Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Privacy :: wireclip.txt

Jackboots on the Infobahn by John Perry Barlow. How the people who brought you the Clipper chip plan to put an end to privacy




-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=-=-Copyright 1993,4 Wired USA Ltd. All Rights Reserved=-=-=-=-=-=
-=-=For complete copyright information, please see the end of this file=-=-
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=


WIRED 2.04
Electrosphere
*************

Jackboots on the Infobahn
^^^^^^^^^^^^^^^^^^^^^^^^^

Clipper is a last ditch attempt by the United States, the last great power
from the old Industrial Era, to establish imperial control over cyberspace.


By John Perry Barlow


[Note: The following article will appear in the April 1994 issue of WIRED.
We, the editors of WIRED, are net-casting it now in its pre-published form
as a public service. Because of the vital and urgent nature of its message,
we believe readers on the Net should hear and take action now. You are free
to pass this article on electronically; in fact we urge you to replicate it
throughout the net with our blessings. If you do, please keep the copyright
statements and this note intact. For a complete listing of Clipper-related
resources available through WIRED Online, send email to <infobot@wired.com>
with the following message: "send clipper.index". - The Editors of WIRED] 

On January 11, I managed to schmooze myself aboard Air Force 2. It was
flying out of LA, where its principal passenger had just outlined his
vision of the information superhighway to a suited mob of television, show-
biz, and cable types who fervently hoped to own it one day - if they could
ever figure out what the hell it was.

>From the standpoint of the Electronic Frontier Foundation the speech had 
been wildly encouraging. The administration's program, as announced by Vice
President Al Gore, incorporated many of the concepts of open competition,
universal access, and deregulated common carriage that we'd been pushing
for the previous year.

But he had said nothing about the future of privacy, except to cite among
the bounties of the NII its ability to "help law enforcement agencies
thwart criminals and terrorists who might use advanced telecommunications
to commit crimes."

On the plane I asked Gore what this implied about administration policy on
cryptography. He became as noncommittal as a cigar-store Indian. "We'll be
making some announcements.... I can't tell you anything more." He hurried
to the front of the plane, leaving me to troubled speculation. 

Despite its fundamental role in assuring privacy, transaction security, and
reliable identity within the NII, the Clinton administration has not
demonstrated an enlightenment about cryptography up to par with the rest of
its digital vision.

The Clipper Chip - which threatens to be either the goofiest waste of
federal dollars since President Gerald Ford's great Swine Flu program or,
if actually deployed, a surveillance technology of profound malignancy -
seemed at first an ugly legacy of the Reagan-Bush modus operandi. "This is
going to be our Bay of Pigs," one Clinton White House official told me at
the time Clipper was introduced, referring to the disastrous plan to invade
Cuba that Kennedy inherited from Eisenhower. 

(Clipper, in case you're just tuning in, is an encryption chip that the
National Security Agency and FBI hope will someday be in every phone and
computer in America. It scrambles your communications, making them
unintelligible to all but their intended recipients. All, that is, but the
government, which would hold the "key" to your chip. The key would
separated into two pieces, held in escrow, and joined with the appropriate
"legal authority.")

Of course, trusting the government with your privacy is like having a
Peeping Tom install your window blinds. And, since the folks I've met in
this White House seem like extremely smart, conscious freedom-lovers -
hell, a lot of them are Deadheads - I was sure that after they were fully
moved in, they'd face down the National Security Agency and the FBI, let
Clipper die a natural death, and lower the export embargo on reliable
encryption products.

Furthermore, the National Institutes of Standards and Technology and the
National Security Council have been studying both Clipper and export
embargoes since April. Given that the volumes of expert testimony they had
collected overwhelmingly opposed both, I expected the final report would
give the administration all the support it needed to do the right thing. 

I was wrong. Instead, there would be no report. Apparently, they couldn't
draft one that supported, on the evidence, what they had decided to do
instead.


THE OTHER SHOE DROPS

On Friday, February 4, the other jackboot dropped. A series of
announcements from the administration made it clear that cryptography would
become their very own "Bosnia of telecommunications" (as one staffer put
it). It wasn't just that the old Serbs in the National Security Agency and
the FBI were still making the calls. The alarming new reality was that the
invertebrates in the White House were only too happy to abide by them.
Anything to avoid appearing soft on drugs or terrorism. 

So, rather than ditching Clipper, they declared it a Federal Data
Processing Standard, backing that up with an immediate government order for
50,000 Clipper devices. They appointed the National Institutes of Standards
and Technology and the Department of Treasury as the "trusted" third
parties that would hold the Clipper key pairs. (Treasury, by the way, is
also home to such trustworthy agencies as the Secret Service and the Bureau
of Alcohol, Tobacco, and Firearms.)

They reaffirmed the export embargo on robust encryption products, admitting
for the first time that its purpose was to stifle competition to Clipper.
And they outlined a very porous set of requirements under which the cops
might get the keys to your chip. (They would not go into the procedure by
which the National Security Agency could get them, though they assured us
it was sufficient.)

They even signaled the impending return of the dread Digital Telephony, an
FBI legislative initiative requiring fundamental reengineering of the
information infrastructure; providing wiretapping ability to the FBI would
then become the paramount design priority. 


INVASION OF THE BODY SNATCHERS

Actually, by the time the announcements thudded down, I wasn't surprised by
them. I had spent several days the previous week in and around the White
House.

I felt like I was in another remake of The Invasion of the Body Snatchers.
My friends in the administration had been transformed. They'd been subsumed
by the vast mindfield on the other side of the security clearance membrane,
where dwell the monstrous bureaucratic organisms that feed on fear. They'd
been infected by the institutionally paranoid National Security Agency's
Weltanschauung.

They used all the telltale phrases. Mike Nelson, the White House point man
on the NII, told me, "If only I could tell you what I know, you'd feel the
same way I do." I told him I'd been inoculated against that argument during
Vietnam. (And it does seem to me that if you're going to initiate a process
that might end freedom in America, you probably need an argument that isn't
classified.)

Besides, how does he know what he knows? Where does he get his information?
Why, the National Security Agency, of course. Which, given its strong
interest in the outcome, seems hardly an unimpeachable source. 

However they reached it, Clinton and Gore have an astonishingly simple
bottom line, to which even the future of American liberty and prosperity is
secondary: They believe that it is their responsibility to eliminate, by
whatever means, the possibility that some terrorist might get a nuke and
use it on, say, the World Trade Center. They have been convinced that such
plots are more likely to ripen to hideous fruition behind a shield of
encryption.

The staffers I talked to were unmoved by the argument that anyone smart
enough to steal a nuclear device is probably smart enough to use PGP or
some other uncompromised crypto standard. And never mind that the last
people who popped a hooter in the World Trade Center were able to get it
there without using any cryptography and while under FBI surveillance. 

We are dealing with religion here. Though only ten American lives have been
lost to terrorism in the last two years, the primacy of this threat has
become as much an article of faith with these guys as the Catholic
conviction that human life begins at conception or the Mormon belief that
the Lost Tribe of Israel crossed the Atlantic in submarines. 

