[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Why escrow? (was Re: How would Leahy bill affect crypto

To: "Deranged Mutant" <[email protected]>
Subject: Re: Why escrow? (was Re: How would Leahy bill affect crypto
From: jim bell <[email protected]>
Date: Wed, 13 Mar 1996 15:27:52 -0800
Cc: [email protected]
Sender: [email protected]

At 04:15 PM 3/13/96 +0000, Deranged Mutant wrote:

>Since when is the government intentionally going to let any bill or 
>policy go through that isn't friendly to themselves??? (You don't 
>have to be an anarchist to figure that out!)

Well, it's not surprising, of course, but it DOES seem to be making these 
assumptions.  I wonder what they're gonna do when they start 
discovering that "all" voluntary escrow system in place have protections far 
beyond what they've anticipated?  That's why I'm more than a little 
disturbed about the one really bad portion of the Leahy bill:  The one that 
makes using encryption to thwart an investigation a crime.  As Mr. Junger 
observed, and as should be obvious to most of the rest of us, such a section 
of the bill could turn a key-escrow holder into a criminal if he fails to 
disclose an encryption system that protects a key, or (worse!) even if he 
structures his business in such a way as to avoid having the decrypt key for 
the escrowed key at all.  Previously, legally, he could probably have 
claimed innocence because he had no decrypt-key to disclose, but Leahy's 
bill would make him guilty even if there was nothing he could do to give 
them a key.  

>Nothing is safe from abuse, by the goverment or non-government fols 
>alike.  There's always more loopholes to clean up.   (Not that this 
>means we shouldn't clean them up... obviously bad policies should be 
>fixed...). Just as no crypto is 100% foolproof, no legal system is 
>100% abuse-proof.

If I were trying to detect government investigation in such a situation, I 
would buy a crypto phone, open an "escrow account" on a totally voluntary 
basis, give them a phony key, and then (as part of the (presumably?) 
enforceable escrow agreement) insist that they inform me if anybody asks for 
the key.  There is nothing in Leahy's bill which appears to prohibit the 
escrow agent from informing the key holder of a request/demand for the key; 
(I would greatly prefer if that was an actual legal requirement that they do 
inform the key user.)  The question is, is this merely an oversight on their 
part, or are they planning something, or are they assuming an existing law 
would cover his?  The answer doesn't look good.

Jim Bell
jim [email protected]

Prev by Date: Re: RICO and remailers (brief treatment, if long)
Next by Date: Re: ADL_mil
Prev by thread: Re: Why escrow? (was Re: How would Leahy bill affect crypto
Next by thread: Re: Why escrow? (was Re: How would Leahy bill affect crypto
Index(es):
- Date
- Thread