Last week, Sens. Dianne Feinstein (D-CA) and Richard Burr (R-NC) released a discussion draft of legislation that would, without qualification, require companies to decrypt data for law enforcement while at the same time stating in the legislation that it is not imposing any design limitations on the private sector, says Daniel Castro in The Hill. Unfortunately, the only way companies would be able to comply with the proposed law would be to design their systems so their customers do not have the only copy of the key used to encrypt their data. A commonsense fix would be for the bill to only require companies to comply with lawful court orders when doing so is technically feasible. Both law enforcement and the tech community have important contributions to make so that Americans will be safer and more secure, and they can do this better when they are working together. Amending this legislation would be a good place to start toward reconciliation.
