[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
PC Week article
Copyright (c) PC Week - Reproduced without permission
Volume 11, Number 10 - March 14, 1994
Jim Seymour's column The Corporate Micro
Businesses would be Clipper victims, too
This Clipper-chip stuff is getting out of hand. A manifestly bad idea that
seemed likely to sink of its own weight has taken on a life of its own as
government officials offer ever more specious arguments for its desirability.
Many corporate computing managers tell me they haven't thought about Clipper
much, because they aren't interested in politics. That's naive. Ignore this
one at your own - and at your company's - very substantial risk.
In case you've been on Mars for the past few months, the Clinton administration
is pushing for adoption of a data-encryption standard using an embedded chip in
every piece of communications equipment.
Decryption by any entity other than the intended recipient of the data would be
impossible - except by the government, under strict limitations: The necessary
keys would be held in trust by a government agency, which would deliver them to
a law enforcement agency only after issuance of a court order based on probable
cause.
The government expects that by requiring Clipper chips in every piece of
communications equipment it buys, Clipper chips will become ubiquitous. There
is also talk about barring data that is not encrypted by the Clipper standard
from any national information superhighway, further assuring its universal use.
Uncle Sam assures us this is the best ever data-security system and that we have
nothing to worry about from government snooping which just wouldn't happen.
This whole proposition is so ludicrous that it seemed unlikely to make it to the
congressional hearings on a new telecom act. But it did, and now our servants
in Washington are considering making this the law of the land.
Which has led to the spectacle of FBI Director George Orwell - oops, make that
Louis Freech - saying that Americans should be willing to give up some of their
freedoms to become more secure. What's next, Lou, viewscreens in every room?
Organizations from Computer Professionals for Social Responsibility to Wired
magazine are sponsoring petitions and letter-writing campaigns to try to end
this craziness. You can't get on the Internet these days without being asked to
sign a petition.
All that is well and good; the personal-privacy arguments are powerful and
appropriate. But in the flag-waiving over potential government snooping, we're
missing a compelling business argument against the Clipper standard. If the
image of Uncle Sam as a snoop doesn't move you to action, maybe this one will.
Say Clipper becomes the standard and your company's electronic communication is
Clipperized. How secure from interception and decoding by competitors do you
think your data will be?
Beyond the press-release smoke about how limited access to Clipper decryption
keys will be, the fact is that ordinary people will be responsible for
safeguarding them. And people can be bribed, and can take impetuous and
spiteful actions.
It's not a question of whether a scandal will erupt when critical and highly
confidential corporate information is invaded - only how long it will be before
that happens.
You and I break our backs devising super-secure communications systems. Our
livelihoods depend upon our expertise and commitment to that goal. Do you
really want to undermine that work and commitment with this kind of insane
back-door risk?
Jim Seymour can be reached via MCI Mail at 336-5687.