Senate panel nixes ProCODE II, approves McCain-Kerrey bill
In the end, it was child pornography that derailed encryption legislation in the U.S. Senate and dealt a bitter defeat to crypto supporters. Spurred by the chairman's denunciations of cyberporn, a majority of the Senate Commerce Committee rejected ProCODE II this morning -- and instead approved a bill introduced earlier this week that creates new Federal crimes for some uses of crypto and an all-but-mandatory key escrow infrastructure. Sen. John McCain (R-Ariz.), committee chair and chief sponsor of the measure, led the attack, saying Congress must "stop child pornography on the Internet and Internet gambling. These legitimate law enforcement concerns cannot and should not be overlooked or taken lightly." He warned that allowing encryption to be exported would permit child pornographers to use it. "If it's being used for child pornography? Are we going to say that's just fine? That's it's just business? I don't think so." Then Sen. Kay Bailey Hutchinson (R-Tex.) chimed in, saying she doesn't want "children to have access to pornography or other bad types of information." Sen. John Ashcroft (R-MO) tried to disagree. "It's like photography. We're not going to [ban] photography if someone takes dirty pictures." (At this point, one of the more deaf committee members asked, "Pornography? Are we going to ban pornography?") Between the child-porn attack team of senators McCain, Hollings, Kerry, and Frist, ProCODE sponsor Sen. Sen. Conrad Burns (R-Mont.) didn't stand a chance. Hunched over the microphone, Burns was outmaneuvered, outprepared, and outgunned on almost every point. Nevertheless, he introduced ProCODE II -- a so-called compromise measure -- and was defeated 8-12. The changes from ProCODE I gave the NSA, FBI, and CIA oversight over crypto exports and permitted only the export of up to 56-bit crypto products without key escrow. Products of any strength with key escrow could be exported freely. That's hardly a pro-privacy, pro-encryption bill, says the ACLU's Don Haines. "The ProCODE vote shows the political bankruptcy of the pro-business agenda. Even in the Commerce Committee, commerce arguments didn't work," he says. The committee also approved amendments proposed by Kerry that would give jurisdiction over crypto exports to a nine-member "Encryption Export Advisory Board." The panel would "evaluate whether [a] market exists abroad" and make non-binding recommendations to the president. Frist also introduced amendments to the McCain-Kerrey bill that were accepted: * Requiring that not any Federally-funded communications network, but only ones established "for transaction of government business" would use key escrow -- thereby jumpstarting the domestic market. * "Requirements for a subpoenas [sic] should be no less stringent for obtaining keys, then [sic] for any other subpoenaed materials." * Key recovery can mean recovering only a portion of the key "such as all but 40 bits of the key." * NIST after consulting with DoJ and DoD will "publish a reference implementation plan for key recovery systems;" the law will not take effect until the president tells Congress such a study is complete. After the vote, advocacy groups tried to put a good face on the devastating loss -- and an expensive defeat it was. After 15 months of lobbying, countless hearings, backroom dealmaking, and political capital spent, ProCODE is gutted and dead. "There's another day. We have confidence in the system," said BSA's Robert Holleyman. CDT's Jerry Berman said, "What is encouraging is that unlike the CDA other committees are getting involved." Of course, the involvement of other committees is only likely to add more key escrow provisions and limitations on crypto-exports. ProCODE's replacement -- the McCain-Kerrey bill -- now goes to the Senate Judiciary committee, and its chairman has already been talking about mandating key escrow in some circumstances... -Declan ------------------------- Declan McCullagh Time Inc. The Netly News Network Washington Correspondent http://netlynews.com/
Declan McCullagh <declan@well.com> writes:
Sen. John McCain (R-Ariz.), committee chair and chief sponsor of the measure, led the attack, saying Congress must "stop child pornography on the Internet and Internet gambling. These legitimate law enforcement concerns cannot and should not be overlooked or taken lightly."
This is of course an interesting suggestion, since most underage erotica and gambling on the Net aren't encrypted in the first place. It reminds me of one Islamic country where the leaders introduced television by reading the Koran over it, daring critics to attack something that could be used to transmit the word of God. We have much the opposite situation here in the United States, where any new technology is immediately judged by whether it can be used to transmit pictures of naked children, or thwart attempts by law enforcement to stamp them out.
He warned that allowing encryption to be exported would permit child pornographers to use it.
Perhaps by "Child Pornographers," the good Senator means those legally producing erotica in countries where the permissible age is 16 or 17, as opposed to the US-Mandated Official Age of Adulthood and Full Responsibility(tm) of 18. Countries where, of course, would-be child pornographers use only quality American encryption, the population of such nations being so busy pornographing that they have no time to develop strong encryption products of their own.
(At this point, one of the more deaf committee members asked, "Pornography? Are we going to ban pornography?")
A memorable moment, I am sure, comparable to when Senator Hollings attempted to pronounce "Beavis and Butt-Head."
After the vote, advocacy groups tried to put a good face on the devastating loss -- and an expensive defeat it was.
You really can't fight Congress. Ten minutes after you defeat a bill and spend all your resources, it will be back on the floor under another name and the whole thing will start over again. After you defeat that one, you will discover that the text of the measure got passed late one night as an ammendment to something completely unrelated. The government has infinite resources to harp incessantly on anything until they engineer consent for it and get what they want. Resistance is Futile. You will be Assimilated.
"There's another day. We have confidence in the system," said BSA's Robert Holleyman. CDT's Jerry Berman said, "What is encouraging is that unlike the CDA other committees are getting involved."
These two should be the first up against the wall when the revolution comes. On an unrelated note, after posting just ONE message to cypherpunks from my new Zipcon account, my mailbox is beginning to swell with Unsolicited Bulk Email. -- Mike Duvos $ PGP 2.6 Public Key available $ enoch@zipcon.com $ via Finger $
One of the reasons I've been so skeptical that legislative fixes will work to protect our access to free and unfettered strong, unbreakable cryptography is because I knew strong crypto *really would* do the things McCain, Kerrey, Hollings, Freeh, Clinton, Reno, and all of those folks are fretting about. I mean, come on! This is what crypto anarchy is all about! With it will of course come unbreakable communications channels for bank robbers, terrorists, child pornographers, money launderers, and all the rest of the bogeymen. How could it be otherwise? Ditto for untraceable digital cash. Chaum may waffle on this issue, and even say completely unfounded things about how maybe there will be ways to separate "good" untraceable transaction capabilities from "bad" ones, but we all know this is just shuck and jive. Ditto for anonymous remailers. Ditto for data havens. Ditto for DC-Nets. Ditto for all the good stuff. We know it. Some of them know it. And claiming that this stuff won't happen is disingenuous. (Off point a bit. I was just looking at some of the analyses of the S.909 McCain-Kerrey language, the one that passed today, and was struck by how _dangerous_ some of the analyses are. They critique M-K on some grounds of flawed linkages between CAs and keys, and so on. Well, would the underlying problems with M-K be fixed if these linkages were fixed? Not to me. The only way to defeat M-K is to throw it out completely, not quibble on fine points.) Anyway, they're figuring out what we've known for several years, even longer. And they're lashing out. Pro-CODE never had a real chance. No legislature is going to pass a law making crypto anarchy, black markets, and unfettered pornography a reality. We have to discard concern for "politics" and refocus our efforts on our original strength: monkeywrenching the system with technology. --Tim May There's something wrong when I'm a felon under an increasing number of laws. Only one response to the key grabbers is warranted: "Death to Tyrants!" ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1398269 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
On Thu, 19 Jun 1997, Tim May declared:
We have to discard concern for "politics" and refocus our efforts on our original strength: monkeywrenching the system with technology.
Date: Sat, 14 Jun 1997 13:45:54 +0200 From: Rinaldo RASA <rasa@GPNET.IT> Reply-To: Bohemian The Mailing List of the Bohemian Ink Subject: John Cage on Anarchism. "We don't need government We need utilities. Air, water, energy Travel and communication means Food and shelter. We have no need for imaginary mountain ranges Between separate nations. We can make tunnels through the real ones. Nor do we have any need for the continuing division of people Into those who have what they need And those who don't. Both Fuller and Marshal McLuhan Knew, furthermore That work is now obsolete. We have invented machines to do it for us. Now that we have no need to do anything What shall we do? Looking at Fuller's geodesic world map We see that the Earth is a single island, Oahu. We must give all the people all they need to live In any way they wish. Our present laws protect the rich from the poor. If there are to be laws, we need ones that Begin with the acceptance of poverty as a way of life. We must make the world safe for poverty Without dependence on government."
On Thu, 19 Jun 1997, Declan McCullagh wrote: [...]
