We made the decision to go with an appliance over hosted services because this way if we get hacked, our customers don't.
Part of our product is a secure secret store, and of course we use encryption for many other purposes. Our customers use our software (or standard tools) to generate their own key material to encrypt their secrets.
Very importantly, we can't help the government, or anyone else, get access to our customers secrets. We can't reasonably be asked to backdoor the software, because many of our customers do code reviews and audits on it before buying.
Can someone help me understand how this law would affect my company and others like it, our customers, and their users?