[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
NYT on Crypto Issue
The New York Times, March 25, 1996, p. D5.
The key issue for the Net is not smut, it is the use of
encryption
Growing fears that Big Brother might decide to read your
E-mail.
By Denise Caruso
The current uproar over the Internet is about smut and what
can be made public on the global computer network. But the
next public-policy tangle will be about what we're allowed
to keep secret.
Earlier this month, a bipartisan group from both houses of
Congress introduced versions of legislation called the
Encrypted Communications Privacy Act of 1996. This bill,
which outlines the proper use of encryption technologies
for privacy and security, is by far the most critical piece
of Internet legislation yet introduced.
Encryption uses a mathematical key to scramble and
unscramble digital messages so they can be read only by
their intended recipients and not by human or electronic
snoopers. Legislation about this powerful technology is
especially important when viewed in light of two laws
already on the books.
One of these, the Digital Telephony Act, signed into law in
1994, allows Federal law-enforcement agencies to update the
telephone network with the most pervasive surveillance
equipment in history.
The other, the freshly signed Communications Decency Act,
bans "indecent" material from the Internet. It is a law
that many legislators seemed to feel was on shaky ground
even as Congress was passing it. A constitutional challenge
to the law is currently being heard in Federal District
Court in Philadelphia.
Though the encryption bill as written is receiving
qualified support from industry and civil libertarians,
some worry that changes made in committee could make the
bill too restrictive, completing a triumvirate of Big
Brother legislation that would give law enforcement the
ability and rationale to monitor all the electronic
messages of citizens, leaving little or no recourse for
private or secure communication.
Such restrictions threaten to suffocate the Internet. As
new users and businesses flock daily to the Internet, their
need to protect confidential business data and messages
becomes a key issue in making the Net safe enough to be
useful. Computer security experts say that many of today's
problems on the Net -- minors getting access to
pornography, security breaches of corporate data, the need
to prove one's identity -- could be solved by using
encryption.
Today, using encryption of any kind is still perfectly
legal inside the United States. Historically, it was mostly
used to protect secret military communications, so the
technology is still classified as munitions -- the same
threat to national security as a boatload of artillery
shells. Thus any products containing encryption are subject
to strict export controls.
Law-enforcement and national security officials say that
widespread use of strong encryption would enable terrorists
and organized-crime syndicates to communicate with
impunity. They say export control is the only way to keep
this genie in its bottle, at least when it comes to
foreign, not domestic crime.
In addition, security experts have persuaded the Clinton
Administration to propose an encryption method called "key
escrow" that would give the Government access to
information even after it had been encrypted. Key-escrow
systems generate a decrypting key that is held by a trusted
third party. When law-enforcement agents show up with a
court warrant, the trustee hands over the key to unlock the
message.
So far, the Clinton Administration's proposals, which
include a key-escrow system called Clipper have been
universally reviled by both civil libertarians and the
computer industry, which claims it stands to be deprived of
up to $60 billion annually by the year 2000 because of
export controls. They argue that any country today can make
and sell encryption products stronger than what can be
legally exported from the United States and that people
won't use a system like key escrow because it has a
built-in security compromise.
One defender of key-escrow policy is Dorothy Denning, a
professor of computer science at Georgetown University and
a consultant to the military industry. She argued in a
letter to Senator Patrick J. Leahy Democrat of Vermont --
one of the sponsors of the new legislation -- that such a
system was vital to public safety and security.
James Barksdale, president of the Netscape Communications
Corporation, whose popular Web-browser software has
built-in encryption capabilities, called Ms. Denning's
solution a "stopgap measure."
"Key escrow is an unworkable idea, and we do not support
it," Mr. Barksdale said. "Key escrow will be defeated just
like Prohibition was defeated by bathtub gin -- all it took
was a big bag of sugar and a long weekend."
Policy watchdogs like the Center for Democracy and
Technology and the Electronic Frontier Foundation, both
outspoken advocates for privacy rights and due process,
agree that the bill is headed in the right direction. It
does not dictate the use of a key escrow system, eases
export controls for "mass market" products (like
Netscape's), prohibits any restriction on the domestic use
or sale of encryption, and provides a "personal use" policy
for American travelers who use encryption while outside the
country.
But the bill is sure to face a fight as it moves through
the House and the Senate, and the key-escrow and
export-control proponents marshal their experts.
David Farber, a professor of computer science at the
University of Pennsylvania and a board member of the
Electronic Frontier Foundation, says encryption policy
always turns into "a religious discussion" between those
who fear terrorism and those who want to live without fear
of constant surveillance.
But, he adds, if you take privacy discussions to the
people, their attitudes are pretty clear. " If you ask the
American public what they think of national I.D. cards, for
example, a huge percentage are opposed to them," he said.
"Why? They're not hiding anything. They just don't want the
Government to have that type of power."
[End]