----------------------------------------------------------------------------- _____ _____ _______ / ____| __ \__ __| ____ ___ ____ __ | | | | | | | | / __ \____ / (_)______ __ / __ \____ _____/ /_ | | | | | | | | / /_/ / __ \/ / / ___/ / / / / /_/ / __ \/ ___/ __/ | |____| |__| | | | / ____/ /_/ / / / /__/ /_/ / / ____/ /_/ (__ ) /_ \_____|_____/ |_| /_/ \____/_/_/\___/\__, / /_/ \____/____/\__/ The Center for Democracy and Technology /____/ Volume 2, Number 36 ---------------------------------------------------------------------------- A briefing on public policy issues affecting civil liberties online ---------------------------------------------------------------------------- CDT POLICY POST Volume 2, Number 36 October 22, 1996 CONTENTS: (1) Crypto Wrap-Up (2) Senator Burns' Sends Open Letter to Net Community (3) Bi-Partisan Group of 20 Members of Congress Raise Questions about Administration's Latest Encryption Initiative (4) How to Subscribe/Unsubscribe (5) About CDT, contacting us ** This document may be redistributed freely with this banner intact ** Excerpts may be re-posted with permission of <editor@cdt.org> ** This document looks best when viewed in COURIER font ** ----------------------------------------------------------------------------- (1) END OF SESSION WRAP-UP OF CRYPTO POLICY REFORM EFFORTS In two letters released this week, Members of Congress have promised to renew their efforts to reform US encryption policy when Congress returns in January. An open letter to the Internet Community from Senator Conrad Burns (R-MT), along with a letter from 20 Republican and Democratic members of both the House and Senate sent to Commerce Secretary Mickey Kantor on October 15, are attached below. The letters cap off an active year in which the Internet community made real progress towards reforming US encryption policy to promote privacy and security on the Internet. While the Administration continues to promote key escrow and export controls, a growing segment of Congress has recognized the importance of encryption policy reform to the viability of the Internet and the future of privacy in the information age. This growing bi-partisan support, along with an increasingly mobilized Net community, has resulted in several significant accomplishments: * Three bills designed to promote privacy and security on the Internet were introduced in the House and Senate: - The Burns/Leahy "Encrypted Communications Privacy Act" (S. 1587) - The Goodlatte/Eshoo "Security and Freedom through Encryption (SAFE) Act" (HR 3011), and - The Burns/Leahy/Pressler "Promotion of Commerce Online in the Digital Era (Pro-CODE) Act" (S. 1726). The bills, which would have relaxed export controls on encryption technology and prevented the government from imposing "key-escrow" schemes domestically, enjoyed broad bi-partisan support. * Congress held four hearings on encryption reform legislation, and heard testimony from privacy advocates, cryptographers, computer industry leaders, and others. These hearings provided a critical opportunity for the Internet community to make its case on the need for encryption policy reform. * Through online forums and the first ever cybercasts of Congressional encryption hearings, the voice of the Internet user community is finally beginning to be heard in Congress, and is helping to educate the Congress about the importance of encryption. * The Adopt your Legislator Campaign (http://www.crypto.com/) is linking Netizens with members of Congress to create a dialogue about the encryption issue. * Nearly 9000 Netizens have signed the online petition (http://www.crypto.com/petition) in support of encryption policy reform. * Leaders from the computer and communications industry joined with members of Congress, public interest organizations from across the political specturm, and the Internet community in Stanford California on July 1 to raise awareness about the need for encryption policy reform. * Other developments include progress on three ongoing legal challenges to the encryption export controls, efforts by privacy advocates to impact the encryption debate in the international encryption policies through the OECD, and the long awaited National Research Council Report which criticized current US encryption policy as "failing to meet the needs of an information age society." Despite these accomplishments, supporters of encryption policy reform still have a long way to go. In late October, the Clinton Administration announced yet another encryption policy initiative relying on export controls and "key-recovery" systems. As the Administration continues to push its plans to satisfy law enforcement concerns, the Internet community must be ready to work hard to protect privacy and security on the Internet. Fortunately, as a result of our efforts this year, we have strong and supportive allies in Congress. When Congress returns in January, expect a renewed effort to enact serious encryption policy reform legislation. With your help, we can ensure that the Internet develops into a secure platform for free expression, commerce, and privacy. WHAT YOU CAN DO NOW: Congress and the Administration are now focused on the elections. Help raise the voice of the Internet community and educate our elected officials about the importance of privacy and security on the Internet. * ADOPT YOUR LEGISLATOR - Join an innovative online campaign designed to help Netizens create an ongoing dialogue with their elected officials on critical Internet policy issues like encryption policy reform http://www.crypto.com/adopt/adopt.cgi?genre=crypto * SIGN THE PETITION - Add your name to the online petition and join the fight for privacy and security on the Internet. Nearly 9000 Netizens have signed on so far. http://www.crypto.com/petition/ ----------------------------------------------------------------------- (2) AN OPEN LETTER TO THE INTERNET COMMUNITY FROM SENATOR BURNS Senator Conrad Burns (R-MT), who along with Senator Patrick Leahy (D-VT) led the fight this year for the Pro-CODE bill, asked us to forward the following letter to the Internet community: X-POP3-Rcpt: jseiger@mailserver From: Conrad_Burns@burns.senate.gov Date: Fri, 18 Oct 96 17:49:32 EST To: jseiger@cdt.org Subject: To Interested Members of the Internet Community: I am writing to thank you for all your help and support of my effort this year to pass legislation to enhance privacy and security on the Internet. As you all know by now, the 104th Congress adjourned before it had a chance to act on S. 1726, the Promotion of Commerce Online in the Digital Era Act of 1996. The bill, which was co-sponsored by Senators Leahy (D-VT), Pressler (R-SD), Lott (R-MS), Wyden (D-OR) and many other Senators from both parties, would have encouraged the widespread availability of strong, easy to use privacy and security tools for Internet Users. Although the Senate was not able to act on Pro-CODE this year, our efforts have laid the groundwork for real reform of US encryption policy in the 105th Congress. And despite significant opposition from the administration, Netizens had a significant impact on the Congressional debate on the encryption issue. I am honored to have helped to arrange the first ever Cybercasts of Congressional hearings, and I enjoyed the many online discussions I had with Netizens. Together, we have helped to show the Congress that the Internet user community can and should have a voice in debates over critical Internet policy issues. Finally, just days before adjournment, the Administration announced yet another encryption policy initiative. The proposal continues to insist on key escrow as a condition for lifting encryption export controls, and raises numerous questions about privacy and competitiveness. This debate is not over by any stretch of the imagination. I intend to move forward on pro-encryption legislation soon after the 105th Congress begins in January. You can find out more about this issue by visiting my web site (http://www.senate.gov/~burns). You can also visit the Encryption Policy Resource Page (http://www.crypto.com/) and the Internet Policy Coalition page (http://www.privacy.org/ipc/). Set up by experts to provide resources on the encryption policy debate, these sites also contain information on how you can get more involved. Thanks again for all your support. Next year, with your help, we can reach a commonsense solution to the critical policy crisis on encryption. Sincerely, U. S. Senator Conrad Burns ----------------------------------------------------------------------- (3) BI-PARTISAN GROUP OF 20 MEMBERS OF CONGRESS RAISE QUESTIONS ABOUT ADMINISTRATION'S LATEST ENCRYPTION INITIATIVE Last week, a bi-partisan group of 20 members from both houses of Congress sent the attached letter to Commerce Secretary Mickey Kantor expressing their concerns about the Administration's latest encryption policy initiative (see http://www.cdt.org/crypto for details). The members, many of whom were co-sponsors of the Burns/Leahy Promotion of Commerce Online in the Digital Era "Pro-CODE" Act (S. 1726) or the Goodlatte/Eshoo Security and Freedom through Encryption "SAFE" Act (HR. 3011), called the latest administration effort "flawed" and pledged to continue to pursue legislation to reform US encryption policy. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Congress of the United States Washington, D.C. 20515 October 15, 1996 The Honorable Michael Kantor Secretary Department of Commerce Washington, D.C. 20230 Dear Secretary: We write to express our serious concerns about the Administration's most recent policy announcement on export restrictions on encryption technology. First we agree with the October 4, 1996, New York Times editorial that characterized the Administration's plan as "needlessly restrictive and probably unworkable" and (though better than previous Administration proposal) "risks doing more harm than good." We recognize that this issue involves a careful balancing of commercial, consumer, law enforcement and national security considerations. However, the well-respected 1996 report by the National Research Council on this matter emphasized that U.S. law enforcement and national security would be enhanced -- not weakened -- by broader use of stronger U.S. encryption technologies both at home and abroad. Furthermore, the report stressed that efforts to control international trade in encryption technologies will only be effective if implemented on a comprehensive, multilateral basis. Unfortunately, the Administration's most recent encryption initiative shortchanges both U.S. business and law enforcement interests. The proposal is flawed for four reasons: it fails to recognize that top-down, government-imposed policies are doomed to defeat: export policies must be directly linked, or indexed, to advances in technology; export controls must be fully multilateral in order to be effective; and export control decisions will be further delayed by granting the FBI new veto authority over U.S. exports. We fear these defects will continue to leave U.S. companies at a disadvantage in the world market, leave users of U.S. encryption uncertain about the security of their information and leave U.S. law enforcement and national security agencies behind the cryptography-curve. Although we were not consulted in the formulation of this policy, we nevertheless hope that in the coming months you will work with us and industry, consumer and user groups to refine it further. In addition to conducting oversight hearing in the next Congress on the Administration's proposal, we also want to assure you that we will continue to pursue legislative solutions toward this end. Sincerely, [signed] Sen. Ron Wyden (D-OR) Sen. Conrad Burns (R-MT) Sen. Trent Lott (R-MS) Sen. Larry Pressler (R-SD) Sen. Lauch Faircloth (R-NC) Sen. Barbara Boxer (D-CA) Sen. Pete Domenici (R-NM) Sen. John Ashcroft (R-MO) Sen. Alan Simpson(R-WY) Sen. Patty Murray (D-WA) Sen. Don Nickles (R-OK) Sen. Larry Craig (R-ID) Sen. Craig Thomas (R-WY) Sen. Kay Bailey Hutchison (R-TX) Rep. Zoe Lofgren (D-CA) Rep. Sonny Bono (R-CA) Rep. Howard Coble (R-NC) Rep. Steve Chabot (R-OH) Rep. Bob Goodlatte (R-VA) Rep. Bob Barr (R-GA) ------------------------------------------------------------------------ (4) SUBSCRIPTION INFORMATION Be sure you are up to date on the latest public policy issues affecting civil liberties online and how they will affect you! Subscribe to the CDT Policy Post news distribution list. CDT Policy Posts, the regular news publication of the Center For Democracy and Technology, are received by nearly 10,000 Internet users, industry leaders, policy makers and activists, and have become the leading source for information about critical free speech and privacy issues affecting the Internet and other interactive communications media. To subscribe to CDT's Policy Post list, send mail to policy-posts-request@cdt.org with a subject: subscribe policy-posts If you ever wish to remove yourself from the list, send mail to the above address with a subject of: unsubscribe policy-posts ----------------------------------------------------------------------- (5) ABOUT THE CENTER FOR DEMOCRACY AND TECHNOLOGY/CONTACTING US The Center for Democracy and Technology is a non-profit public interest organization based in Washington, DC. The Center's mission is to develop and advocate public policies that advance democratic values and constitutional civil liberties in new computer and communications technologies. Contacting us: General information: info@cdt.org World Wide Web: URL:http://www.cdt.org/ FTP URL:ftp://ftp.cdt.org/pub/cdt/ Snail Mail: The Center for Democracy and Technology 1634 Eye Street NW * Suite 1100 * Washington, DC 20006 (v) +1.202.637.9800 * (f) +1.202.637.0968 ----------------------------------------------------------------------- End Policy Post 2.36 10/22/96 -----------------------------------------------------------------------