California Lawmakers Manage To Turn Encrypted Phone Ban Legislation Into Encryption Backdoor Legislation

from the your-tax-dollars-malfunctioning dept

Post sponsored by





As part of our funding campaign for our coverage of encryption, we reached out to some companies that care about these issues to ask them to show their support. This post is sponsored by Golden Frog, a company dedicated to online privacy, security and freedom.

The California Assembly has been tinkering with Assemblyman Jim Cooper's smartphone encryption ban… and for the worse. First noticed by EFF Staff Attorney Andrew Crocker, legislators have turned the proposed ban into something that accomplishes the same goals without actually "banning" anything.



Rather than forbid the sale of smartphones that can't be decrypted by their manufacturers, the new wording will direct fines at manufacturers who can't decrypt phones upon receipt of a warrant or other court order. (added/altered wording in bold)

(b) A smartphone manufactured on or after January 1, 2017, that is not capable of being decrypted and unlocked by its manufacturer or its operating system provider shall subject the manufacturer or operating system provider of a smartphone sold or leased in California on or after January 1, 2017, shall be subject to a civil penalty of two thousand five hundred dollars ($2,500) for each smartphone sold or leased in California if instance in which the manufacturer or operating system provider of the smartphone knew at the time of the sale or lease that the smartphone was not capable of being decrypted and unlocked by the manufacturer or its operating system provider. is unable to decrypt the contents of the smartphone pursuant to a state court order. A manufacturer or operating system provider who pays a civil penalty imposed pursuant to this subdivision shall not pass on any portion of that penalty to purchasers of smartphones. This civil penalty shall not preclude the imposition of any other penalty pursuant to law.

So, rather than an encrypted smartphone, it's an encryption. In order to sell phones in California, manufacturers will have to make less secure versions specifically for that market -- ones where they hold the keys and are subject to law enforcement demands for a spare set.This is bad for Californians looking for more secure phone options and bad for cellphone manufacturers, who have zero interest in acting as encryption key repositories. And the altered wording would allow the state to pursue manufacturers that have never sold a phone directly to Californians. Third-party retailers can still offer encrypted phones to customers without fear of reprisal as doing so would not run afoul of the proposed law. Instead, it would be thefault if phones without encryption backdoors were sold in the state.The only way for phone manufacturers to ensure they comply with this law would be to stop offering encryption they can't crack, as it's inevitable that California-based retailers will still be able to find customers interested in devices without manufacturer/operating system backdoors.This is stupid, reactionary lawmaking somehow managing to become even more stupid and reactionary after receiving input from other legislators. If this level of stupidity remains in full force, the end result could be Californians buying their cell phones directly from the state -- much in the way some states handle alcohol sales

VyprVPN from Golden Frog is the world's fastest highly-secure VPN.

Learn more about VyprVPN »

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community. Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis. While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: backdoor, california, encryption, sponsored post