphasizing that Apple can’t decrypt its devices even if it wanted to because encryption is an automatically-engineered element of devices such as iPhones. (Something a few naysayers have refuted as fundamentally false.) Cook also said last year that Apple rejects the idea that its customers should have to trade off between privacy and security.
And most recently, AT&T’s CEO Randall Stephenson has said that Cook shouldn’t be making long-term decisions on encryption which could affect the entire tech industry. In his interview with the Wall Street Journal this week, Stephenson said that the encryption question is not solely applicable to Cook, and that Congress should determine encryption policy.
The encryption issue has also come to the international forefront following November’s attacks in Paris. The U.S. and Europe are now clamoring for more transparency from mobile device companies — both manufacturer and operator. While many see such an effort as a way for governments to further spy on users, clearly some (like Cooper) see it as a preventative measure. The debate on protecting user privacy versus weakening encryption to fight terrorism was also a subject at the World Economic Forum in Davos this week. Global leaders discussed how to handle privacy concerns while employing technology to uncover and prevent terrorist plots.
The matter is reaching a boiling point, both in the U.S. and abroad. It will require a delicate balance of private and public collaboration to determine and implement a solution. For now, that solution is nowhere in sight.