[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
The Clipper connection
If I may boil down one side of the Clipper/Capstone debate, it is
certain members of the government saying:
"We need to implement this encryption method so as to avoid
problems we think may be coming. Trust us! We promise not to abuse
your privacy." [except for the following--expandable--list of
reasons.]
Unlike some in this debate, I do not doubt the sincerity of
Dorothy Denning or others like her. And I would have a lot fewer
problems with Clipper/Capstone proposal if the people who will be
granting access to the keys and those with legal access to the keys
were of Dorothy's caliber.
However, people of good will are not likely to be the ones who
apply for these keys to your privacy in the future. I am right in the
middle of a case which has remarkable similarities to a Clipper
"request for keys."
Full details have been posted to comp.eff.talk and misc.legal, but
in brief summery, a Postal Inspector from Tennessee is attempting (for
political reasons) to impose the obscenity standards of that region on
an adult BBS run from Milpitas (just North of San Jose). To this end,
he obtained a warrant to take the BBS hardware. Because of contained
email and First Amendment activities of a BBS, subpoenas, not
warrants, are required under two sections of federal law. The laws
are Title 42, Section 2000aa, and Title 18 Section 2701, the same ones
which were applied in the well-known Steve Jackson Games case.
Pointers to these federal laws were *posted* on the BBS. The
postal inspector downloaded this file (most of which *I* originally
wrote), and *included* it in his affidavit for a search warrant to a
Magistrate-Judge in San Francisco, along with a remarkably weak theory
of how he could avoid application of these laws to himself.
To obtain a warrant to take email and 2000aa materials, a number
of judicial findings should have been made. None were. The postal
inspector got his warrant, mailed child pornography to the BBS, served
the warrant, and "found" the child porn. To give you an idea of the
good will (and competence) of the particular agent involved, he had
not included the child porn in the warrant, and so had to fill out
another document at the time of the search. On this form he
specifically described the material as "sent without his knowledge"
(referring to the sysop). Of course this statement did not prevent
this child pornography (in the sysop's house for all of half an hour)
from being the basis of one count (of 12) of a grand jury indictment
the BBS sysop faces in Tennessee.
This warrant example applies to the Clipper situation.
The risk under Clipper is that your private communications will be
protected by the *weakest* link in the chain--one of the thousands of
low level Magistrate-Judges among whom law enforcement agents shop for
warrants and will shop for keys. These judges tend to be busy, or
lazy or both, and they *trust* law enforcement agents. Even if the
law is *directly quoted* in search warrant affidavits or key requests,
and these laws *expressly forbid* granting warrants or key requests
under the conditions cited, the judge may not even read a lengthy
supporting affidavit before approving it. He is *very* unlikely to
consider a the underlying laws when granting a request. The key
escrow agents provide no protection whatsoever since they simply fill
orders from agents with approved applications.
Judges ignore the law with impunity, and so do law enforcement
agents because one agency will almost never investigate another.
As a practical matter, applications for search warrants are almost
never denied. The same situation is certain to occur for Clipper key
applications, no mater how weak the justification happens to be, or
what laws are being violated by those seeking the keys.
Keith Henson