http://www.nytimes.com/library/tech/99/03/cyber/articles/12encrypt.html
March 12, 1999
Panel Passes Bill to Halt Limits on Encryption
By JERI CLAUSING
A bill to eliminate the Clinton Administration's limits on exporting
encryption software won its first round of approval on Thursday,
unanimously passing a House subcommittee with little debate and no
changes.
The easy vote by the Judiciary Committee's Subcommittee on Courts and
Intellectual Property was not a surprise, and is likely most significant
in that it signals the return of a yearslong battle over encryption
technology back to the halls of Congress.
At issue is the software used to scramble data to keep computer
communications like e-mail, credit card numbers and business records
private as they move around the Internet. Although there are no federal
controls on the strength of encryption that can be used domestically, the
Clinton Administration restricts the export of strong encryption software
overseas.
That policy, which is based on the assumption that wide access to stronger
encryption could put a valuable concealment tool in the hands of domestic
and international criminals, has been driven largely by Louis J. Freeh,
the director of the Federal Bureau of Investigation. He wants to tie any
easing of export controls to mandates for the creation of a so-called
key-recovery system, which would ensure law enforcers access to the codes,
or keys, needed to unscramble suspect communications.
Those who want the export controls dropped, however, say the present
policy hurts American software developers because it forces people in
other countries to buy the encryption technology -- which is widely
available on the Internet -- from foreign competitors.
The bill, the Security and Freedom through Encryption (SAFE) Act, would
eliminate the export controls now in place and prohibit the government
from mandating the use of any such key-recovery systems, which supporters
argue would jeopardize the privacy of average computer users. They compare
it to requiring a person to keep a copy of his house key on file at the
local police station.
The bill was sponsored by Representatives Bob Goodlatte and Zoe Lofgren;
210 representatives -- including a majority of the subcommittee members --
have signed on as co-sponsors. Anticipating Thursday's vote by the
subcommittee, one of the bill's chief opponents on Wednesday sent his
House colleagues a letter accusing the software and high-tech industry of
hypocrisy.
Representative Michael G. Oxley, an Ohio Republican and former FBI agent
who supports Freeh's position, sent a letter with copies of recent
articles about features in products made by Intel and Microsoft that
enable companies to track the movements of people using the products.
"Computer industry supporters of the so-called Security and Freedom
through Encryption Act employ the rhetoric of civil libertarians, citing
their desire to protect the privacy of their customers as the rationale
for their opposition to encryption export controls and other national
security and law enforcement safeguards," Oxley wrote.
"How ironic it is, then, to find the papers filled in recent weeks with
headlines such as the ones appearing below. It seems that two industry
giants have developed the means to secretly trace the authorship of
documents and collect detailed information on the Internet habits of their
customers," the letter continued.
"Despite the high-sounding rhetoric, it would appear that industry
opposition to including meaningful safeguards in legislation relaxing
export controls is motivated mostly by a desire to not to be
inconvenienced by the law enforcement and national security requirements
of the United States government. Please bear this in mind as Congress
works to update encryption policy in a dangerous world."
The SAFE Act now moves to the full Judiciary Committee, which is also
expected to approve the bill. But before it can be considered for a full
House vote, it will likely be detoured to a number of other committees,
including the House Select Committee on Intelligence, which in 1997
changed a similar version of the SAFE Act to require a third-party
key-recovery system.
Still, supporters of the bill are optimistic their chances of passage have
improved in this new session of Congress, largely because of a change in
leadership of a key committee -- the powerful Rules Committee, which
determines what bills move to the floor.
The retired Rules Committee chairman, Gerald Solomon of New York, was the
main obstacle to the House bill in the last Congress, siding with law
enforcement officials who fear unlimited exports will threaten national
security by making encryption more accessible to terrorists and other
criminals. Representative David Dreier of California, a co-sponsor of the
SAFE Act, now heads that panel.,
"Since its introduction last month, the SAFE Act has received enthusiastic
and overwhelming support from a wide-ranging and extremely bipartisan
group of United States Representatives. The reasons for passage of this
legislation this year are becoming more compelling and more urgent then
ever," Robert Holleyman, president of the Business Software Alliance, said
in a statement applauding the vote.
"Today, computer users around the globe are demanding products with strong
encryption features to protect their privacy. And, strong encryption
provides the security and protection necessary for the Internet to thrive,
thus improving the global economy. Dozens of countries around the world
have developed products to meet the global demand for encryption, yet
outdated regulations have not allowed the United States to compete on a
level-playing field. ... The BSA looks forward to working with the
Congress to pass the SAFE Act this year."
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
Received on Sat Mar 13 10:23:02 1999