INFOWorld June 7, 1993 Volume 15, Issue 23 pages 1, 103 IS managers assail data encryption rule 'Clipper chip would allow snooping by Scott Mace And Shawn Willett GAITHERSBURG, Md. -- IS managers and computer vendors last week blasted the Clinton administration's plans to mandate use of the "Clipper" data encryption chip. During hearings hosted by the U.S. Commerce Department here last week and in interviews, many IS managers and vendors said they fear the encryption standard could make their operations vulnerable not only to snooping by the government, but by criminals as well. IS managers and consultants from Bankers Trust Co. of New York and Deloitte &Touche voiced these concerns at the hearing and chided the government for shrouding the process in secrecy. "The secret process up until now has been destructive to public trust," said William Murray, IS consultant at Deloitte & Touche, in Wilton, Conn. "It is only a matter of time before hackers figure out a back door to de-crypt it," said Sheldon Laube, national director of information and technology at Price Waterhouse, in Menlo Park, Calif. Laube echoed the concerns of other corporate data managers. "If the government can de-encrypt it, we have to assume competitors can as well," said Bob Holmes, computer technology research analyst at Southern California Gas, in Los Angeles. The chip, which would be installed in data communications devices, including computers, modems, fax machines, and phones, encrypts data so outsiders cannot listen in or steal sensitive data. But government agencies, such as the FBI, could ask for a court order to obtain the "keys" to decode the data. No one would be forced to implement the chip, but the administration proposal could mandate government agencies to buy it, effectively forcing its widespread adoption. The Clipper chip, jointly developed by the National Security Agency and the national Institute of Standards and Technology (NIST) was also assailed by computer vendors. Oliver Smoot, vice president of the Computer and Business Equipment Manufacturers Association (CBEMA), testified that its members would have to develop separate product lines for the United States and overseas because a few foreign governments would want to give the U.S. government the capability to decode their data transmissions. This, along with the inclusion of the chip in every computer, would mean higher prices, Smoot said. CBEMA members include Apple Computer Inc., Compaq Computer Corp., IBM, and Hewlett-Packard Co. The plan has also been hotly contested by computer industry civil libertarians, such as the Electronic Frontier Foundation, which urged that the Constitution's prohibition of illegal search and seizure be applied. NIST and other government agencies countered that the chip is very resistant to tampering. It uses a key escrow system, where two or more government agencies will hold parts of a decryption key, for use by law enforcement with a valid court order. The FBI expects organized crime and terrorists to begin encoding information. Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp@sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip.