Coalition letter opposing Oxley amendment -- from Apple to USWest
This is an encouraging letter, especially given the number and breadth of firms that signed on. But this section strikes me as telling:
We urge the Committee to reject the Oxley-Manton amendment and any other form of domestic encryption control.
Then the committee should reject even the "original" draft of SAFE, which has the first-ever domestic encryption control: penalties for the use of crypto in a crime. When crypto is widespread, //any// "crime" (like posting "indecent" materials?) will involve crypto. Domestic controls on encryption are not a reasonable tradeoff for lifting export controls. Don't sell out my rights to make a quick buck. (Then of course there's White's "compromise" language floating around that would double these criminal penalties. And Oxley -- in an effort to split the coalition -- is circulating draft language that might exempt some forms of mundane crypto-devices from his crypto-ban. Who knows? Maybe some Congressmen would vote for Oxley II in hopes of staving off Oxley I. But all these "compromises" are dangerous.) Advice to undersigned firms: Tell your lobbyists to block //all// encryption legislation that might come out of Congress. Then fire them. Spend the millions of dollars on R&D. Get crypto in the hands of the grandmothers of America. Or if you're not going to fire your lobbyists, at least order them not to try and push a bill through. I know it's difficult; that's all they know how to do. But, you see, not only is such a plan doomed to fail, it likely will backfire and threaten all of our freedoms in the process. -Declan ====================== September 22, 1997 The Hon. Thomas J. Bliley, Jr. Chairman House Commerce Committee 2125 Rayburn House Office Building Washington, D.C. 20515 Dear Chairman Bliley: We are writing to express our strong opposition to the Oxley-Manton amendment to HR 695, the Security and Freedom through Encryption Act (SAFE), which the Commerce Committee will consider this week, and to any form of government domestic controls on encryption. The Oxley-Manton amendment would impose unprecedented restrictions on the domestic manufacture and availability of encryption, thus potentially compromising the security of the nation's telephone system and the Internet alike. The amendment would: * prohibit the domestic manufacture, sale and importation of any encryption product or service unless the government is given immediate access to the plaintext of communications and stored files without the knowledge of the user; * prohibit network service providers, including telephone companies and Internet service providers, from offering encryption products or services unless communications can be immediately read without the knowledge of the user; and * give the Attorney General unprecedented, broad new powers to establish standards for encryption products and services. Encryption technologies are the vital tools consumers and businesses need to operate with security and privacy in the information age, and are a cornerstone of electronic commerce. Government domestic controls on encryption are incompatible with the consumer, corporate, and national security benefits of the national information infrastructure. Numerous communications products and services are now under development that incorporate encryption as an essential feature. Oxley-Manton will stifle these new products and services, end the deployment of market-driven key recovery systems, and undermine the potential of the new communications media for electronic commerce and the promotion of democratic values. * Strong encryption will not only ensure privacy but also help prevent crime on the network. However, by mandating trap doors in all domestic encryption products and communications networks, the Oxley-Manton amendment will make the personal records and communications of individuals and businesses more vulnerable to hackers, terrorists, industrial spies and other criminals. Put at risk will be medical records, tax returns, private email, business proprietary information and transactions, attorney-client communications, and cellular phone conversations. * Oxley-Manton's broad requirement for "immediate access" to decryption keys without knowledge of the user would force Americans to forfeit their constitutional right of privacy as a condition of participating in the information age. * Oxley-Manton invites disastrous industrial policy. It is industrial policy with criminal sanctions attached. The amendment authorizes the Attorney General to promulgate technical requirements for all encryption products and gives the Department of Justice prior approval authority over all encryption systems for computers and telecommunications. This will stifle innovation. It will drive encryption expertise out of this country. The market should be allowed to develop its own solutions, many of which in fact will meet law enforcement's needs within our existing system of legal authorities and safeguards. * Oxley-Manton will be ineffective in keeping strong encryption out of the hands of criminals. Criminals and terrorist groups will not use a system that gives the government access to their decryption keys. In fact, the FBI has admitted in Congressional testimony that criminals will always have access to strong unbreakable encryption. We urge the Committee to reject the Oxley-Manton amendment and any other form of domestic encryption control. Sincerely, ACL Datacom, Inc., California American Electronics Association American Automobile Manufacturers Association Americans for Tax Reform America Online, Inc. Ameritech ANS Communications, Inc., New York Apple Computer, Inc. Ashton Communications Corp., California and Texas Bell Atlantic Bell South Bowles Farming Co., Inc. Business Software Alliance Center for Democracy and Technology Commercial Internet eXchange Association CommerceNet Compaq Computer Corp. CompuServe, Inc. Computer & Communications Industry Association Computer Software Industry Association Consumer Electronic Manufacturers Association Counsel Connect Crest Industries, Inc. DataXchange Network, Inc. Direct Marketing Association Electronic Data Systems, Corp. Electronic Frontier Foundation Electronic Messaging Association Epoch Internet Fiber Network Solutions, Inc., Columbus, Ohio Genuity Inc., a Bechtel company IBM Corp. Information Technology Association of America Information Technology Industry Council (ITI) Institute of Electrical and Electronics Engineers - US Activities International Communications Association Intuit Inc. Internet Providers Association of Iowa Microsoft National Association of Manufacturers NETCOM On-Line Communication Services, Inc. NetINS, Inc., Iowa Novell Online Banking Association National Association of Manufacturers National Retail Federation Netscape Communications Corp. Phoenix Media/Communications Group Pro-Trade Group PGP, Inc. RSA Data Security, Inc. SBC Communications Inc. Securities Industry Association Silicon Valley Software Industry Coalition Software Forum Software Publishers Association Sun Microsystems, Inc. TheOnRamp Group, Inc., Ohio Trusted Information Systems United States Council for International Business United States Internet Council United States Telephone Association U.S. Chamber of Commerce US West Voters Telecommunications Watch
On Tue, 23 Sep 1997, Declan McCullagh wrote:
(Then of course there's White's "compromise" language floating around that would double these criminal penalties. And Oxley -- in an effort to split the coalition -- is circulating draft language that might exempt some forms of mundane crypto-devices from his crypto-ban. Who knows? Maybe some Congressmen would vote for Oxley II in hopes of staving off Oxley I. But all these "compromises" are dangerous.)
