WASHINGTON- In the midst of a legal battle between Apple and the FBI over bypassing encryption in a terrorist’s iPhone, two lawmakers are readying a bill to create a digital security commission that would help decide how the government investigates terrorism on digital devices.
The proposed 16-person panel would be modeled after the 9/11 commission and would make recommendations on cybersecurity and encryption issues that haven’t been examined in a legal context since the late 1990s.
Experts from Silicon Valley, government intelligence agencies and local law enforcement would all be involved, said Rep. Michael McCaul and Sen. Mark Warner Wednesday. McCaul, R-Texas, chairman of the House Homeland Security Committee, and Warner, D-Va., are co-sponsors of the bill.
“It will be setting some of the (global) standards” on encryption and digital security, McCaul said at the Bipartisan Policy Center, where the lawmakers unveiled their proposal.
The commission would aim to put out a preliminary report within six months and a full report with recommendations to Congress in one year, he said. It would address tensions between public safety and privacy of personal data, as well as other cybersecurity issues.
“This is not an encryption commission, this is a digital security commission,” Warner said. “And it is broader.”
The lawmakers expect the bill to pass quickly in Congress.
“I’d predict it gets a lot of momentum to an urgent situation,” McCaul said. “I do believe the (Obama) administration will be supportive.”
Jim Lewis, a senior fellow at the Center for Strategic and International Studies, said that the legalities surrounding encryption and commercial digital devices are outdated.
“Don’t think of this as an encryption problem, don’t think of this as a cybersecurity problem,” Lewis said. “This is coming up with rules for this new world that is shaped by the Internet in ways we honestly didn’t expect when it was commercialized.”
The government’s right to access encrypted information is being questioned this week as Apple challenges a federal judge’s order to write code that would get around protected data on the iPhone of one of the shooters in the December San Bernardino attack.
Maintaining trust in government agencies and technology companies is something that would need to be addressed by the commission’s findings, Lewis said.
“We want people to trust IT products, particularly American IT products. We want people to use strong encryption,” he said. “We want to do this in a way that is as accommodating as possible to public safety.”