Leaders on the Senate Intelligence Committee on Friday introduced a draft bill that appears aimed at forcing tech companies to more quickly spy on their customers when ordered by the courts. However, privacy advocates argued that it amounted more to an "Internet censorship bill."
Related Story: http://www.washingtonexaminer.com/article/2577390
The "Compliance with Court Orders Act," drafted by Chairman Sen. Richard Burr, R-N.C., and Ranking Member Sen. Dianne Feinstein, D-Calif., seeks to make "providers of communications services and products" comply with what the authors say is "the rule of law." In the event such companies are served with a court order demanding technical assistance, the legislation asks that they render the requested technical assistance in an "intelligible manner."
The legislation was initially inspired by Apple's resistance to helping the FBI access an iPhone used by perpetrators of December's terrorist attack in California. Apple appealed a court order demanding that the company assist, and the FBI withdrew its request before the appeal was heard, citing success at finding its own method of hacking the phone.
As a result, Burr and Feinstein's proposal likely would not have made a difference in the case. Additionally, had Apple exhausted the appeals process and refused to comply with a legitimate court order, the company and its executives still could have been charged with contempt of court.
The legislation, Feinstein and Burr emphasized, is a discussion draft subject to change.
Friday's proposal does not spell out any additional civil or criminal penalties that would result from a failure to comply, and as a result, its relevance to the Apple case is tenuous. Yet Section 4 of the legislation spells out "communication identifying information." The term applies to routing information, Internet Protocol addresses, services address or identifiers used by parties to communication, and other details that effectively amount to metadata.
That excludes the contents of communication, but includes nearly everything else. Congress in November terminated the bulk metadata collection program that came to light in 2013 as a result of National Security Agency whistleblower Edward Snowden, and while a host of other programs still permit law enforcement to engage in the activity in different capacities, it generally requires a warrant identifying individuals or devices. The legislation introduced on Friday does not identify any similar requirement for court orders to be narrowly tailored.
Related Story: http://www.washingtonexaminer.com/article/2576203
Another component of the legislation would require all "license distributors" to ensure all "products, services, applications or software" they offer provide access for law enforcement. Kevin Bankston, the director of the New America Foundation's Open Technology Institute, described what that means in comments to Wired.
"Apple's app store, Google's Play store, any platform for software applications somehow has to vet every app to ensure they have backdoored or little enough security to comply," Bankston said, which means the legislation would "seem to also be a massive Internet censorship bill."