The Senate Select Committee on Intelligence drafts data encryption law

On April 13, Senate Select Committee on Intelligence Chairman Richard Burr (R-N.C.) and Vice Chair Dianne Feinstein (D-Calif.) released the Compliance with Court Orders Act of 2016. This piece of draft legislation seeks to protect Americans from criminals and terrorists by requiring companies to give access to encrypted data upon the issuance of a court order.

Vice Chairman Feinstein states, “Today, terrorists and criminals are increasingly using encryption to foil law enforcement efforts, even in the face of a court order. We need strong encryption to protect personal data, but we also need to know when terrorists are plotting to kill Americans.”

The act, which is likely a political response to Apple’s refusal to unlock encrypted data stored on the devices of the San Bernadino shooters, will receive input from the public and key stakeholders before being formally introduced as a bill.

The draft has a long way to go, and it certainly will face stiff opposition. Showing support of Apple, many technology companies have recently opposed any requirement that would require a back door to their encryption features. Still, it highlights that there continues to be strong political interest in mandating technology companies to assist law enforcement agencies with access to encrypted data. Undoubtedly, such pressure will continue to grow.

General News, Legislation

The new EU-U.S. Privacy Shield agreement and what it means for businesses

The U.S. Department of Commerce and European Commission have released details on the EU-U.S. Privacy Shield framework. The agreement seeks to ensure that Europeans have data-protection rights when U.S. companies import their personal data. Stated simply, the Privacy Shield will provide:

  • Strong obligations on companies and robust enforcement
  • Clear safeguards and transparency obligations on U.S. government access
  • Effective protection of EU citizens’ rights with several redress possibilities
  • An annual joint review mechanism to monitor the effectiveness of the Privacy Shield

For more, read the latest Cybersecurity Insight

General News, Legislation