[happythomist]

Contrary to what some people are implying, support for mandatory decryption is not evidence of technological illiteracy.

From the perspective of these lawmakers, encrypted storage is like a safe. You have the right to store records in a safe to keep them away from prying eyes, but law enforcement has the right to order you to unlock that safe if they have a warrant. You have the same right to store those same records on an encrypted device, but law enforcement has the same right to order you to decrypt that device if they have a warrant.

Since people will sometimes refuse to decrypt a device, even when ordered to do so by a court, these lawmakers want to require OEMs and service providers to maintain control of the keys when they encrypt information on a user's behalf so as to increase the chances that lawful decryption can take place.

Is this a bad policy? Quite possibly. It has certain risks and makes certain tradeoffs, like any other policy. But it is arrogant to assume that anyone who supports it must be ignorant of how encryption works.

[Nasrudith]

If they see it as a metaphor instead of whar it is that still makes it fundamentally ignorance.

Remember "a series of tubes" memes long predating youtube or its many pornographic not-quite-competitors?

It may map to better understanding but it is still ignorant as somebody software proposing applying computer antivirus software style scanning to infectious disease gene scanning of all micro-organisms in the body.

Even if the metaphor is technically correct in some aspects (the microbes being unauthorized executables in a space) the differences are substantial enough that it cannot be called anything but ignorant by those in the know who would point out precisely the current limitations and theoretical impossibilities like "we can't read cell DNA without destroying them currently". In the case of the safe analogy it is essentially impossible for someone to wind up ordered to open a random piece of garbage that is indistinguishable from a safe. Unlike with encryption.

[kinghajj]

With the safe analogy, I swear there's precedent that, if the security is a physical key, then a court can compel the owner to produce it. But if the safe uses a combination, the court cannot compel its divulgence, since that would violate the fifth amendment protections against being forced to testify against oneself. Encryption "keys", and the passwords from which they are commonly derived, are much more akin to combinations than to physical keys.

[happythomist]

I think there might be a circuit split on this issue, but IMO merely divulging a combination or encryption key is not "testimonial" (and therefore not a 5th Amendment violation) except insofar as it admits knowledge of the combination or key itself. But if police can establish separately that you know it, then the "foregone conclusion" exception applies.

If you can point to specific precedent that would be helpful.

[happythomist]

Did some more research on this; see this comment: https://news.ycombinator.com/item?id=23647018

[stx]

The difference is that for the government to come into my house and force me to open my safe: 1) I will both know about it. 2) government will need a warrant.

In the case of my digital data that might be stored on google (or some other third party) I may never know that the government asked google to decrypt my data for them. In the past companies have done so without a warrant.

Maybe the contents of this bill does not work this way. I don't know.

[choeger]

> But it is arrogant to assume that anyone who supports it must be ignorant of how encryption works

No it's not. Because your analogy is, excuse the term, utter bullshit. Producing a safe requires an expert. A government could actually try to force all producers to give them a second key or some backdoor. Producing an encrypted messages requires software. Government has no chance in hell to restrict the distribution of "illegal software". Everyone who supports that narrative is stupid. Period.

Government officials aren't stupid in general, though. So why do they support the fight against encryption? Because they want to read the messages of average Joe, not the messages of Don Heroin or Sheik Al Explosive. They want to know where the next BLM gathering will be, or where the documents about city council corruption leak.