> Isn't that already required? If someone shows up with a warrant (presumably signed by a judge and listing the particular things being searched), then basically you need to do everything you can to help them
Only to a certain extent if the warrant is being served on the company, i.e. for access to data that they are storing. This sounds like it adds hardware manufacturers who aren’t a party to the warrant, and would also likely require cloud providers to give technical assistance (rather than merely hand over data). The main idea probably being to force Apple to develop a reliable way to break iPhone passcodes (something law enforcement has been unsuccessfully trying to get for years).
> My guess is that it's actually asking tech companies to do something in advance of any specific criminal act
That’s right. From the press release:
> In addition, it allows the Attorney General to issue directives to service providers and device manufacturers to report on their ability to comply with court orders, including timelines for implementation.
In the worst case, this would effectively prohibit un-backdoored encryption capabilities in devices and cloud services in the US.
Only to a certain extent if the warrant is being served on the company, i.e. for access to data that they are storing. This sounds like it adds hardware manufacturers who aren’t a party to the warrant, and would also likely require cloud providers to give technical assistance (rather than merely hand over data). The main idea probably being to force Apple to develop a reliable way to break iPhone passcodes (something law enforcement has been unsuccessfully trying to get for years).
> My guess is that it's actually asking tech companies to do something in advance of any specific criminal act
That’s right. From the press release:
> In addition, it allows the Attorney General to issue directives to service providers and device manufacturers to report on their ability to comply with court orders, including timelines for implementation.
In the worst case, this would effectively prohibit un-backdoored encryption capabilities in devices and cloud services in the US.