Feinstein-Burr encryption bill draft makes current web browsers illegal
May 3, 2016
Shah Sheikh (1294 articles)

Feinstein-Burr encryption bill draft makes current web browsers illegal

The draft of the new encryption legislation was put forth by two US senators in mid April. The draft was controversial and heavily criticized. A detailed analysis by Just Security, shows that the wording of the proposed law has one big implication – web browsers in their current form would be illegal.

The law essentially bans strong security. The regulations are based on the proposition that criminals and terrorists must not be able to communicate through encryption that law enforcement agencies cannot get access to. The proposed regulations demand all software providers comply with court orders to make data and communications encrypted by their products, available to enforcement agencies on demand.

The Transport Layer Security and HTTPS protocols currently provide security to browsers. The manner in which these protocols are implemented, makes it impossible for the developers of the web browsers from providing enforcement agencies with keys or tools that can bypass the encryption. Additionally, the mere ability to do so increases the potential of risk to users, and creates a high value target for hackers. Third parties can compromise all users of a particular software with the right keys in a scenario where Feinstein-Burr compliant encryption technologies are used.

Additionally, the cost of processing court orders and dealing with law enforcement agencies means that only large companies can afford to publish products with encryption, and small companies or indie developers will not be able to come up with Feinstein-Burr compliant technologies.

Source | FirstPost