http://www7.mercurycenter.com/columnists/gillmor/docs/dg011699.htm
No choice perfect on encryption
Jan. 17, 1999
BY DAN GILLMOR
Mercury News Technology Columnist
IN a society where compromise is a pillar of government, it feels almost
un-American to admit that some issues defy any middle ground. It feels
even worse when there are only two alternatives, and both offer unpleasant
consequences.
This is the reality of encryption, the scrambling of data to keep it away
from prying eyes. Yet at a time when it's essential to hold an honest
debate about a difficult decision, encryption policy drifts in a Twilight
Zone, where both sides tend to avoid acknowledging some hard truths.
Security in the Digital Age is at the heart of the matter. Both sides are
talking about your security, but their perspectives could hardly be more
divergent.
Law enforcement and national security people say the ubiquitous use of
unbreakable encryption will harm national security. But if this kind of
encryption is prohibited, a direction in which governments are moving, the
security of individuals' most private and sensitive information will be at
risk to criminals and oppressive governments.
Both sides are right.
Experts on encryption and its uses are gathering in San Jose this week for
the annual RSA Data Security Conference. For the most part, speakers and
participants have already come down on the side that makes the most
practical sense, as well as being the only one that maintains personal
liberties: unrestricted use of strong encryption. But making this choice
means understanding the other side.
Strong encryption once was the sole province of the state. Today, low-end
personal computers are powerful enough to scramble data so thoroughly that
all the supercomputers in the world would have to work for billions of
years to decipher a single message.
It's easy to see why that worries police and national security agencies.
Slowly but surely during the next few years, they're going to lose one of
the tools on which they've relied for decades: the ability to tap into the
communications of criminals.
Oh, law enforcement people will still be able to intercept the bits of
information flowing back and forth. But they won't be able to decipher any
of it.
>From law enforcement's perspective, this is an invitation to evil. When
criminals can communicate securely, catching criminals will be more
difficult.
Someday, terrorists will use unbreakable encryption to conceal the
evidence of their plotting. That is certain. But should we give up our
most fundamental liberties to prevent this?
Slowly but surely during the next few years, more and more of our daily
doings will take place in digital form, on computers and online. We will
need a tool that keeps our business dealings, finances, medical records
and other information safe from criminals and those who would wrongly pry
into our personal affairs.
Strong encryption is that tool. Without it, we will be vulnerable to new
kinds of crimes and gross invasions of privacy by malevolent people and
businesses. Without strong encryption, moreover, governments will have
unprecedented power to spy on citizens, to create police states the likes
of which George Orwell could barely have imagined.
The problem for law enforcement is that strong encryption exists. It is
used most widely where it's least visible, such as commerce on the World
Wide Web and in banking transactions. Encryption is used less widely when
it has to be added on. It is easy to obtain, but often difficult to use.
The point is that secure encryption is already out there. Police agencies
know they can't stop this technology outright. But rather than engage in
an honest debate with supporters of encryption, they and their political
allies have resorted to rear-guard actions to slow its adoption, with a
considerable degree of success so far.
The principle at work is that criminals are fundamentally stupid: As long
as we can keep encryption from becoming ubiquitous, criminals will be too
stupid to use it, so we'll be able to catch them.
American companies continue to be frustrated by the Clinton
administration's general refusal to let them export hardware and software
containing strong encryption, unless the product also has a back way in
for law enforcement authorities. There have been some modest exceptions,
but the policy remains pretty much intact even though it's slowly being
liberalized.
It's a foolish policy, not just because smart programmers live in other
countries that don't have these kinds of restrictions on commerce. To
date, American companies have lost some business, and as more people
insist on buying secure products American companies will lose out on more
sales.
It's also a sideshow to the real issue: whether strong encryption will
survive the inevitable challenge by law enforcement people in coming
years. FBI Director Louis Freeh and others in his field have made no
secret of their desire to restrict communications that they can't
intercept and understand. Widely used strong encryption, by their
reckoning, is unacceptable. Although they keep insisting that there are no
plans to move for restrictions, here's an open bet that they'll try sooner
rather than later.
When government officials say they merely want to protect their current
surveillance capabilities, they're telling only part of the truth. They
can't maintain the status quo, because technology has upset the status
quo. Law enforcement can have essentially all or nothing in the Digital
Age -- untrammeled access to everything, with serious risks that criminals
will gain the same kind of access through malevolent hacking, or no access
at all.
I vote for unrestricted encryption, here and abroad, for more than the
merely practical reason that the proverbial genie has long since escaped
the bottle. I support it because I've weighed the risks on both sides.
Risk is part of life. It's intrinsic to our economic system.
Our legal system also acknowledges risk. We grant ourselves civil
liberties because we don't want to live in a dictatorship. We protect the
rights of suspects in criminal cases, because we don't want governments to
have the power to ruin the lives of innocent people. We have a Fifth
Amendment against self-incrimination, for example, because we don't want
the police torturing confessions out of innocent people.
Liberties and rights add risk to our everyday lives. We accept the
trade-off as part of living in a mostly free society.
Someday, we'll have a serious national debate on strong encryption. When
you consider the issue, be honest with yourself. Strong encryption will
increase risks in some areas. It will cut risks elsewhere.
Whichever way we go on this issue that defies compromise, there will be
consequences. That may be unfortunate, but it's real life.
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
Received on Thu Mar 11 17:03:53 1999