The federal government has been arguing that the terror attacks in Paris and San Bernardino require that it be able to circumvent encryption of messages, something they have sought for a long time. A cynic might argue that they see their opportunity and are seizing it.
But let’s assume that they actually need the access to encrypted messages to combat terrorism. How can the government be monitored so that the acquired information is not used for other purposes, such as non-terror law enforcement or disclosure for political purposes?
Here is one idea. Congress should pass a law that prohibits the use of this information for any purpose other than the prevention of terrorism. The sanctions for a violation should be both criminal and civil. Moreover, an Inspector General should be given the tools to uncover any such wrongdoing.
It might be thought that the executive branch might simply choose not to prosecute the individuals involved, as it has have done so many times in the past. But I believe there is a way to prevent such behavior. Congress should require the executive to bring prosecutions for violations of this unauthorized disclosure law whenever it has probable cause to believe a violation has occurred. While the executive might argue that it is unconstitutional to take away its prosecutorial discretion, I have argued in the past this is untrue.
But the executive might argue that it believes it is unconstitutional to take away its prosecutorial discretion and therefore choose not to enforce the law requiring prosecutions. To prevent this from occurring, Congress should make the encryption bypass authority nonseverable from the prosecution requirement. That is, Congress should include an anti-severability provision that states that if the prosecution requirement is not enforced based on constitutional grounds, the encryption bypass authority should also be unenforceable.
There is nothing problematic about such a provision. Many laws contain provisions that are not severable – if one provision is found to be unconstitutional, then another provision is unenforceable – because Congress either implies or states it would not want the one provision enforced without the other. My guess is that the executive would be reluctant to lose its encryption bypass authority and therefore would bring the requisite prosecutions.
I believe that such non-severability provisions would be a useful check against the executive. I hope to blog about them in the future.