[117966] in Cypherpunks
Law Enforcement May Benefit From New Crypto Policy
daemon@ATHENA.MIT.EDU (Anonymous)
Thu Sep 16 19:16:49 1999
Date: Fri, 17 Sep 1999 00:45:48 +0200 (CEST)
Message-Id: <199909162245.AAA15668@mail.replay.com>
From: Anonymous <nobody@replay.com>
To: cypherpunks@toad.com
Reply-To: Anonymous <nobody@replay.com>
Law Enforcement May Benefit From New Crypto Policy
By Robert MacMillan, Newsbytes
WASHINGTON, DC, U.S.A.,
16 Sep 1999, 10:54 AM CST
Despite an initially jubilant reaction from the high-
tech industry over the White House's anticipated
relaxation of its encryption export controls, the
policy change could pave the way for more
unfettered law enforcement access to sensitive data.
The White House in a briefing today will announce what one
administration official told Newsbytes will be a "large" relaxation of
encryption controls.
Stewart Baker, a member of the President's Export Council
Subcommittee on Encryption, told Newsbytes that if the administration
allows an easing of regulations, it has a firm platform on which to petition
Congress to pass its proposed Cyberspace Electronic Security Act
(CESA), which would give law enforcement agencies sweeping access
to sensitive communications.
"Key recovery is dumb even from the Justice Department's point of
view," Baker said. "It's peculiar to say 'I really like your industry and to
encourage you I'm going to add costs and expose you to criminal
liability.'"
Baker said that when the subcommittee made recommendations to the
administration to change its encryption export policies, "that was not on
our list."
Attorney General Janet Reno, Defense Department official John J.
Hamre, and several other administration representatives are expected to
announce that 64-bit encryption will now become the strongest
mass-market algorithm level available, in conjunction with the 33-nation
Wassenaar Arrangement.
In addition, the administration is expected to make it easier for companies
to export strongly encrypted products of an unlimited algorithm length,
subject to a one-time Commerce Department review.
The announcement is particularly important to the high-tech industry
because it is getting itself heartily smacked in the encryption products
arena by other countries that don't have such onerous export
restrictions.
Rep. Robert Goodlatte, R-Va., and his Democratic counterpart Zoe
Lofgren, D-Calif., both are chief sponsors of the Security and Freedom
Through Encryption (SAFE) Act, which calls for a total stand-down on
encryption export controls.
Goodlatte officials were not immediately available for comment, though
he is expected to discuss the White House proposal at a press
conference later today.
Unfortunately for him, key recovery is expected to be a part of this
proposal, something to which strong encryption export supporters
object. The key recovery program essentially guarantees law
enforcement officials a so-called "back door" to encrypted
communications.
Kristin Litterst of Americans for Computer Privacy said the administration
announcement is significant because House Speaker Dennis Hastert,
R-Ill., has said he wants SAFE to come to the House floor for a vote, but
added that the ACP wants to work with the administration to shape the
regulations.
"The announcement is a real mixed bag from a privacy perspective,"
Center for Democracy and Technology (CDT) counsel Alan Davidson
said. "We've seen so many promises of broad relief that don't in fact
protect people's privacyÉ It opens up a very important new debate on
the Fourth Amendment in cyberspace - under what circumstances the
government should have access to our most sensitive information."
Davidson added, however, that "If they follow through on their promise,
this would be a real step forward. This would give encryption users
around the world much stronger privacy protection software."
A staffer for Senate Communications Subcommittee Chairman Conrad
Burns, R-Mont., a stalwart supporter of strong encryption exports, said
that "It's great that (the White House supports) the need for encryption
reform....but anything that is going to allow the federal government to
just creep in the back door of Americans' computers is just unacceptable
to us."
As a supporter of Senate Commerce Committee Chairman John
McCain's, R-Ariz., PROTECT Act, the staffer said that Burns already has
compromised his stance somewhat in deference to law enforcement,
because PROTECT tends to fit in more with the scope of Wassenaar.
He added that Burns is unwilling to give up more ground.
Baker said that the administration announcement "will substantially
reduce, if not completely eliminate, any of the burden associated with
encryption controls, so it's a very big step and will probably take the issue
off the table as a competitive (subject)."
Nevertheless, the move seems to tie into the administration's desire to
offer a gift to law enforcement now that it has tried to please the high-tech
industry.
Baker said CESA includes key recovery agent provisions, and allows law
enforcement to ignore the privacy rights of criminal suspects in searches
for information. The proposed bill also would allow law enforcement to
require companies to get electronic information even in violation of
privacy standards.
It also calls for sentencing guidelines to be drafted that would devise
encryption crime penalties. "It sounds mildly harmless, but in my view is
potentially rather dangerous," Baker said. "That provision is too broad."
He also said that CESA puts no restrictions on the Justice Department's
ability to "order companies to violate the laws of other countries."
"You can imagine how a foreign country would feel if a local Internet
service provider started hacking into their citizens' computers at the order
of the Justice Department," Baker said.
MORE TO COME
Reported by Newsbytes.com, http://www.newsbytes.com .
10:54 CST
Reposted 11:31 CST
