Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint //

Privacy

2/10/2016
01:20 PM
Sara Peters
Sara Peters
Quick Hits
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Bipartisan House Bill Will Seek To Prevent States From Mandating Encryption Backdoors

ENCRYPT Act aims to stave off efforts being made in California and New York legislatures.

Lawmakers in the House of Representatives will introduce a bipartisan bill today to stave off some state legislatures' burgeoning efforts to require technology companies to weaken encryption in their products, Reuters reports.

The ENCRYPT Act is being sponsored by Rep. Ted Lieu (D-CA) and Rep. Blake Farenthold (R-TX), and would "prevent any state or locality from mandating that a 'manufacturer, developer, seller, or provider' design or alter the security of a product so it can be decrypted or surveilled by authorities."

From Reuters:

"The legislation is in response to proposals in recent months in New York and California that would require companies to be able to decrypt their smartphones manufactured after 2017, Lieu said."

Lieu, who holds a degree in computer science, has fought against efforts to install encryption backdoors before. During a Congressional hearing on the topic in May, Lieu said that the efforts of cloud providers and smartphone companies to provide end-to-end encryption are a "private sector response to government overreach" and violations of citizens' 4th Amendment rights. He also said that "creating a pathway for decryption only for good guys is technologically stupid."

See more on the ENCRYPT Act bill at Reuters.

Related content: 

 

 

Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
97% of Americans Can't Ace a Basic Security Test
Steve Zurier, Contributing Writer,  5/20/2019
TeamViewer Admits Breach from 2016
Dark Reading Staff 5/20/2019
How a Manufacturing Firm Recovered from a Devastating Ransomware Attack
Kelly Jackson Higgins, Executive Editor at Dark Reading,  5/20/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-5798
PUBLISHED: 2019-05-23
Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2019-5799
PUBLISHED: 2019-05-23
Incorrect inheritance of a new document's policy in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.
CVE-2019-5800
PUBLISHED: 2019-05-23
Insufficient policy enforcement in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.
CVE-2019-5801
PUBLISHED: 2019-05-23
Incorrect eliding of URLs in Omnibox in Google Chrome on iOS prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
CVE-2019-5802
PUBLISHED: 2019-05-23
Incorrect handling of download origins in Navigation in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.