[ISN] Keep Big Brother's hands off the Internet...

From: InfoSec News (isnat_private)
Date: Mon Nov 25 2002 - 23:29:21 PST

  • Next message: InfoSec News: "[ISN] Experts warn of buffer overflow flaw in Solaris"

    http://usinfo.state.gov/journals/itgic/1097/ijge/gj-7.htm
    
    [What a difference a few years makes...  =)  - WK]
    
    By Senator John Ashcroft
    
    Republican, Missouri
    Chairman of the Senate Commerce Subcommittee on Consumer Affairs, 
    Foreign Commerce and Tourism
    
    [Senator Ashcroft takes issue with administration views on the
    Internet and the use of encryption technology.]
    
    The Internet provides a great opportunity to our country, in part by
    representing the most inviting form of communication ever developed.  
    It draws people together from all corners of the globe to share and
    communicate on an unprecedented level, and brings all branches of
    government closer to the public that they serve.
    
    The Internet allows small businesses to reach out across the globe and
    conquer the distances between them and potential customers.  
    Individuals can view merchandise and make purchases without leaving
    home. The Internet also holds great promise for education. Students --
    rural, suburban, and urban -- are increasingly able to access a wealth
    of information with their fingertips that was previously beyond their
    reach.
    
    In order to guarantee that the United States meets the challenge of
    this new means of commerce, communication, and education, government
    must be careful not to interfere. We should not harness the Internet
    with a confusing array of intrusive regulations and controls. Yet, the
    Clinton administration is trying to do just that.
    
    The Clinton administration would like the Federal government to have
    the capability to read any international or domestic computer
    communications. The FBI wants access to decode, digest, and discuss
    financial transactions, personal e-mail, and proprietary information
    sent abroad -- all in the name of national security. To accomplish
    this, President Clinton would like government agencies to have the
    keys for decoding all exported U.S. software and Internet
    communications.
    
    This proposed policy raises obvious concerns about Americans' privacy,
    in addition to tampering with the competitive advantage that our U.S.  
    software companies currently enjoy in the field of encryption
    technology. Not only would Big Brother be looming over the shoulders
    of international cyber-surfers, but the administration threatens to
    render our state-of-the-art computer software engineers obsolete and
    unemployed.
    
    There is a concern that the Internet could be used to commit crimes
    and that advanced encryption could disguise such activity. However, we
    do not provide the government with phone jacks outside our homes for
    unlimited wiretaps. Why, then, should we grant government the
    Orwellian capability to listen at will and in real time to our
    communications across the Web?
    
    The protections of the Fourth Amendment are clear. The right to
    protection from unlawful searches is an indivisible American value.  
    Two hundred years of court decisions have stood in defense of this
    fundamental right. The state's interest in effective crime-fighting
    should never vitiate the citizens' Bill of Rights.
    
    The president has proposed that American software companies supply the
    government with decryption keys to high level encryption programs.  
    Yet, European software producers are free to produce computer
    encryption codes of all levels of security without providing keys to
    any government authority. Purchasers of encryption software value
    security above all else. These buyers will ultimately choose airtight
    encryption programs that will not be American-made programs to which
    the U.S. government maintains keys.
    
    In spite of this truism, the president is attempting to foist his
    rigid policy on the exceptionally fluid and fast-paced computer
    industry. Furthermore, recent developments in decryption technology
    bring into question the dynamic of government meddling in this
    industry. Three months ago, the 56-bit algorithm government standard
    encryption code that protects most U.S. electronic financial
    transactions from ATM cards to wire transfers was broken by a
    low-powered 90 MHZ Pentium processor.
    
    In 1977, when this code was first approved by the U.S. government as a
    standard, it was deemed unbreakable. And for good reason. There are 72
    quadrillion (72,000 trillion) different combinations in a 56-bit code.  
    However, with today's technology these 72 quadrillion combinations can
    each be tried in a matter of time.
    
    Two days after this encryption code was broken, a majority of the U.S.  
    Senate Commerce Committee voted, in accordance with administration
    policy, to force American software companies to perpetuate this
    already compromised 56-bit encryption system. In spite of the fact
    that 128-bit encryption software from European firms is available on
    Web sites accessible to every Internet user. Interestingly, European
    firms can import this super-secure encryption technology (originally
    developed by Americans) to the United States, but U.S. companies are
    forbidden by law from exporting these same programs to other
    countries.
    
