Personally I think you can make it a crime not to produce a key if a warrant has been issued to search what ever you've encrypted.
That is a lot more out in the open than a "back door". When the government bashes through the door at least it's in plain site and the house owner knows it's happening. But with encryption how would you know if the government has used their access?
How do you plan to prove that a person can unencrypt certain communication and is not simply an intermediary?
What if a hacker plants "secret encrypted documents" on your computer, and then the government demands that you produce a key for them? This situation has allegedly already played out with child porn[0], and planting drugs is not unheard of by unscrupulous police officers[1]. Essentially, you're back at the issue GP describes - we don't trust government employees with this much power over our lives.
How is this different to getting a warrant to search say a safe deposit box at a bank? Is there something about encrypted data that should be beyond the reach of the law?
The difference is that the physical box at the bank is not subject to being stolen by foreign adversaries remotely. With information that is stored in databases or on phones that may be lost or stolen there is no border. And when you start to consider the critical national infrastructure that is managed by private companies and individuals, it becomes clear that on balance Americans are safer if the FBI cannot read Tony Soprano's email because any tool they can use to get his data can be used by sophisticated adversaries to get at the emails of the CEO of the nuclear power plant and more. While I do not have a link at the moment to share, Retired General Michael Hayden, the former NSA and CIA director, says the same thing.
I already have so many different accounts on various websites that I regularly forget a password, the same can happen with an encryption key. Should that be a crime?
We already require corporations to preserve all their email, voice, and other electronic communications in case the government wants to investigate it. Maybe you're irresponsible for losing your key, and need to be held accountable.
We also require people to document their finances to accurately tax them. You're presumed 'guilty until proven innocent' in the sense that you're taxed on income unless you can document that it's untaxable(a business expense). There are penalties for failing to document things. What's wrong with requiring you to document your private keys, along with your receipts?
If you sell apples under the name "Loving Apples", you have to pay your state government to register that name. You can be fined for not registering your name, and your bank or other financial provider will want to see the government approval document. You could have the government maintain a central registry of all private keys, and make it a crime to encrypt a document with a key not documented in a state agency.
If you receive a document that is encrypted, you may be further required to tell the government who gave it to you, to ensure compliance with the encryption law; similar to how giving someone money requires you to tell the government about the transaction for compliance with tax law.
Wouldn't the same reasoning apply to all communication? Do you keep transcripts and/or recordings of all private conversations you have (in meatspace) so that you can hand those to the government when they show up with a warrant? Would you like to live in a society where not keeping such records is a crime? If not, why should communication "on a computer" be held to a different standard?
"One man's modus ponens is another man's modus tollens"
Which direction of the implication you take is a matter of preference. People who agree with giving the government full power(and trust them not to abuse it) or who agree with not giving the government any of this power are both logically consistent with my argument.
I'm only attempting to rule out people who are okay with all of the existing documentation requirements, but balk at documenting their encryption keys.
The main difference is that devices store and transmit tons data that would never be stored in a safe deposit box, and which has always been inaccessible to law enforcement anyway, such as one-off drunken quips between friends.
A "better" way to do this would be to use key-escrow where a key only you have access to is needed to unlock the escrowed key.
If your personal escrow key is government mandated, and well-protected, that prevents the issue of you forgetting passwords (Estonia already has something like this). It also fully ensures that the government accessing escrowed keys requires you being informed.
I still don't support this plan, but it is the best thing I've seen.
That is a lot more out in the open than a "back door". When the government bashes through the door at least it's in plain site and the house owner knows it's happening. But with encryption how would you know if the government has used their access?