Senate Introduces Legislation on Lawful Access to Encrypted Data

This week, Senate Judiciary Committee Chairman Lindsey Graham (R-SC) and Senators Tom Cotton (R-AR) and Marsha Blackburn (R-TN) introduced the Lawful Access to Encrypted Data Act. The bill would require service providers and device manufacturers to assist law enforcement in accessing encrypted data or devices necessary for investigations after a court issues a warrant based on probable cause that a crime has occurred.

According to a release from the bill’s original sponsors, the legislation’s highlights are that it:

• Enables law enforcement to obtain lawful access to encrypted data.

  • Once a warrant is obtained, the bill would require device manufacturers and service providers to assist law enforcement with accessing encrypted data if assistance would aid in the execution of the warrant.

  • In addition, it allows the Attorney General to issue directives to service providers and device manufacturers to report on their ability to comply with court orders, including timelines for implementation.

    • The Attorney General is prohibited from issuing a directive with specific technical steps for implementing the required capabilities.

    • Anyone issued a directive may appeal in federal court to change or set aside the directive.

    • The Government would be responsible for compensating the recipient of a directive for reasonable costs incurred in complying with the directive.

• Incentivizes technical innovation.

  • Directs the Attorney General to create a prize competition to award participants who create a lawful access solution in an encrypted environment, while maximizing privacy and security.

• Promotes technical and lawful access training and provides real-time assistance.

  • Funds a grant program within the Justice Department’s National Domestic Communications Assistance Center (NDCAC) to increase digital evidence training for law enforcement and creates a call center for advice and assistance during investigations.

The legislation has received support from a variety of law enforcement organizations including the National Association of Assistant U.S. Attorneys, the National Association of Police Organizations, and the National District Attorneys Association.

National Association of Assistant U.S. Attorneys President Larry Leiser noted in a letter to the bill sponsors, “Currently, criminals are able to hide behind outdated data privacy laws that threaten public safety… This legislation allows investigators to work with technology companies to obtain information authorized to be searched, decrypt or decode information on an electronic device or remotely stored electronic information that is authorized to be searched, and to provide technical support as necessary to ensure effective execution of the warrant for the electronic devices particularly described in the warrant.”

Attorney General William Bar said in a statement supporting the legislation, “The bill announced today balances the privacy interests of consumers with the public safety interests of the community by requiring the makers of consumer devices to provide law enforcement with access to encrypted data when authorized by a judge.  I am confident that our world-class technology companies can engineer secure products that protect user information and allow for lawful access.”