In the spirit of openness and compromise, they invited the Electronic
Frontier Foundation to submit other solutions to the "problem" of the
nuclear-enabled terrorist than key escrow devices, but they would not admit
into discussion the argument that such a threat might, in fact, be some
kind of phantasm created by the spooks to ensure their lavish budgets into
the post-Cold War era.

As to the possibility that good old-fashioned investigative techniques
might be more valuable in preventing their show-case catastrophe (as it was
after the fact in finding the alleged perpetrators of the last attack on
the World Trade Center), they just hunkered down and said that when
wiretaps were necessary, they were damned well necessary. 

When I asked about the business that American companies lose because of
their inability to export good encryption products, one staffer essentially
dismissed the market, saying that total world trade in crypto goods was
still less than a billion dollars. (Well, right. Thanks more to the
diligent efforts of the National Security Agency than to dim sales
potential.)

I suggested that a more immediate and costly real-world effect of their
policies would be to reduce national security by isolating American
commerce, owing to a lack of international confidence in the security of
our data lines. I said that Bruce Sterling's fictional data-enclaves in
places like the Turks and Caicos Islands were starting to look real-world
inevitable.

They had a couple of answers to this, one unsatisfying and the other scary.
The unsatisfying answer was that the international banking community could
just go on using DES, which still seemed robust enough to them. (DES is the
old federal Data Encryption Standard, thought by most cryptologists to be
nearing the end of its credibility.)

More frightening was their willingness to counter the data-enclave future
with one in which no data channels anywhere would be secure from
examination by one government or another. Pointing to unnamed other
countries that were developing their own mandatory standards and
restrictions regarding cryptography, they said words to the effect of,
"Hey, it's not like you can't outlaw the stuff. Look at France." 

Of course, they have also said repeatedly - and for now I believe them -
that they have absolutely no plans to outlaw non-Clipper crypto in the US.
But that doesn't mean that such plans wouldn't develop in the presence of
some pending "emergency." Then there is that White House briefing document,
issued at the time Clipper was first announced, which asserts that no US
citizen "as a matter of right, is entitled to an unbreakable commercial
encryption product."

Now why, if it's an ability they have no intention of contesting, do they
feel compelled to declare that it's not a right? Could it be that they are
preparing us for the laws they'll pass after some bearded fanatic has
gotten himself a surplus nuke and used something besides Clipper to conceal
his plans for it?

If they are thinking about such an eventuality, we should be doing so as
well. How will we respond? I believe there is a strong, though currently
untested, argument that outlawing unregulated crypto would violate the
First Amendment, which surely protects the manner of our speech as clearly
as it protects the content.

But of course the First Amendment is, like the rest of the Constitution,
only as good as the government's willingness to uphold it. And they are, as
I say, in the mood to protect our safety over our liberty. 

This is not a mind-frame against which any argument is going to be very
effective. And it appeared that they had already heard and rejected every
argument I could possibly offer.

In fact, when I drew what I thought was an original comparison between
their stand against naturally proliferating crypto and the folly of King
Canute (who placed his throne on the beach and commanded the tide to leave
him dry), my government opposition looked pained and said he had heard that
one almost as often as jokes about roadkill on the information
superhighway.

I hate to go to war with them. War is always nastier among friends.
Furthermore, unless they've decided to let the National Security Agency
design the rest of the National Information Infrastructure as well, we need
to go on working closely with them on the whole range of issues like
access, competition, workplace privacy, common carriage, intellectual
property, and such. Besides, the proliferation of strong crypto will
probably happen eventually no matter what they do. 

But then again, it might not. In which case we could shortly find ourselves
under a government that would have the automated ability to log the time,
origin and recipient of every call we made, could track our physical
whereabouts continuously, could keep better account of our financial
transactions than we do, and all without a warrant. Talk about crime
prevention!

Worse, under some vaguely defined and surely mutable "legal authority,"
they also would be able to listen to our calls and read our e-mail without
having to do any backyard rewiring. They wouldn't need any permission at
all to monitor overseas calls.

If there's going to be a fight, I'd rather it be with this government than
the one we'd likely face on that hard day. 

Hey, I've never been a paranoid before. It's always seemed to me that most
governments are too incompetent to keep a good plot strung together all the
way from coffee break to quitting time. But I am now very nervous about the
government of the United States of America. 

Because Bill 'n' Al, whatever their other new-paradigm virtues, have
allowed the very old-paradigm trogs of the Guardian Class to define as
their highest duty the defense of America against an enemy that exists
primarily in the imagination - and is therefore capable of anything. 

To assure absolute safety against such an enemy, there is no limit to the
liberties we will eventually be asked to sacrifice. And, with a Clipper
Chip in every phone, there will certainly be no technical limit on their
ability to enforce those sacrifices.


WHAT YOU CAN DO

GET CONGRESS TO LIFT THE CRYPTO EMBARGO

The administration is trying to impose Clipper on us by manipulating market
forces. By purchasing massive numbers of Clipper devices, they intend to
induce an economy of scale which will make them cheap while the export
embargo renders all competition either expensive or nonexistent. 

We have to use the market to fight back. While it's unlikely that they'll
back down on Clipper deployment, the Electronic Frontier Foundation
believes that with sufficient public involvement, we can get Congress to
eliminate the export embargo.

Rep. Maria Cantwell, D-Washington, has a bill (H.R. 3627) before the
Economic Policy, Trade, and Environment Subcommittee of the House Committee
on Foreign Affairs that would do exactly that. She will need a lot of help
from the public. They may not care much about your privacy in DC, but they
still care about your vote.

Please signal your support of H.R. 3627, either by writing her directly or
e-mailing her at cantwell@eff.org. Messages sent to that address will be
printed out and delivered to her office. In the subject header of your
message, please include the words "support HR 3627." In the body of your
message, express your reasons for supporting the bill. You may also express
your sentiments to Rep. Lee Hamilton, D-Indiana, the House Committee on
Foreign Affairs chair, by e-mailing hamilton@eff.org. 

Furthermore, since there is nothing quite as powerful as a letter from a
constituent, you should check the following list of subcommittee and
committee members to see if your congressional representative is among
them. If so, please copy them your letter to Rep. Cantwell. 

>Economic Policy, Trade, and Environment Subcommittee: 

Democrats: Sam Gejdenson (Chair), D-Connecticut; James Oberstar, D-
Minnesota; Cynthia McKinney, D-Georgia; Maria Cantwell, D-Washington; Eric
Fingerhut, D-Ohio; Albert R. Wynn, D-Maryland; Harry Johnston, D-Florida;
Eliot Engel, D-New York; Charles Schumer, D-New York. 

Republicans: Toby Roth (ranking), R-Wisconsin; Donald Manzullo, R-Illinois;
Doug Bereuter, R-Nebraska; Jan Meyers, R-Kansas; Cass Ballenger, R-North
Carolina; Dana Rohrabacher, R-California. 