    I believe that moving forward with the president's policy or the
    Commerce Committee's bill would be an act of folly, creating a cadre
    of government "peeping toms" and causing severe damage to our vibrant
    software industries. Government would be caught in a perpetual game of
    catch-up with whiz-kid code-breakers and industry advances. Senate
    Majority Leader Trent Lott has signaled his objection to both
    proposals.
    
    The leader and I would like to work to bring solid encryption
    legislation to the Senate floor. Any proposal should give U.S.  
    encryption software manufacturers the freedom to compete on equal
    footing in the international marketplace, by providing the industry
    with a quasi-governmental board that would decide encryption bit
    strength based on the level of international technological
    development.
    
    U.S. companies are on the front line of on-line technologies --
    value-added industries of the future. Consider this: Every eighteen
    months, the processing capability of a computer doubles. The speed
    with which today's fastest computers calculate will be slug-like
    before the next millennium or the next presidential election comes
    along. The best policy for encryption technology is one that can
    rapidly react to breakthroughs in decoding capability and roll back
    encryption limits as needed.
    
    The administration's interest in all e-mail is a wholly unhealthy
    precedent, especially given this administration's track record on FBI
    files and IRS snooping. Every medium by which people communicate can
    be subject to exploitation by those with illegal intentions.  
    Nevertheless, this is no reason to hand Big Brother the keys to unlock
    our e-mail diaries, open our ATM records, read our medical records, or
    translate our international communications.
    
    Additionally, the full potential of the Internet will never be
    realized without a system that fairly protects the interests of those
    who use the Internet for their businesses, own copyrighted material,
    deliver that material via the Internet, or individual users. The
    implications here are far-reaching, with impacts that touch individual
    users, companies, libraries, universities, teachers, and students.
    
    In December 1996, two treaties were adopted by the diplomatic
    conference of the World Intellectual Property Organization (WIPO) to
    update international copyright law. These treaties would extend
    international copyright law into the digital environment, including
    the Internet. However, these treaties do not provide a comprehensive
    response to the many copyright issues raised by the flourishing of the
    Internet and the promise of digital technology. We must work to keep
    the scales of copyright law balanced, providing important protections
    to creators of content, while ensuring their widespread distribution.  
    In an attempt to meet these goals, I introduced the Digital Copyright
    Clarification and Technology Education Act of 1997.
    
    Equally important, we must begin a process that is structured to
    balance the rights of copyright owners with the needs and
    technological limitations of those who enable the distribution of the
    electronic information, and with the rights and needs of individual
    end users. The current treaties and statements are not sufficient, and
    include some language that could create legal uncertainty. This vague
    language could lead to laws that ignore technical realities. The
    language must be clarified through the enactment of legislation in
    conjunction with the Senate's ratification of the treaties.
    
    Another issue that could prevent the Internet from reaching its
    potential is taxation. If we tax the Internet prematurely or allow
    discriminatory taxing, we may stifle a burgeoning technological
    development that holds much commercial, social, and educational
    promise for all Americans. Taxation should be considered only after we
    have fully examined and understood the impact that unequivocal
    taxation would have on this new means of commerce. The Internet Tax
    Freedom Act would allow for full consideration of the opportunities
    and possible abuses by placing a moratorium on further taxation of
    online commerce and technologically discriminatory taxes. It is
    important to note that S. 442 will allow states and local
    jurisdictions to continue to collect any tax already levied on
    electronic commerce.
    
    On-line communications technology is akin to the Wild West of the 19th
    century. To best settle this new frontier, we should unleash American
    know-how and ingenuity. The government's police-state policy on
    encryption is creating hindrances and hurdles that will eventually
    injure our ability to compete internationally. Government's role
    should be to break down barriers, to allow everyone to excel to their
    highest and best.
    
    __________ 
    Senator Ashcroft is a member of the Senate Commerce, Judiciary, and 
    Foreign Relations Committees. His Web homepage is: 
    http://www.senate.gov/~ashcroft/ and his e-mail address is: 
    john_ashcroftat_private 
    
    Global Issues
    USIA Electronic Journal, Vol. 2, No. 4, October 1997 
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Tue Nov 26 2002 - 02:40:28 PST