From: Bob Palacios <editor@cdt.org>
Date: Mon, 21 Oct 1996 23:10:35 -0700 (PDT)
To: cypherpunks@toad.com
Subject: CDT Policy Post 2.36 - Congress Promises Action on Encryption Next Year
Message-ID: <326C6578.3317@cdt.org>
MIME-Version: 1.0
Content-Type: text/plain


-----------------------------------------------------------------------------
    _____ _____ _______
   / ____|  __ \__   __|   ____        ___               ____             __
  | |    | |  | | | |     / __ \____  / (_)______  __   / __ \____  _____/ /_
  | |    | |  | | | |    / /_/ / __ \/ / / ___/ / / /  / /_/ / __ \/ ___/ __/
  | |____| |__| | | |   / ____/ /_/ / / / /__/ /_/ /  / ____/ /_/ (__  ) /_
   \_____|_____/  |_|  /_/    \____/_/_/\___/\__, /  /_/    \____/____/\__/
   The Center for Democracy and Technology  /____/     Volume 2, Number 36
----------------------------------------------------------------------------
      A briefing on public policy issues affecting civil liberties online
----------------------------------------------------------------------------
 CDT POLICY POST Volume 2, Number 36                      October 22, 1996

 CONTENTS: (1) Crypto Wrap-Up
           (2) Senator Burns' Sends Open Letter to Net Community
           (3) Bi-Partisan Group of 20 Members of Congress Raise Questions
               about Administration's Latest Encryption Initiative
           (4) How to Subscribe/Unsubscribe
           (5) About CDT, contacting us

  ** This document may be redistributed freely with this banner intact **
        Excerpts may be re-posted with permission of <editor@cdt.org>
         ** This document looks best when viewed in COURIER font **
-----------------------------------------------------------------------------

(1) END OF SESSION WRAP-UP OF CRYPTO POLICY REFORM EFFORTS

In two letters released this week, Members of Congress have promised to
renew their efforts to reform US encryption policy when Congress returns in
January. An open letter to the Internet Community from Senator Conrad Burns
(R-MT), along with a letter from 20 Republican and Democratic members of
both the House and Senate sent to Commerce Secretary Mickey Kantor on
October 15, are attached below.

The letters cap off an active year in which the Internet community made
real progress towards reforming US encryption policy to promote privacy and
security on the Internet. While the Administration continues to promote key
escrow and export controls, a growing segment of Congress has recognized
the importance of encryption policy reform to the viability of the Internet
and the future of privacy in the information age.  This growing bi-partisan
support, along with an increasingly mobilized Net community, has resulted
in several significant accomplishments:

* Three bills designed to promote privacy and security on the Internet
  were introduced in the House and Senate:

  - The Burns/Leahy "Encrypted Communications Privacy Act" (S. 1587)
  - The Goodlatte/Eshoo "Security and Freedom through Encryption (SAFE)
    Act" (HR 3011), and
  - The Burns/Leahy/Pressler "Promotion of Commerce Online in the
    Digital Era (Pro-CODE) Act" (S. 1726).

  The bills, which would have relaxed export controls on encryption
  technology and prevented the government from imposing "key-escrow"
  schemes domestically, enjoyed broad bi-partisan support.

* Congress held four hearings on encryption reform legislation, and
  heard testimony from privacy advocates, cryptographers, computer
  industry leaders, and others.  These hearings provided a critical
  opportunity for the Internet community to make its case on the need
  for encryption policy reform.

* Through online forums and the first ever cybercasts of Congressional
  encryption hearings, the voice of the Internet user community is
  finally beginning to be heard in Congress, and is helping to educate
  the Congress about the importance of encryption.

* The Adopt your Legislator Campaign (http://www.crypto.com/) is linking
  Netizens with members of Congress to create a dialogue about the
  encryption issue.

* Nearly 9000 Netizens have signed the online petition
  (http://www.crypto.com/petition) in support of encryption policy
  reform.

* Leaders from the computer and communications industry joined with
  members of Congress, public interest organizations from across the
  political specturm, and the Internet community in Stanford California
  on July 1 to raise awareness about the need for encryption policy
  reform.

* Other developments include progress on three ongoing legal challenges to
the encryption export controls, efforts by privacy advocates to impact the
encryption debate in the international encryption policies through the
OECD, and the long awaited National Research Council Report which
criticized current US encryption policy as "failing to meet the needs of an
information age society."