>House Committee on Foreign Affairs:

Democrats: Lee Hamilton (Chair), D-Indiana; Tom Lantos, D-California;
Robert Torricelli, D-New Jersey; Howard Berman, D-California; Gary
Ackerman, D-New York; Eni Faleomavaega, D-Somoa; Matthew Martinez, D-
California; Robert Borski, D-Pennsylvania; Donal Payne, D-New Jersey;
Robert Andrews, D-New Jersey; Robert Menendez, D-New Jersey; Sherrod Brown,
D-Ohio; Alcee Hastings, D-Florida; Peter Deutsch, D-Florida; Don Edwards,
D-California; Frank McCloskey, D-Indiana; Thomas Sawyer, D-Ohio; Luis
Gutierrez, D-Illinois.

Republicans: Benjamin Gilman (ranking), R-New York; William Goodling, R-
Pennsylvania; Jim Leach, R-Iowa; Olympia Snowe, R-Maine; Henry Hyde, R-
Illinois; Christopher Smith, R-New Jersey; Dan Burton, R-Indiana; Elton
Gallegly, R-California; Ileana Ros-Lehtinen, R-Florida; David Levy, R-New
York; Lincoln Diaz-Balart, R-Florida; Ed Royce, R-California. 


BOYCOTT CLIPPER DEVICES AND THE COMPANIES WHICH MAKE THEM. 

Don't buy anything with a Clipper Chip in it. Don't buy any product from a
company that manufactures devices with Big Brother inside. It is likely
that the government will ask you to use Clipper for communications with the
IRS or when doing business with federal agencies. They cannot, as yet,
require you to do so. Just say no.


LEARN ABOUT ENCRYPTION AND EXPLAIN THE ISSUES TO YOUR UNWIRED FRIENDS 

The administration is banking on the likelihood that this stuff is too
technically obscure to agitate anyone but nerds like us. Prove them wrong
by patiently explaining what's going on to all the people you know who have
never touched a computer and glaze over at the mention of words like
"cryptography."

Maybe you glaze over yourself. Don't. It's not that hard. For some hands-on
experience, download a copy of PGP - Pretty Good Privacy - a shareware
encryption engine which uses the robust RSA encryption algorithm. And learn
to use it.


GET YOUR COMPANY TO THINK ABOUT EMBEDDING REAL CRYPTOGRAPHY IN ITS PRODUCTS 

If you work for a company that makes software, computer hardware, or any
kind of communications device, work from within to get them to incorporate
RSA or some other strong encryption scheme into their products. If they say
that they are afraid to violate the export embargo, ask them to consider
manufacturing such products overseas and importing them back into the
United States. There appears to be no law against that. Yet. 

You might also lobby your company to join the Digital Privacy and Security
Working Group, a coalition of companies and public interest groups -
including IBM, Apple, Sun, Microsoft, and, interestingly, Clipper phone
manufacturer AT&T - that is working to get the embargo lifted. 


ENLIST!

Self-serving as it sounds coming from me, you can do a lot to help by
becoming a member of one of these organizations. In addition to giving you
access to the latest information on this subject, every additional member
strengthens our credibility with Congress. 

>Join the Electronic Frontier Foundation by writing membership@eff.org. 

>Join Computer Professionals for Social Responsibility by e-mailing 
cpsr.info@cpsr

..org. CPSR is also organizing a protest, to which you can lend your support
by sending e-mail to clipper.petition@cpsr.org with "I oppose Clipper" in
the message body. Ftp/gopher/WAIS to cpsr.org /cpsr/privacy/ 

crypto/clipper for more info.


In his LA speech, Gore called the development of the NII "a revolution."
And it is a revolutionary war we are engaged in here. Clipper is a last
ditch attempt by the United States, the last great power from the old
Industrial Era, to establish imperial control over cyberspace. If they win,
the most liberating development in the history of humankind could become,
instead, the surveillance system which will monitor our grandchildren's
morality. We can be better ancestors than that. 

San Francisco, California

Wednesday, February 9, 1994

* * *

John Perry Barlow (barlow@eff.org) is co-founder and Vice-Chairman of the
Electronic Frontier Foundation, a group which defends liberty, both in
Cyberspace and the Physical World. He has three daughters. 


=-=-=-=-=-=-=-=-=-=-=-=WIRED Online Copyright Notice=-=-=-=-=-=-=-=-=-=-=-= 

Copyright 1993,4 Wired USA Ltd. All rights reserved. 

This article may be redistributed provided that the article and this notice
remain intact. This article may not under any circumstances be resold or
redistributed for compensation of any kind without prior written permission
from Wired Ventures, Ltd. 

If you have any questions about these terms, or would like information
about licensing materials from WIRED Online, please contact us via
telephone (+1 (415) 904 0660) or email (info@wired.com). 

WIRED and WIRED Online are trademarks of Wired Ventures, Ltd. 

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 

--------------------------------------------------------------------------- 
Date: Tue, 8 Feb 1994 08:25:16 -0800
From: Phil Agre <pagre@weber.ucsd.edu>
Subject: start the revolution (1000 lines) 

Here are several messages about the latest cryptography-and-civil-liberties
action in Washington. Parental discretion advised. Folks in the US are
called on to take several political actions. Please distribute widely. 

Date: 4 Feb 1994 18:21:05 -0600
From: mech@eff.org (Stanton McCandlish)
To: alt-politics-datahighway-list@eff.org Subject: Alert--Admin. names
escrow agents, no compromise on Clipper - 7 files 

EFF Press Release	04/04/94	* DISTRIBUTE WIDELY *

At two briefings, Feb. 4, 1994, the Clinton Administration and various
agencies gave statements before a Congressional committee, and later
representatives of civil liberties organizations, industry spokespersons
and privacy advocates. The Electronic Frontier Foundation's position, based
on what we have seen and heard from the Administration today, is that the
White House is set on a course that pursues Cold War national security and
law enforcement interests to the detriment of individual privacy and civil
liberties.

The news is grim. The Administration is: 

* not backing down on Clipper
* not backing down on key escrow
* not backing down on selection of escrow agents 
* already adamant on escrowed key access procedures 
* not willing to elminate ITAR restrictions
* hiding behind exaggerated threats of "drug dealers" and "terrorists" 

The material released to the industry and advocacy version of the briefing
have been placed online at ftp.eff.org (long before their online
availability from goverment access sites, one might add). See below for
specific details.

No information regarding the Congressional committee version of the
briefing has been announced. EFF Director Jerry Berman, who attended the
private sector meeting, reported the following:

"The White House and other officials briefed industry on its Clipper chip
and encryption review. While the review is not yet complete, they have
reached several policy conclusions. First, Clipper will be proposed as a
new Federal Information Processing Standard (FIPS) next Wednesday. [Feb. 9]
It will be "vountary" for government agencies and the private sector to
use. They are actively asking other vendors to jump in to make the market a
Clipper market. Export licensing processes will be speeded up but export
restrictions will not be lifted in the interests of national security. The
reason was stated bluntly at the briefing : to frustrate competition with
clipper by other powerful encryption schemes by making them difficult to
market, and to "prevent" strong encryption from leaving the country thus
supposedly making the job of law enforcement and intelligence more
difficult. Again in the interest of national security. Of course, Clipper
will be exportable but they would not comment on how other governments will
view this. Treasury and NIST will be the escrow agents and Justice asserted
that there was no necessity for legislation to implement the escrow
procedures.

