The California Bill to Undermine Smartphone Encryption Actually Got Worse
State lawmakers recently introduced some misguided changes to California’s Assembly Bill 1681, which would require that manufacturers and operating system providers be able to decrypt smartphones sold in the state. On first glance, the amendment to A.B. 1681 might seem to address some of EFF’s previous criticisms, but the new version actually makes an already bad bill even worse. EFF has signed on to a new letter in opposition to the bill, and you can still join our action calling on lawmakers to vote against it.
The bill’s authors explain that A.B. 1681 is intended to prevent smartphone encryption from thwarting law enforcement investigations by ensuring that companies whose phones are sold in California can decrypt them if ordered to do so. An earlier version would have required that phones be decryptable “at the time of sale” by imposing a civil penalty of $2,500 per device on any company knowingly selling a phone that could not be decrypted. In current form, though, the bill instead penalizes companies if they are “unable to decrypt the contents of the smartphone pursuant to a state court order.”
To be clear, EFF will oppose any law that has the intent or effect of undermining encryption, so this amendment can’t get at the root problem. No legislative “solution” can change the technical consensus that requiring third parties to maintain the ability to decrypt user data is a bad idea, whether that’s in the context of full disk encryption (FDE) of smartphones or end-to-end encryption of messaging platforms.
Nevertheless, this amendment makes A.B. 1681 noticeably worse. Currently, companies like Apple and Google offer FDE by default for smartphones running their respective operating systems. Because FDE on iOS and Android precludes the companies (and anyone else who doesn’t hold the key) from decrypting phones, the earlier version of the bill would have forced them to change this default and turn FDE off at the time of sale. But it might not have required removing FDE as a feature altogether, so users could have enabled it after purchase without subjecting anyone to penalty.
But by linking liability to a court order, the new version puts companies on the hook indefinitely. Apple cannot even sell an iPhone with FDE off by default because a user might then enable it, preventing Apple from complying with a court’s decryption order at some point in the future. (Not such a stretch, as hypotheticals go.) The only way Apple can avoid the possibility of the penalty is to not offer FDE at all. Arguably, companies might have to go even further and take steps to prevent users from even installing third party applications that offer these features, although even iOS is routinely jailbroken.
Of course, the law wouldn’t directly outlaw encryption; rather it uses the prospect of fines to force companies to comply. Some have argued that $2,500 per phone is pocket change to companies like Apple and Google, even though they’d be prohibited from passing the cost onto consumers. But this is a criticism of the bill’s effectiveness, not its operation. The way the new version of A.B. 1681 uses monetary penalties is tantamount to a ban on full disk encryption. In addition, the bill explicitly allows for other penalties, so courts could impose a $2,500 penalty as well as contempt for failure to comply with their underlying orders.
No matter how A.B. 1681 tries to accomplish its goal of undermining smartphone encryption, it should be stopped. Take action and tell lawmakers not to support this misguided bill.