At 10:23 AM 4/30/97 -0800, Tim May wrote:
Users of crypto, concerned citizens, the public Cypherpunks, EFF, ACLU, EPIC, etc. / / Public/Users / \ / \ / \ Corporations - - - - Government - - NSA, FBI, military, / law enforcement, regulators, / SEC, FCC, etc, PGP, Inc., RSADSI, Cylink Verisign, Netscape, etc.
It's a useful start, but treating corporations as one bloc makes it too easy for journalists and government to say things like "Industry wants <foo>!" Most corporations are primarily users - they want to protect their own internal communications and recordkeeping enough for perceived threats, but they aren't passionate about it - it's just a tool, not a product. Some corporations, like PGP, selling privacy tools as products, and most of them want to provide high security with no interference. Other corporations have a market niche of sucking up to Government, and trying to create a market for GAKked products - like TIS and Dorothy - while using the Government to interfere with their competitors; if a GAKked product increases a user company's security enough that they're not losing much money on it, they've benefitted substantially, and most user companies have to tell the government what it wants to know when it wants to know it anyway, so GAK doesn't hurt them much. Banks in particular fall into this user category - they really need to keep from getting ripped off, since their losses are direct and immediate (unlike, say, intellectual property leaking) - but most US banks have no illusions that they're maintaining any privacy barriers between their users and government. Cellphone companies are a special case - their main privacy concerns are keeping customers from complaining loudly, but the watered-down digital encryption standards are enough to reduce eavesdropping, and there's enough strong crypto to prevent billing fraud. On the other hand, building an infrastructure that supports wiretapping can be a big expense, and a big disruption to their network architecture and operational efficiency, so now you're talking Real Money again. # Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts@ix.netcom.com # You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp # (If this is a mailing list, please Cc: me on replies. Thanks.)