Secure Data Act bill may block encryption backdoor orders

Newly introduced bipartisan legislation called the Secure Data Act aims to prevent government access to encrypted data via backdoors. The proposal follows multiple government attempts to get access to encrypted devices, as well as increasing concerns that courts or government agencies could force a company to introduce backdoors into its products.

The Secure Data Act was introduced by several representatives from New York, Texas, California, Kentucky, and Florida. The Electronic Frontier Foundation praised the legislation, pointing out that no backdoor is secure — introducing one will weaken the security across the board.

Despite this, the FBI and Justice Department are among the agencies calling for "responsible encryption" that they believe can provide backdoor access limited to only "judicial authorization." The EFF has criticized that idea extensively, pointing out the security risk and faulty ideas associated with the proposal.

The Secure Data Act could squash those ideas entirely, proposing that "no agency may mandate or request" that anyone — including a developer, seller, or manufacturer — introduce backdoors for the purpose of surveillance or for searching data.

Under the bill, both companies like Apple and developers like Signal would be protected from court-mandated backdoors. The EFF points out that only wiretapping standards under 1994's CALEA act are exempt, though end-to-end encryption doesn't violate that act. The full bill, which is only two pages long, can be viewed here.