How the LAED Act Puts the Days of Encryption in Danger
By Matthew J. Roberts
On June 23, 2020 Senators Graham, Cotton, and Blackburn introduced a bill into the Senate that would essentially end the ability of any private person or company to encrypt their personal data. This bill is Senate Bill 4051, or the Lawful Access to Encrypted Data (LAED) Act. If passed into law, no company, website, or individual would be able to protect their data via encryption. This Act prohibits providers from offering end-to-end encryption, providing encrypted devices that cannot be opened by law enforcement, and providing any means of encrypting data that does not have a backdoor pre-loaded into the software or service to be used by law enforcement. These prohibitions apply to applications, messaging services, online chats, social media platforms, video conference software, and any device that has more than 1GB of data storage capacity.
Another aspect of the LAED Act is that, under this bill, law enforcement can present a regular search warrant to a judge for the device and a warrant to get the provider to aid them in obtaining the information at the same time. In addition, once the warrant is issued, that gives law enforcement “exceptional” access to that person’s data. Under the language of the proposed bill there is no filing that a person can make to stop the execution of the warrant. The warrant needs to show “reasonable grounds to believe that the assistance of the company” would aid law enforcement. This language is a “shall issue” warrant, not a “may issue”—meaning that if the grounds are “reasonable,” a judge cannot question the issuance of the warrant and must issue it.
The LAED Act is a blatant attack by a government entity on a person’s right to digital privacy. This act is an example of a government agency saying that they always want to have access to any person’s digital data. The biggest issue with this proposed bill is that there is nothing anyone can do to protect their data from these backdoors—or from third parties who want to abuse these backdoors. Despite what any proponent of this bill might say, there is almost no way to adequately secure a person’s data when a backdoor is introduced. This proposed backdoor directly weakens the effectiveness of any encryption put on by any individual or provider. Just like how a crack in a piece of armor threatens the integrity of the entire piece, so too does a back door to an encryption program. This puts a lot of risk into the hands of providers and for those who are using any type of online service or device that uses the internet.
For more information or to schedule a consultation, contact the Law Offices of Burton A. Brown at (312) 236-5582.
For a print-friendly version of this article, please click here.