16 March 1998
Source: Links at Americans For Computer
Privacy
WASHINGTON, D.C. -- U.S. Senator Barbara Boxer (D-CA) joined Americans for Computer Privacy and a delegation of bipartisan lawmakers at a news conference today to oppose U.S. export limits on encryption technology.
The following is Senator Boxer’s statement.
“Since the high-tech revolution, Americans have learned that privacy protection is of the utmost importance. Encryption technology is a key component in protecting our privacy - it is the lock on the door that guarantees not only our privacy, but often our safety as well.
“Encryption technology is also essential for Internet commerce. Companies conducting business online also need to know that their customers’ sensitive information is safe from prying eyes.
“Restricting the export of sophisticated encryption technology will do little to stem global terrorism, as our government claims, because the truth is that encryption software is widely available from other countries now. But restrictions will hurt American software manufacturers. American software manufacturers developed this technology and many of these companies are located in my home state of California.
“Every day that we keep export restrictions in place, we lose jobs and market share. We stand to lose thousands of jobs and billions of dollars. We simply cannot afford that.”
Wednesday, March 4, 1998
WASHINGTON, D.C. -- Montana Senator Conrad Burns today pushed for Senate
passage of legislation to loosen export restrictions on encryption software
and prohibit federally mandated key escrow programs for private individuals
and businesses. He made his remarks at a press conference held by Americans
for Computer Privacy (ACP), a pro-encryption organization.
Burns introduced legislation last year, the Pro-CODE bill, which would have
removed export barriers to some high-end encryption software, which can be
used to ensure the privacy of financial transactions or communication over
the Internet. The bill also would have barred the federal government from
demanding that a "key" to any encrypted software be available to government
agencies.
Burns said that encryption legislation will allow Montana businesses to compete
throughout the nation and world on an even footing with other businesses.
"With the passage of encryption legislation, there will be no barriers for
Montana businesses to compete. Internet transactions can play a major role
in our economic development as a state, provided businessmen and women feel
their transactions are safe from prying eyes and sticky fingers.
"If we don't pass encryption legislation, we're going to be costing our nation
jobs and revenue," Burns said. "That, along with personal privacy issues,
makes this legislation vital. I'm glad to have ACP on our side on this issue,
and I welcome their help."
Majority Leader Trent Lott (R-Miss.), who was a cosponsor of the Pro-CODE
bill, has indicated that encryption legislation will come to the floor of
the Senate in the summer or early fall of 1998.
Burns is chairman of the Senate Communications Subcommittee, which oversees
some Internet issues. # # #
DATE: March 4, 1998
Congressman Bob Goodlatte (R-VA6) applauded the Americans for Computer Privacy at a news conference today. Goodlatte joined Americans for Computer Privacy in announcing a new coalition that brings together the computer industry, business, the health care industry, privacy advocacy organizations and legislators to ensure that the privacy rights of all Americans are protected as we enter the Information Age.
"We must protect our First and Fourth Amendment rights in the Information Age, which is why Congress must pass H.R. 695, the SAFE Act. Additionally, we are in danger of losing billions of dollars and hundreds of thousands of high-skilled jobs if the Administration's restrictive encryption export policies are not changed. The members of Americans for Computer Privacy are committed to preventing crime, promoting commerce, and protecting the personal privacy of all Americans, and I applaud them for their efforts," said Goodlatte.
###
LOFGREN FIGHTING TO PRESERVE PRIVACY
PRESS CONFERENCE KICKS-OFF CAMPAIGN AGAINST ENCRYPTION CONTROLS
WASHINGTON, D.C. -- Congresswoman Zoe Lofgren (D-Ca.) is proud to join the Americans for Computer Privacy (ACP) coalition in the fight against controls on encryption.
Dubbed "the leader of the pack" of lawmakers receptive to high-technology issues by the online publication CNET NEWS.COM, Congresswoman Lofgren helped launch the broad-based coalition at a news conference on March 4.
ACP is working to ensure what Congresswoman Lofgren has
been fighting for since early 1996: preserving the privacy of
confidential files and communications in the Information Age,
while supporting the sale of strong U.S. encryption products to
customers around the world.
