[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Reinsch On Crypto/Wassenaar




Excerpt from a speech by BXA's William Reinsch on December 7, 
1998, at the Practising Law Institute conference "Coping with U.S.
Export Controls." Note final paragraph about detailed crypto 
session today -- no report on that yet.

Full speech: http://jya.com/war120798-2.htm

Also by him yesterday on crypto: http://jya.com/war120798.htm

[Begin excerpt]

Encryption continues to be a hotly debated issue. As I stated last
year, the U.S. continues to support a balanced approach to encryption
policy which considers privacy and commercial interests as well as
protecting law enforcement and national security interests.
Furthermore, we also remain committed to promoting the growth of
global electronic commerce through secure financial and business
communications.

Our position has always been to seek industry-led, market-driven
solutions to achieve a balanced approach. What has changed is the
direction where technology and the market place are taking us. Key
recovery technology remains a very important part of our policy;
however, over the past two years, we have recognized that key recovery
is not a solution for all problems.

That recognition, brought about in part as a result of our ongoing
dialogue with industry, has helped us also focus on recoverable
technologies that can enable law enforcement to continue its
authorized activities.

As a result, on September 16, Vice President Gore unveiled a policy
update, which will not end the debate, but which does include steps to
further streamline exports of key recovery products and other
recoverable products which allow law enforcement, under proper legal
authority, recovery of plain text.

The update also provides for 1) the export of 56 bit DES worldwide to
any end user under a license exception; 2) exports of strong
encryption to U.S. companies and their subsidiaries under a license
exception; 3) exports of strong encryption to the insurance and
medical sectors in 45 countries under a license exception; and 4)
exports of strong encryption to secure on-line transactions between
on-line merchants and their customers in 45 countries under a license
exception. This is consistent with our earlier announcement relating
to financial institutions.

This is an evolutionary process and we intend to continue our
dialogue. We must continue to adapt to changes, and we will review 
our policies again within the year to determine whether further 
change is necessary. We intend to publish regulations implementing 
the Vice President's announcement this month.

With respect to developing a common international approach to
encryption policy, Ambassador David Aaron, our special envoy on
cryptography, is working with other countries to ensure that our
policies are compatible. He has found that most major producing
countries have public safety and national security concerns similar 
to ours and are interested in developing a harmonized international
approach regarding compatible infrastructures for electronic commerce
and for a key management infrastructure. At last week's Wassenaar
Arrangement plenary session, the participating states approved a
number of changes to modernize and improve multilateral encryption
export controls. These changes removed controls on products below 
56 bits and on certain consumer entertainment systems, such as DVD
products, and on cordless phone systems designed for home or office
use.

Most important, participating states agreed to extend controls to
mass-market encryption exports above 64 bits, thus closing a
significant loophole. This will enable governments to review the
dissemination of the strongest encryption products that otherwise
might fall into the hands of rogue end users.

For those of you deeply interested in the details of our encryption
policy, we have a specific session devoted to it tomorrow.

[End excerpt]