which would mandate that Apple, Google, Microsoft, and any other phone vendor create
backdoor devices that would allow them to decrypt devices.
The actual text of the bill reads:
Any smartphone that is manufactured on or before January 1, 2016, and sold or leased in
New York, shall be capable of being decrypted and unlocked by its manufacturer or its
operating system provider. (Reformatted from original to remove caps lock)
While the bill was introduced last summer (hence the “2016” label), it’s recently been sent
to committee for polishing, where the 2016 date would presumably be changed to 2017 or 2018.
Either way, the justification for the bill, is pretty much what you’d expect.
Because some criminals may use smartphones some of the time, Google and Apple are
“announcing to criminals, ‘use this device.’”
The summary notes continue: “The safety of the citizenry calls for a legislative solution,
and a solution is easily at hand. Enacting this bill would penalize those who would sell smart-phones
that are beyond the reach of law enforcement.”
This is the second time the bill has been sent to committee, and there’s currently no vote
scheduled — but political bills like this are a stark reminder of how determined certain areas
of government are to prevent citizens from using encryption tools and securing their own hardware.
In and of itself, the main effect of New York’s bill would be to send NYS citizens scurrying to find
Apple stores in Pennsylvania and Ohio.
The longer-term consequences could be more serious. If the New York law survived
constitutional challenge, it would embolden other states to embrace similar measures —
assuming Apple and Google didn’t automatically fall into line. Selling a “New York” version
of a device would be a significant burden, and the obvious goal of the legislation is to force
manufacturers to stop offering encryption at all.
To hear the government tell it, noble investigators and directors need these abilities to
safeguard victims and protect them from evil criminals. No doubt there are, at least on occasion,
instances where this is true. But in the 2.5 years since the Snowden leaks, we’ve seen repeated
instances of misconduct by the NSA, the misrepresentation of stingrays as simple devices
analogous to pen registers, and a deliberate attempt to veil the use and nature of these products.
In some cases, the police lied to judges, claiming that they’d consulted “informants”
when they were actually using stingrays.
Seen in this light, the push to encrypt devices from Apple and Google isn’t about protecting
criminals — it’s about protecting citizens, to the extent they can, from rampant government
overreach and criminal fraud.