[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: FBI calls for mandatory key escrow; Denning on export ctrls




--- begin forwarded text


Date: Thu, 4 Sep 1997 09:58:00 -0400 (EDT)
From: Peter F Cassidy <[email protected]>
To: [email protected]
Subject: Re: FBI calls for mandatory key escrow; Denning on export ctrls
Mime-Version: 1.0
Sender: [email protected]
Precedence: bulk
Reply-To: Peter F Cassidy <[email protected]>


Friends,

The campaign to bring all communications technologies under state/military
control is progressing almost exactly as planned. On my desk is the Jan.
1992 memorandum from Brent Scowcroft, former national security advisor to
Bush, outlining the digital telephony/crypto control strategy. The
president, Scowcroft wrote in the memorandum, had advised:

"Justice should go ahead now to seek a legislative fix to the digital
telephony problem, and all parties should prepare to follow through on the
encryption problem in about a year. Success with digital telephony will
lock in one major objective; we will have a beachhead we can exploit for
the encryption fix; and the encryption access options can be developed
more thoroughly in the meantime."

Digital Telephony legislation was passed in October of 1994 - after the
directors of the NSA and FBI visisted senators who were sitting on it and
placed holds on it - one for idealogical reasons, the other for
horsetrading later in the session. Within days the holds were removed, the
legislation flew through both houses in voice votes, if memory serves, and
Clinton, a war protester who has become a virtual puppet of the military
intelligence system in communications policy, signed it about a week
later. Everyone has a telephone yet the opposition couldn't muster enough
popular dissent to crush the legislation. This makes me fear for the
future of crypto, the conscious users of which define a much smaller
universe than telephone users.

Most interestingly, the FBI didn't even have real facts on wiretaps to
prove its case. A recent academic study indicates that the wiretapping
stats that the FBI used to "prove" its case - the absolute necessity of
wiretapping - were in large part falsified. (Starting in the early 90s,
requests for wiretapping suddenly shot up, while, if you check later, the
numbers of executions of the orders and subsequent arrests and
prosecutions stayed flat.)



PFC



>
> All encryption products sold or distributed in the U.S.
> must have a key escrow backdoor "like an airbag in a car,"
> law enforcement agents advised a Senate panel this
> afternoon.
>
> FBI Director Louis Freeh also told a Senate Judiciary
> subcommittee that "network service providers should be
> required to have some immediate decryption ability
> available" permitting agents to readily descramble
> encrypted messages that pass through their system.
>
> This marks the most aggressive push to date for
> mandatory domestic key escrow (or "key recovery"),
> which means someone else other than the recipient can
> decipher messages you send out. Now, the easiest way
> to win such a political tussle in Washington is to
> control the terms of the debate. And nobody
> understands that rule better than Sen. Jon Kyl
> (R-Arizona), chair of the Judiciary subcommittee on
> technology, terrorism, and government information.
>
> Kyl opened today's hearing not by saying its purpose
> was to discuss crypto in a balanced manner, but that
> he wanted "to explore how encryption is affecting the
> way we deal with criminals, terrorists, and the
> security needs of business." Then he talked at length
> about "criminals and terrorists" using crypto, and
> child pornographers "using encryption to hide
> pornographic images of children that they transmit
> across the Internet."
>
> Kyl also stacked the three panels. Out of seven
> witnesses, five were current or former law enforcement
> agents. No privacy or civil liberties advocates
> testified. Some companies including FedEx apparently
> dropped out when told they'd have to pay lip service
> to key escrow if they wanted to speak.
>
> Dorothy Denning, a Georgetown University professor of
> computer science, did testify. Kyl made a point of
> asking her if she still supported key escrow systems
> (two recent articles by Will Rodger and Simson
> Garfinkel said she was changing her mind). "I think
> key recovery offers a very attractive approach,"
> Denning said. What about export controls? "In the
> absence of any controls, the problem for law
> enforcement would get worse," she replied.
>
> But when Sen. Dianne Feinstein (D-Calif) asked if
> Denning would support a *mandatory* key escrow system,
> the computer scientist said she wouldn't. "No, because
> we don't have a lot of experience we key recovery
> systems... a lot of people are legitimately nervous."
>
> (Keep in mind that although Feinstein supposedly
> represents Silicon Valley, she's no friend of high
> tech firms. She opposes lifting export controls; in
> fact, she says that "nothing other than some form of
> mandatory key recovery really does the job" of
> preventing crime. Of course, Feinstein doesn't have a
> clue. She talks about whether businesses would want "a
> hard key or digital key or a key infrastructure." Yes,
> folks, this is in fact meaningless blather.)
>
> Marc Rotenberg, director of the Electronic Privacy
> Information Center in Washington, DC, says, "Simply
> stated, the Senate train is headed in the wrong
> direction. But of course this doesn't answer the
> question of what will ultimately be resolved by
> Congress? There's a very popular measure in the House
> right now that's heading in a different direction."
>
> Rotenberg is talking about Rep. Bob Goodlatte's SAFE
> bill, which is much more pro-business than S.909,
> the McCain-Kerrey Senate bill that Kyl supports. Now,
> S.909 doesn't mandate key recovery; it only strongly
> encourages it by wielding the federal government's
> purchasing power to jumpstart a key recovery
> infrastructure.
>
> But Kyl would go further. At a recent Heritage
> Foundation roundtable on encryption, I asked him, "Why
> not make key recovery technology mandatory -- after
> all, terrorists, drug kingpins and other criminals
> won't use it otherwise. Kyl's response? Not that it
> would be a violation of Constitutional due process and
> search and seizure protections or a bad idea. Instead,
> he told me he simply didn't have enough votes...
>
> -Declan
>
> --- end forwarded text
>
>
>
> -----------------
> Robert Hettinga ([email protected]), Philodox
> e$, 44 Farquhar Street, Boston, MA 02131 USA
> "... however it may deserve respect for its usefulness and antiquity,
> [predicting the end of the world] has not been found agreeable to
> experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
> The e$ Home Page: http://www.shipwright.com/
>
>
>
> For help on using this list (especially unsubscribing), send a message to
> "[email protected]" with one line of text: "help".
>


For help on using this list (especially unsubscribing), send a message to
"[email protected]" with one line of text: "help".

--- end forwarded text



-----------------
Robert Hettinga ([email protected]), Philodox
e$, 44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
The e$ Home Page: http://www.shipwright.com/