[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IMPORTANT!



Based on some of the suggestions I've seen here and on the net, I am
inclined more to believe that there is no threat to make non Clipper
cryptography illegal.  The plan instead is to make it a de facto
standard for all encrypted voice communications.  You will notice in
the AT&T press release posted here that AT&T is offering to release its
technical information in order to allow this standardization to
proceed.  (As the release said, you need more than just a common
encryption standard, you also need standardization on the voice
encoding.)

AT&T is obviously in bed with the government on this, and it doesn't
really matter at this point why.  It's a big company and the government
can do a lot for it.  AT&T is apparently determined to take whatever
steps are necessary for this standardization to come about.

As far as non-clipper encryption, I imagine the government will initially
exert as much influence as it can to prevent any competing standard from
getting a toehold.  They have apparently waited until the chips were
ready to deliver in quantity.  AT&T is promising to release clipper
phones later this year.  It's doubtful that anyone else could even come
up with a standard that soon, let alone get it into hardware (or
firmware).

If the standard does become established, it could be tough to defeat it.
How easy is it going to be to sell a phone which is incompatible with
everybody else's for secure communication?  You'd have to buy one for
everybody in your company or group who wanted to communicate.  Then if
they wanted to make a secure call to someone outside (say, a supplier or
distributor) they wouldn't be able to do it.

It would be a similar problem to the video phones.  Why buy one when
almost no one else has one and so you can hardly ever use it?  Who will
buy a Beta VCR today?  An RCA non-laser video disk?  Non-clipper
encrypted phones may experience similar lack of success.

I think this is their main strategy.  If it doesn't work, they have a
fallback before they would have to forbid encryption in the way we have
feared.  That is to forbid the sale of commercial devices with
non-clipper encryption.  You don't stop private individuals from making
their own devices, you just make it illegal to sell them.

There is precedent for this, I think, in the scanner business.  You can't
sell scanners capable of eavesdropping on cellular calls.  But nothing
stops you from building your own if you are an electronics whiz.  (I am
not expert on the legalities of scanner law.  Someone please correct me
if I am wrong here.)

Notice that in their document they said that U.S. citizens do not have
the right to unlimited-strength commercial encryption.  I didn't pay much
attention to the word "commercial" before, but now I think it is important.
This would imply that their next step would be to ban only commercial
implementations of cryptography.

This way they can counter our civil-liberties arguments by saying that
nothing stops anyone from encrypting his messages if he really wants to;
he's doing it in the privacy of his own home, after all.  But when he
gets out in the commercial arena the government has many precedents for
limiting what is bought and sold, the scanner laws being just one of
many.

I'm not sure how ominous such a world would be - clipper chips dominating
the (small) encrypted phone market, no commercial competition, and only a
few hobbyists with PC's and modems able to set up clumsy untappable
conversations via modem-to-modem links.  I might be able to talk to Tim
May securely, but not to Mom and Dad.  In a way, I can still have privacy,
if I really want it.  But it won't be available to most people.

I wouldn't be surprised if something similar to this vision were the goal of
those behind the clipper.

Hal