Forwarded From: Sunit Nangia <sunitat_private> Senator introduces Net security laws By Courtney Macavinta Staff Writer, CNET News.com January 29, 1999, 11 a.m. PT URL: http://www.news.com/News/Item/0,4,31676,00.html WASHINGTON--Taking a break from the impeachment trial, Sen. Conrad Burns today promised to safeguard Net surfers' privacy through his "digital dozen" legislation package. Burns, a Montana Republican who chairs the Senate Commerce Telecommunication Subcommittee, said he will reintroduce the Promotion of Commerce Online in the Digital Era Act (Pro-Code) to allow U.S. firms to sell products overseas with stronger encryption than is permitted under current laws. Also on the agenda are bills to protect online users' personal information and computerized records, to promote the use of digital signatures, and to curb unsolicited bulk email. He plans to post drafts of the privacy and encryption bill as early as Monday. "We're living in an age where security is everything," Burns said during a press conference. Burns has tried to pass Pro-Code twice before, but his efforts were stymied by national security agencies. The FBI, for example, argues strong crypto will give crafty criminals an upper hand when they use it to scramble their digital communications. Law enforcement agencies long have fought to force manufacturers to create "spare keys" that would be able to crack encrypted material under investigation. Privacy advocates and crypto makers, however, maintain that such a requirement would stifle both business concerns and security efforts. Burns's bill, which also would prohibit so-called key recovery and cut down on the red tape involved in exporting data-scrambling technology, likely will face opposition, and will not mirror a popular compromise introduced last year. The E-Privacy Act would have lifted some export regulations, but it also would have carved out some concessions for law enforcement agencies, by making it a felony to use encryption to "conceal incriminating communications or information about a crime." The senator said he decided to go with Pro-Code because the administration already has been whittling away at its crypto policy. Also figuring in his decision is the fact that national security agencies already have been given the green light to set up a center that would bring together encryption makers and nationwide investigators who need assistance with decrypting messages in order to apprehend suspected criminals. "We've seen some movement in law enforcement with regard to encryption," Burns said today. "[The newly proposed legislation] will be more of a reflection of the original Pro-Code." Added Mike Rawson, Burns's policy adviser for communications: "[The senator] feels that there has been a lot of momentum and movement from the administration. In that climate, he wants to come forward with a bill that creates a level playing field." Still, the last version of the Pro-Code contained a controversial provision that would have created an "information security board" made up of representatives from federal agencies involved in developing information security policies and export controls on encryption. The board's meetings would have been closed to the public, an idea that raised the hackles of privacy watchdogs. During the past year, the White House essentially has settled on a piecemeal plan for cutting the red tape e-commerce companies and financial institutions face in terms of crypto exports. The administration has done little, however, to lift the controls on products designed for personal use, such as those that help secure email messages or other computer files. The U.S. crypto export standard has in fact been cracked on multiple occasions. Privacy advocates nevertheless are relieved to see some high-tech legislation emerge in the midst of President Clinton's historic Senate impeachment trial. "There's obviously been efforts on the part of the administration to diffuse legislative efforts to liberalize encryption policy," said David Sobel, general counsel for the Electronic Privacy Information Center. "So I'm glad to see that he remains committed to making encryption a high priority." The digital dozen also tackles: * Government records--By April, Burns will introduce legislation to get the Congressional Research Service online. The service's reports detail the inner workings of the legislative process, such as draft bills, rather than just the end results. * Digital signatures--Legislation to legitimize electronic IDs and digital contracts will be introduced next month. * Spam--Mimicking past legislation, Senator Burns will work on requiring senders of unsolicited bulk email to accurately identify themselves and to remove people from their lists upon request. * E-rate--Taking on the federal school and library Net access subsidy, known as the e-rate, Burns wants the program to be paid through an existing 3 percent excise tax paid by telephone users--not through new consumer long-distance fees, which is primarily how the program is being funded now. * Bandwidth--Burns said he wants to see high-speed Net access become more widely available in rural areas, rather than just in urban cores. He said he will put pressure on the Federal Communications Commission to accelerate this process. -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:17:47 PDT