From: jya@pipeline.com (John Young)
Date: Sat, 5 Oct 1996 01:40:44 +0800
To: cypherpunks@toad.com
Subject: NYT Nix GAK
Message-ID: <199610041312.NAA20299@pipe2.ny3.usa.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The New York Times, October 4, 1996, p. A32. 
 
 
   A Flawed Encryption Policy [Editorial] 
 
 
   The new White House proposal to keep high-powered 
   encryption software out of the hands of foreign terrorists 
   and criminals is needlessly restrictive and probably 
   unworkable. Though the new plan is better than previous 
   Administration proposals, it risks doing more harm than 
   good. 
 
   The Administration is rightly worried that foreign 
   terrorists or criminals will get hold of encryption 
   software that will make it impossible for the Government to 
   eavesdrop on their telephone and computer messages. The 
   technology is legal in this country, but the Administration 
   wants to keep the powerful new software out of foreign 
   hands. 
 
   However, the Administration downplays the fact that 
   encryption is also a good way for honest citizens to 
   prevent crime. At a time when banks and other private 
   companies send vast amounts of confidential information 
   over the electronic highway, it would seem sensible to make 
   high-quality encryption widely available so that the 
   private sector can protect itself from criminal or 
   malicious eavesdropping. For that reason, the Government 
   ought to promote wide-scale dissemination of encryption, 
   both here and abroad. 
 
   Trying to block dissemination is probably useless and 
   almost certainly harmful to American exports. Powerful 
   encryption systems made by foreign companies are already 
   available in Europe and Asia, and American exporters will 
   need to sell state-of-the-art software to keep competitive. 
 
   The Clinton Administration previously proposed that the 
   computer industry adopt a single type of encryption, known 
   as key-escrow, which would scramble messages with 
   mathematical passwords. Under the plan, private companies 
   and individuals would turn over these passwords to the 
   Government, which, with court authorization, could use them 
   to unscramble the phone and computer traffic. The purpose 
   of key-escrow, then, would be to preserve the Government's 
   existing ability to tap phone calls. 
 
   But that Clinton plan was firmly rejected by industry and 
   privacy-rights advocates who feared that a government that 
   held passwords would abuse First Amendment prohibitions 
   against listening in on private communications. The latest 
   White House plan addresses many of these concerns. It would 
   impose restrictions only on the software that exporters 
   sell abroad. Privacy advocates have less to fear from the 
   latest plan because it would allow individuals to deposit 
   their passwords with private organizations, rather than the 
   Government. 
 
   Yet the Administration has not explained why foreigners 
   would buy American software that would allow the F.B.I. to 
   eavesdrop when they could buy equally powerful software 
   from non-American manufacturers that omits any such trap 
   door. Critics assume that foreign governments -- few of 
   which pay attention to American constitutional protections 
   against invasion of privacy -- would demand access to 
   passwords, making such software unattractive for anyone to 
   use. 
 
   There is room to improve the plan. A panel of the National 
   Research Council recently concluded that there is no good 
   reason to restrict exports of currently available 
   encryption because foreigners already have access to 
   equally powerful software. There is time to work out 
   restrictions, in cooperation with the industry and privacy 
   advocates, for the next generation of encryption software. 
   In the meantime the Administration might push forward on 
   the panel's other sensible recommendations -- such as 
   developing better encryption expertise within the F.B.I. 
   and helping the private sector develop the encryption 
   software it needs to stop illegal eavesdropping. 
 
   [End] 
 
   The National Research Council report is available at: 
 
   http://pwp.usa.pipeline.com/~jya/nrcindex.htm