Europeans Clash With U.S. Over Encryption

Disclaimer: This information comes from sources that cannot be verified. As such, make no assumptions about its completeness or accuracy. We endeavor to keep this information up to date as much as possible. Feel free to send comments/ updates to the Security News Editor.

October 10, 1997

Europeans Clash With U.S. Over Encryption Europeans Clash With U.S. Over Encryption
By Matthew Slater,
BRUSSELS, Belgium -- A high-level international battle over Internet regulation erupted Wednesday, when the European Union refused to follow the U.S. government's line on controlling encryption software.
The European Commission said Wednesday that it doesn't plan heavy regulation for encryption technology -- unlike the U.S. government -- because European trade officials feel such a move would stifle electronic commerce. Encryption software makes messages unreadable to snoopers by scrambling them while they are in transit.
The U.S. government wants to extend its wire-tapping powers to the Net by granting law enforcement agencies the right to see the plain-text version of scrambled messages. The U.S. government also wants to ban the use of encryption services that don't allow law-enforcement agencies access to plain-text versions.
"In technological terms it is not possible to prevent criminals from obtaining and using encryption techniques," said Martin Bangemann, the European commissioner responsible for high-tech affairs. "Therefore, there seems little point in preventing legal users from protecting themselves," he said at the launch of an European Commission policy statement on encryption and digital signatures.
Wednesday's document said that the Commission's interest in digital signatures is limited to ensuring there is a common European Union framework established for recognizing and authorizing digital signatures. Germany, Italy, and France have already passed digital signature laws, and other member states are close to drafting legislation.
"It is ironic, but the possibilities of the Internet make it impossible to regulate," Bangemann said. The European Commission regulates trade in the 15 countries of the European Union
Contrary to the policy of the Clinton administration, the European Commission will seek only a minimal framework policy for security on the Internet, Bangemann said. Encryption is a more controversial issue than digital signatures, which are used to establish a data user's identity, Bangemann added.
The commission said it accepted the need for Internet security for the potential of electronic commerce to be realized. But Bangemann said he is concerned that legislation in the member states may lead to clashes of laws similar to those experienced in the United States, where there are 40 different encryption laws at state level.
"We want to avoid the fragmentation of the market," a commission spokesperson said.
The commissioner added that the European preference for looser regulation of Internet security issues had many international supporters -- including many within the United States.
The commission plans to establish a forum for discussion on Internet security, with public hearings following in early 1998. Publication of a directive, which must be implemented in the national laws of the European Union countries, may follow soon after, the commission spokesperson said.