Earlier I wrote:
And an even better solution is for folks to have their own private machines and access to one of the cheap Internet service providers springing up all around. Then they won't have to worry about their corporations "snooping" in their e-mail files. Or restricting them about using PGP or other crypto.
Corporations have a legitimate reason to tell employees what they can and can't use. After all, corporations are held liable for most employee actions (so those death threats to whitehouse.gov will reflect back on the company) and have other concerns as well (espionage, extortion, bribery, too much use of the Net, etc.).
Having your own computer means never having to say you're sorry.
(I fear laws telling corporations they *can't* snoop as much as I fear Clipper. The reasons are obvious, to me at least, and I can expand on this point if anyone's really interested.)
Several people having asked for an explanation and/or commented here on their interpretations, I'll explain my position: * Individuals, groups, corporations are free to set their won policies, more or less, in a free society. (Not everyone agrees with this, more's the shame.) A company can set working hours, working conditions, software to be used, and so on. It is not the business of government to interfere in these decisions, nor do "civil rights" enter in...an employee told to use Microsoft Word and not to use PGP cannot claim his "civil rights" are being violated. * I did not say companies _should_ snoop...I said there should not be laws forbidding snooping--in line with the point above. Imagine the implications of a law forbidding such "snooping": a company would presumably be unable to ensure that its policies were being followed, that it's employees were not violating various laws, etc. To be sure, companies may wish to avoid snooping, as the repercussions on company morale are often severe. Not being a good idea, in general, does not imply that there "ought to be a law" regulating such things. (Ditto for searches on leaving premises, which one writer here likened to snooping. Indeed, the two are the same. For 12 years at Intel, my briefcase was searched--sometime thouroughly, usually cursorily--every time I left a building with it. Not hard to see, given that a single uP could be sold for $500 and a briefcase of them could be worth a small fortune. Floppy disks and the like were generally ignored, as determining the contents would be too difficult, etc. A lot more I could say here, but I won't. Searches of briefcases was a "condition of employment" and not a civil rights issue....except for female employees, whose handbags were exempted by external law from any search...assembly workers were often suspected of stealing packaged devices, but Intel was forbidden to check their bags!) * In summary, it's a real bad idea--ethically and practically--to deny "corporations" behaviors we take for granted for ourselves. If I hire someone to help me in my home, I can set the conditions of the job: what hours, what rate of pay, what tools can and can't be used, and what limits I may wish to place on his use of my modems to communicate with outside services or agents. Corporations are not really different. We may not like big corporations...most new companies are formed by people fed up big companies...but this does not mean we should interfere with how they run their businesses. Not working for them is always an option. (I am sympathetic to many anarchist views, such as those held by my friend Dave Mandl, but I am not at all convinced by left-leaning arguments that "sometimes people have no choice " in the jobs they take. Thus, I am a standard libertarian here.) In considering whether crypto should be "allowed" or "not allowed" for corporations, a better answer is: that's not for society and the law to concern itself with. Companies that snoop too much will lose employees, and companies that are told they cannot monitor what employees are doing and what tools are being used will also lose out. Finally, all the arguments about there being _other_ ways for corporate secrets to leak out are accurate, but beside the point. Of course there are, and I have done extensive writing on this (BlackNet, information markets, Gibson-style "escrow" of key employees, etc.). But that employees can use their home computers to sell corporate secrets is somthing they will have to learn to deal with somehow (*), not a reason to limit corporations' abilities to set policy in their workplaces. (*) One possibility, the Gibson scenario mentioned (cf. "Count Zero"), is to require key employees in extremely sensitive positions to forego access to outside contacts. It may not work very will, and it may be distasteful to many or most people, but it's not a violation of "civil rights." Along with "democracy," the term "civil rights" is bandied about too much and is used to justify entirely too much State intervention. Mutually agreed-upon contracts always take precedence over democracy and civil rights. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway."