Re: Senate panel nixes ProCODE II, approves McCain-Kerrey bill
----Original Message Follows---- In the end, it was child pornography that derailed encryption legislation in the U.S. Senate and dealt a bitter defeat to crypto supporters. Spurred by the chairman's denunciations of cyberporn, a majority of the Senate Commerce Committee rejected ProCODE II this morning -- and instead approved a bill introduced earlier this week that creates new Federal crimes for some uses of crypto and an all-but-mandatory key escrow infrastructure. Sen. John McCain (R-Ariz.), committee chair and chief sponsor of the measure, led the attack, saying Congress must "stop child pornography on the Internet and Internet gambling. These legitimate law enforcement concerns cannot and should not be overlooked or taken lightly." He warned that allowing encryption to be exported would permit child pornographers to use it. "If it's being used for child pornography? Are we going to say that's just fine? That's it's just business? I don't think so." Then Sen. Kay Bailey Hutchinson (R-Tex.) chimed in, saying she doesn't want "children to have access to pornography or other bad types of information." Sen. John Ashcroft (R-MO) tried to disagree. "It's like photography. We're not going to [ban] photography if someone takes dirty pictures." (At this point, one of the more deaf committee members asked, "Pornography? Are we going to ban pornography?") Between the child-porn attack team of senators McCain, Hollings, Kerry, and Frist, ProCODE sponsor Sen. Sen. Conrad Burns (R-Mont.) didn't stand a chance. Hunched over the microphone, Burns was outmaneuvered, outprepared, and outgunned on almost every point. Nevertheless, he introduced ProCODE II -- a so-called compromise measure -- and was defeated 8-12. The changes from ProCODE I gave the NSA, FBI, and CIA oversight over crypto exports and permitted only the export of up to 56-bit crypto products without key escrow. Products of any strength with key escrow could be exported freely. That's hardly a pro-privacy, pro-encryption bill, says the ACLU's Don Haines. "The ProCODE vote shows the political bankruptcy of the pro-business agenda. Even in the Commerce Committee, commerce arguments didn't work," he says. The committee also approved amendments proposed by Kerry that would give jurisdiction over crypto exports to a nine-member "Encryption Export Advisory Board." The panel would "evaluate whether [a] market exists abroad" and make non-binding recommendations to the president. Frist also introduced amendments to the McCain-Kerrey bill that were accepted: * Requiring that not any Federally-funded communications network, but only ones established "for transaction of government business" would use key escrow -- thereby jumpstarting the domestic market. * "Requirements for a subpoenas [sic] should be no less stringent for obtaining keys, then [sic] for any other subpoenaed materials." * Key recovery can mean recovering only a portion of the key "such as all but 40 bits of the key." * NIST after consulting with DoJ and DoD will "publish a reference implementation plan for key recovery systems;" the law will not take effect until the president tells Congress such a study is complete. After the vote, advocacy groups tried to put a good face on the devastating loss -- and an expensive defeat it was. After 15 months of lobbying, countless hearings, backroom dealmaking, and political capital spent, ProCODE is gutted and dead. "There's another day. We have confidence in the system," said BSA's Robert Holleyman. CDT's Jerry Berman said, "What is encouraging is that unlike the CDA other committees are getting involved." Of course, the involvement of other committees is only likely to add more key escrow provisions and limitations on crypto-exports. ProCODE's replacement -- the McCain-Kerrey bill -- now goes to the Senate Judiciary committee, and its chairman has already been talking about mandating key escrow in some circumstances... -Declan ==================================================================== Maybe I'm just paranoid, but doesn't this mean that it is now illegal to use anything over 56 bits in the US, and doesn't this give the US Government the unofficial green light to start cracking down on those of us that use encryption? All they gotta say is that they suspected that we were dealing in child pornography, based on the fact that they monitored encrypted messages leaving from our addresses? It's not that far of a leap in possibilities after everything else they've done. This is starting to get scary ladies and gentleman. I use 2048 bit encryption, does that make me a porn lover because I use that heavy of encryption,and encryption period? I feel some very bad days coming down the pike. I just hope that we can do something to stem the tide. --------------------------------------------------------- Get Your *Web-Based* Free Email at http://www.hotmail.com ---------------------------------------------------------
At 11:15 PM 6/19/97 PDT, David Downey wrote:
Maybe I'm just paranoid, but doesn't this mean that it is now illegal to use anything over 56 bits in the US, and doesn't this give the US Government the unofficial green light to start cracking down on those of us that use encryption?
No. It means that a couple of Senators don't like free speech and privacy, and there have been Senators who disliked those before. If the whole Senate passes the bill, and the House, and the President signs it, then there'd be a law we'd have to fight in court, depending on what it said by the time it was done. But that's a long way off (probably.) Of course, if the bill does get through the House and Senate, Clinton's sure to sign it; he's _not_ a liberal, just a big-spending Democrat, and seems to consistently support anti-privacy decisions, and if there's enough wind blowing in the direction to get the Congress to agree on it, he'll be following it. Meanwhile, the US Gov't can already start blaming crypto users for being Commie-supporting money-laundering assassin-funding child pornographers, if it thinks it's got a case. Don't need any new laws for that, though there aren't any solid court decisions on whether they can force someone to reveal their passwords, and they risk being harassed about false arrest and such if they maliciously accuse someone. # Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts@ix.netcom.com # You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp # (If this is a mailing list or news, please Cc: me on replies. Thanks.)
Maybe I'm just paranoid, but doesn't this mean that it is now illegal to use anything over 56 bits in the US, and doesn't this give the US Government the unofficial green light to start cracking down on those of us that use encryption? All they gotta say is that they suspected that
we were dealing in child pornography, based on the fact that they monitored encrypted messages leaving from our addresses? It's not that
far of a leap in possibilities after everything else they've done. This is starting to get scary ladies and gentleman. I use 2048 bit encryption, does that make me a porn lover because I use that heavy of
encryption,and encryption period? I feel some very bad days coming down the pike. I just hope that we can do something to stem the tide.
I am getting sick of the crap in congress. May's right, whenever they want to get what they want, they just blurt out that their opposition may support kiddie porn. The only somewhat good measure coming up is SAFE, but that will most likely be struck down by lawmakers. After all, it helps encryption, and that might aid kiddie porn! Seriously, if the citizens ever have a civil war, and we win, then Clinton, the senators opposed to Pro-CODE, and other anti-crypto types should be on trial for abuse of power, violation of citizens' rights, and high crimes against the constitution. I hope it would be public :-) The government in theory works for US. So the question is "What the HELL happened to that?!"
participants (3)
-
bennett_t1ļ¼ popmail.firn.edu -
Bill Stewart -
David Downey