1995-11-09 - Industry Group Rebuffs U.S. on Encryption

Header Data

From: John Young <jya@pipeline.com>
To: cypherpunks@toad.com
Message Hash: b43e69e0d46ab14a6513626c8b6b0f98513afc3c0868ba8628062f48e792580b
Message ID: <199511090232.VAA00163@pipe1.nyc.pipeline.com>
Reply To: N/A
UTC Datetime: 1995-11-09 03:14:09 UTC
Raw Date: Thu, 9 Nov 1995 11:14:09 +0800

Raw message

From: John Young <jya@pipeline.com>
Date: Thu, 9 Nov 1995 11:14:09 +0800
To: cypherpunks@toad.com
Subject: Industry Group Rebuffs U.S. on Encryption
Message-ID: <199511090232.VAA00163@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The New York Times, November 8, 1995. 


   Industry Group Rebuffs U.S. On Encryption

   By John Markoff


   The campaign by the Clinton Administration to create a
   standard for data encryption acceptable to industry, civil
   liberties and law enforcement groups broke down yesterday
   when a group including some of the nation's most powerful
   technology companies rejected a compromise proposal.

   The aim is to set a policy that meets the needs of
   electronic commerce as well as the concerns of the National
   Security Agency and other Federal offices that are opposed
   to the proliferation of data-coding software, feeling it
   will make it impossible for them to gather intelligence
   overseas.

   The Administration offered a compromise plan and had been
   seeking comment from the public. But the industry coalition
   said yesterday that it found the Government unwilling to
   compromise. Thus, the group of 37 companies said, it would
   formulate its own policy proposal to present to the White
   House and to Congress in the next six months.

   High-technology industries want a data-coding standard
   secure enough that both businesses and overseas customers
   could use it for sensitive financial and business
   correspondence. They seek a longer and more powerful
   encryption key than the Government is willing to grant, and
   object to Government demands that law enforcement agencies
   have "back-door" access to such transmissions that would
   allow them to intercept coded messages.

   The letter is signed by several of the country's leading
   computer, software and on-line companies, among them
   America Online, Apple Computer, AT&T, Eastman Kodak
   I.B.M.'s Lotus Development division, MCI Communications,
   Microsoft, Novell, Oracle Sybase and Tandem Computers.

   On Aug. 17, the Administration proposed a liberalization of
   export-control procedures for "key escrow" software
   products, or those providing law-enforcement access.

   "The current policy directive also does not address the
   need for immediate liberalization of current export
   restrictions," the letter said "Such liberalization is
   vital to enable U.S. companies to export state-of-the-art
   software products during the potentially lengthy process of
   developing and adopting a comprehensive national
   cryptography policy."

   [End]

----------

   The Washington Post, November 8, 1995


   Encryption Control Plan Sparks Industry Protest

      High-Tech Groups Say Proposals Unworkable

   By Elizabeth Corcoran


   High-technology companies and advocacy groups are writing
   to Vice President Gore and House Speaker Newt Gingrich to
   protest what they contend are unworkable federal proposals
   for controllng the export of data scrambling technology.

   The letters deepen an industry-government rift that began
   only days after federal officials unveiled an outline of
   what they hoped would be a palatable plan at an industry
   meeting in August.

   Two separate coalitions are criticizing the
   administration's draft proposal, which the government
   circulated on the Internet on Monday.

   Current export regulations prohibit companies froan sending
   overseas any encryption, or data-scrambling technology,
   that exceeds a certain degree of sophistication. The
   government argues that it needs to be able to peek at
   messages and files with proper court authorization -- to do
   its job of protecting U.S. citizens from terrorist groups
   and other malevolent organizations.

   In July, some French students demonstrated they could
   readily break the type of encryption technology that the
   U.S. government lets companies export. In August, the
   administration said it would let companies include more
   complex types of encryption, provided they pledged to
   entrust to an authorized agent a "spare key," or the means
   for unscrambling the information.

   Unlike early proposals in which the government said it
   would hold such keys, the administration is suggesting that
   companies and individuals would be able to select private
   keyholders, much the way people pick their banks.

   But after a brief honeymoon, industry and civil liberties
   groups began to find flaws with the details in the new
   proposals. This week's letters indicate that whatever
   fragile compromise the government had hoped it had found
   has grown even weaker.

   One coalition, pulled together by the Washington advocacy
   group Center for Democracy and Technology, includes about
   three dozen high-tech companies and associations. The group
   has promised to draft an alternative plan within six
   months.

   "There is a very serious message here: that national
   security can't be controlling the Internet," said Jerry
   Berman, executive director of the center. "There are other
   issues, global competitiveness and privacy, that need to be
   placed in the balance -- and the administration's policy
   doesn't do that."

   A second coalition of about 10 free-market and libertarian
   groups, led by another policy group, Americans for Tax
   Reform, plans to send their letter to Gingrich in the next
   day or two. The group contends the administration's
   encryption proposals are an encroachment on citizens' civil
   rights.

   The administration's proposals would not restrict tbe
   encryption technologies that people use within U.S.
   boundaries. But it would require that if they
   electronically send an encrypted message to parties outside
   the United States, a spare key must be stored with an
   authorized agency.

   "Even though we recognize [the administration] has worked
   hard on its proposals, it's not the right direction," said
   Rebecca Gould, director of policy at the Business Software
   Alliance, a trade association of software firms.

   "We've been in this [debate] since July 1994," she added,
   a long time for companies that churn out a new version of
   most products every 18 months. "That means lost sales for
   us and a loss of U.S. industry sales abroad."

   [End]

----------

Both slipped by gummed eyes, thx gnu.









Thread