1997-04-04 - US Domestic GAK

Header Data

From: Steve <privsoft@ix.netcom.com>
To: cypherpunks@algebra.com
Message Hash: 63b48e811aa5de06e76ecd0e76bea3669cc1d46b54182de110dda54ada11801b
Message ID: <334571A3.3B05@ix.netcom.com>
Reply To: N/A
UTC Datetime: 1997-04-04 21:23:22 UTC
Raw Date: Fri, 4 Apr 1997 13:23:22 -0800 (PST)

Raw message

From: Steve <privsoft@ix.netcom.com>
Date: Fri, 4 Apr 1997 13:23:22 -0800 (PST)
To: cypherpunks@algebra.com
Subject: US Domestic GAK
Message-ID: <334571A3.3B05@ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Has Anyone heard about this?????
sorrin
privsoft@ix.netcom.com

Clinton administration has new encryption proposal

      Network World via Individual Inc. : Washington, D.C.

      For months the Clinton administration has lobbied for its version
      of key escrow that largely focused on encryption export.

      Now in its first formal legislative document, the White House is
      asking that its policy also apply to data encrypted within U.S.
      borders and that law enforcement be given access to that data
      based on a simple request from a law enforcement or government
      security agency.

      The U.S. Attorney General will set up the specific rules for
written
      authorization. Civil liberties groups highly critical of the White
      House plan pointed out that under the basic guidelines it will be
      easier for law enforcement to get encryption keys than to tap
      phones, which requires a warrant or court order.

      The administration does not just face domestic opposition to its
      proposed policy. The international community, represented by the
      29-nation Organization for Economic Cooperation and
      Development (OECD), also has not rallied behind the Clinton
      cause.

      After a year of study and intense lobbying by the U.S. Justice
      Department, the OECD, based in Brussels, Belgium, last week
      released the ``Cryptography Policy Guidelines,'' an eight-point
      document that recognizes nations may want to have access to
      cryptographic keys or un-scrambled plaintext. But the OECD
      guidelines fall far short of recommending key recovery as the
      preferred international approach.

      Some participants in the OECD crypto-policy effort were pleased
      with its outcome, including Marc Rotenberg, director of the
      Electronic Privacy Information Center here.

      ``There's a strong emphasis here on privacy and voluntary market
      guidelines,'' Rotenberg said. The OECD guidelines state that users
      should have a choice in cryptography, that cryptography should
      be driven by business requirements, and that the privacy of
      personal data and the secrecy of communications should be
      respected.

      Congressional cold shoulder So far, no legislators on Capitol Hill
      have embraced the ideas in the administration-drafted legislation,
      the Electronic Data Security Act of 1997, which also calls for
      nationally certified key-recovery centers for storing copies of
      encryption keys.

      ``From our point of view, it's a breathtaking expansion of law
      enforcement's surveillance au-thority,'' said Alan Davidson, staff
      counsel at the Washington, D.C.-based Center for Democracy and
      Technology (CDT) about the draft bill. The CDT has posted the
      bill on its Web site, www.cdt.org.

      Commerce Department Un-der Secretary William Reinsch, whose
      office took the lead in drafting the bill, last week had no
comment.

      The draft bill emphasizes that the key-recovery regulation is
      voluntary in the U.S., but opponents argue otherwise.

      The White House draft defines as the federal standard only digital
      certificates that work with key-recovery encryption products.

      And under the drafted bill, employees working in a
      government-certified key-recovery center would be spared any
      civil or criminal liabilities for disclosing decrypted information
to
 a
      government agency.

      Through the economic in-centives and regulatory impact of the
      Clinton administration bill, ``they plan to severely limit [the
      products] you can choose from,'' according to Jim Bidzos,
      president of RSA Data Security, Inc., whose public-key
      technology is widely deployed in encryption products. ``The
      intent is to discourage the use of strong, unescrowed encryption
      in the U. S.''

      [Copyright 1997, Network World]





Thread