From: Declan McCullagh <declan@well.com>
Date: Tue, 23 Sep 1997 13:18:05 +0800
To: cypherpunks@toad.com
Subject: Coalition letter opposing Oxley amendment -- from Apple to USWest
Message-ID: <v03007802b04cee228c9c@[204.254.22.189]>
MIME-Version: 1.0
Content-Type: text/plain



This is an encouraging letter, especially given the number and breadth of
firms that signed on. But this section strikes me as telling:

>We urge the Committee to reject the Oxley-Manton amendment and any other
>form of domestic encryption control.

Then the committee should reject even the "original" draft of SAFE, which
has the first-ever domestic encryption control: penalties for the use of
crypto in a crime. When crypto is widespread, //any// "crime" (like posting
"indecent" materials?) will involve crypto. Domestic controls on encryption
are not a reasonable tradeoff for lifting export controls. Don't sell out
my rights to make a quick buck.

(Then of course there's White's "compromise" language floating around that
would double these criminal penalties. And Oxley -- in an effort to split
the coalition -- is circulating draft language that might exempt some forms
of mundane crypto-devices from his crypto-ban. Who knows? Maybe some
Congressmen would vote for Oxley II in hopes of staving off Oxley I. But
all these "compromises" are dangerous.)

Advice to undersigned firms: Tell your lobbyists to block //all//
encryption legislation that might come out of Congress. Then fire them.
Spend the millions of dollars on R&D. Get crypto in the hands of the
grandmothers of America. Or if you're not going to fire your lobbyists, at
least order them not to try and push a bill through. I know it's difficult;
that's all they know how to do. But, you see, not only is such a plan
doomed to fail, it likely will backfire and threaten all of our freedoms in
the process.

-Declan

======================

September 22, 1997

The Hon. Thomas J. Bliley, Jr.
Chairman
House Commerce Committee
2125 Rayburn House Office Building
Washington, D.C.  20515

Dear Chairman Bliley:

We are writing to express our strong opposition to the Oxley-Manton
amendment to HR 695, the Security and Freedom through Encryption Act
(SAFE), which the Commerce Committee will consider this week, and to any
form of government domestic controls on encryption.

The Oxley-Manton amendment would impose unprecedented restrictions on the
domestic manufacture and availability of encryption, thus potentially
compromising the security of the nation's telephone system and the Internet
alike.  The amendment would:

* prohibit the domestic manufacture, sale and importation of any encryption
  product or service unless the government is given immediate access to the
  plaintext of communications and stored files without the knowledge of the
  user;

* prohibit network service providers, including telephone companies and
  Internet service providers, from offering encryption products or services
  unless communications can be immediately read without the knowledge of the
  user; and

* give the Attorney General unprecedented, broad new powers to establish
  standards for encryption products and services.

Encryption technologies are the vital tools consumers and businesses need
to operate with security and privacy in the information age, and are a
cornerstone of electronic commerce.  Government domestic controls on
encryption are incompatible with the consumer, corporate, and national
security benefits of the national information infrastructure.  Numerous
communications products and services are now under development that
incorporate encryption as an essential feature.   Oxley-Manton will stifle
these new products and services, end the deployment of market-driven key
recovery systems,  and undermine the potential of the new communications
media for electronic commerce and the promotion of democratic values.

* Strong encryption will not only ensure privacy but also help prevent crime
  on the network.  However, by mandating trap doors in all domestic encryption
  products and communications networks, the Oxley-Manton amendment will make
  the personal records and communications of individuals and businesses more
  vulnerable to hackers, terrorists, industrial spies and other criminals.  Put
  at risk will be medical records, tax returns, private email, business
  proprietary information and transactions, attorney-client communications,
  and cellular phone conversations.

* Oxley-Manton's broad requirement for "immediate access" to decryption keys
  without knowledge of the user would force Americans to forfeit their
  constitutional right of privacy as a condition of participating in the
  information age.

* Oxley-Manton invites disastrous industrial policy.  It is industrial policy
  with criminal sanctions attached.  The amendment authorizes the Attorney
  General to promulgate technical requirements for all encryption products
  and gives the Department of Justice prior approval authority over all
  encryption systems for computers and telecommunications.  This will stifle
  innovation. It will drive encryption expertise out of this country.  The
  market should be allowed to develop its own solutions, many of which in fact
  will meet law enforcement's needs within our existing system of legal
  authorities and safeguards.

* Oxley-Manton will be ineffective in keeping strong encryption out of the
  hands of criminals.  Criminals and terrorist groups will not use a system
  that gives the government access to their decryption keys.  In fact, the
  FBI has admitted in Congressional testimony that criminals will always
  have access to strong unbreakable encryption.

We urge the Committee to reject the Oxley-Manton amendment and any other
form of domestic encryption control.

Sincerely,

ACL Datacom, Inc., California
American Electronics Association
American Automobile Manufacturers Association
Americans for Tax Reform
America Online, Inc.
Ameritech
ANS Communications, Inc., New York
Apple Computer, Inc.
Ashton Communications Corp., California and Texas
Bell Atlantic
Bell South
Bowles Farming Co., Inc.
Business Software Alliance
Center for Democracy and Technology
Commercial Internet eXchange Association
CommerceNet
Compaq Computer Corp.
CompuServe, Inc.
Computer & Communications Industry Association
Computer Software Industry Association
Consumer Electronic Manufacturers Association
Counsel Connect
Crest Industries, Inc.
DataXchange Network, Inc.
Direct Marketing Association
Electronic Data Systems, Corp.
Electronic Frontier Foundation
Electronic Messaging Association
Epoch Internet
Fiber Network Solutions, Inc., Columbus, Ohio
Genuity Inc., a Bechtel company
IBM Corp.
Information Technology Association of America
Information Technology Industry Council (ITI)
Institute of Electrical and Electronics Engineers - US Activities
International Communications Association
Intuit Inc.
Internet Providers Association of Iowa
Microsoft
National Association of Manufacturers
NETCOM On-Line Communication Services, Inc.
NetINS, Inc., Iowa
Novell
Online Banking Association
National Association of Manufacturers
National Retail Federation
Netscape Communications Corp.
Phoenix Media/Communications Group
Pro-Trade Group
PGP, Inc.
RSA Data Security, Inc.
SBC Communications Inc.
Securities Industry Association
Silicon Valley Software Industry Coalition
Software Forum
Software Publishers Association
Sun Microsystems, Inc.
TheOnRamp Group, Inc., Ohio
Trusted Information Systems
United States Council for International Business
United States Internet Council
United States Telephone Association
U.S. Chamber of Commerce
US West
Voters Telecommunications Watch