[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

re: NIST GAK export meeting, sv



Imagine you are in the Justice Dept.  You have to work out a policy for 
escrow agents because your boss says so.  You begin to work out 
scenarios, just like when you design software.  One scenario is that the 
FISA court issues a warrant for a wiretap/decrypt of a suspected foreign 
agent.  The fact of the order, and esp. the ID of the target, have a 
SECRET classification.  It is a crime to show a SECRET document to a 
person without clearance.  Yet, escrow agents can reasonably refuse to 
disclose a key (indeed, SHOULD refuse to disclose a key) without seeing a 
real warrant.  

How do you solve the problem?  (Hint: asking Congress to change either 
the classification laws, the FISA court rules, or the GAK policy are not 
options.)

I'm certain the above was a large part of their thinking in adding the
requirement of a SECRET cleared person.  If you accept their premises --
note the "if" -- it makes a certain degree of sense.  I offer the 
following two bets for which I have no evidence:

1) This will be the PR that most damages the proposal
2) If they ever actually implement the policy, they will give the 
clearances out as fast as they can, just to show good faith.  Not that 
SECRET is a very high clearance any more, anyway....It's main value is in 
giving them another way to jail you if you leak the fact of the order and it 
ruins the investigation.  (Plus, I suppose, obstruction of justice...)

CRYPTO: Does anyone recall the cite for a paper a few years that set out a
way to have escrow agents who would be "oblivious" to the identity of the
subject of the warrant?  And how would such an escrow agent be sure that
they were not being duped by the feds? 

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | [email protected]
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.