White House Urges Companies To Protect Data From Russian Hacks With Encryption; While Congress Looks To Effectively Outlaw Encryption

Earlier this week, the Biden administration urged companies to protect against potential cyberattacks from Russia, which seems like pretty good advice:

The Biden-Harris Administration has warned repeatedly about the potential for Russia to engage in malicious cyber activity against the United States in response to the unprecedented economic sanctions we have imposed. There is now evolving intelligence that Russia may be exploring options for potential cyberattacks.

The announcement lists a variety of ways in which companies should defend themselves against such cyberattacks including things like making use of multi-factor authentication and backing up your data. But then there's this very wise suggestion:

Encrypt your data so it cannot be used if it is stolen;

And, this is a good idea, and it's great that the White House is urging others to follow it. However, it does seem worth noting that this is happening at the exact same time that Congress is still considering the EARN IT Act, which is a clear attack on encryption. And while supporters of the bill like to pretend that the EARN IT Act is not attacking encryption, the bill's main sponsor, Senator Richard Blumenthal directly admitted to a Washington Post reporter that of course the point of the bill was to attack encryption and to make sure companies couldn't hide" behind it.

All this does is highlight one of the many ways in which the EARN IT Act is so dangerous and so problematic. At a time when encrypting our data is more important than ever, as even the White House acknowledges, the idea that Congress is moving forward with plans that will deliberately weaken the ability of companies to offer encrypted services seems not just preposterously short-sighted, but downright dangerous.