Latest U.S. ‘Anti-Encryption’ Bill Threatens Security of Millions Thumbnail
Encryption 7 July 2020

Latest U.S. ‘Anti-Encryption’ Bill Threatens Security of Millions

By Kenneth OlmsteadFormer Senior Internet Security and Privacy Expert
Ryan PolkDirector, Internet Policy

The Lawful Access to Encrypted Data Act recently introduced to U.S. Congress may be the worse in a recent string of attacks on encryption, our strongest digital security tool online.

While the recently-amended EARN IT Act would leave strong encryption on unstable ground if passed into law, the Lawful Access to Encrypted Data Act (LAEDA) is a direct assault on the tool millions of people rely on for personal and national security each day.

LAEDA would facilitate the death of end-to-end encryption by forcing companies to provide “technical assistance” to access encrypted data upon request by law enforcement investigations.

The problem is the only way for companies to comply would be to build backdoors into their products and services, or not use encryption at all, making everyone more vulnerable to the same crime we are all trying to prevent. To be clear – we’re talking about the same encryption used to keep activities like online banking, working from home, telehealth, and talking with friends secure online.

The Internet Society raised its concerns in an open letter to the co-sponsors of LAEDA in the Senate, which was signed by over 75 global cybersecurity experts, civil society organizations, companies, and trade associations. According to signatories, the bill “is too technically flawed to be effective and will force companies to make their products less secure.”

To make matters worse, the proposed LAEDA is only the most recent attack on end-to-end encryption from a member of the Five Eyes alliance (the United States, United Kingdom, Canada, Australia, and New Zealand).

United States supporters of “backdoor access” are following the footsteps of the United Kingdom’s Investigatory Powers Act and Australia’s “Assistance and Access” or TOLA Act. Similar to these laws, which it is clearly modeled on, LAEDA would require companies or their employees to comply with government demands for “technical assistance” in law enforcement investigations. These requirements would inevitably force companies to build encryption backdoors.

We’ve said it before, and it’s worth repeating:

There is no way to provide backdoor access to end-to-end encrypted data without weakening security for all users.

The Lawful Access to Encrypted Data Act would not only make Americans more at risk to the crime it’s trying to prevent – but everyone worldwide who relies on American products and services that use encryption to keep them secure online.


Image by Matthew T Rader via Unsplash

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Encryption 21 September 2023

Techxit: The UK Declares Its Exit from the High-Tech Startup World

No one in their right mind would now want to start up a high-tech company in the UK. With...

Encryption 11 August 2023

Encryption, Bad Bills, and Ripple Effects: How Riana Pfefferkorn Protects the Internet

We spoke with Riana Pfefferkorn, research scholar at the Stanford Internet Observatory, about encryption and protecting the Internet.

Strengthening the Internet 14 June 2023

Speak Out Against Bills That Threaten End-to-End Encryption

The EARN IT Act, STOP CSAM Act, and KOSA in the United States threaten to weaken end-to-end encryption which...