There’s a Cop in My Pocket: Policymakers Need to Stop Advocating Surveillance by Default
This is a sweeping decisionmaking power that bypasses the authority of the Committee on Foreign Investment in the United States (CFIUS), the interagency committee that evaluates foreign investments in the United States to see if they might harm national security. In banning foreign tech companies, the Secretary would not be required to weigh whether an app or service is embedded in the structure of the Internet and needed for its function. If the Secretary of Commerce can declare crucial internet infrastructure irrelevant to U.S. national security, we should be more convinced than we are that the Commerce Department has the capacity to understand and make good recommendations involving technical expertise.
Another similar bill, the EARN IT Act, introduced in April 2023, would mandate that companies hunt for CSAM by spying on the private communications of users. One month later, in May, the state government of Montana passed a law that will ban TikTok within state borders starting on January 1, 2024. Montana lawmakers quickly realized that enforcing the ban would require surveilling every phone in the state by default, a sweep that would be unconstitutional and would ironically hand surveillance capabilities to China.
The same month, the UK Parliament unveiled the Online Safety Bill that would mandate companies enforce a raft of requirements, many of which are technically infeasible, such as age verification for users. The bill also places the burden of proof on companies to show that their servers do not hold CSAM, a provision that will essentially turn these companies into police spies who will rummage through users’ files, regardless of whether they are suspected of the crime of owning child pornography.
Another bill in France will open the door to mass surveillance against people across the world. The bill will demand that all mobile phone makers–including Apple–give French police the right to remotely turn on anyone’s phone camera or microphone. Once the backdoor technology goes live in France, there is nothing stopping other countries from mandating the same police access, or for criminals to exploit the feature. Additionally, Apple may feel compelled to build this backdoor, and other surveillance technology, into the iPhone everywhere else.
Here’s how we fix all this: stop using bandaids and start solving the problems where they start. American lawmakers are stepping over the most obvious and straightforward answer to these problems: the passage of a National Privacy Standard that will lay out clear rules around encryption and the limits to the harvesting of data. Policymakers keep trying to pass damaging technology policy bills, and they ignore technologists when we say that the thing they want is impossible without destroying something far more valuable: our civil liberties. By enabling surveillance as the default mode on all citizens, we’re creating our own tech panopticon.
Tarah Wheeler is a Senior Fellow for Global Cyber Policy at the Council on Foreign Relations. Geoffrey Cain is a senior fellow at the Foundation for American Innovation, a tech policy think tank in Washington, D.C. This article is published courtesy of the Council on Foreign Relations (CFR).