The coalition brings together companies and associations
representing financial services, manufacturing, health care,
high-tech, and transportation, as well as both liberal and
conservative organizations.
"I am very concerned about the impact current encryption
policy has on the privacy rights and civil liberties of American
citizens and others," Congresswoman Lofgren said. "Encryption is
the best way to protect information communicated over the
Internet and to maintain the security of public networks. The
coalition and I have joined forces to preserve that privacy.
"In addition, current encryption policy is hampering the
ability of many of our technology industries to compete
internationally through sale of parts, placing their continued
success at serious risk.
"These technologies are important to the economic and
strategic interests of the United States: We must maintain our
competitiveness. Since strong encryption is widely available
worldwide, efforts to control its spread through export controls
will ultimately prove fruitless, benefiting no one but America's
competitors."
Congresswoman Lofgren is the lead cosponsor of Congressman
Bob Goodlatte's (R-Va.) Security and Freedom Through Encryption
(SAFE) Act, H.R. 695, which will put U.S. encryption policy on a
sensible footing.
For Immediate Release
Contact: Michele Heller
Jason Mahler
(202) 225-3072
CONGRESSWOMAN LOFGREN VOCAL ON STRONG ENCRYPTION POLICY
Congresswoman Zoe Lofgren (D-Ca.) has long been a vocal supporter
of a strong encryption policy. The following list of quotes is
just a sampling of what she has to say on this important issue.
"The right to privacy of every American is more seriously
threatened now than at any time in history. If the F.B.I.
has its way, banking, e-mail, medical records, and -- in the
very near future -- what we watch on television will be
monitored surreptitiously by the U.S. government. We are
also seeing electronic commerce on the launching pad. If the
U.S. government shackles it with an unworkable 'key recovery'
scheme that has already been rejected by our European
trading partners, then American companies will be left behind as
commerce moves into cyberspace."
- January 13, 1997
"I understand the government's desire to have access to
electronic files and to monitor electronic communications that
could be encrypted. However, I believe that it is time for our
government to recognize that superior encryption products are
already widely available and being sold by overseas competitors,
and that the current controls only hurt American industry,
without furthering law enforcement and national security goals."
- March 20, 1997
"Encryption will be needed to a greater and greater extent
by more and more people and businesses. 'Key recovery' is
a useful tool for some people, but for the government to
require access to everyone's communications and transactions
is scary from a civil liberties perspective and technologically,
economically, and logistically infeasible."
- May 21, 1997
"The demand for encryption products will continue to grow,
as more and more businesses and individuals use digital
communications for commerce. If we do not change our encryption
policy, American companies will be left behind. The cost could
be as high as $60 billion a year and 200,000 jobs by 2000."
- July 22, 1997
"Foreign high-tech firms are laughing at the U.S. encryption
policy. And they are laughing all the way to the bank."
- July 22, 1997
"Any government-mandated 'key' scheme is destined to fail.
Foreign companies are producing and exporting encryption
products without such restrictions. In fact, even after the U.S.
extensively lobbied the Organization for Economic Cooperation and
Development (OECD), the member nations refused to accept such a system and
vowed to oppose any further attempt to impose one."
- July 22, 1997
"It is arrogant and ignorant to believe we can hold back
this technology and control an international communications
system."
- July 22, 1997
"The tremendous level of support that Congressman Bob
Goodlatte and I have gathered in the House is really just the
result of presenting the facts to our colleagues. Those who
have taken the time to study this issue are with us.
- July 29, 1997
"Powerful encryption is available worldwide; a mandatory,
global 'key escrow' system will never be adopted, and
the privacy of all Americans will be threatened if we
don't change our current course. The rhetoric of fear is
powerful, but it ignores the facts. International 'drug lords' or
terrorists will not be affected by banning U.S. companies from exporting
strong encryption. Criminals or anyone else can get the software off the
Internet today."
- July 29, 1997
"To help protect people, our law enforcement agencies need
to encourage the production and sale of strong encryption.
They need to work hard pursuing criminals rather than trying
to hold back technology."
- July 29, 1997
"The more scrutiny given to U.S. encryption policy, the less
it holds water. We have to move forward, protecting free speech,
respecting privacy, and securing electronic commerce."
