---------- Forwarded message ---------- Date: Mon, 15 Sep 1997 00:57:11 +0100 From: Dave Banisar <banisar@epic.org> Subject: EPIC and PI Charge US Violates Intl Crypto Agreement Press Release. Privacy Groups Criticize United States Crypto Policy. Charge US Violation of International Agreement. Brussels - Two leading privacy organizations said today that the United States cryptography policy violates an international agreement reached earlier this year by more than two dozen countries at the Organization for Economic Cooperation and Development. The Electronic Privacy Information Center and Privacy International said that recent legislative proposals introduced in the United States to establish controls on the use of data scrambling technology are contrary to the principles adopted by the OECD and should be withdrawn. Marc Rotenberg, the director of EPIC and a member of the expert panel that drafted the guidelines, said that "the OECD framework is based on the voluntary, market-driven development of encryption products and services. The Guidelines emphasize the importance of privacy protection and the need for careful assessment of any key escrow proposal. Their were specifically intended to remove technical and legal obstacles to the use of cryptography. But the US policy now points in exactly the opposite direction -- extensive government regulation, little regard for privacy, and the rapid development of key escrow techniques regardless of the consequences." Mr. Rotenberg said that the OECD member countries considered and explicitly rejected the US recommendation that cryptography policy be based on law enforcement access to private communications. "That proposal was turned down by the OECD member countries. The United States accepted the judgment of the OECD and endorsed the final recommendations. The U.S. should now honor its commitment," said Mr. Rotenberg. Simon Davies, Director General of Privacy International, said "The rush to encourage technologies for communications surveillance comes at exactly the wrong time. Illegal wiretapping is on the rise around the world. Dissidents, political opponents, journalists, and human rights organizers are most often the targets." The current issue of the International Privacy Bulletin includes a review of worldwide privacy abuses in 1996. Electronic surveillance features prominently in the report. The review is based on "The Country Reports for Human Rights Practices," prepared annually by the U.S. State Department. Mr. Rotenberg and Mr. Davies said that the U.S. policy now stands as the single greatest barrier to the development of tools to protect privacy and security on the Internet. The statement was made at a conference this week in Belgium, hosted by Privacy International and EPIC, on "Cryptography and the Internet: Developing Privacy and Security Policy for the European Information Society." Participants from more than twenty countries attended the event. The Electronic Privacy Information Center is a civil liberties organizations, based in Washington, DC. Privacy International is a human rights organization concerned with privacy, surveillance and data protection issues worldwide. It is based in London. Both organizations are members of the Global Internat Liberty Campaign. WEB RESOURCES o EPIC [http://www.epic.org/] o Privacy International [http://www.privacy.org/pi/] o Global Internet Liberty Campaign [http://www.gilc.org/] o Brussels Cryptography Conference [http://www.privacy.org/pi/conference/brussels/] o OECD Cryptography Policy Guidelines [http://www.oecd.org/dsti/iccp/crypto_e.html] CONTACT (15-17 September) Marc Rotenberg, EPIC (Brussels +32 2 227 05 05, voicemail +1 202 298 0824) Simon Davies, PI (Brussels +32 2 513 29 73)