[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

(Fwd) Internet Euro-Clipper



------- Forwarded Message Follows -------
From Risks Digest, via www-buyinfo

============================================
F Y I

from the RISKS DIGEST-----------

Date: 20 Sep 1995 12:24:10 GMT
From: [email protected] (Ross Anderson)
Subject: European Governments Agree to Ban Strong Crypto

According to an article in `Communications Week International', the 
34-nation Council of Europe has agreed to outlaw strong encryption 
products which do not make keys available to governments.

The article, `Euro-Clipper chip scheme proposed', is on the
front page of the magazine's issue 151, dated 18th September, which 
arrived in my mail this morning.

It relates that the policy was approved on the 8th September
at Strasbourg by the Council, and coincides with an attempt by the 
European Commission to propose a pan-European encryption standard. 
The Council - unlike the Commission - has no statutory powers to 
enforce its recommendations.

However, Peter Csonka, the chairman of the committee that
drafted the document (and an administrative officer at the 
Council's division of crime problems) says that `it is rare for 
countries to reject  Council of Europe recommendations'.

The proposal would make telecomms operators responsible for
decrypting traffic and supplying it to governments when asked. It 
would also `change national laws to enable judicial authorities to 
chase hackers across borders'.

Opposition to this measure was expressed by Mike Strezbek,
VP responsible for European telecomms at JP Morgan, who said that 
his organisation `will challenge any attempt to limit the power of 
our network encryption technologies very strongly'.

Czonka said that the Council had given consideration to
business interests but had tried to strike a balance between 
privacy and justice. However, `it remains possible that 
cryptography is available to the public which cannot
be deciphered,' his document says. `This might lead to the
conclusion to put restrictions on the possession, distribution, or 
use of cryptography.'

Apparently another international organisation, the OECD, has
called a conference of its members in December to devise a strategy 
on encryption.

I for one will be making clear to my MP that his stand on
this issue will determine how I cast my ballot at the next 
election. I note that John Major stated in a 1994 parliamentary 
written reply to David Shaw MP that the government did not intend 
to legislate on data encryption. 

I am disappointed that government policy has changed to the point 
of supporting the Council of Europe, and that this change has 
sneaked through during the parliamentary recess.

Ross Anderson





Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
[email protected]