[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

NYT on Crypto Policy



   The New York Times, June 10, 1996, p. A10. 
 
 
   The New Encryption Universe [Editorial] 
 
 
   The development of inexpensive computer programs and 
   hardware that scramble telephone calls and computer 
   messages to prevent eavesdropping is rapidly transforming 
   the world of cryptography. Once largely the domain of 
   governments and their intelligence services, encryption 
   technology is now commonly used by corporations, banks, 
   securities firms and individual computer operators. It is 
   time to revise Government encryption policy to fit this new 
   universe. 
 
   A panel of the National Research Council makes a convincing 
   case for doing just that after a careful review of 
   encryption issues. The panel calls on the Government to 
   abandon its effort to limit the development and 
   availability of advanced encryption technology. The Clinton 
   Administration has fought to preserve the Government's 
   ability to access commercial and individual communications 
   for law enforcement purposes by encouraging adoption of a 
   single encryption standard that Government agencies could 
   track and decipher if needed. 
 
   The Research Council panel leans the other way, urging the 
   commercial development of powerful encryption software even 
   though it would make wiretapping more difficult. It also 
   recommends that Washington ease restrictions on exports of 
   encryption technology. 
 
   The Government has long framed the debate over commercial 
   encryption around its need to fight crime through 
   wiretapping. The panel recognizes the usefulness of 
   court-authorized wiretaps. But the panel suggests that a 
   more important issue is the ability of the private sector 
   to transfer confidential financial and other data over 
   telecommunications pathways without interception. 
 
   The Clinton Administration wants the private sector to 
   adopt a type of encryption technology, known as key escrow, 
   that would give the Government the ability to unscramble 
   private phone or computer messages with court authorization 
   and thereby preserve its wiretap capability. But the policy 
   has so far failed several practical tests. The private 
   sector has not voluntarily adopted a Government-controlled 
   technology. In addition, encryption programs are already 
   available that allow almost anyone with a computer and 
   modem to work around Government-controlled technology. One 
   sophisticated system would allow two strangers -- people 
   who had swapped no private passwords -- to read each 
   other's encoded messages. 
 
   It seems likely that the Administration approach will not 
   succeed. If so, the danger is that Washington might move to 
   outlaw encryption technology it has not approved, a step 
   that would grossly violate American civil liberties. The 
   best way for the Government to protect its ability to 
   eavesdrop on domestic and foreign criminals is to stay 
   technically ahead of them. The panel recommends vigorous 
   Government research programs to that end. 
 
   The Research Council group would permit American computer 
   companies to export more powerful encryption software than 
   currently permitted. Foreigners already have access to 
   encryption systems that are more powerful than those 
   American companies are allowed to sell. The export 
   restrictions do nothing to keep encryption software out of 
   the hands of criminals and hostile governments, but 
   needlessly drive American exports out of foreign markets. 
 
   The panel's conclusions are especially credible because its 
   membership was not tilted against the Government. The 
   16-member panel was led by Kenneth Dam, a former Deputy 
   Secretary of State, and included Benjamin Civiletti, a 
   former Attorney General, and Ann Caracristi, a former 
   deputy director of the National Security Agency. The 
   Clinton Administration should take notice. It needs a new 
   encryption policy. 
 
   --