Why Leahy is No Friend of Ours

[Timothy C. May]

At 8:34 AM 5/3/96, Black Unicorn wrote:
>On Thu, 2 May 1996, Timothy C. May wrote:

>> I'd say it's 99.95% likely that the PGP key was generated by a staffer--the
>> resident e-mail geek--and that only staffers know how to use PGP. (In fact,
>> probably only the one staffer who generated the key and knows the
>> passphrase....)
>
>While I believe this correct, it's worth noting that Leahy is fairly
>"into" the technology.  He finds it entertaining and "fun."  All of this
>mostly thanks to his one time counsel John Podesta.  Thanks Mr. Podesta!
>
>He's one of the more interested congress critters.
>
>> So, what is accomplished except "feel good" thoughts?
>
>Admittedly, not much.  I'm at least pleased he has a decently on the ball
>staff however who can tell him what the issues are.


"Decently on the ball"? I hope you are being ironic.

Leahy is no friend of ours. Recall that he chaired the hearings on the
FBI's "Digital Telephony" massive wiretap proposal, and co-sponsored the
legislation (with former FBI agent Don Edwards).

This "sleeping giant" of legislation is still out there, and has not been
consigned to the junk heap. It becomes operative--that is, the $10,000 per
day penalties for noncompliance with the law mandating telecom systems be
DT-compliant--in October 1997. (There is ongoing discussion of whether the
$500 million to be paid to the phone companies is going to be allocated,
and whether those companies (such as "Tim's Cheap Internet Phone Company")
which fail to get some of this lucre as it is handed out are then
exempt....the consensus seems to be that some of the $500 million will be
allocated as a sop to the phone companies, but that large numbers of
smaller companies will still be expected to be compliant when a wiretap
order is presented to them. This even if they never got a dime.

The implications for the Internet and for increasingly popular "Internet
phone" systems are interesting. As I understand the DT language, such
systems would have to be made compliant with wiretap requests, or face the
$10K/day penalties. This could force many ISPs, in the U.S. of course, to
take steps to immediately restrict certain programs, or even
[speculatively] force them to become compliant by some form of key escrow,
where they would keep a copy of a key for presentation to law enforcement.
[More speculation by me: the combination of the Wiretap Act, the
Anti-Terrorism Act, and the still-ongoing work on key escrow (TIS is still
pushing their system, Lotus hasn't backed down, Denning still says it's
needed, etc.) could mean that ISPs move to restrict use of crypto in
various ways, possibly mandating escrowed encryption.

Several of us (Black Unicorn, Duncan Frissell, me, etc.) may point out the
practical difficulties involved in such enforcement, and the longterm dim
prospects for success. But the fact is that ISPs are a kind of "choke
point" for halting certain things. I have a feeling I know what my ISP will
say if he gets a court order and a $10,000 per day penalty faces him. Those
who access the Net directly, through their own companies and/or by having
boxes hanging directly on the Net, will be less vulnerable to this kind of
pressure. But the Netcoms, PSI, Earthlinks, AOLs, and such will likely run
into  trouble the first time a court order is presented to make certain
Internet phone conversations tappable....

(I have long argued for this view that certain "choke points" will be
identified. These are the points of leverage--often companies--which law
enforcement can lean on. Whit Diffie made similar points a few years ago,
that drug laws were "enforced" inside companies (who previously didn't care
whether employees smoked dope on their time off, so long as they did the
job), with urine tests, threats of civil forfeiture of company assets if
even small amounts of drugs were found in the possession of employees, etc.
The "War on Drugs" effectively pressed companies into service as soldiers.)

Sure, a few services will decide to fight such penalties in court and seek
to have Digital Telephony thrown out in court. Deep pockets will be
required. Maybe they'll prevail. Maybe the Burns Bill will collide with
Digital Telephony. Unclear at this time.

But no Congressman who co-sponsors such legislation as the "National
Wiretap Initiative," with its "1% of the engineering capacity" requirements
and other such Big Brother Surveillance State clauses, is a friend of ours.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."