A bank robber making a getaway is not going to stop at a traffic light. Similarly, cybercriminals who are intending to commit serious crimes will definitely use the most secure systems available to them regardless of the legality. Thus, the pertinent question is whether such a law can be effectively enforced. I agree with Schulze's argument that those with "malign interest will find a way" and therefore the only outcome of such a law is the deprival of the rights of law-abiding citizens [1].
The US government once attempted to restrict the export of strong cryptographic algorithms [2]. Back managed to fit such an algorithm into 3 lines of text, printing it on a T-shirt [3][4], indirectly demonstrating the ease at which it can be replicated. In today's interconnected world, data and software can be downloaded or installed in a few clicks. It would be extremely difficult to enforce such laws, and hence I believe such laws should not be solution.
One other major obstacle is the fact that almost all sovereign nations have their own police force. With such a long list of people having access to privileged information, leaks are inevitable. The TSA lock was originally intended to allow Customs to inspect luggages without damaging them, however it is now available for purchase on Amazon for $6 [5]. Thus, such an initiative negatively impacts the privacy of law-abiding citizens who now risk have their luggages opened by hotel housekeeping staff.
These aforementioned sovereign nations range from liberal democracies to dictatorial regimes. How should private companies determine whether a certain police force should be on its nice or naughty list? Cellebrite has assisted US authorities in breaking into the iPhone of the San Bernardino shooter [6] and more recently the phone of the Trump rally shooter [7]. However, they were also involved in "suppressing protests in Hong Kong", and are alleged to possibly be involved in the hacking of Saudi journalist Jamal Khashoggi's phone which eventually led to his killing [8]. When clouded in politics, the police criminal divide is not always that clear.
[1] Schulze, M 'Clipper Meets Apple vs. FBI—A Comparison of the Cryptography Discourses from 1993 and 2016.'' Media and Communication [Online], 5.1 (2017): 54-62. Web. 18 Jan. 2025, pp. 58
[2] ibid, pp.55
[3] Back, A 'export-a-crypto-system sig' http://www.cypherspace.org/adam/rsa/ accessed 18 January 2025
[4] Back, A 'Its illegal to export strong crypto from the US' http://www.cypherspace.org/adam/rsa/legal.html accessed 18 January 2025
[5] Cummings, M 'Locked out of your luggage? This $6 master key is a life-saving travel must-have' https://www.yahoo.com/lifestyle/locked-out-of-your-luggage-this-6-master-key-is-a-life-saving-travel-must-have-214825094.html accessed 18 January 2025
[6] Solomon, S 'Human rights groups call for halt to phone-cracking Cellebrite’s share listing' (The Times of Israel) https://www.timesofisrael.com/human-rights-groups-call-for-halt-to-phone-cracking-cellebrites-share-listing/ accessed 18 January 2025
[7] Radtke, K 'The FBI got into the Trump rally shooter’s phone in just 40 minutes' (The Verge) https://www.theverge.com/2024/7/19/24201935/fbi-trump-rally-shooter-phone-thomas-matthew-crooks-cellebrite accessed 18 January 2025
[8] Middle East Eye 'Israeli firm provided phone-hacking services to Saudi Arabia: Report' https://www.middleeasteye.net/news/cellebrite-israel-saudi-arabia-phone-hacking-services accessed 18 January 2025