---------- Forwarded message ---------- Date: Tue, 15 Jul 1997 08:52:51 -0700 (PDT) From: Declan McCullagh <declan@well.com> To: fight-censorship-announce@vorlon.mit.edu Subject: Australia's restricted Walsh crypto-report attracts interest The report's at: http://www.efa.org.au/Issues/Crypto/Walsh/ Also, I understand from participants in the Canberra meeting that U.S. performance there was lackluster at best. -Declan ********* http://www.australian.aust.com/computer/fulltext/c0715d.htm Censored report on the Web By STEVE CREEDY July 15: The encryption report the Federal Government did not want Australians to read is already attracting overseas interest after just one week on the Web. A censored version of the Walsh Report on cryptography was obtained under the Freedom of Information Act and has been posted online by Electronic Frontiers Australia. The report, originally slated to be published earlier this year, had been withheld by federal Attorney-General Daryl Williams. EFA officials, worried the Government would formulate an encryption policy without debate, posted the report. The move came as international experts met in Canberra last week for closed-door discussions on cryptography. The report advises against major legislation to safeguard security and law enforcement interests. It proposes "minor legislative and other actions", including updating existing telecommunications and search laws, as well as a more co-ordinated approach by government to cryptography. It does not support US proposals for tackling the issues, including law to require decoding keys be stored with the Government. EFA cryptography committee chairman Greg Taylor said overseas interest was particularly strong from the US where there has been a long-standing debate on how to balance privacy, police and security issues when legislating on encrypted communications. Concern in Australia focused on whether the Government would present a cryptography policy without debate. "We're trying to make sure there is debate about all the issues and submissions from interested parties – commercial, government and private interests," he said. But a spokesman for the Attorney-General said on Sunday the Government was formulating a policy and that there was scope for public input. "There will be, as a matter of course, some sort of announcement," he said. "That allows people to have input." The move to post the report was welcomed by its author, former ASIO deputy director-general Gerard Walsh, who said his work was for debate and he did not know why it had been withheld by the Attorney-General, who had cited "security issues". The spokesman said the document "was not suitable for discussion for the development of policy in the encryption area and, therefore, was not suitable for public release". However, Mr Walsh said he wrote two versions, one for public consumption and one that was "mildly classified". "Because there was going to be a public version, I did speak with interested parties and invited them to have a look and comment on the report in draft form," he said. "As I left it and as I understood it, all were content with it going public but someone must have had a change of heart." The version posted by EFA is the one intended for public discussion with an estimated 20 to 25 paragraphs deleted. Mr Taylor said it was posted with government permission. "The Attorney-General's [department] said they couldn't do much about it anyway," he said. The censored paragraphs fell under sections of the FOI Act relating to internal working documents, law enforcement issues and issues of national security. He did not know what was contained in the deleted paragraphs. Mr Taylor said Mr Walsh found the situation "quite laughable". The Walsh report was probably one of the first balanced reviews of the cryptography issue. "All existing reports are either prepared by government and come down heavily on one side, or they're prepared by groups that basically look at privacy," he said. "This one looks at all issues and as result of analysing them appears to state the whole concept of key escrow is doomed to failure." Mr Walsh concluded government should not commit to a particular solution because the problem itself "will continue to change". US attempts to regulate encryption – including the clipper chip, key escrow and key management – were "public relations and practical disasters". Blanket bans that limited access to services and equipment to achieve access for law enforcement agencies were not in the national interest. "I agree there is a law enforcement required access, but the way in which you achieved it was not to belt the little hazelnut with an almighty steam press that diminished everyone's freedom," he said. "Rather, the direction in which I wanted to push things was to say: 'It would be better to slightly stiffen, strengthen and make more relevant those somewhat anachronistic investigative powers that already exist'." ###