Under the proposed approach, any company that receives a federal wiretap request will have a specific time period in which to comply. If the company already has an intercept mechanism in place, complying with the request should not be a problem.
But smaller companies that don't have such a capability in place will be forced to implement something quickly to avoid huge penalties, he said. "Companies are going to say 'let's do this as cheaply as we can,'" Hall said. Such rush jobs would produce insecure and poorly integrated tools, he added.
Alan Butler appellate advocacy counsel at the Electronic Privacy Information Center (EPIC), said the FBI proposal would force companies to build unsecured backdoors into otherwise secure communications services.
Many communications providers currently use encrypted connections to ensure greater security for their users, a policy that makes "perfect sense at a time when cyberattacks are a persistent threat and both Congress and the Obama Administration have been focusing on implementing a comprehensive cybersecurity program," Butler said.
"Many companies, like Google, already have access to the content of their user's communications, but other newer companies are competing for users based on the security and privacy of their services," he noted. "A truly secure communications connection would not have an access point that could be used by some unknown intermediate party to monitor the conversation."
In addition to encouraging the creation of security vulnerabilities, the proposed system of penalties would also degrade some privacy protections, he said.
"In many cases the service provider is the only party able to advocate on behalf of user privacy in the case of an overbroad or otherwise illegal law enforcement surveillance request," Butler said.
The proposal would punish such companies by threatening fines that could quickly outstrip their entire revenue stream. "This would mean that companies like Twitter can no longer advocate for their user's privacy without risking financial ruin."
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed. His email address is firstname.lastname@example.org.
Read more about security in Computerworld's Security Topic Center.