Despite the FBI’s latest pitch to Congress this week for a way to surveil encrypted communications services offered by companies including Apple and Google, lawmakers in the House are pushing back with a series of anti-spying amendments tacked onto all-important appropriations bill.
During a hearing before the House Homeland Security Committee on Wednesday, assistant director of the FBI’s Counterterrorism Division Michael Steinbach told the committee one of the FBI’s top anti-terrorism surveillance priorities is “to build technological solutions to prevent encryption above all else.”
End-to-end encryption, or the masking of data as it transmits across the web from its destination to its origin, has become an increasingly popular service since the exposure of mass online government surveillance programs leaked by National Security Agency whistleblower Edward Snowden in 2013.
Apple and others have since made end-to-end encryption of user data a default component of their service, which in the iPhone-maker’s case, not even employees can access. That presents a major challenge to law enforcement, according to FBI Director James Comey and others, since intercepting or subpoenaing the data only yields it in its encrypted form.
While Steinbach appeared to make some headway with lawmakers on the Homeland Security Committee Wednesday, others in the House took the opposite stance, proposing a range of anti-surveillance amendments to key appropriations bills — including one passed earlier this week expressly forbidding back doors.
The amendment by California Democratic Rep. Zoe Lofgren and Texas Republican Rep. Ted Poe prohibits the government from forcing companies to build vulnerabilities or back door access into their encryption products, with an exception for cases in which a company is already required to comply with a wiretap request under the Communications Assistance for Law Enforcement Act (the same law Steinbach asked Congress to update to include encryption Wednesday).
Another from Lofgren and Kentucky Republican Rep. Thomas Massie prevents the government from using funds to set standards and guidelines for encryption products unless they strengthen their security, not undermine it. The amendment effectively forbids the NSA from providing ‘guidelines’ to the National Institute of Standards and Technology (NIST), which publishes standards for consumer encryption products.
Both amendments were adopted via voice vote earlier this week and tacked onto the 2016 Commerce, Justice and Science (CJS) Appropriations Act, which funds agencies relevant to encryption including the FBI within the Justice Department, and NIST within the Commerce Department. The bill passed the House Wednesday by a vote of 242-183.
Lofgren and Massie first took aim at back door searches last year with an amendment to the 2015 Defense Appropriations Act, which cut funding to NSA used to incentivize companies into building back doors into their products for the agency to conduct surveillance through. The amendment passed along a bipartisan 293-123 vote, but failed in the Senate late last year, where it was removed during negotiations designed to avoid a government shutdown.
Poe and Lofgren tried again earlier this year with a collection of amendments to the USA Freedom Act NSA reform bill and eventually a standalone bill taking aim at back doors and other NSA surveillance authorities, none of which gained any traction.
And just like the group’s previous attempts, the amendments aren’t expected to withstand the scrutiny of surveillance hawks in the Senate, where the Freedom Act passed earlier this week only after several Patriot Act spying authorities were allowed to expire on Sunday, including Section 215, which underpinned the NSA’s bulk telephone surveillance program.
Another amendment tacked onto the 2016 CJS Appropriations Act by California Republican Darrell Issa bans the use of “Stingray” cellphone surveillance devices without a court order. Stingrays mask themselves as cellphone towers and lure mobile phones into connecting to them for service, giving law enforcement access to texts, photos, location, call data and more — often without a warrant.
“For years, the federal government has worked with state and local law enforcement agencies to spy on American citizens using the secretive Stingray program,” Issa said in a statement Thursday.
The devices were originally intended to act as anti-terrorism devices but have been used increasingly for routine police work in a growing number of local law enforcement agencies across the U.S. in recent years. To obtain the technology police departments must go through the FBI, which mandates departments sign non-disclosure agreements in exchange for their use.
A final amendment from Colorado Democratic Rep. Jared Polis would bar the DEA from restarting a bulk phone records collection program of its own, which collected billions of calls between Americans and foreigners for decades but was discontinued in 2013.
“Though the Department of Justice temporarily suspended this program in 2013, there is nothing to stop them from picking up where they left off,” Polis said in a statement. “My amendment to the CJS appropriations bill will prohibit the DOJ from using federal funds to do exactly that.”