From: Declan McCullagh <declan@well.com>
To: cypherpunks@toad.com
Message Hash: 67a3fcad0b8469a36c25b9932fc9c401a509b415d14527df57e8cc3a7776dfdb
Message ID: <Pine.GSO.3.95.970905192805.15825I-100000@well.com>
Reply To: N/A
UTC Datetime: 1997-09-06 03:02:03 UTC
Raw Date: Sat, 6 Sep 1997 11:02:03 +0800
From: Declan McCullagh <declan@well.com>
Date: Sat, 6 Sep 1997 11:02:03 +0800
To: cypherpunks@toad.com
Subject: Mandatory key escrow bill text, backed by FBI
Message-ID: <Pine.GSO.3.95.970905192805.15825I-100000@well.com>
MIME-Version: 1.0
Content-Type: text/plain
All encryption products distributed in or imported into the U.S. after
January 1, 1999 must have a key escrow backdoor for the government,
according to an FBI-backed proposal circulating on Capitol Hill. The
measure would impose a similar requirement on "public network service
providers" that offer data-scrambling services. FBI Director Louis Freeh
talked about this proposal, without disclosing legislation existed, at a
Senate subcommittee haring on Wednesday.
Domestic use and sale of encryption has never been regulated.
Attached is an excerpt from the draft "Secure Public Networks Act" dated
August 28.
-Declan
-------
SEC. 105. PUBLIC ENCRYPTION PRODUCTS AND SERVICES
(a) As of January 1, 1999, public network service
providers offering encryption products or encryption
services shall ensure that such products or services
enable the immediate decryption of communications or
electronic information encrypted by such products or
services on the public network, upon receipt of a court
order, warrant, or certification, pursuant to section
106, without the knowledge or cooperation of the person
using such encryption products or services.
(b) As of January 1, 1999, it shall be unlawful for any
person to manufacture for sale or distribution within
the U.S., distribute within the U.S., sell within the
U.S., or import into the U.S., any product that can be
used to encrypt communications or electronic
information, unless that product:
(1) includes features, such as key recovery, trusted
third party compatibility or other means, that
(A) permit immediate decryption upon receipt of
decryption information by an authorized party without
the knowledge or cooperation of the person using such
encryption product; and
(B) is either enabled at the time of manufacture,
distribution, sale, or import, or may be enabled by the
purchase or end user; or
(2) can be used only on systems or networks that include
features, such as key recovery, trusted third party
compatibility or other means, that permit immediate
decryption by an authorized party without the knowledge
or cooperation of the person using such encryption
product.
(c) (1) Within 180 days of the enactment of this Act,
the Attorney General shall publish in the Federal
Register functional criteria for complying with the
decryption requirements set forth in this section.
(2) Within 180 days of the enactment of this Act, the
Attorney General shall promulgate procedures by which
data network service providers sand encryption product
manufacturers, sellers, re-sellers, distributors, and
importers may obtain advisory opinions as to whether a
decryption method will meet the requirements of this
section.
(3) Nothing in this Act or any other law shall be
construed as requiring the implementation of any
particular decryption method in order to satisfy the
requirements of paragrpahs (a) or (b) of this section.
-------
MSNBC's Brock Meeks on above FBI proposal & White House support:
http://www.msnbc.com/news/108020.asp
My report on the September 3 "mandatory key escrow" Senate hearing:
http://jya.com/declan6.htm
Transcript of FBI director Louis Freeh's remarks at Sep 3 hearing:
http://jya.com/fbi-gak.txt
Reuters' Aaron Pressman on Commerce Dept backing away from FBI:
http://www.pathfinder.com/net/latest/RB/1997Sep05/248.html
-------
Return to September 1997
Return to “TruthMonger <tm@dev.null>”