"I asked if there would be a report to explain the rationale for choosing
these results - we have no explanation of the Administration's thinking, or
any brief in support of the results. They replied that there would be no
report because they have been unable to write one, due to the complexity of
the issue.

"One Administation spokesperson said this was the Bosnia of
Telecommunications. I asked, if this was so, how, in the absense of some
policy explanation, could we know if our policy here will be as successful
as our policy in Bosnia?"

The announcements, authorization procedures for release of escrowed keys,
and q-and-a documents from the private sector briefing are online at EFF. 

They are:

"Statement of the [White House] Press Secretary" [White House]
file://ftp.eff.org/pub/EFF/Policy/Crypto/wh_press_secy.statement 

"Statement of the Vice President" [very short - WH]
file://ftp.eff.org/pub/EFF/Policy/Crypto/gore_crypto.statement 

"Attorney General Makes Key Escrow Encryption Announcements" [Dept. of
Just.] file://ftp.eff.org/pub/EFF/Policy/Crypto/reno_key_escrow.statement 

"Authorization Procedures for Release pf Emcryption Key Components in
Conjunction with Intercepts Pursuant to Title III/State Statutes/FISA" [3
docs. in one file - DoJ]
file://ftp.eff.org/pub/EFF/Policy/Crypto/doj_escrow_intercept.rules 

"Working Group on Data Security" [WH]
file://ftp.eff.org/pub/EFF/Policy/Crypto/interagency_workgroup.announce 

"Statement of Dr. Martha Harris Dep. Asst. Secy. of State for Polit.-Mil.
Affairs: Encryption - Export Control Reform" [Dept. of State]
file://ftp.eff.org/pub/EFF/Policy/Crypto/harris_export.statement 

"Questions and Answers about the Clinton Administration's Encryption
Policy" [WH]
file://ftp.eff.org/pub/EFF/Policy/Crypto/wh_crypto.q-a 

These files are available via anonymous ftp, or via WWW at:
http://www.eff.org/ in the "EFF ftp site" menu off the front page. 

Gopher access:
gopher://gopher.eff.org/
Look in "EFF Files"/"Papers and Testimony"/"Crypto" 

All 7 of these documents will be posted widely on the net immediately
following this notice.


Contacts:

Digital Privacy: Jerry Berman, Exec. Director <jberman@eff.org> 
Daniel J. Weitzner, Sr. Staff Counsel <djw@eff.org> Archives: Stanton
McCandlish, Online Activist <mech@eff.org> General EFF Information:
info@eff.org

--
Stanton McCandlish * mech@eff.org * Electronic Frontier Found.
OnlineActivist 
F O R M O R E I N F O, E - M A I L T O:	I N F O @ E F F . O R G
O P E N P L A T F O R M	O N L I N E R I G H T S
V I R T U A L C U L T U R E	C R Y P T O



Date: 4 Feb 1994 18:55:39 -0600
From: mech@eff.org (Stanton McCandlish)
To: alt-politics-datahighway-list@eff.org Subject: CRYPTO: "Q & A" about
Admin.'s encryption policy 

______ begin file ______

>From the White House

***************************************************************** 

Embargoed until 3:00 p.m. EST Feb. 4, 1994 

QUESTIONS AND ANSWERS ABOUT THE
CLINTON ADMINISTRATION'S ENCRYPTION POLICY 

Q.	What were the findings of the encryption technology review?

A.	The review confirmed that sound encryption technology is
needed to help ensure that digital information in both computer and
telecommunications systems is protected against unauthorized disclosure or
tampering. It also verified the importance of preserving the ability of law
enforcement to understand encrypted communications when conducting
authorized wiretaps. Key escrow technology meets these objectives.

Specific decisions were made to enable federal agencies and the private
sector to use the key escrow technology on a voluntary basis and to allow
the export of key escrow encryption products. 

In addition, the Department of State will streamline export licensing
procedures for products that can be exported under current regulations in
order to help U.S. companies to sell their products abroad.

To meet the critical need for ways to verify the author and sender of an
electronic message -- something that is crucial to business applications
for the National Information Infrastructure -- the federal government is
committed to ensuring the availability of a royalty-free, public-domain
Digital Signature Standard. 

Finally, an interagency working group has been established to continue to
address these issues and to maintain a dialogue with industry and public
interest groups.

Q.	Who has been consulted during this review? The Congress?
Industry? What mechanism is there for continuing consultation? 

A.	Following the President's directive announced on April 16,
1993, extensive discussions have been held with Congress, industry, and
privacy rights groups on encryption issues. Formal public comment was
solicited on the Escrowed Encryption Standard and on a wide variety of
issues related to the review through the Computer System Security and
Privacy Advisory Board. 

The White House Office of Science and Technology Policy and the National
Security Council will chair the interagency working group. The group will
seek input from the private sector both informally and through several
existing advisory committees. It also will work closely with the
Information Policy Committee of the Information Infrastructure Task Force,
which is responsible for coordinating Administration telecommunications and
information policy.

Q.	If national security and law enforcement interests require
continued export controls of encryption, what specific benefits can U.S.
encryption manufacturers expect? 

A.	The reforms will simplify encryption product export licensing
and speed the review of encryption product exports. Among other benefits,
manufacturers should see expedited delivery of products, reduced shipping
and reporting costs, and fewer individual license requests -- especially
for small businesses that cannot afford international distributors. A
personal exemption for business travellers using encryption products will
eliminate delays and inconvenience when they want to take encryption
products out of the U.S. temporarily.

Q.	Why is the key escrow standard being adopted?

A.	The key escrow mechanism will provide Americans and
government agencies with encryption products that are more secure, more
convenient, and less expensive than others readily available today -- while
at the same time meeting the legitimate needs of law enforcement.

Q.	Will the standard be mandatory?

A.	No. The Administration has repeatedly stressed that the key
escrow technology, and this standard, is for voluntary use by federal and
other government agencies and by the private sector. The standard that is
being issued only applies to federal agencies 
-- and it is voluntary.

Does this approach expand the authority of government agencies to listen in
on phone conversations?

No Key escrow technology provides government agencies with no [sic] new
authorities to access the content of the private conversations of
Americans.

Q.	Will the devices be exportable? Will other devices that use
the government hardware?

A.	Yes. After an initial review of the product, the State
Department will permit the export of devices incorporating key escrow
technology to most end users. One of the attractions of this technology is
the protection it can give to U.S. companies operating at home and abroad.

Q.	Suppose a law enforcement agency is conducting a wiretap on a
drug smuggling ring and intercepts a conversation encrypted using the
device. What would they have to do to decipher the message? 