* Requiring that not any Federally-funded communications network, but only ones established "for transaction of government business" would use key escrow -- thereby jumpstarting the domestic market.
Would this include militry networks? I'm shaw the militry securaty experts are going to be very happy about being required to eskow there keys. Please excuse my spelling as I suffer from agraphia see the url in my header. Never trust a country with more peaple then sheep. Buy easter bilbies. Save the ABC Is $0.08 per day too much to pay? ex-net.scum and prouud I'm sorry but I just don't consider 'because its yukky' a convinceing argument
-----BEGIN PGP SIGNED MESSAGE----- At 04:18 PM 6/19/97 -0400, Declan McCullagh wrote:
morning -- and instead approved a bill introduced earlier this week that creates new Federal crimes for some uses of crypto and an all-but-mandatory key escrow infrastructure.
Those of us who choose not to use federal networks and federal CAs will be unaffected. I prefer cheap foreign CAs myself. DCF -----BEGIN PGP SIGNATURE----- Version: PGP for Personal Privacy 5.0 Charset: noconv iQCVAwUBM6nX2IVO4r4sgSPhAQEJUgP/SgSst6TmcmX2XSPoLlNe66oLh+RbZWC7 NJLoVU2JuahdqFdQOBpt42sYmV1K1tRRv2NK0M4twbbX9xygn1meGPciS0YRH5bE Mf1iss3qtc/PDJ6w2Dyr1+Q8wc1T1f+HkJXC3IsJlVWm+S13EpL2Cgt/62yMShsA R7XJC4p3WcA= =/SS3 -----END PGP SIGNATURE-----
At 1:18 PM -0700 6/19/97, Declan McCullagh wrote:
That's hardly a pro-privacy, pro-encryption bill, says the ACLU's Don Haines. "The ProCODE vote shows the political bankruptcy of the pro-business agenda. Even in the Commerce Committee, commerce arguments didn't work," he says.
This of course was the crux of my criticism of SAFE, and to a lesser extent, Pro-CODE, and of the nominally pro-liberty groups like EPIC and CDT. They supported "business friendly" bills, perhaps catering to their telecom and computer industry contributors, and did not take a strong civil libertarian stance. The whole system is corrupt. The only hope now is the Junger and Bernstein cases, the hope being that the Supreme Court will eventually rule in one or both of these cases that encrypted speech is just a form of speech and that the First Amendment protects such speech, even on networks partially funded by the Federal government. (Gee, nearly all highways receive Federal funds, due to the way the tax monies are collected and then disbursed. Does this mean the government can regulate speech in any care travelling on any highway even partly built or operated with Federal funds? Think about the parallels.) The whole system is corrupt. --Tim May There's something wrong when I'm a felon under an increasing number of laws. Only one response to the key grabbers is warranted: "Death to Tyrants!" ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1398269 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
At 3:51 PM -0700 6/19/97, Mike Duvos wrote:
You really can't fight Congress. Ten minutes after you defeat a bill and spend all your resources, it will be back on the floor under another name and the whole thing will start over again. After you defeat that one, you will discover that the text of the measure got passed late one night as an ammendment to something completely unrelated.
The government has infinite resources to harp incessantly on anything until they engineer consent for it and get what they want. Resistance is Futile. You will be Assimilated.
Precisely. This "wear them out" strategy has been obvious from the beginning. As has been the invocation of the Four Horsemen of the Infocalypse, used increasingly to get anything passed. The "war" many of us have known was coming is upon us. There's no hope in negotiating for a compromise with them. --Tim May There's something wrong when I'm a felon under an increasing number of laws. Only one response to the key grabbers is warranted: "Death to Tyrants!" ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1398269 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
-----BEGIN PGP SIGNED MESSAGE----- At 04:18 PM 6/19/97 -0400, Declan McCullagh wrote:
After the vote, advocacy groups tried to put a good face on the devastating loss -- and an expensive defeat it was. After 15 months of lobbying, countless hearings, backroom dealmaking, and political capital spent, ProCODE is gutted and dead. "There's another day. We have confidence in the system," said BSA's Robert Holleyman. CDT's Jerry Berman said, "What is encouraging is that unlike the CDA other committees are getting involved."