Despite these accomplishments, supporters of encryption policy reform still
have a long way to go. In late October, the Clinton Administration
announced yet another encryption policy initiative relying on export
controls and "key-recovery" systems. As the Administration continues to
push its plans to satisfy law enforcement concerns, the Internet community
must be ready to work hard to protect privacy and security on the Internet.
Fortunately, as a result of our efforts this year, we have strong and
supportive allies in Congress.

When Congress returns in January, expect a renewed effort to enact serious
encryption policy reform legislation.  With your help, we can ensure that
the Internet develops into a secure platform for free expression, commerce,
and privacy.

WHAT YOU CAN DO NOW:

Congress and the Administration are now focused on the elections.  Help
raise the voice of the Internet community and educate our elected officials
about the importance of privacy and security on the Internet.

* ADOPT YOUR LEGISLATOR - Join an innovative online campaign designed to
  help Netizens create an ongoing dialogue with their elected officials
  on critical Internet policy issues like encryption policy reform

  http://www.crypto.com/adopt/adopt.cgi?genre=crypto

* SIGN THE PETITION - Add your name to the online petition and join the
  fight for privacy and security on the Internet.  Nearly 9000 Netizens
  have signed on so far.

  http://www.crypto.com/petition/

-----------------------------------------------------------------------

(2) AN OPEN LETTER TO THE INTERNET COMMUNITY FROM SENATOR BURNS

Senator Conrad Burns (R-MT), who along with Senator Patrick Leahy (D-VT)
led the fight this year for the Pro-CODE bill, asked us to forward the
following letter to the Internet community:

 X-POP3-Rcpt: jseiger@mailserver
 From: Conrad_Burns@burns.senate.gov
 Date: Fri, 18 Oct 96 17:49:32 EST
 To: jseiger@cdt.org
 Subject: To Interested Members of the Internet Community:

     I am writing to thank you for all your help and support of my
     effort this year to pass legislation to enhance privacy and
     security on the Internet.

     As you all know by now, the 104th Congress adjourned before it had
     a chance to act on S. 1726, the Promotion of Commerce Online in the
     Digital  Era Act of 1996.  The bill, which was co-sponsored by
     Senators Leahy (D-VT), Pressler (R-SD), Lott (R-MS), Wyden (D-OR)
     and many other Senators from both parties, would have encouraged
     the widespread availability of strong, easy to use privacy and
     security tools for Internet Users.

     Although the Senate was not able to act on Pro-CODE this year, our
     efforts have laid the groundwork for real reform of US encryption
     policy in the 105th Congress.  And despite significant opposition
     from the administration, Netizens had a significant impact on the
     Congressional debate on the encryption issue.  I am honored to have
     helped to arrange the first ever Cybercasts of Congressional
     hearings, and I enjoyed the many online discussions I had with
     Netizens.  Together, we have helped to show the Congress that the
     Internet user community can and should have a voice in debates over
     critical Internet policy issues.

     Finally, just days before adjournment, the Administration announced
     yet another encryption policy initiative.  The proposal continues
     to insist on key escrow as a condition for lifting encryption
     export controls, and raises numerous questions about privacy and
     competitiveness.

     This debate is not over by any stretch of the imagination.  I
     intend to move forward on pro-encryption legislation soon after the
     105th Congress begins in January.

     You can find out more about this issue by visiting my web site
     (http://www.senate.gov/~burns). You can also visit the Encryption
     Policy Resource Page (http://www.crypto.com/) and the Internet
     Policy Coalition page (http://www.privacy.org/ipc/). Set up by
     experts to provide resources on the encryption policy debate, these
     sites also contain information on how you can get more involved.

     Thanks again for all your support. Next year, with your help, we
     can reach a commonsense solution to the critical policy crisis on
     encryption.

     Sincerely,

     U. S. Senator Conrad Burns

-----------------------------------------------------------------------

(3) BI-PARTISAN GROUP OF 20 MEMBERS OF CONGRESS RAISE QUESTIONS ABOUT
    ADMINISTRATION'S LATEST ENCRYPTION INITIATIVE

Last week, a bi-partisan group of 20 members from both houses of Congress
sent the attached letter to Commerce Secretary Mickey Kantor expressing
their concerns about the Administration's latest encryption policy
initiative (see http://www.cdt.org/crypto for details).

The members, many of whom were co-sponsors of the Burns/Leahy Promotion of
Commerce Online in the Digital Era "Pro-CODE" Act (S. 1726) or the
Goodlatte/Eshoo Security and Freedom through Encryption "SAFE" Act (HR.
3011), called the latest administration effort "flawed" and pledged to
continue to pursue legislation to reform US encryption policy.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                     Congress of the United States
                       Washington, D.C.  20515

October 15, 1996


The Honorable Michael Kantor
Secretary
Department of Commerce
Washington, D.C.  20230

Dear Secretary:

We write to express our serious concerns about the Administration's most
recent policy announcement on export restrictions on encryption technology.

First we agree with the October 4, 1996, New York Times editorial that
characterized the Administration's plan as "needlessly restrictive and
probably unworkable" and (though better than previous Administration
proposal) "risks doing more harm than good."  We recognize that this issue
involves a careful balancing of commercial, consumer, law enforcement and
national security considerations.  However, the well-respected 1996 report
by the National Research Council on this matter emphasized that U.S. law
enforcement and national security would be enhanced -- not weakened -- by
broader use of stronger U.S. encryption technologies both at home and
abroad.  Furthermore, the report stressed that efforts to control
international trade in encryption technologies will only be effective if
implemented on a comprehensive, multilateral basis.

Unfortunately, the Administration's most recent encryption initiative
shortchanges both U.S. business and law enforcement interests.  The
proposal is flawed for four reasons: it fails to recognize that top-down,
government-imposed policies are doomed to defeat: export policies must be
directly linked, or indexed, to advances in technology; export controls
must be fully multilateral in order to be effective; and export control
decisions will be further delayed by granting the FBI new veto authority
over U.S. exports.

We fear these defects will continue to leave U.S. companies at a
disadvantage in the world market, leave users of U.S. encryption uncertain
about the security of their information and leave U.S. law enforcement and
national security agencies behind the cryptography-curve.

Although we were not consulted in the formulation of this policy, we
nevertheless hope that in the coming months you will work with us and
industry, consumer and user groups to refine it further.  In addition to
conducting oversight hearing in the next Congress on the Administration's
proposal, we also want to assure you that we will continue to pursue
legislative solutions toward this end.


Sincerely,

[signed]

Sen. Ron Wyden (D-OR)
Sen. Conrad Burns (R-MT)
Sen. Trent Lott (R-MS)
Sen. Larry Pressler (R-SD)
Sen. Lauch Faircloth (R-NC)
Sen. Barbara Boxer (D-CA)
Sen. Pete Domenici (R-NM)
Sen. John Ashcroft (R-MO)
Sen. Alan Simpson(R-WY)
Sen. Patty Murray (D-WA)
Sen. Don Nickles (R-OK)
Sen. Larry Craig (R-ID)
Sen. Craig Thomas (R-WY)
Sen. Kay Bailey Hutchison (R-TX)
Rep. Zoe Lofgren (D-CA)
Rep. Sonny Bono (R-CA)
Rep. Howard Coble (R-NC)
Rep. Steve Chabot (R-OH)
Rep. Bob Goodlatte (R-VA)
Rep. Bob Barr (R-GA)

------------------------------------------------------------------------

(4) SUBSCRIPTION INFORMATION

Be sure you are up to date on the latest public policy issues affecting
civil liberties online and how they will affect you! Subscribe to the CDT
Policy Post news distribution list.  CDT Policy Posts, the regular news
publication of the Center For Democracy and Technology, are received by
nearly 10,000 Internet users, industry leaders, policy makers and
activists, and have become the leading source for information about
critical free speech and privacy issues affecting the Internet and other
interactive communications media.

To subscribe to CDT's Policy Post list, send mail to

     policy-posts-request@cdt.org

with a subject:

     subscribe policy-posts

If you ever wish to remove yourself from the list, send mail to the
above address with a subject of:

     unsubscribe policy-posts

-----------------------------------------------------------------------

(5) ABOUT THE CENTER FOR DEMOCRACY AND TECHNOLOGY/CONTACTING US

The Center for Democracy and Technology is a non-profit public interest
organization based in Washington, DC. The Center's mission is to develop
and advocate public policies that advance democratic values and
constitutional civil liberties in new computer and communications
technologies.

Contacting us:

General information:  info@cdt.org
World Wide Web:       URL:http://www.cdt.org/
FTP                   URL:ftp://ftp.cdt.org/pub/cdt/

Snail Mail:  The Center for Democracy and Technology
             1634 Eye Street NW * Suite 1100 * Washington, DC 20006
             (v) +1.202.637.9800 * (f) +1.202.637.0968

-----------------------------------------------------------------------
End Policy Post 2.36                                           10/22/96
-----------------------------------------------------------------------