Encryption has been a topic of heated debate in the United States and worldwide during the last six years. The COVID-19 epidemic added a new twist to the debate: with millions of people now working, playing, and studying remotely from home, strong encryption is more important than ever to protect the privacy and security of our data and communications. And yet, the U.S. government is currently closer than it's come in years to effectively banning strong encryption.
Two bills have been introduced this year in the U.S. Congress that threaten encryption. One bill would strip a key legal immunity from tech companies to make them more broadly liable for child sex abuse content on their platforms. Called the EARN IT Act, the bill is widely believed to be a stealth attack on encryption, for which it contains only weak protections. Those protections, however, would be rendered moot by the second bill, the Lawful Access to Encrypted Data Act. That bill would directly mandate that U.S. online service providers must build a backdoor into their encryption for law enforcement purposes. This talk will review the two bills, provide some legal background for them, and explain why they're an incredibly stupid idea.