[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

(Fwd) Crypto conference



>----- Forwarded Cyberia-L message (DAVID POST <[email protected]>) -----< 
 
 
I was at EPIC's annual crypto conference yesterday, and just thought I'd 
pass along my impressions. It was, as always, extremely interesting; EPIC 
does a terrific job at these things of getting a very diverse and
thoughtful 
collection of people with interests in crypto policy into the room
together, 
everyone from Whit Diffie and Phil Zimmermann and Eric Hughes to Scott 
Charney of DOJ and Bruce McConnell of the White House, people from the OECD

and the hardware/software community, etc. 
 
 
There were panels on key escrow, digital cash, international developments, 
and the Karn/Bernstein cases and other domestic policy developments.  To
me, 
the most striking feature of the event was what I felt was a new bite to
the 
complaints about export controls.  People have been complaining, needless
to 
say, about these for a while -- but the *economic* case for lifting
controls 
is now in the forefront of the discussion in a way that was not the case 
before, imho.  Indeed, there wasn't an enormous amount of talk about the 
*privacy* implications of encryption this time at all.  Jim Bidzos of RSA 
gave a very powerful talk at lunch, at which he unveiled two chips that are

now being mass produced by Nippon Telephone, one incorporating the 
Triple-DES algorithm, and one with the RSA public key algorithm.  Someone 
else pointed to a recent story in the Economist, which listed the leading 
encryption software/services companies worldwide, each of which is Israeli.

Bidzos made the claim, and many others echoed, that the export controls are

in the process of doing nothing more than ceding a potentially lucrative 
market to others, a market in which the US might otherwise be expected to
be 
the dominant player.  It may even, in the eyes of some, be too late to undo

this damage. 
 
 
Now, some of this may be exaggerated, special interest whining.  But 
there's an interesting hook here.  Many have talked about the importance of

control over "standards " in network industries, the importance of
obtaining 
an early dominant position in the market that can appropriate all of the 
network externalities waiting to be plucked out there.  [Mark Lemley has an

interesting discussion of this in a piece on antitrust on the Net -- Mark, 
is that out anywhere yet?]  Acting quickly to penetrate the market becomes 
critical, not just because markets change on "Internet Time," but also 
because the early entrants have a chance of establishing themselves as de 
facto standards and thereby extending their dominance over time.  This, one

can plausibly argue, is what is happening -- has happened? -- in this 
market.  It is more credible in these kinds of markets to argue, as Bidzos 
was arguing, that if government policymakers wait until there's actual 
evidence of damage, of "lost market share," to US companies, that it will
at 
that point already be too late to do anything about the damage. 
 
---------- 
 
[Second Cyberia-L message by David Post] 
 
 
One other interesting issue generated heated discussion -- as in yelling
and 
screaming between audience and panel -- at the EPIC conference.  Scott 
Charney of DOJ, who heads the US delegation to the OECD crypto guidelines 
conference, was subjected to pretty heated questioning about the
possibility 
that the US is trying to use the international forum as a way to move a 
particular policy agenda that is *not* being successfully peddled at home, 
and then to use the international support as a means of moving the domestic

policy debate in that direction.  Jamie Boyle of AU was particularly 
eloquent about this concern (I raised it too, less eloquently) -- I think
it 
fair to say that both of us had the copyright experience in the back of our

minds, where, many of us believe, the US has been pushing the "Lehman 
agenda" in international discussions as a way of presenting Congress with a

kind of fait accompli.  Charney vigorously denied that this was going on --

he strongly argued that since the OECD guidelines are non-binding (unlike, 
say, the treaty obligations being discussed in the copyright context), 
there's simply nothing wrong with discussing these clearly global issues 
with our international partners. It was, as they say in the press, a 
spirited exchange. 
David 
 
 
********************************* 
David G. Post, Georgetown University Law Center 
[email protected]    202-364-5010 
Cyberspace Law Institute home page http://www.cli.org 
********************************* 
 
 
 
David 
********************************* 
David G. Post, Georgetown University Law Center 
[email protected]    202-364-5010 
Cyberspace Law Institute home page http://www.cli.org 
*********************************