Digital activists begin broad, grass-roots battle to fight antiencryption bill

In a draft bill introduced this week, lawmakers are seeking to outlaw unbreakable encryption. Now, digital rights groups, which have warned about such a move, have a concrete proposal around which to launch a rallying cry for stronger privacy protections.

Demonstrators rallied in New York in February to support Apple's decision to resist an FBI request to help unlock the iPhone used by the San Bernardino, Calif., shooter.

Shannon Stapleton/Reuters/File

April 15, 2016

Despite a moment in the spotlight during the FBI v. Apple standoff, the encryption debate has largely played out in policy circles, at computer industry gatherings, and in the corners of Twitter occupied by privacy advocates and technologists. 

But now that two prominent senators introduced a draft bill to effectively outlaw unbreakable encryption on US consumer devices, advocacy groups plan to fight back by staging major grass-roots efforts to oppose the plan. 

It's the first time since American companies started deploying this kind of security on a mass scale that Congress has moved to legally compel companies to decrypt communications when presented with a warrant or court order.

A beginner's guide to encryption

And it may just be the starting gun for a true national debate. 

"You’re going to see a huge mobilization of Internet users coming out of the woodwork to oppose this bill," says Evan Greer, campaign director at digital rights advocacy group Fight for the Future, which helped lead the successful Internet movement last year to sway the government's position on net neutrality.

The group is preparing to launch a digital campaign to mobilize its base – and the public at large – around encryption. "Now that there is a clear piece of legislation that would be absolutely terrible and would have such a detrimental effect on everyone’s digital security, I do think it’s an important moment that people can show their opposition," said Ms. Greer.

Indeed, the antiencryption bill introduced Wednesday by Senate Intelligence Committee leaders Richard Burr (R) of North Carolina and Dianne Feinstein (D) of California is among the first concrete proposals in recent years regarding encryption for the American public to rally around – or against.

Law enforcement officials have testified numerous times about the damaging effects of pervasive encryption, saying it keeps them from pursuing criminal suspects and terrorists. Meanwhile, privacy advocates and technology pros insist that consumers' digital security is so fragile that building in government access puts everyone at risk.

But without specific legislative action or a White House mandate on the table, the encryption debate was mostly a very polarized war of words. Without anything to actually fight over, or compromise on, neither side appeared willing to budge on its position. 

What's more, in the FBI v. Apple case, in which the tech giant refused to help federal agents unlock the San Bernardino, Calif., shooter's iPhone, the public had no official avenue to weigh in on the issue. The courts would have decided whether there was a legal precedent to give US officials the right to force companies to decrypt communications. 

That's exactly the question now before the country's elected representatives. The Burr-Feinstein draft bill would mandate that devicemakers, software manufacturers, and communications companies that receive a court order for information or data "must provide it to the government in an intelligible format or provide the technical assistance necessary to do so."

The bill says the government cannot require – or ban – any specific design or operating system that companies must use to comply. The companies would be compensated for "reasonably necessary costs incurred in providing the intelligible data or required technical assistance," according to the committee. 

"No entity or individual is above the law," said Feinstein, in a statement. "We need strong encryption to protect personal data, but we also need to know when terrorists are plotting to kill Americans."

But that kind of sentiment has so far failed to convince many conservative and progressive activists that mandating government access to encrypted communications would be worth broader risks to individuals' privacy and other security concerns it could present.

"As a grassroots social change organization, this bill gives us and our millions of activists a way to weigh in," says Josh Nelson, communications director for progressive activist organization Credo Action. 

And that’s already happening. More than 40,000 people have signed a petition circulated by Credo Action opposing the "dangerous" Burr-Feinstein bill.

"Stop the Burr-Feinstein attack on privacy and security," the petition reads. "The Compliance with Court Orders Act of 2016 (CCOA) would undermine Americans' privacy, make encryption illegal and force companies to weaken the security of their products and services. We need to make sure this dangerous legislation doesn’t gain any traction in Congress."

Credo Action has an e-mail list of 4 million progressive activists across the country – and Mr. Nelson expects the number of signatures opposing the Burr-Feinstein to grow in the coming days and weeks. "To us, the Burr-Feinstein bill is a nonstarter," he says.

That's a sentiment that already appears to stretch across the political spectrum, uniting groups that are usually at odds with each other on other hot-button issues.

"We have something tangible now," says Jason Pye, communications director for conservative advocacy group FreedomWorks, which says the bill threatens digital privacy and the role of American companies in the global economy.

"We can point to the bill and say, 'This is not something that they’re just talking about anymore.' We have something to show our activists and say, 'See, they don’t want you to have privacy on the Internet.' Because that’s basically what Feinstein and Burr are saying."

FreedomWorks, for its part, has 5.7 million activists, and is planning to talk about encryption, surveillance and other digital privacy issues with its members so they can mobilize conservative groups in their communities.

If history is any indication, this kind of grass-roots support for encryption and citizens'  privacy could be instrumental in the ultimate policy decision.

Back in 1994, the first "Crypto War" erupted in full force just as soon as the Clinton White House officially announced its support of the Clipper chip, a mechanism to decrypt voice and other communications – and civil and digital rights groups flooded the government with notes of opposition to what they saw as a manifestation of "Big Brother." 

Then, as now, the opposition brought together unlikely allies: "The anti-Clipper aggregation is an equal-opportunity club, uniting the American Civil Liberties Union and Rush Limbaugh," The New York Times wrote in an article that year.

Then, as now, these activists have champions in Congress.

"[This bill] would outlaw the strongest types of encryption and undermine the foundation of cybersecurity for millions of Americans," said Senator Ron Wyden (D) in a statement.

"This flawed bill would leave Americans more vulnerable to stalkers, identity thieves, foreign hackers and criminals," Sen. Wyden continued. “And yet it will not make us safer from terrorists or other threats."

Wyden has promised to filibuster the bill if it reaches the Senate floor.

 

Correction: This version of the story corrects the spelling of the last name of Evan Greer.