Do I understand you correctly in that they are planing to double the dracoinian 5/10 year proposed penalties to 10/20 years?
Advice to undersigned firms: Tell your lobbyists to block //all// encryption legislation that might come out of Congress. Then fire them. Spend the millions of dollars on R&D. Get crypto in the hands of the grandmothers of America. Or if you're not going to fire your lobbyists, at least order them not to try and push a bill through. I know it's difficult; that's all they know how to do. But, you see, not only is such a plan doomed to fail, it likely will backfire and threaten all of our freedoms in the process.
I don't know if I should be happy or sad about Declan's recent tone of writing. "Forget about working /with/ DC". I certainly never wanted to be right. There was a time Declan at least hoped that /some/ good might come out of DC. It doesn't seem he thinks this anymore. Hell, Declan almost sounds like Tim a year ago. Will he contribute to the suitcase fund a year from now? BTW, sponsors wishing to remain anonymous have raised the pot to $820,000. This is by far the highest I have ever seen it. -- Lucky Green <shamrock@cypherpunks.to> PGP encrypted email preferred. "Tonga? Where the hell is Tonga? They have Cypherpunks there?"
At 07:52 -0700 9/23/97, Lucky Green wrote:
Do I understand you correctly in that they are planing to double the dracoinian 5/10 year proposed penalties to 10/20 years?
That's correct. That White draft was circulated last week at a crypto coalition meeting that dozens of businesses, lobbyists, and advocacy groups attended. Sadly, I'm told that only the ACLU, Americans for Tax Reform, and (to a similar extent though they were most concened with Bernstein) EFF argued for a hardnosed "no compromise" position. (EPIC would probably have taken the same position, but they were out of town. Eagle Forum also says "no compromise," but they weren't at the meeting.) I spoke to an industry lobbyist yesterday about crypto-in-a-crime. "We don't oppose what the ACLU is doing in trying to get it removed," the lobbyist told me. But this isn't a make-or-break issue for you, is it? "No, it isn't." In other words, they're more than happy to give it up as a trading chit if they can get cash in on relaxed export controls.
I don't know if I should be happy or sad about Declan's recent tone of writing. "Forget about working /with/ DC". I certainly never wanted to be right. There was a time Declan at least hoped that /some/ good might come out of DC. It doesn't seem he thinks this anymore.
I certainly believe there are some duties a federal government should fulfill. On Net-issues, the federal government can do some good by either reversing bad policies or adopting a stance of regulatory forbearance. On copyright, the courts should decide the limits of ISP liability. On crypto, too, the courts are the safest route. On Net-taxes, though, there's a role for Congress to play in considering Cox-Wyden. On telecom, the best way to get bandwidth to the home is by aggressive deregulation, which means more fixes to the just-amended Telecom Act. On content, Congress should of course do nothing except perhaps repeal some of the more censorhappy laws around. Same with Net-gambling. All in all, these issues require minimal action or no action. Especially on encryption: this Congress will never take a pro-crypto approach. The law enforcement lobbyists are simply too strong and too effective. No new laws are better than bad new laws. -Declan
Declan McCullagh <declan@well.com> writes:
Lucky Green writes:
I don't know if I should be happy or sad about Declan's recent tone of writing. "Forget about working /with/ DC". I certainly never wanted to be right. There was a time Declan at least hoped that /some/ good might come out of DC. It doesn't seem he thinks this anymore.
[case by case examples where tbe best thing US government could do is repeal laws]
All in all, these issues require minimal action or no action. Especially on encryption: this Congress will never take a pro-crypto approach. The law enforcement lobbyists are simply too strong and too effective. No new laws are better than bad new laws.
I'd interpret that lot to mean the best possible outcome would be to disband Congress tomorrow. Now where'd I put that deskfab 6 file. Adam -- Now officially an EAR violation... Have *you* violated EAR today? --> http://www.dcs.ex.ac.uk/~aba/rsa/ print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`
participants (3)
-
Adam Back -
Declan McCullagh -
Lucky Green