A.	They would have to obtain legal authorization, normally a
court order, to do the wiretap in the first place. They would then present
documentation, including a certification of this authorization, to the two
entities responsible for safeguarding the keys. (The key is split into
component parts, which are stored separately in order to ensure the
security of the key escrow system.) They then obtain the components for the
keys for the device being used by the drug smugglers. The components are
then combined and the message can be read.

Q.	Who will hold the escrowed keys?

A.	The Attorney General has selected two U.S. agencies to hold
the escrowed key components: the Treasury Department's Automated Systems
Division and the Commerce Department's National Institute of Standards and
Technology.

Q.	How strong is the security in the device? How can I be sure
how strong the security is?

A.	This system is more secure than many other voice encryption
system readily available today. While the algorithm upon which the Escrowed
Encryption Standard is based will remain classified to protect the security
of the system, an independent panel of cryptography experts found that the
algorithm provides significant protection. In fact, the panel concluded
that it will be 36 years until the cost of breaking the algorithm will be
equal to the cost of breaking the current Data Encryption Standard now
being used. 

Q.	Is there a "trap door" that would allow unauthorized access
to the keys?

A.	No. There is no trapdoor.

Q.	Whose decision was it to propose this product?

A.	The National Security Council, the Justice Department, the
Commerce Department, and other key agencies were involved in this decision.
The approach has been endorsed by the President, the Vice President, and
appropriate Cabinet officials. 

______ end file ________


Date: 4 Feb 1994 18:58:24 -0600
From: mech@eff.org (Stanton McCandlish)
To: alt-politics-datahighway-list@eff.org Subject: CRYPTO: W. House Press
Sec'y statements on Admin's crypto policy 
/
____ begin file ____

THE WHITE HOUSE	CONTACT: 202 156-7035
OFFlCE OF THE PRESS SECRETARY

EMBARGOED UNTIL 3 PM (EST) FRIDAY, February 4, 1994 


STATEMENT OF THE PRESS SECRETARY


Last April, the Administration announced a comprehensive interagency review
of encryption technology, to be overseen by the National Security Council.
Today, the Administration is taking a number of steps to implement the
recommendations resulting from that review.

Advanced encryption technology offers individuals and businesses an
inexpensive and easy way to encode data and telephone conversations.
Unfortunately, the same encryption technology that can help Americans
protect business secrets and personal privacy can also be used by
terrorists, drug dealers, and other criminals. 

In the past, Federal policies on encryption have reflected primarily the
needs of law enforcement and national security. The Clinton Administration
has sought to balance these needs with the needs of businesses and
individuals for security and privacy. That is why, today the National
Institute of Standards ant Technology (NIST) is committing to ensure a
royalty-free, public-domain Digital Signature Standard. Over many years,
NIST has been developing digital signature technology that would provide a
way to verify the author and sender of an electronic message. Such
technology will be critical for a wide range of business applications for
the National Information Infrastructure. A digital signature standard will
enable individuals to transact business electronically rather than having
to exchange signed paper contracts. The Administration has determined that
such technology should not be subject to private royalty payments, and it
will be taking steps to ensure that royalties are not required for use of a
digital signature. Had digital signatures been in widespread use, the
recent security problems with the Intemet would have been avoided.

Last April, the Administration released the Key Escrow chip (also known as
the "Clipper Chip") that would provide Americans with secure
telecommunications without compromising the ability of law enforcement
agencies to carry out legally authorized wiretaps. Today, the Department of
Commerce and the Department of Justice are taking steps to enable the use
of such technology both in the U.S. and overseas. At the same time, the
Administration is announcing its intent to work with industry to develop
other key escrow products that might better meet the needs of individuals
and industry, particularly the American computer and telecommunications
industry. Specific steps being announced today include: 

- Approval by the Commerce Secretary of the Escrowed Encryption 
Standard (EES) as a voluntary Federal Informahon Processing Standard, which
will enable govemment gencies to purchase the Key Escrow chip for use with
telephones nd modems. The department's National Institute of Standards and
Technology (NIST) will publish the standard.

- Publication by the Department of Justice of procedurs for the 
release of escrowed keys and the announcement of NIST and the Automated
Services Division of the Treasury Department as the escrow agents that will
store the keys needed for decryption of communications using the Key Escrow
chip. Nothing in these procedures will diminish tne existing legal and
procedural requirements that protect Americans from unauthorized wiretaps. 

- New procedures to allow export of products containing the Key 
Escrow chip to most countries.

In addition, the Department of State will streamline export licensing
procedures for encryption products that can be exported under current
export regulations in order to help American companies sell their products
overseas. In the past, it could take weeks for a company to obtain an
export license for encryption products, and each shipment might require a
separate license. The new procedures announced today will substantially
reduce administrative delays and paperwork for encryption exports.

To implement the Administration's encryption policy, an interagency Working
Group on Encryption and Telecommunications has been established. It will be
chaired by the White House Office of Science and Technology Policy and the
National Security Council and will include representatives of the
Departments of Commerce, Justice, State, and Treasury as well as the FBI,
the National Security Agency, the Office of Management and Budget, and the
National Economic Council. This group will work with industry and
public-interest groups to develop new encryption technologies and to review
and refine Administration policies regarding encryption, as needed. 

The Administration is expanding its efforts to work with industry to
improve on the Key Escrow chip, to develop key-escrow software, and to
examine alternatives to the Key Escrow chip. NIST will lead these efforts
and will request additional staff and resources for this purpose.

We understand that many in industry would like to see all encryption
products exportable. However, if encryption technology is made freely
available worldwide, it would no doubt be usod extensively by terrorists,
drug dealers, and other criminals to harm Americans both in the U.S. and
abroad. For this reason, the Administration will continue to restrict
export of the most sophisticated encryption devices, both to preserve our
own foreign intelligence gathering capability and because of the concerns
of our allies who fear that strong encryption technology would inhibit
their law enforcement capabilities.

At the same time, the Administration understands the benefits that
encryption and related technologies can provide to users of computers and
telecommunications networks. Indeed, many of the applications of the
evolving National Information Infrastructure will require some form of
encryption. That is why the Administration plans to work more closely with
the private sector to develop new forms of encryption that can protect
privacy and corporate secrets without undermining the ability of
law-enforcement agencies to conduct legally authorized wiretaps. That is
also why the Administration is committed to make available free of charge a
Digital Signature Standard.

The Administration believes that the steps being announced today will help
provide Americans with the telecommunications security they need without
compromising the capability of law enforcement agencies and national
intelligence agencies. Today, any American can purchase and use any type of
encryption product. The Administration does not intend to change that
policy. Nor do we have any intention of restrictiog domestic encryption or
mandating the use of a particular technology.

____ end file ______


Date: Sat, 5 Feb 1994 00:58:22 -0800
From: "Brock N. Meeks" <brock@well.sf.ca.us> To: com-priv@psi.com
Subject: R.I.P -- Privacy '94

Copyright (c) 1994
CyberWire
Brock N. Meeks



Jacking in from a Non-Government Approved Encryption Port: 

Washington, DC -- The Clinton Administration today gang raped your privacy.

