From: David Sobel <dsobel@washofc.cpsr.org>
Date: Thu, 9 Dec 93 09:30:59 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: CPSR Letter to Clinton
Message-ID: <00541.2838282077.1447@washofc.cpsr.org>
MIME-Version: 1.0
Content-Type: text/plain


  CPSR Letter to Clinton

     On December 6, the Digital Privacy and Security Working
Group, a "coalition of over 50 communications and computer
companies and associations, and consumer and privacy advocates"
coordinated by the Electronic Frontier Foundation, sent a letter
to President Clinton concerning cryptography policy.  The letter
states, "In our discussions with Administration officials, we have
expressed the Coalition's tentative acceptance of the Clipper
Chip's encryption scheme (as announced on April 16, 1993), but
only if it is available as a voluntary alternative to widely-
available, commercially-accepted, encryption programs and
products."

     The Washington Office of Computer Professionals for Social
Responsibility (CPSR) has sent the following letter to the
President.  We believe that the position stated in this letter
continues to represent the views of the vast majority of network
users, as reflected in the overwhelmingly critical comments
submitted to the National Institute of Standards and Technology in
response to its recent solicitation of public comments on the
Clipper proposal.

==================================================================

                                     December 8, 1993

The President
The White House
Washington, DC  20500

Dear Mr. President,

     We are writing to you regarding the Clipper cryptography 
proposal now under consideration by the White House and a 
letter you may have received about the proposal from a group 
called the "Digital Privacy and Security Working Group."

     This group wrote to you recently and expressed their 
"tentative acceptance" of the Clipper Chip encryption scheme.  
We disagree with their views.  This group has made a grave 
mistake and does not speak for the many users of computer 
networks and developers of network services who have 
vigorously opposed this proposal.

     We are very much concerned about the Clipper proposal.  
At its core is the dubious premise that the government 
should have the authority to design communications networks 
that facilitate wire surveillance.  The plan was developed in 
secret by the National Security Agency over the objection 
of U.S. firms, professional associations and public interest 
organizations.  Key details about the proposal remain 
classified.

     This proposal must not be endorsed.  The development of 
open, unclassified standards is critical for the future of the 
nation's communications infrastructure. Progress and 
innovation depend on the free exchange of scientific and 
technical information.  It is essential to the integrity of 
the scientific process that standards are openly created and 
available for public review. 

     There is also a great need to ensure that future networks 
are designed with the highest levels of privacy and security 
possible.  As our country becomes ever more dependent on the 
high-speed network, the need for secure systems will only 
increase.  The Clipper proposal purposefully cripples the 
security of the network and reduces the privacy protection 
that users could otherwise obtain.

     There is another still more serious problem with the 
Clipper proposal.  An agency with the authority to conduct 
wiretaps must not be allowed to impose technical standards to 
facilitate wire surveillance.  The threat to Constitutional
democracy is clear.  A system of checks and balances is
essential to ensure that the powerful investigative tools of
government are properly controlled.  

     We have followed the development of this proposal with 
great concern.  We have testified before Congressional 
committees.  We have appeared before agency panels, provided 
reports on wire surveillance, and debated the former FBI 
Director on national television.  We have also sponsored 
conferences with full participation from across the federal 
government.  We believe that the best policies will result from 
an open and unrestricted exchange of views.  

     It is our assessment that you must not permit adoption of 
the Clipper technical standard, even on a voluntary basis.  At 
a time when the country should be moving toward open standards 
designed for commercial networks, the Clipper proposal asks 
future users of the nation's information infrastructure to 
accept a standard intended for the Cold War era.  It is a 
backward-looking plan that serves neither the interests of the 
American people nor American business. 

     The adoption of the Clipper proposal would also ratify an 
unlawful process that has undermined the authority of Congress 
and weakened the mechanisms of government accountability.  The 
proper authority for the development of this standard never 
rested with the NSA.  Under the Computer Security Act of 1987, 
it was a civilian agency that was to develop appropriate 
standards for the nation's commercial networks.  Through a 
series of secret executive orders, the NSA usurped the 
authority of the National Institute of Standards and 
Technology, substituted its own proposal for those of NIST, 
and effectively derailed this important policy process.

     When the computer user community had the opportunity to 
voice its position on this proposal, it rejected the plan 
overwhelmingly.  The notice and comment process conducted by 
the Department of Commerce earlier this year resulted in 
nearly uniform opposition to the Clipper proposal. It would be 
hard to find a technical standard more disliked by the 
potential user community.

     While we support the relaxation of export controls on 
cryptography, we are not willing to concede to the NSA the 
right to develop secret standards.  It is only because the 
National Security Agency also exerts influence on export 
control policy that the Digital Privacy coalition is prepared 
to endorse the Clipper standard in exchange for new 
opportunities to market products.  It may be a good deal for
the coalition members, but it is a terrible outcome for the 
rest of the country.

     We very much appreciate your efforts on behalf of open 
government, and your work with the Vice President and the 
Secretary of Commerce to develop the nation's information 
infrastructure.  We believe that these efforts are sending our 
country in the right direction, helping to develop advanced 
technologies appropriate for a democratic nation and to 
preserve open and accountable government.

     But the Clipper proposal was not a creation of your 
administration.  It is a relic from a period that is now 
moving rapidly into the history books, a time when secret 
agencies made secret decisions and when backroom deals with 
powerful, private interests sustained these arrangements.

     It is time to end this cynical form of policy making. 

     We ask you to reject the deal put forward by the Digital 
Privacy and Security Working Group. The Clipper proposal 
should not go forward.

     We would be pleased to meet with members of your 
administration to discuss this matter further.



                              Sincerely yours,


                              Marc Rotenberg, Director
                              David Sobel, Legal Counsel
                              Dave Banisar, Policy Analyst
                              CPSR Washington office


cc:   The Vice President
      Secretary Ron Brown, Department of Commerce 
      Anthony Lake, National Security Council
      Computer System Security and Privacy Advisory Board