[From www.nytimes.com, Oct. 16, 1997] To the Editor: "An Attack on Privacy Rights" (editorial, Oct. 3) argues that the approach to encryption that the law enforcement community is advocating has somehow "put the need to eavesdrop on criminals above the privacy rights of ordinary Americans." Nothing could be further from the truth. You fail to mention that the same court-ordered, judicially approved procedures that now apply to wiretaps and electronic data searches would also apply to our ability to obtain decryption keys or information. In fact, what we proposed requires two orders from a judge before we proceed, not just one as now required. There is another issue that, if unaddressed, will have public safety ramifications. Encryption that cannot be deciphered regardless of the number of court orders or new technologies obtained by the police will devastate our ability to fight crime and prevent terrorism. It will nullify the ability to carry out court-authorized searches and seizures of criminal communication and electronic evidence. Policy decisions about encryption should not be left solely to market forces. Congress, the computer industry and law enforcement can work together to craft legislation that balances the public safety with the commercial and private needs of law-abiding Americans. We are not wedded to any particular solution, but feel that some workable solution can be found to insure that law enforcement can gain immediate access to the plaintext of encrypted criminal communication or electronic data that we have lawfully seized. LOUIS J. FREEH Dir., Federal Bureau of Investigation Washington, Oct. 10, 1997 ---------------------------------------------------------------- How can he say this with a straight face?

In fact, what we proposed requires two orders from a judge before we proceed, not just one as now required.

The DOJ proposal, sect 302, says: (A) A Key Recovery Agent, whether or not registered by the Secretary under this Act, shall disclose recovery information stored by a person: (1) ...; or (2) to a law enforcement or national security government agency upon receipt of written authorization in a form to be specified by the Attorney General. It also contradicts his final sentence:

... some workable solution can be found to insure that law enforcement can gain immediate access to the plaintext of encrypted criminal communication or electronic data that we have lawfully seized.

The term "immediate access" means without having to goto a judge. Roger