The White House Friday announced its endorsement of a sweeping new security
and privacy initiative. Privacy, as we know it, will never be the same. All
the rules have changed. Forever. The catch is that the government gets to
write all the rules; you get no vote. None. Worse, you can't even read the
fucking rule book because it's classified.

The initiative involves the creation of "new products to accelerate the
development and use of advanced and secure telecommunications networks and
wireless telecommunications links," the White House said. In English: Law
enforcement and intelligence agencies now have an easy way to fuck with any
and all forms of spoken or electronically transmitted communications. 

The policy is voluntary, of course. You don't have to sign on to it. You
don't have to use government approved encryption devices. But if you plan
to do any business with the government, you'll have to use them. And if the
government gets its way, well, you'll end using them whether you want to or
not. You'll have no choice (are you sensing a trend here?). All telephones,
computers, fax machines, modems, etc. will come "wiretap ready." It will be
the de facto standard.

If you don't use the government standard, you'll be branding yourself a
CryptoRebel. Big fucking deal? Maybe, maybe not. But think for a second.
Perhaps some agency will be able to check your "crypto-approval rating."
Perhaps those favorable bank loans, mortgage rates or low insurance
premiums will only go to those with 
high crypto-approval ratings.

But the White House is adamant about making sure you understand this whole
damn thing is voluntary. And don't let anything sway you from believing
that, not even the White House backgrounder materials that say no U.S.
citizen "as a matter of right, is entitled to an unbreakable commercial
encryption product." 

Just use the "balanced" approach of the government system, where in this
case the "breakability" of the encryption belongs only with them.
Everything will work out fine. Just listen: "Encryption is a law and order
issue since it can be use by criminals to thwart wiretaps and avoid
detection and prosecution," said Vice President Gore. "Our policy is
designed to provide better encryption to individuals and businesses while
ensuring that the needs of law enforcement and national security are met." 

The Administration won't tell you exactly why they expect you simply hand
over all your privacy safeguards to them. "Listen, if you knew what we knew
about criminal activity, this issue wouldn't even be debated," said Mike
Nelson with the Office of Science and Technology Policy and co-chair of the
Working Group on Data Security, a newly created interagency task force. 

Chicken or the Egg?
==================

The new policy was hatched in the super-secret recesses of the National
Security Agency (NSA). And while Clinton was still trying to find the
instruction manual for his White House telephone system, the NSA, FBI and
other assorted agencies shoved their ideas onto the National Security
Council table. Before the Administration could blink, it found itself in
the unenviable position of having backed a severely flawed security policy
that has compromised the privacy of every U.S. citizen and drawn the ire of
every civil liberties in the country. 

But the White House quickly put the breaks on, calling for a full scale,
government wide "review" of its security and privacy policies. It gave
privacy advocacy groups some breathing room. Surely the Administration,
once it had a chance to actually study this damn thing, would see it
through it. 

But the White House punted. The review was a smoke screen. Instead, it
provided momentum inside the Administration. It was from this review,
ordered last April, that this new initiative springs.

And when all was said and done, the White House screwed the pooch. 

Clipper Sails On
================

The one trick pony here is the Clipper Chip, a device that can be installed
in virtually any communications device. The chip scrambles all
conversations. No one can crack the code, expect the government, of course.
The Feds hold all the keys. Rather, they hold the only keys that count.

Each Clipper chip is made with 3 unique keys. All three are needed to
descramble the encrypted messages streaming through them. But only the
government's keys matter. The key you get with your Clipper Chip is
essentially the chip's social security number. You'll never actually see
this key, have any idea what its number is or get your hands on it. If you
try to sneak a peak at it, the damn thing self destructs. Honest.

The other two keys will be held in electronic vaults; fraternal twins,
separated by mandate. Each of these keys will be held by government
agencies, called "escrow agents." One will be held by the National
Institute for Standards and Technology, the other by the Automated Systems
Division of the Dept. of Treasury. 

When a law enforcement agency, which could be your local sheriff's
department, wants to wiretap a conversation that's been encrypted by
Clipper they apply to each of the escrow agents. The agents send their
respective key, electronically, to a "black box" operated by the law
enforcement agency. As encrypted conversations stream into the box, they
come out the back side in nice, neat sounding vowels and consonants, or in
the case of electronic mail, in plain ol' ASCII.

Yes, all law enforcement agencies need a court approved wiretap before they
can pull this whole scheme off. This, the Administration says, is where
you're privacy is protected. "We're not going to use Clipper to listen in
on the American public," said Raymond Kammer of NIST deputy director. It
will only be used to catch criminals. Honest.

We Don't Need No Stinkin' Warrant
=================================

Maybe now would be a good time to mention the National Security Agency. You
know these guys. Super-secret, spook agency. Their mission? To monitor and
intercept foreign communications. Did you catch that word FOREIGN? I hope
so, it's crucial. 

The NSA is only allowed to intercept foreign communications -- spying on
U.S. citizens is a crime. They can't even pry into a U.S. citizen's
business a court ordered wiretap. A judge would never allow it. Yet it was
the NSA that cooked up this whole Clipper Chip scheme. Why you ask? Good
question. But the Administration refuses to discuss the issue. 

Here's another they can't answer. Suppose the NSA intercepts a message from
Iraq and finds it's Clipper encrypted (that damn little black box is
specially made to sniff out the Clipper's algorithm and descramble it's
social security number). What does the NSA do with this encrypted Iraqi
message? How does it decrypt the message? There's a classic Catch-22
running here. 

Agencies need the Clipper keys from the escrow agents to read the message
or listen in on the conversation. But to get the keys you need proof that
you have a warrant. The NSA is *never* issued a warrant. You see, the NSA
doesn't need a warrant to spy on FOREIGN communications.

So, this begs the $64,000 question is: How does the NSA get the escrow
agents to give them the keys to decrypt the message if they can't show a
warrant?

Answer: They don't have to show a warrant; they don't have to cause; they
don't have to show spit.

What's wrong with this picture?

"We have appropriate procedures and safeguards built into the system for
the NSA," Nelson said. "I can't tell you what those are, of course, that
would divulging too much about the NSA's operation."

Fox Guarding the Chickens
=========================

There will be absolutely no abuse of the system. This is what the
Administration would like you to believe. They also would like you to
believe that President's don't approve Watergate break-ins, that arms are
never traded for hostages, that the FBI never secretly records civil rights
leaders in the heat of infidelity and that FBI directors have never shown a
proclivity for red sequined dresses and shiny high-heeled cruel shoes.

Representatives from four government organizations stood before the press
and outlined all the careful thinking and rigorous safeguards that have
gone into this system. There are at least 9 different steps that must be
followed to get these Clipper keys transferred from the escrow agents to
the agency authorized to do the wiretap. 

Fair enough, isn't it? Well, it would be except for the fact that the
Justice Department intentionally wrote a giant fucking loop- hole into the
law.

Buried in the Justice Department briefing papers, outlining the
authorization procedures for release of the escrow keys, is this gem:
"These procedures do not create, and are not intended to create, any
substantive rights for individuals intercepted through electronic
surveillance, and noncompliance with these procedures shall not provide the
basis for any motion to suppress or other objection to the introduction of
electronic surveillance evidence lawfully acquired."

So, if somebody screws up, like for instance, asks for the keys to be sent
before they actually have a wiretap in hand, or has no wiretap authority at
all! there is no recourse provision. 

Criminals As Dumb Shits
=======================

But what about that wily criminal element? Once they get wind of this,
won't they seek out another type of encryption? The FBI doesn't think so.
In fact, the FBI thinks criminals are such dumb shits that they'll forget
all about the fact that Clipper even exists.

"I predict that few criminals will remember years from now what they've
read in the Wall Street Journal" about how these devices were installed in
telephones, said FBI's James Kallestrom. (Of course, if criminals are so
stupid, why are they perusing the Wall St. Journal... maybe he really meant
the New York Times...) 

So let's get this right. The FBI is sure that criminals will "just forget"
that Clipper is installed in their phones and use them anyway. These are
the criminals that also would be forgetting that their multi-million dollar
drug deals, not to mention their own sweet ass, could be in jeopardy every
time they make a call. Yes, the government really thinks so.

It's more likely that some bright, enterprising criminal mind will create a
worldwide black market that deals in "non-Clipper Installed" encryption
devices. Damn, talk about an industry with some growth potential.

Getting To the Data Stream
==========================

The whole damn program goes into the crapper, however, if the government
can't get access to source, to the digital data stream, as it comes out of
the telephone switch. In order to do this you have to tap the digital
conversation. That's right, you guessed it: Digital Wiretap Access.

The FBI failed on its own last year to generate any support in Congress for
this digital wiretap proposal. Hell, the FBI couldn't even get a single
member of Congress to introduce the thing. So the FBI broke the chain of
command: They got the President and Vice President to sign off on the idea.


The Administration will soon announce its decision on how it will give the
FBI the right to easily wiretap even your unencrypted conversations.
"Within a few months at most we should have something decided," said Barry
Smith of the FBI's Congressional Affairs office. The FBI's Kallestrom said
it was "all but a done deal."

This isn't a question of whether or not the Administration will line up
behind the FBI on this. It already has. It's only a matter of paperwork,
and the nagging little issue of how to pay for making the telephone
companies comply with the new rules. But these are small details, compared
to the heat the Administration already knows it'll take when they finally
unwrap this puppy. 

Private No More
===============

OSTP's Nelson quipped that these security and privacy issues are the
Cyberspace version of the Administration's muddied Bosnia policy.

Like Bosnia, the White House expects the American public to "trust us" on
this issue. After all, the Administration says, they know a hell of a lot
more than we do about what kind criminal activity is really going down.

Trusting these law enforcement and intelligence agencies is one thing;
tempting them by putting all-powerful tools right into their hip pockets is
something that should generate a hue and cry loud enough for all of
Washington to hear.

So, if you're really pissed off, just pick up the phone can call your
neighbor. Somebody in Washington is bound to hear it. 

Meeks out....



Date: Mon, 7 Feb 1994 10:41:44 -0800
From: "Brock N. Meeks" <brock@well.sf.ca.us> Subject: Congress Wades In

Jacking in from the Congressional Port:

Washington, DC -- White House's slippery plan to salt information highway
with its home-grown encryption technology has irked at least two members of
Congress, prompting a call for congressional hearings.

Senator Patrick Leahy (D-Vt.), chairman of the Technology and Law
Subcommittee said he would likely hold hearings "on the serious issues
raised" by Administration's announcement that it would urge private sector
to voluntarily adopt its Clipper Chip technology. "Basically, what this
means is that the United States Government will hold the two keys to unlock
any private communication coded with this program," Leahy said. Citizens
and potential foreign customers aren't likely to see Clipper "as the
solution to privacy and security concerns," he said. 

White House plan was called "disappointing," by Rep. Don Edwards (D-Cal.).
"I was hoping for a more realistic policy from the Administration," said
Edwards, a former FBI agent. "Competitors all over the world can sell the
strongest encryption technology, but U.S. companies cannot," he said.

Leahy waded in on Administration and law enforcement claims that Clipper
would help thwart terrorist and criminal activity, saying it was "obvious"
these groups would shun Clipper enabled devices. "Why would any
sophisticated criminal or terrorist decide to use Clipper Chip to keep
their communications secret when this is the one encryption method to which
the government holds the keys?" he asked.

Despite Leahy's misgivings, the Administration and law enforcement agencies
continue to bank on the success of Clipper because most criminals are "just
dumb," the FBI has stated repeatedly.

The Administration's decision to keep the handcuffs on export controls of
privately developed encryption schemes also worried the congressmen. Leahy
called it "a misstep... Why would any foreign government want to buy
American software or telecommunications equipment containing Clipper Chip
when the U.S. government has the keys to eavesdrop on any private
communications?"

Edwards said the new policy "won't stop terrorists and drug traffickers
from acquiring encryption technology," adding he hoped President Clinton
would "look at this policy again." 

The government shouldn't be in the business of mandating particular
technologies, Leahy said. "Whatever confidence I might have that the U.S.
government will limit its use of the decoding keys to specific and
justifiable law enforcement objectives, I doubt my confidence will be
universally shared," he said.

Meeks out...

Well, almost... Leahy's office said he *wants* to hear from the public on
the matter of holding hearings. Any and all comments on the viability of
the program, any concerns the public has, should be sent to Leahy
immediately, a staffer said. Leahy can be reached at: Committee on the
Judiciary, Washington, DC 20510; his phone number is 202-224-3406.




Date: Mon, 7 Feb 1994 22:28:08 EST
From: Dave Banisar <banisar@washofc.cpsr.org> To: CPSR Civil Liberties
Group <cpsr-civilliberties@Pa.dec.com> Subject: Campaign Against Clipper

Campaign Against Clipper

CPSR ANNOUNCES CAMPAIGN TO OPPOSE CLIPPER PROPOSAL 

Embargoed until 2 pm, Monday, February 7, 1994 

contact: rotenberg@washofc.cpsr.org (202 544 9240) 


Washington, DC -- Following the White House decision on Friday to endorse a
secret surveillance standard for the information highway, Computer
Professionals for Social Responsibility (CPSR) today announced a national
campaign to oppose the government plan. 

The Clipper proposal, developed in secret by the National Security Agency,
is a technical standard that will make it easier for government agents to
wiretap the emerging data highway. 

Industry groups, professional associations and civil liberties
organizations have expressed almost unanimous opposition to the plan since
it was first proposed in April 1993. 

According to Marc Rotenberg, CPSR Washington director, the Administration
made a major blunder with Clipper. "The public does not like Clipper and
will not accept it. This proposal is fatally flawed." 

