Disclaimer: This information comes from sources that cannot be verified. As such, make no assumptions about its completeness or accuracy. We endeavor to keep this information up to date as much as possible. Feel free to send comments/ updates to the Security News Editor.

Kerrey Compromise Encryption Bill Hits Roadblocks

19 June 1997, Newsbytes:

Kerrey Compromise Encryption Bill Hits Roadblocks

Washington, DC:

Senator Bob Kerrey's (D-Nebraska) attempt to find the middle road on encryption policy has hit some major potholes one day before the US Senate Commerce, Science and Transportation Committee plans to vote on encryption bills.

Kerrey's bill, the Secure Public Networks Act, co-sponsored by Commerce Committee Chairman Sen. John McCain (R-Arizona) would relax US export controls on encryption, like a number of other encryption bills pending in the House of Representatives and Senate. But the bill also would require encryption software used by the federal government, or purchased with federal funds for public use, to include key recovery software.

The key recovery proposal, privacy advocates and software publishers say, is a slightly watered down version of the key recovery proposal sponsored by the Clinton Administration. Currently, the Clinton Administration does not allow US companies to export products that use algorithms longer than 40 bits without government approval, or without providing key recovery.

"The Secure Public Networks Act, however, is little more than an ineffectual attempt by Senators Kerrey and McCain to carry the Clinton administration's water in a bucket riddled with holes," Lauren Hall, chief technologist for the Software Publishers Association (SPA), told Newsbytes.

David Banisar, staff counsel for the Electronic Privacy Information Center (EPIC), concurred, saying "this is the same coercive strategy they used with the Clipper chip. The bill is the administration's wish list for trying to restrict public cryptography."

"The legislation would force the US domestic market for encryption to adopt vulnerable and costly key recovery encryption systems," Jonah Seiger, communications director for the Center for Democracy and Technology, said. Although the bill would relax some current export restrictions, it will provide only "token relief," he said.

"The SPA considers the Secure Public Networks Act to be 'dead on arrival,'" Hall told Newsbytes. "The bill supports current Clinton administration policy, and while intended to strike a balance between law enforcement and industry concerns, the result wreaks havoc on the multi-billion dollar industries which depend and thrive on electronic commerce."

"For leadership on this issue, the administration and the Senate need only look to the House of Representatives," she said.

Hall was referring to the Security and Freedom through Encryption (SAFE) Act of 1997, H.R. 695, which would allow US manufacturers to freely export encryption products. The bill, sponsored by Rep. Bob Goodlatte (R-Virginia) unanimously passed on a voice vote in the House of Representatives Courts and Intellectual Property subcommittee in early May, clearing the way for a full House Judiciary Committee vote. The bill, with more than 80 co-sponsors, is awaiting action by both the International Relations and Intelligence Committees

"The SAFE Act allows US manufacturers to freely export encryption products," Hall said. "It recognizes the domestic market-driven demand for strong encryption throughout virtually every sector of the US economy."

Hall noted that "The sponsors of the Senate legislation simply fail to understand what is at stake, namely the future of electronic commerce, and the ability of US businesses or private citizens to securely conduct transactions and communicate via the Internet.

"Senators Kerrey and McCain deferred to the concerns of the Federal Bureau of Investigation and the National Security Agency, who argue that strong encryption prohibits their ability to monitor and investigate the actions of suspected criminals and terrorists," Hall said. "Leaders in the House, however, have recognized the unrealistic and short-sighted nature of these concerns and taken action in favor of US competitiveness abroad."

The Senate Commerce, Science and Transportation Committee has scheduled a session for Thursday, June 19, to debate and vote on encryption bills, including the "Promotion of Commerce in a Digital Era Act" (Pro-CODE), S.377, co-sponsored by Sen. Conrad Burns (R-Montana) and Sen. McCain.

The Pro-CODE bill, introduced by Burns in early March, aims at lifting export controls on encryption.

President Clinton, who signed an executive order last November slightly easing export controls on encryption, is opposed to Burns' bill, fearing it would relax export limits too much and compromise US law enforcement and national security efforts.

Currently, US companies cannot export products that use algorithms longer than 56-bit, while foreign competitors have no such restrictions.

Burns, however, said his bill seeks "to even the playing field for the encryption industry. Our international competitors will be the only benefactors if US law prohibits American companies from competing in the global marketplace."



[ Back | Home | Products | Security News | Security Links | Download | Resources | Press | Employment | Contact | About ]

CryptoSoft GmbH

Feedback: webmaster@cryptosoft.com
 Copyright ©1995-1998 Cryptosoft GmbH
All Rights Reserved