[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
OECD Waffles
2-4-97. Reuters:
Global group fails to endorse Clinton encryption plan
Washington: An influential economic research group is preparing
guidelines on computer encryption for its member countries but
will duck some of the most contentious issues involved, according
to a draft obtained by Reuters.
The Clinton administration, seeking to rally support for its
controversial policy on exporting encryption products -- which
encode and decode e-mail and other computerized messages -- failed
to win an endorsement from the Organisation for Economic Cooperation
and Development (OECD), although the group did discuss the
administration's approach.
On perhaps the most difficult issue, the draft guidelines do not
favour or oppose a requirement in the U.S. policy that data-scrambling
encryption programmes provide a way for law enforcement officials to
obtain keys to crack the codes when necessary.
After indicating that governments should carefully weigh the costs and
benefits of imposing so-called key recovery, the draft report said,
"this principle should not be interpreted as implying that governments
should, or should not, initiate legislation that would allow lawful
access."
On all the controversial areas in the draft, "the member countries of
the OECD have strongly held views but they don't always coincide,"
John Dryden, head of the group's Information, Computer and Communications
Policy division, said in a telephone interview from Paris.
Some countries see widespread use of encryption as a way to protect the
privacy of computer users and businesses, thereby encouraging global
commerce, Dryden said. But others see encryption as possibly thwarting
law enforcement's efforts to catch riminals and global terrorists, he
said.
The guidelines suggest encryption users should have access to products
that meet their needs. Government controls should be "no more than are
essential to the discharge of government responsibilities."
Instead of reconciling the different views, the draft guidelines lay out
competing interests and approaches.
"It's not in itself a cryptography policy and it's not an attempt to
draft a model national law that we're encouraging people to adopt,"
Dryden said. Cryptography refers to products and systems used in
encryption.
The guidelines also suggest encryption standards and usage should be
"determined by the market in an open and competitive environment."
"There's a strong view that the private sector should have the
possibility to use information networks to the best of their potential
in order to create growth and jobs," Dryden said.
U.S. officials who have seen the preliminary draft praised the guidelines.
"They're an important and helpful step forward," Undersecretary of
Commerce William Reinsch said.
"They're helpful because they put down on paper the proper foundation for
getting into this," he added.
Reinsch said most countries will follow the U.S. lead and require
so-called key recovery features for law enforcement. Under the Clinton
policy, domestic use of encryption is not regulated but the strongest
coding products cannot be exported unless they include key recovery.
U.S. companies that have opposed the Clinton policy, contending it stifles
their ability to compete with unfettered foreign firms, drew little solace
from the draft guidelines.
"This is not helpful," said Netscape Communications Corp.'s public policy
counsel, Peter Harter. Netscape and other companies preferred stronger
language endorsing free-market policies, he said.
The draft guidelines, approved by a group of government and private-sector
experts at a meeting at the end of January, still must be approved by a
top-level OECD officials from the group's 29 member countries, including
the United States.
-----