Cisco wants a mechanism added to draft decryption laws that would allow it - and others - to challenge technical notices served by the government on grounds they could introduce systemic weaknesses.
As it stands, the bill offers almost no appeal options for service or technology providers that disagree with notices that are served upon them.
A recent amendment to the Bill allows a jointly-approved technical expert to pass judgment on the feasibility of what is being asked.
But critics of the bill say this doesn’t go far enough, and have asked for a path to a judicial authority instead.
“We believe that there should be, for the sake of due process and checks and balances, a mechanism to be able to get to a judge to be able to raise a challenge on [a technical notice],” Wenger said via videoconference from Washington.
One of the major challenges for all parties affected by the decryption bill is that the legislation expressly prohibits the creation of “systemic weaknesses and vulnerabilities” to help law enforcement, without ever defining what a systemic weakness or vulnerability is.
The definition is only marginally clearer today with the government saying that such a weakness or vulnerability would have to affect all users of a service or particular device class.
“The government ... seemed to describe systemic as requiring the impact to be universal; in other words, all devices of a certain type would have to be impacted before they considered it systemic,” Wenger said.
“We would disagree with that.
“There may be places where we would view the impacts being significantly broader than the subject of the investigation in a way that we would consider that to be systemic.
“We’d want to have the ability to get to a court and to be able to challenge the scope of the demand.”
The government has so far shown little appetite for adding judicial checks and balances to the proposed decryption regime.
The Department of Home Affairs and the Australian Federal Police said earlier today that law enforcement would first need to get a warrant to access the content of communications, and then they would use the decryption laws - if passed - to actually get at the communications - implying that there was already a judicial review process in place.
However, they are likely to face increased pressure to reflect intentions outlined before the committee and in the bill’s explanatory memorandum in the bill itself, to reduce ambiguity and enshrine protections.