http://www.nytimes.com/library/tech/99/03/cyber/articles/12encrypt.html March 12, 1999 Panel Passes Bill to Halt Limits on Encryption By JERI CLAUSING A bill to eliminate the Clinton Administration's limits on exporting encryption software won its first round of approval on Thursday, unanimously passing a House subcommittee with little debate and no changes. The easy vote by the Judiciary Committee's Subcommittee on Courts and Intellectual Property was not a surprise, and is likely most significant in that it signals the return of a yearslong battle over encryption technology back to the halls of Congress. At issue is the software used to scramble data to keep computer communications like e-mail, credit card numbers and business records private as they move around the Internet. Although there are no federal controls on the strength of encryption that can be used domestically, the Clinton Administration restricts the export of strong encryption software overseas. That policy, which is based on the assumption that wide access to stronger encryption could put a valuable concealment tool in the hands of domestic and international criminals, has been driven largely by Louis J. Freeh, the director of the Federal Bureau of Investigation. He wants to tie any easing of export controls to mandates for the creation of a so-called key-recovery system, which would ensure law enforcers access to the codes, or keys, needed to unscramble suspect communications. Those who want the export controls dropped, however, say the present policy hurts American software developers because it forces people in other countries to buy the encryption technology -- which is widely available on the Internet -- from foreign competitors. The bill, the Security and Freedom through Encryption (SAFE) Act, would eliminate the export controls now in place and prohibit the government from mandating the use of any such key-recovery systems, which supporters argue would jeopardize the privacy of average computer users. They compare it to requiring a person to keep a copy of his house key on file at the local police station. The bill was sponsored by Representatives Bob Goodlatte and Zoe Lofgren; 210 representatives -- including a majority of the subcommittee members -- have signed on as co-sponsors. Anticipating Thursday's vote by the subcommittee, one of the bill's chief opponents on Wednesday sent his House colleagues a letter accusing the software and high-tech industry of hypocrisy. Representative Michael G. Oxley, an Ohio Republican and former FBI agent who supports Freeh's position, sent a letter with copies of recent articles about features in products made by Intel and Microsoft that enable companies to track the movements of people using the products. "Computer industry supporters of the so-called Security and Freedom through Encryption Act employ the rhetoric of civil libertarians, citing their desire to protect the privacy of their customers as the rationale for their opposition to encryption export controls and other national security and law enforcement safeguards," Oxley wrote. "How ironic it is, then, to find the papers filled in recent weeks with headlines such as the ones appearing below. It seems that two industry giants have developed the means to secretly trace the authorship of documents and collect detailed information on the Internet habits of their customers," the letter continued. "Despite the high-sounding rhetoric, it would appear that industry opposition to including meaningful safeguards in legislation relaxing export controls is motivated mostly by a desire to not to be inconvenienced by the law enforcement and national security requirements of the United States government. Please bear this in mind as Congress works to update encryption policy in a dangerous world." The SAFE Act now moves to the full Judiciary Committee, which is also expected to approve the bill. But before it can be considered for a full House vote, it will likely be detoured to a number of other committees, including the House Select Committee on Intelligence, which in 1997 changed a similar version of the SAFE Act to require a third-party key-recovery system. Still, supporters of the bill are optimistic their chances of passage have improved in this new session of Congress, largely because of a change in leadership of a key committee -- the powerful Rules Committee, which determines what bills move to the floor. The retired Rules Committee chairman, Gerald Solomon of New York, was the main obstacle to the House bill in the last Congress, siding with law enforcement officials who fear unlimited exports will threaten national security by making encryption more accessible to terrorists and other criminals. Representative David Dreier of California, a co-sponsor of the SAFE Act, now heads that panel., "Since its introduction last month, the SAFE Act has received enthusiastic and overwhelming support from a wide-ranging and extremely bipartisan group of United States Representatives. The reasons for passage of this legislation this year are becoming more compelling and more urgent then ever," Robert Holleyman, president of the Business Software Alliance, said in a statement applauding the vote. "Today, computer users around the globe are demanding products with strong encryption features to protect their privacy. And, strong encryption provides the security and protection necessary for the Internet to thrive, thus improving the global economy. Dozens of countries around the world have developed products to meet the global demand for encryption, yet outdated regulations have not allowed the United States to compete on a level-playing field. ... The BSA looks forward to working with the Congress to pass the SAFE Act this year." -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:20:50 PDT