The alternative solution might go something like this (also known as the Mother of Clipper): 1. Outlaw use of any crypto not authorized and provided by an Official Source, which is to be provided in the form of hardware on the CPU/Motherboard (or equivalent, depending on the computing/communications device) 2. When you wish to send an encrypted communication or store encrypted data, the Official Crypto Device from the Official Source first must obtain a Secrecy Credential from a Central Repository, to which you have applied for some strength crypto. The Credential gives you certain secrecy privileges ... as long as you're being a good citizen. The Credential enables the crypto on your official device: the device will not function without communicating with the Central Repository and obtaining today's Credential. 3. When LEA wants to tap you, it sends a control message to the Central Repository which modifies your Secrecy Credential, dumbing you down to, say, 40bits. They could even provide the entire session key (or other secret as required by protocols.) As long as this state is in effect, your "encrypted" communications and storage are readable by the LEA. Now: consider the profits to be made by the Central Repository, which is responsible for maintaining your Credential. Each Credential use could be charged a transaction fee, as well as the annual licensing. The crypto device provider has a locked-in market for its silicon, as it must go on all the motherboards and into the CPU's. The big-system manufacturers responsible for the servers and communications required to manage the communications between the crypto and repository make out real well too. It sounds like a perfect fit for Microsoft, Intel, together with HP-s ICF!!