- August 26, 1997
"Support for the SAFE Act increases technical knowledge of
the issue increases. The challenge for the high-tech world is
to make this arcane issue more understandable to laymen
outside of Silicon Valley."
- September 9, 1997
"Besides violating the civil liberties of every American,
putting the 'keys' to electronic files in the hands of the
government will destroy an entire industry. Encryption is needed
to a greater and greater extent as commerce and communications
become increasingly digital. If U.S. companies are forced to
create some 'key' scheme and the government can take those
'keys', people will not buy from our companies. We will look
back in five years and say, 'What happened?' "How did we lose
our edge?' "Why are so many companies moving overseas?' We
are already seeing this happen. If we continue on this road, we
are talking about tens of billions of dollars a year and
hundreds of thousands of American jobs lost by the year
2000."
- September 11, 1997
"I am every concerned about the impact current encryption
policy has on the privacy rights and civil liberties of
American citizens and others. Encryption is the best way to
protect information communicated over the Internet and to
maintain the security of public networks. The Americans for
Computer Privacy coalition and I have joined forces to
preserve that privacy."
- March 4, 1998
"Current encryption policy is hampering the ability of many
of our technology industries to compete internationally
through sale of parts, placing their continued success at
serious risk. These technologies are important to the
economic and strategic interests of the United States: We must
maintain our competitiveness. Since strong encryption is widely
available worldwide, efforts to control its spread through
export controls will ultimately prove fruitless, benefiting
no one but America's competitors."
- March 4, 1998
March 4, 1998
Statement of Congresswoman Zoe Lofgren Regarding
Encryption and H.R. 695, the SAFE Act
Since the release of the ill-conceived "Clipper chip"
proposal in 1993, the Administration has been at odds with the
high-tech community and with much of Congress on how to deal with
encryption technology. H.R. 695, the Security and Freedom
through Encryption (SAFE) Act, would loosen export controls on
encryption products and would enable Americans to communicate
securely and protect the integrity of our public networks. This
important legislation has the support of 250 Members of the
House, the Majority Leader of the Senate, the high-tech industry,
and Americans interested in protecting privacy.
Encryption software utilizes a complex mathematical
algorithm to scramble a message or file so that it is virtually
impossible to read by anyone who does not have a "key" to
unscramble the data. Encryption technology is an important tool
for individuals and businesses to protect their digital
communications and data from unwanted access by hackers, thieves
or industrial spies. Law enforcement and national security
agencies have expressed the fear that if advanced encryption
becomes widely available, they will lose their ability to monitor
communications or read encrypted computer files, even if they
have the legal authority to do so. Because of these concerns,
the Federal government has restricted the export of even
moderately strong encryption unless the government is assured
that it will have ready access to the key through a government-
approved "key recovery" or "key escrow" scheme.
I understand the Administration's apprehension regarding
encryption and I am certainly sympathetic to the difficulties
that investigative and security agencies face in combatting
crime, terrorism, and espionage. However, I am convinced that
current Administration encryption policy, as well as the McCain-
Kerrey bill under consideration in the Senate, raise serious
questions with respect to the security, privacy rights, and civil
liberties of all Americans.
As a practical matter it's obvious that no sophisticated
criminal or terrorist will ever voluntarily participate in any
key recovery or key escrow scheme that will provide access to the
U.S. government; it's foolish to think otherwise. Therefore, for
any mandatory key recovery or escrow scheme to have any chance of
achieving its intended goals, non-conforming encryption software
must be unavailable to the criminal and terrorist, not just to
the honest businessman or government.
However, strong encryption products and knowledge about the
science cryptography do not exist exclusively within the borders
of the United States -- encryption is very widely available
worldwide and on the Internet. Therefore, to succeed our
government must secure complete global participation in an
agreement to require implementation of their envisioned key
recovery-escrow scheme. Presumably, such an agreement would need
to include such nations as Libya, Iran, Vietnam, North Korea, and
China.
The Administration has shown essentially no evidence of
movement toward such a consensus, and some of our most important
trading partners have begun to publicly challenge the wisdom of
our encryption policies. Encryption without backdoors for the
U.S. government will, therefore, be produced by foreign
competitors. We have already seen examples of U.S. encryption
producers establishing ties to companies in Japan, Russia, and
elsewhere to facilitate such arrangements.
Therefore, if the U.S. continues to pursue its current
course, our law enforcement and national security interests will
gain virtually nothing, and our domestic workforce, American
industry, and the U.S. Treasury will suffer unnecessary and
irreparable damage (some estimates have projected losses of
200,000 jobs and $60 billion annually by the year 2000).
Furthermore, our country will also lose our current lead (some
question if we still have it) and the concomitant expertise in
the field of cryptography. If the best cryptographers are
overseas, we as a nation will not only be less productive, but we
will also be less able to deal with strong encryption from a law
enforcement and national security perspective.
Our current encryption policy also has the perverse effect
of making all Americans' digital information and communications
more susceptible to hackers, terrorists, and thieves. In the
name of promoting greater investigative ability for law
enforcement, all Americans have unquestionably been made more
vulnerable to illicit or surreptitious access to our computer
files, our phone conversations, and personal information. The
Speaker of the House is a noteworthy victim of these unfortunate
circumstances.
The days of cracking strong codes are nearly gone.
Unbreakable codes (256-bit key algorithms can generate more
possible solutions than there are particles in the known
universe) are already widely known. Private security experts and
sophisticated hackers have already realized this and are
beginning to develop ways to attack data at vulnerable points
before and after it is encrypted (i.e., on the sender's hard
drive or at a "good-guy" recipient such as a bank). Law
enforcement and national security experts within the government
acquire similar capabilities.
Even more troubling are FBI-sponsored proposals to enact
domestic restrictions on encryption. Disavowed by the White
House and the Commerce Department, these initiatives would enact
potentially dangerous and unconstitutional restrictions on
Americans seeking to protect their digital information. By
requiring all domestic users of encryption to ensure "immediate,
plaintext access" to law enforcement authorities, the proposals
would create a "Big Brother" state, in which all Americans would
have to consent to introducing vulnerabilities into their
security systems. It's really the equivalent of the government
requiring everyone to leaving an extra key to their home
somewhere where the FBI can get it, just in case they someday
need to search their home without the residents knowing it.
Finally, we should also be aware that we may be saved from
the machinations between the Legislative and Executive Branches,
by the Third Branch -- the Judiciary. Cryptography scholars have
challenged the Administration's attempts to regulate encryption
as unconstitutional restraints on their First Amendment rights,
and a Federal District court has ruled in their favor. An
Appeals Court decision is pending.
I am hopeful that the current impasse on this important
issue will soon be resolved, by enactment of the SAFE bill, a
change in the Administration's policy, or a successful court
challenge. Along with Congressman Goodlatte and other SAFE
supporters, I intend to work toward bringing the SAFE bill to the
House Floor and securing passage this year.
(Washington, D.C.) -- March 3, 1998 Representative Rick White (R-First Dist.) will join a broad coalition dedicated to ensuring that encryption remains available to secure privacy and promote electronic commerce. Americans for Computer Privacy will begin its campaign with a kick-off on Wednesday, March 4.
"Encryption is a vital tool for the information age," White said. "When computers are so much a part of our daily lives, we need to have confidence in their security. To protect our private papers and allow us to transact commerce on the Internet, we need strong encryption tools. American companies should be able to sell strong encryption products to customers around the world, and American citizens should be able to use encryption to protect their privacy."
The House is expected to act on encryption policy this spring. White and Representative Bob Goodlatte have circulated a letter to the House leadership stating that the signers will not support encryption legislation that (1) fails to significantly ease current export restrictions, (2) imposes domestic controls on encryption products, or (3) allows additional government access to the private information of American citizens without their knowledge.
White introduced the amendment that became the Commerce Committee version of H.R. 695, the Security and Freedom through Encryption Act. The Commerce bill (1) allows any person to use encryption for lawful purposes, while increasing the penalties for using encryption in the commission of a felony (10 years for the first offense, 20 years for the second), (2) creates a National Electronic Technologies center in the Department of Justice to provide a flexible approach for all levels of law enforcement to meet their codebreaking needs, and (3) requires a six month study on the use of a mandatory key recovery system for encryption exports to evaluate whether such a system would be feasible or effective.