From: tcmay@got.net (Tim May)
To: cypherpunks@toad.com
Message Hash: f106a55cbe76a57c4a01d4440b8396a36c76c6e5ccf0474a45a2a4f1279da731
Message ID: <199603300202.SAA18349@you.got.net>
Reply To: N/A
UTC Datetime: 1996-03-30 07:04:15 UTC
Raw Date: Sat, 30 Mar 1996 15:04:15 +0800
From: tcmay@got.net (Tim May)
Date: Sat, 30 Mar 1996 15:04:15 +0800
To: cypherpunks@toad.com
Subject: Electronic locksmiths are watching you (Belgium's ban on PGP)
Message-ID: <199603300202.SAA18349@you.got.net>
MIME-Version: 1.0
Content-Type: text/plain
This seems like an interesting glimpse into the future of crypto banning
around the world. France's ban on unapproved crypto has been
well-publicized, but I hadn't heard until this message that Belgium has
joined in.
The reference to Belgium's wiretap law and "But little-known sections of
the law state that all cryptograhic systems aimed at protecting privacy
must not block these wiretaps" suggests that we ought to look _very_
closely at our own Wiretap Act (aka Digital Telephony) for similar
language.
(Many of us thought at the time DT was being debated--both weeks of the
public debate--and then when it was passed that things would get real
interesting when the "central office wiretappability" vanished with
end-to-end encryption. Louis Freeh even said as much, that the issue of
end-to-end encryption would have to be addressed once the Digital
Telephony Act was passed.)
With Internet phone systems (various) and easy integration of PGP, a la
PGPhone, even the Little Italy businessmen may start to use encryption.
Likewise, there are currently no laws (that I am aware of) forbidding
encrypted telephones--indeed, the Clipper phones were just this, and they
were available for general purchase. Granted, the gubment knew the
algorithm and there _may_ (emphasis on the "may") have been backdoors
allowing easy wiretapping. But there was no key escrow per se.
So, when the $500 M to make digital switches "compliant" with DT is spent
(and bear in mind it hasn't been allocated yet by Congress, to the best of
my knowledge), and yet some future John Gotti is untappable because he's
using Eric Blossom's crypto phone, what then?
Anyway, here's the item about Belgium's law:
> From: Jerome Thorel <thorel@imaginet.fr>
> Newsgroups: talk.politics.crypto,alt.privacy,alt.security.pgp
> Subject: Electronic locksmiths are watching you (Belgium's ban on PGP)
> Date: 26 Mar 1996 00:08:44 GMT
...
>
> Some hot news about Belgium:
>
> After reports in two Belgian newspapers (De Standaart and Le Soir), it
> turns out that Belgium had passed a law in late 1994 that formerly bans
> "non approved" encryption systems. This means that France is not alone
> to block domestic use and distribution of strong encryption systems,
> since a December 1990 law which came into effect in France in early
> 1993.
>
> In its March 13 edition, French-speaking newspaper Le Soir ran a whole
> page survey about the fact that a 21 December, 1994 law oblige the
> telecom state-own company Belgacom to make any wiretap possible for law
> enforcement purposes. But little-known sections of the law state that
> all cryptograhic systems aimed at protecting privacy must not block
> these wiretaps. Crypto systems have to be "agreed" by the government's
> Institut Belge des postes et telecommunications (IBPT). The author of Le
> Soir's article, Alain Guillaume, speculates that this "agreement" means
> that encryption keys must be kept by IBPT.
>
> "The idea is neither new nor surprising," Guillaume writes. "To stop
> criminals from hiding. (...) But does anyone believe that mafia gangs,
> crooks or terrorists will let their keys to IBPT's hands?"
>
> =+= France enthrone key escrow =+=
>
> At the same time, France is keen to give up his isolationist position.
> French telecom Minister François Fillon has prepared a kind of Telco Act
> "à la francaise" -- new regulations to prepare the end of France Telecom
> monopoly in 1998 -- in which encryption would be freed to allow the
> emergence of "efficient electronic commerce". Under the new rules,
> special "authorization" will no more be needed to use PGP-like tools,
> but every user would be obliged to let their keys in custody in
> so-called "trusted third parties" (TTPs) agencies, a kind of "electronic
> locksmith", or notary, alternative. The option smells quite the same as
> Sen. Leahy bill (Encrypted Communications Privacy Act of 1996, archived
> at http://www.epic.org/crypto/legislation/s1587.html), in which escrow
> agents would hold keys to help the police, with a court order, to
> intercept communications.
>
> In France no one knows who will play the role of "key escrow agent", but
> sources said it may be some independent agencies. Independent? The
> governement will anyway have to approve them, and Mr Fillon said France
> will enthrone its first TTP "before the end of this year".
>
> This bulletin and the British weekly Nature discovered last November
> that a group of 18 European nations were soon to adopt this alternative
> (http://www.freenix.fr/netizen/chiffre /nature-eurottp.html). The UK and
> Germany have declared themselves ready for such an alternative (see
> lambda bulletin 1.06). Belgium, with its new iron bullet, would be keen
> to follow.
> ------------------------------
> Jerome Thorel. Free-lance reporter, Paris
> netizen's lambda bulletin (issue 2.05)
> http://www.freenix.fr/netizen/
Return to March 1996
Return to “tcmay@got.net (Tim May)”
1996-03-30 (Sat, 30 Mar 1996 15:04:15 +0800) - Electronic locksmiths are watching you (Belgium’s ban on PGP) - tcmay@got.net (Tim May)