Anyone mentally retarded enough to expect a congresscritter to protect one's rights deserves everything they get. "Advocacy groups" could have better spent their time litigating crypto and encouraging the use of strong crypto by themselves and their supporters. DCF -----BEGIN PGP SIGNATURE----- Version: PGP for Personal Privacy 5.0 Charset: noconv iQCVAwUBM6nZRIVO4r4sgSPhAQE9qwP/QvWwKOQf8Y9E8dMGnPfU+frUpgqIIshD aPJxnhOr3OxA/3jdCk434EketlVRx2F19KS/68Cy8HIBPQMUq8eEhGaPi3nHcBOd ME9Gnh7ewvMCjhcsLzW8fMKKhHgiBEddAjHzm+QnCJAQ3Hvm7VH9rh5BEiYLp/cu i8adb6uCdnQ= =5w0+ -----END PGP SIGNATURE-----
At 06:30 PM 6/19/97 -0700, Tim May wrote:
This of course was the crux of my criticism of SAFE, and to a lesser extent, Pro-CODE, and of the nominally pro-liberty groups like EPIC and CDT. They supported "business friendly" bills, perhaps catering to their telecom and computer industry contributors, and did not take a strong civil libertarian stance.
Yup. Not that any bill requiring NSA/CIA/FBI approval for export is particularly business friendly, even for crypto software business (much less for people in the speech and artwork businesses), of course...
(Gee, nearly all highways receive Federal funds, due to the way the tax monies are collected and then disbursed. Does this mean the government can regulate speech in any car travelling on any highway even partly built or operated with Federal funds? Think about the parallels.)
You mean people might be required to get a license to travel on government-funded roads, and be forced to demonstrate it to any cop who asks? Or need a license to fly in non-government-funded air, or need to show government-issued ID to travel on government-licensed airlines? Americans would never stand for that sort of abuse! (As you said, "The whole system is corrupt".) There have been exceptions - the Alvarado-Sanchez case, in which the Supremes decided that police had not had sufficient reason to stop a truck traveling near but parallel to the US/Mexican border, and therefore no right to start poking flashlights in the windows, and no right to order the driver to open the tarp covering half a ton of marihuana. Or for that matter the Miranda case, or Brown vs. Texas (you don't have to give your name even if they arrest and book you...) But mostly, it's corrupt, and every "compromise" just ratchets down the amount of freedom we have. # Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts@ix.netcom.com # You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp # (If this is a mailing list or news, please Cc: me on replies. Thanks.)
At 09:13 PM 6/19/97 -0400, frissell@panix.com wrote:
Anyone mentally retarded enough to expect a congresscritter to protect one's rights deserves everything they get. "Advocacy groups" could have better spent their time litigating crypto and encouraging the use of strong crypto by themselves and their supporters.
While Duncan's mostly right about CONgresscritters, there's still a place for lobbying, as well as for litigation and coding. The EFF and other lobbying groups have bought us about 5 years, stalling bills like S.266 which would have banned most crypto, though they've also let through some things like Digital Telephony which aren't effectively implemented yet. Without the pro-freedom lobby groups, the anti-privacy groups have Freeh rein on the Hill, and can get away with labelling any privacy technology as such commie-child-porn-narcoterrorist-anti-motherhood-five-six-seven-horsemen EVIL that the average Congresscritter (who doesn't really care, and knows it) knows it's not safe to not to vote against it. Of course, there are even scarier Congresscritters (the ones who really _mean_well_), but even the heavily-compromising groups that get funded by big corporations to say things the corporations can't always say themselves have helped. Technology growth wins, gridlock is good, and delays in Congress are your friend. The 5 years they've bought us have been critical, letting us deploy more technology, and understand its limits better, as Moore's law has brought PCs into almost everyone's budget range, the Web has brought networking into 30 million Americans' homes (and WebTV and the like will reach even more couch potatoes), and the <&*&!#%> patents are running out. That Pentium 133 that you can get for the price of a fancy TV looks a lot like the Cray 1 without the air conditioner, runs faster than an IBM 370, and the 28.8 modem can carry almost as much data on your phone line as the expensive leased lines that the companies who used IBM 370s a decade ago connected them together with. # Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts@ix.netcom.com # You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp # (If this is a mailing list or news, please Cc: me on replies. Thanks.)
participants (7)
-
? the Platypus {aka David Formosa} -
Bill Stewart -
Declan McCullagh -
frissell@panix.com -
Michael Stutz -
Mike Duvos -
Tim May