With a bill reintroduced last week, a New York Assemblyman wants to make it easy for the government to get inside smartphones. It’s a proposal that would mandate smartphone manufacturers be able to unlock the phones they make. The bill comes from Assemblyman Matthew Titone, of Staten Island’s North Shore, and was first introduced last summer. It’s sat in the Consumer Affairs and Protection committee since, so it’s still a long way from becoming law. A cryptographic back door would be bad for cryptography, privacy, and consumers.
The “back door” metaphor isn’t too far from the truth, so let’s flesh it out for a minute. In a memo sent out in support of the bill this week, the bill’s author does that for us. He describes a phone that cannot be unlocked except by the owner like this:
Except, and I think this is the crucial point, if there’s a mandated back door, then it’s not a safe that the government can access, it’s a safe anyone can access. As security researcher Bruce Schneier wrote when Apple introduced its strong encryption:
Under the New York bill, companies that don’t provide or build in these back doors could face huge legal penalties. The Independent describes it:
This would result in fines reaching into the tens of millions for companies like Apple, whose devices are designed to have no back door, and are only unlockable by their owner.
Should the bill pass, it’d likely mean no iPhones sold in the entire state of New York. Or, as one commenter noted on Twitter: