Here's the full text of the speech David Chaum gave in his Congressional hearing. I will also make it available for online reading on our web server in the publications section. --- cut here --- Mr. Chairman, Members of the Committee: As an American who is regarded as the inventor of electronic cash, who has worked over the last dozen or so years to make the technology viable, and who is now CEO of a leading company pioneering in its commercialization, I am very pleased by the interest being shown here and to be here today. We are being forced to decide between two very different kinds of electronic payment technology. The core values we as a nation have fought for, and continue to stand for, are at stake. As a consequence of choosing one of the two directions, these values will be profoundly eroded; by choosing the other direction, however, they will be preserved and likely extended. Wise decisions at this critical juncture may also allow us to avoid certain other pitfalls and to realize economic leadership and growth. I think my limited time before you is best used to briefly explain the fundamentally different approaches to security, before coming to privacy, privacy technology, and its implications. Security Security is simply the protection of interests. People want to protect their own money and banks their own exposure. The role of government is to maintain the integrity of, and confidence in, the whole system. With electronic cash, just as with paper cash today, it will be the responsibility of government to protect against systemic risk. This is a serious role that cannot be left to the micro-economic interests of commercial organizations. In order for those in government to make informed decisions, it will be necessary for them to understand the basic ways to secure transactions in different situations. One basic form is tamper-resistance, exemplified by the chip in a chip card. It is designed to be hard to modify or to read secrets from. Such tamper-resistance is needed for "off-line" payments--those in which the reader device receiving payment from a card, validates payments by contacting a central system only at the end of each day. (Incidentally, this and the other basic form must rely for security on cryptography, sometimes refereed to as encryption, which is fundamental to all information security.) The other basic form is where the individual uses their own computer, whether a desk-top, lap-top, or palm-top device. Such "software only" is all that is needed in an "on-line" system--a system in which the party receiving payment communicates over a network during each payment. The trend is toward a convergence of these two forms into a hybrid--since people don't want incompatible forms of money and since it offers the best of both worlds in terms of convenience; in other words, you will put a chip card into a user-friendly electronic device of your own choosing, whether on your desk, in your living room, or in your pocket. I have brought some examples of this to show you... The problems I see in the industry today reflect a lack architecture. And architecture is essential when building infrastructure, which is what we are embarking on. In my view, a sound architecture must: (i) include the two basic forms of security, and allow for their integration into the hybrid; (ii) prevent the vulnerability of system-wide secrets from being stored in every card or, nearly as bad, every off-line point of payment; and (iii) address privacy concerns effectively, since they cannot be addressed as add-ons or afterthoughts. Today, DigiCash systems are alone in having any of these three attributes, and their architecture has all three. Privacy Let me now turn to this issue of privacy... A recent Harris poll of the American public began by introducing respondents to all the consumer benefits of the information superhighway. Then respondents were told that in order to make such systems economically viable, payment transaction data would have to be gathered and used for purposes such as making special offers to them. But the majority of respondents still objected to any use, other than consummation of the payment, and they gave privacy as the primary reason. Fully 82% of Americans today expressed concern over privacy of computerized data. That fraction has been growing steadily ever since the "first wave" of privacy concern was triggered when Americans saw their names punched into computer cards or printed on computer generated forms. When people are exposed to the information superhighway, which provides an awesome glimpse of the power of modern information technology, with dropping transaction costs leading to finer granularity of payments (which we will be hearing more about later), concern will reach new levels. Privacy Technology "Privacy technology" allows people to protect their own information, and other interests, while at the same time it maintains very high security for organizations. Essentially, it is the difference between, on the one hand, a centralized system with disenfranchised participants (like the electronically tagged animals in feedlots); and, on the other hand, a system where each participant is able to protect its own interests (like buyers and sellers on a town market square). Take ecash as an example of privacy technology. It provides a fully digital bearer instrument--a number that is itself money, just like a bank note is money. On the Internet, once someone downloads the requisite software, which takes only a few minutes, they are ready to send and receive ecash in payments. Security of ecash is superior to that of paper cash. If it is stolen, it cannot be used; if someone refuses to give you a receipt, you have proof that they deposited it; and if it is lost, you can get your money and records back. Counterfeiting ecash poses the same cryptographic challenge as breaking the most sophisticated codes used to protect nuclear materials, military secrets and large-value wire transfers. Therefore, ecash is certainly not the target of opportunity. Ecash is already being experimented with on the Internet in a worldwide monopoly money trial with tens of thousands of participants. Related card technology has been extensively tested, by DigiCash licensee Amtech, for highway-speed road tolls and road pricing, offering privacy instead of dossiers on everywhere people drive. And, CAFE, the European Commission sponsored trial, at its headquarters buildings in Brussels, of chip cards that can be inserted into electronic wallets (that I have already shown you), allows privacy in payments and the electronic ECU. Such "privacy technology" was even successfully used by the participants at the most recent international meeting of data protection commissioners. Ecash has received substantial media coverage; consequently, the public is beginning to realize that the coming of electronic payments need not mean an obliteration of privacy. And the superhighway will give consumers unprecedented mobility to choose it. Some concern about ecash, however, has been raised by various parties over possibilities it might open for illicit payments. But there is simply no legitimate basis for these allegations. Ecash, even when it achieves significant scale, is considerably less dangerous to society than automatic teller machines. For one thing, like cash, the amount withdrawn and deposited is on record; but, for another, unlike cash, the amounts of money that pass through each person's hands are also on record at the bank. Ecash itself is less prone to abuse than paper bank notes, because privacy is "one-way," which means that an extortionist, a seller on a black-market, or the acceptor of a bribe is forever vulnerable to being irrefutably incriminated by the party that paid them. National Leadership Governments who stifle the new technology while it is still in its infancy, before its has had a chance to develop and harmonize with our institutions; who don't pro-actively support needed infrastructure; or who fail to establish confidence by protecting against systemic risk--will be left behind in global competition. Countries who take clear positions based on understanding of the technology, however, and encourage needed developments, stand to gain enormous economic growth and market leadership. Privacy technology, whether used for electronic payments, voting, or other public expression, is the electronic equivalent of a free market and democracy. People will come to insist on it as an informational human right. Dr. David Chaum, DigiCash --- cut here --- // Marcel van der Peijl, DigiCash bv // http://www.digicash.com/~bigmac/ // There is no signature like no signature!