CPSR cited several problems with the Clipper plan: 

o The technical standard is subject to misuse and compromise. It would
provide government agents with copies of the keys that protect electronic
communications. "It is a nightmare for computer security," said CPSR Policy
Analyst Dave Banisar.

o The underlying technology was developed in secret by the NSA, an
intelligence agency responsible for electronic eavesdropping, not privacy
protection. Congressional investigations in the 1970s disclosed widespread
NSA abuses, including the illegal interception of millions of cables sent
by American citizens.

o Computer security experts question the integrity of the technology.
Clipper was developed in secret and its specifications are classified. CPSR
has sued the government seeking public disclosure of the Clipper scheme.

o NSA overstepped its legal authority in developing the standard. A 1987
law explicitly limits the intelligence agency's power to set standards for
the nation's communications network. 

o There is no evidence to support law enforcement's claims that new
technologies are hampering criminal investigations. CPSR recently forced
the release of FBI documents that show no such problems. 

o The Administration ignored the overwhelming opposition of the general
public. When the Commerce Department solicited public comments on the
proposal last fall, hundreds of people opposed the plan while only a few
expressed support.

CPSR today announced four goals for its campaign to oppose the Clipper
initiative:

o First, to educate the public about the implications of the Clipper proposal.

o Second, to encourage people to express their views on the Clipper
proposal, particularly through the computer network. 

Toward that goal, CPSR has already begun an electronic petition on the
Internet computer network urging the President to withdraw the Clipper
proposal. In less than one week, the CPSR campaign has drawn thousands of
electronic mail messages expressing concern about Clipper. To sign on,
email clipper.petition@cpsr.org with the message "I oppose clipper" in the
body of the text.

o Third, to pursue litigation to force the public disclosure of documents
concerning the Clipper proposal and to test the legality of the Department
of Commerce's decision to endorse the plan. 

o Fourth, to examine alternative approaches to Clipper. 

Mr. Rotenberg said "We want the public to understand the full implications
of this plan. Today it is only a few experts and industry groups that
understand the proposal. But the consequences of Clipper will touch
everyone. It will affect medical payments, cable television service, and
everything in between.

CPSR is a membership-based public interest organization. For more
information about CPSR, send email to cpsr@cpsr.org or call 415 322 3778.
For more information about Clipper, check the CPSR Internet library
CPSR.ORG. FTP/WAIS/Gopher and listserv access are available. 




Date: Mon, 7 Feb 1994 18:10:03 -0500 (EST) From: Stanton McCandlish
<mech@eff.org>
Subject: EFF Wants You (to add your voice to the crypto fight!) 

The Electronic Frontier Foundation needs your help to ensure privacy rights! 

* DISTRIBUTE WIDELY *

Monday, February 7th, 1994

From: Jerry Berman, Executive Director of EFF 
jberman@eff.org


Dear Friends of the Electronic Frontier, 

I'm writing a personal letter to you because the time has now come for
action. On Friday, February 4, 1994, the Administration announced that it
plans to proceed on every front to make the Clipper Chip encryption scheme
a national standard, and to discourage the development and sale of
alternative powerful encryption technologies. If the government succeeds in
this effort, the resulting blow to individual freedom and privacy could be
immeasurable.

As you know, over the last three years, we at EFF have worked to ensure
freedom and privacy on the Net. Now I'm writing to let you know about
something *you* can do to support freedom and privacy. *Please take a
moment to send e-mail to U.S. Rep. Maria Cantwell (cantwell@eff.org) to
show your support of H.R. 3627, her bill to liberalize export controls on
encryption software.* I believe this bill is critical to empowering
ordinary citizens to use strong encryption, as well as to ensuring that the
U.S. software industry remains competitive in world markets. 

Here are some facts about the bill:

Rep. Cantwell introduced H.R. 3627 in the House of Representatives on
November 22, 1993. H.R. 3627 would amend the Export Control Act to move
authority over the export of nonmilitary software with encryption
capabilities from the Secretary of State (where the intelligence community
traditionally has stalled such exports) to the Secretary of Commerce. The
bill would also invalidate the current license requirements for nonmilitary
software containing encryption capablities, unless there is substantial
evidence that the software will be diverted, modified or re-exported to a
military or terroristic end-use. 

If this bill is passed, it will greatly increase the availability of secure
software for ordinary citizens. Currently, software developers do not
include strong encryption capabilities in their products, because the State
Department refuses to license for export any encryption technology that the
NSA can't decipher. Developing two products, one with less secure
exportable encryption, would lead to costly duplication of effort, so even
software developed for sale in this country doesn't offer maximum security.
There is also a legitimate concern that software companies will simply set
up branches outside of this country to avoid the export restrictions,
costing American jobs.

The lack of widespread commercial encryption products means that it will be
very easy for the federal government to set its own standard--the Clipper
Chip standard. As you may know, the government's Clipper Chip initiative is
designed to set an encryption standard where the government holds the keys
to our private conversations. Together with the Digital Telephony bill,
which is aimed at making our telephone and computer networks
"wiretap-friendly," the Clipper Chip marks a dramatic new effort on the
part of the government to prevent us from being able to engage in truly
private conversations.

We've been fighting Clipper Chip and Digital Telephony in the policy arena
and will continue to do so. But there's another way to fight those
initiatives, and that's to make sure that powerful alternative encryption
technologies are in the hands of any citizen who wants to use them. The
government hopes that, by pushing the Clipper Chip in every way short of
explicitly banning alternative technologies, it can limit your choices for
secure communications.

Here's what you can do:

I urge you to write to Rep. Cantwell today at cantwell@eff.org. In the
Subject header of your message, type "I support HR 3627." In the body of
your message, express your reasons for supporting the bill. EFF will
deliver printouts of all letters to Rep. Cantwell. With a strong showing of
support from the Net community, Rep. Cantwell can tell her colleagues on
Capitol Hill that encryption is not only an industry concern, but also a
grassroots issue. *Again: remember to put "I support HR 3627" in your
Subject header.*

This is the first step in a larger campaign to counter the efforts of those
who would restrict our ability to speak freely and with privacy. Please
stay tuned--we'll continue to inform you of things you can do to promote
the removal of restrictions on encryption. 

In the meantime, you can make your voice heard--it's as easy as e-mail.
Write to cantwell@eff.org today.



Sincerely,

Jerry Berman
Executive Director, EFF
jberman@eff.org



P.S. If you want additional information about the Cantwell bill, send
e-mail to cantwell-info@eff.org. To join EFF, write membership@eff.org. For
introductory info about EFF, send any message to info@eff.org. 
The text of the Cantwell bill can be found on the Internet with the any of
the following URLs (Universal Resource Locaters): 

ftp://ftp.eff.org/pub/Policy/Legislation/cantwell.bill
http://www.eff.org/ftp/EFF/Policy/Legislation/cantwell.bill
gopher://gopher.eff.org/00/EFF/legislation/cantwell.bill 

It will be available on AOL (keyword EFF) and CIS (go EFFSIG) soon. 


-------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
Due to the double-blind, any mail replies to this message will be
anonymized, and an anonymous id will be allocated automatically. You have
been warned. Please report any problems, inappropriate use etc. to
admin@anon.penet.fi.
---------------------------------------------------------------------------







TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH