Freeh proposed ban on unbreakable crypto floated as draft bill
Message one: news report on bill
Message two: some excerpts from the proposal
Message three: upcoming schedule in Congress
From owner-cypherpunks@cyberpass.net Fri Sep 5 20:39:58 1997
Flags: 000000000001
Return-Path:
Received: from sirius.infonex.com (sirius.infonex.com [206.170.114.2])
by watsun.cc.columbia.edu (8.8.5/8.8.5) with ESMTP id VAA04890
for ; Fri, 5 Sep 1997 21:25:14 -0400 (EDT)
Received: (from majordom@localhost) by sirius.infonex.com (8.8.5/8.7.3) id RAA23424 for cypherpunks-outgoing; Fri, 5 Sep 1997 17:50:48 -0700 (PDT)
Received: (from cpunks@localhost) by sirius.infonex.com (8.8.5/8.7.3) id RAA23415 for cypherpunks@infonex.com; Fri, 5 Sep 1997 17:50:37 -0700 (PDT)
Received: from rigel.cyberpass.net (root@rigel.infonex.com [206.170.114.3]) by sirius.infonex.com (8.8.5/8.7.3) with ESMTP id RAA23409 for ; Fri, 5 Sep 1997 17:50:33 -0700 (PDT)
Received: from toad.com (toad.com [140.174.2.1]) by rigel.cyberpass.net (8.8.5/8.7.3) with ESMTP id RAA05037 for ; Fri, 5 Sep 1997 17:47:50 -0700 (PDT)
Received: (from majordom@localhost) by toad.com (8.7.5/8.7.3) id RAA11330 for cypherpunks-unedited-outgoing; Fri, 5 Sep 1997 17:47:23 -0700 (PDT)
Received: from brickbat9.mindspring.com (brickbat9.mindspring.com [207.69.200.12]) by toad.com (8.7.5/8.7.3) with ESMTP id RAA11325 for ; Fri, 5 Sep 1997 17:47:18 -0700 (PDT)
Received: from default (ip196.an3-new-york4.ny.pub-ip.psi.net [38.26.14.196])
by brickbat9.mindspring.com (8.8.5/8.8.5) with SMTP id UAA29760
for ; Fri, 5 Sep 1997 20:47:08 -0400 (EDT)
Message-Id: <1.5.4.32.19970906003958.00849190@pop.pipeline.com>
X-Sender: jya@pop.pipeline.com
X-Mailer: Windows Eudora Light Version 1.5.4 (32)
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Fri, 05 Sep 1997 20:39:58 -0400
To: cypherpunks@toad.com
From: John Young
Subject: New GAK Bill
Sender: owner-cypherpunks@cyberpass.net
Precedence: bulk
Reply-To: John Young
X-List: cypherpunks@cyberpass.net
X-Loop: cypherpunks@cyberpass.net
5 September 1997, MSNBC:
FBI Director Louis Freeh floats a new proposal at a congressional
hearing to outlaw non-breakable crypto products.
A radical shift in crypto debate
Proposed bill outlaws non-crackable crypto products, restrict imports
By Brock N. Meeks, MSNBC
WASHINGTON -- The White House would likely be very sympathetic to a
controversial new bill that would outlaw all encryption software that
doesn't allow law enforcement agencies to immediately decode scrambled
messages, an administration official told MSNBC.
The new bill, still in draft form, is quietly circulating among members
of the House and Senate. Although the administration hasn't formally
endorsed any provisions of the bill, MSNBC has learned that the White
House has been providing what is called technical drafting assistance
to members of Congress writing the bill. William Reinsch, the Commerce
Department undersecretary for export administration, confirmed the White
House involvement for MSNBC on Thursday night.
The draft bill was already in the hands of some members of the Senate's
Subcommittee on Technology, Terrorism and Government Regulation when FBI
Director Louis Freeh outlined its basic provisions while testifying before
the panel Wednesday. Freeh said "we would recommend" that legislation be
written requiring all encryption software or services made in or imported
to the United States to have a feature "which would allow for the immediate,
lawful decryption" of any scrambled messages used for illegal purposes or
in a national security matter.
NATION AT RISK?
The White House, FBI and intelligence agencies claim that the proliferation
of unbreakable encryption products puts the nation at risk. Criminals and
terrorists are increasingly using unbreakable encryption products, Freeh
testified Wednesday.
U.S. makers of encryption software claim that any government-mandated decoding
features would make their products unacceptable to clients in the global
marketplace. The new proposals outlined by Freeh also drew the ire of civil
liberties groups, which fear that any government controls on encryption
products raise serious First Amendment and privacy concerns.
Placing such government-mandated controls on the domestic use and manufacture
of encryption software, as well as on the import of encryption products,
stands in marked contrast to current White House crypto policies. Currently,
the United States places strict regulations on the export of any encryption
products that do make decoding keys available to law enforcement agencies.
However, the administration has steadfastly maintained throughout the often
contentious public debate over encryption policies that it would not place
any restrictions on the domestic use of encryption software, nor would it
restrict the import of encryption products.
Despite Freeh's testimony and the draft legislation written with White House
assistance, Reinsch said the administration's policy on encryption hasn't
changed. "I want to emphasize that [in providing drafting assistance] we are
responding to committee requests," he said. "And those requests have been
fairly directive, such as: 'Give us some examples of how we can better
accommodate law enforcement needs.' "
Currently, the White House is backing an encryption bill in the Senate called
the Secure Public Networks Act, also known as S. 909. This bill would
encourage the use of and set up guidelines for encryption software products
with decoding keys. Under this plan, all coded messages would spin off a
decoding key that would be stored with a government-approved third party.
Law enforcement agencies, foreign or domestic, would be allowed access to
those keys if they obtained a court-ordered warrant. The bill would not
restrict or require any encryption software used in the United States, or
restrict the import of any foreign crypto products.
However, MSNBC has learned that the draft bill now circulating among members
of the House and Senate specifically outlaws the "manufacture, distribution
or import" of any encryption software product or communication device that
does not "allow the immediate decryption" of all scrambled messages or
communications "if used for illegal purposes." The bill also targets
"network services," such as Internet Service Providers, that provide
encryption capabilities to their clients.
BAN WOULD GO INTO EFFECT IN 1999
Under this proposed bill, if such encryption services are offered by a
company like ISP, the service provider must build in a provision to allow
for immediate decryption of any scrambled messages, according to several
sources that have seen the draft language. The software ban would
go into effect in January 1999.
Reinsch told MSNBC he wasn't sure that Freeh's testimony "accurately
reflected" the language the White House offered in its technica
drafting for congressional committees. However, he indicated the
administration was interested in Freeh's proposal.
"I'll be blunt about it," Reinsch said. If such a bill were approved by a
congressional committee, the administration "would look very seriously at
it and I imagine we would be very sympathetic to it," he said.
Opponents of proposals to require key for all encryption software blanched
at Freeh's statements. "This proposal crosses a line that hasn't been
crossed before in the area of domestic controls on crypto," said Alan
Davidson, policy analyst for the Center for Democracy and Technology.
Davidson said a government mandate to provide immediate decryption
capabilities would be like "forcing everyone to live in a glass house."
It also "trashes the Fourth Amendment," which guarantees a right to be
protected from unlawful search and seizure, Davidson said.
Freeh told the Senate panel Wednesday that he isn't looking to expand law
enforcement's investigative powers. Rather, he said, he is only looking for
a "Fourth Amendment that works in the Information Age."
------
From owner-fight-censorship-announce@vorlon.mit.edu Fri Sep 5 19:46:55 1997
Flags: 000000000001
Return-Path:
Received: from vorlon.mit.edu (VORLON.MIT.EDU [18.238.0.139])
by watsun.cc.columbia.edu (8.8.5/8.8.5) with ESMTP id WAA16262
for ; Fri, 5 Sep 1997 22:56:57 -0400 (EDT)
Received: from localhost (bin@localhost)
by vorlon.mit.edu (8.8.5/8.8.5) with SMTP id WAA17571;
Fri, 5 Sep 1997 22:53:46 -0400
Received: by vorlon.mit.edu (bulk_mailer v1.5); Fri, 5 Sep 1997 22:48:00 -0400
Received: (from majordomo@localhost)
by vorlon.mit.edu (8.8.5/8.8.5) id WAA17395
; Fri, 5 Sep 1997 22:47:59 -0400
Received: (from declan@localhost)
by vorlon.mit.edu (8.8.5/8.8.5) id WAA17391
; Fri, 5 Sep 1997 22:47:57 -0400
Received: from smtp.well.com (smtp.well.com [206.80.6.147])
by vorlon.mit.edu (8.8.5/8.8.5) with ESMTP id WAA17376
; Fri, 5 Sep 1997 22:46:49 -0400
Received: from well.com (declan@well.com [206.15.64.10])
by smtp.well.com (8.8.6/8.8.4) with SMTP
id TAA18679 for ; Fri, 5 Sep 1997 19:46:57 -0700 (PDT)
Date: Fri, 5 Sep 1997 19:46:55 -0700 (PDT)
From: Declan McCullagh
To: fight-censorship-announce@vorlon.mit.edu
Subject: FC: Mandatory key escrow bill text, backed by FBI
Message-ID:
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-fight-censorship-announce@vorlon.mit.edu
Reply-To: declan@well.com
X-Loop: fight-censorship-announce@vorlon.mit.edu
X-FC-URL: Fight-Censorship is at http://www.eff.org/~declan/fc/
All encryption products distributed in or imported into the U.S. after
January 1, 1999 must have a key escrow backdoor for the government,
according to an FBI-backed proposal circulating on Capitol Hill. The
measure would impose a similar requirement on "public network service
providers" that offer data-scrambling services. FBI Director Louis Freeh
talked about this proposal, without disclosing legislation existed, at a
Senate subcommittee haring on Wednesday.
Domestic use and sale of encryption has never been regulated.
Attached is an excerpt from the draft "Secure Public Networks Act" dated
August 28.
-Declan
-------
SEC. 105. PUBLIC ENCRYPTION PRODUCTS AND SERVICES
(a) As of January 1, 1999, public network service
providers offering encryption products or encryption
services shall ensure that such products or services
enable the immediate decryption of communications or
electronic information encrypted by such products or
services on the public network, upon receipt of a court
order, warrant, or certification, pursuant to section
106, without the knowledge or cooperation of the person
using such encryption products or services.
(b) As of January 1, 1999, it shall be unlawful for any
person to manufacture for sale or distribution within
the U.S., distribute within the U.S., sell within the
U.S., or import into the U.S., any product that can be
used to encrypt communications or electronic
information, unless that product:
(1) includes features, such as key recovery, trusted
third party compatibility or other means, that
(A) permit immediate decryption upon receipt of
decryption information by an authorized party without
the knowledge or cooperation of the person using such
encryption product; and
(B) is either enabled at the time of manufacture,
distribution, sale, or import, or may be enabled by the
purchase or end user; or
(2) can be used only on systems or networks that include
features, such as key recovery, trusted third party
compatibility or other means, that permit immediate
decryption by an authorized party without the knowledge
or cooperation of the person using such encryption
product.
(c) (1) Within 180 days of the enactment of this Act,
the Attorney General shall publish in the Federal
Register functional criteria for complying with the
decryption requirements set forth in this section.
(2) Within 180 days of the enactment of this Act, the
Attorney General shall promulgate procedures by which
data network service providers sand encryption product
manufacturers, sellers, re-sellers, distributors, and
importers may obtain advisory opinions as to whether a
decryption method will meet the requirements of this
section.
(3) Nothing in this Act or any other law shall be
construed as requiring the implementation of any
particular decryption method in order to satisfy the
requirements of paragrpahs (a) or (b) of this section.
-------
MSNBC's Brock Meeks on above FBI proposal & White House support:
http://www.msnbc.com/news/108020.asp
My report on the September 3 "mandatory key escrow" Senate hearing:
http://jya.com/declan6.htm
Transcript of FBI director Louis Freeh's remarks at Sep 3 hearing:
http://jya.com/fbi-gak.txt
Reuters' Aaron Pressman on Commerce Dept backing away from FBI:
http://www.pathfinder.com/net/latest/RB/1997Sep05/248.html
-------
--------------------------------------------------------------------------
This list is public. To join fight-censorship-announce, send
"subscribe fight-censorship-announce" to majordomo@vorlon.mit.edu.
More information is at http://www.eff.org/~declan/fc/
From owner-cypherpunks@cyberpass.net Sat Sep 6 09:22:58 1997
Flags: 000000000001
Return-Path:
Received: from sirius.infonex.com (sirius.infonex.com [206.170.114.2])
by watsun.cc.columbia.edu (8.8.5/8.8.5) with ESMTP id MAA05771
for ; Sat, 6 Sep 1997 12:55:46 -0400 (EDT)
Received: (from majordom@localhost) by sirius.infonex.com (8.8.5/8.7.3) id JAA03953 for cypherpunks-outgoing; Sat, 6 Sep 1997 09:29:27 -0700 (PDT)
Received: (from cpunks@localhost) by sirius.infonex.com (8.8.5/8.7.3) id JAA03918 for cypherpunks@infonex.com; Sat, 6 Sep 1997 09:29:12 -0700 (PDT)
Received: from rigel.cyberpass.net (root@rigel.infonex.com [206.170.114.3]) by sirius.infonex.com (8.8.5/8.7.3) with ESMTP id JAA03911 for ; Sat, 6 Sep 1997 09:29:03 -0700 (PDT)
Received: from toad.com (toad.com [140.174.2.1]) by rigel.cyberpass.net (8.8.5/8.7.3) with ESMTP id JAA21711 for ; Sat, 6 Sep 1997 09:26:16 -0700 (PDT)
Received: (from majordom@localhost) by toad.com (8.7.5/8.7.3) id JAA19013 for cypherpunks-unedited-outgoing; Sat, 6 Sep 1997 09:23:03 -0700 (PDT)
Received: from smtp.well.com (smtp.well.com [206.80.6.147]) by toad.com (8.7.5/8.7.3) with ESMTP id JAA19008 for ; Sat, 6 Sep 1997 09:23:00 -0700 (PDT)
Received: from well.com (declan@well.com [206.15.64.10])
by smtp.well.com (8.8.6/8.8.4) with SMTP
id JAA26342; Sat, 6 Sep 1997 09:22:58 -0700 (PDT)
Date: Sat, 6 Sep 1997 09:22:58 -0700 (PDT)
From: Declan McCullagh
To: John Young
cc: cypherpunks@toad.com
Subject: Re: Crypto Hearings
In-Reply-To: <1.5.4.32.19970906161132.006eb860@pop.pipeline.com>
Message-ID:
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-cypherpunks@cyberpass.net
Precedence: bulk
Reply-To: Declan McCullagh
X-List: cypherpunks@cyberpass.net
X-Loop: cypherpunks@cyberpass.net
In my post "Mandatory key escrow bill text" yesterday evening I included a
URL to a Reuters dispatch about the SAFE hearing on Sep 4. I also
forwarded the article to f-c, not sure about cypherpunks.
The Sep 4 SAFE hearing seems to have been much more balanced than the
Senate one the day before. I don't have a transcript of it, though.
Beware the National Security committee markup and vote on SAFE next week.
Mandatory key escrow is only one card the government has to play.
-Declan
On Sat, 6 Sep 1997, John Young wrote:
> Declan, or anyone, are there any transcipts of this SAFE hearing,
> or news reports, or other documents:
>
> September 4, 1997
>
> SECURITY AND FREEDOM THROUGH ENCRYPTION ACT
>
> Committee on Commerce: Subcommittee on Telecommunications, Trade, and
> Consumer Protection held a hearing on H.R. 695, Security and Freedom
> Through encryption (SAFE) Act. Testimony was heard from Representatives
> Goodlatte and Lofgren; William P. Cowell, Deputy Director, NSA,
> Department of Defense; William A. Reinsch, Under Secretary, Export
> Administration, Department of Commerce; Robert S. Litt, Deputy
> Assistant Attorney General, Criminal Division, Department of Justice;
> and public witnesses.
>
> -----------------------------------------------------------------------
>
> And for these of the coming week:
>
> Congressional Record: September 5, 1997 (Digest):
>
> CONGRESSIONAL PROGRAM AHEAD
>
> Week of September 8 through 13, 1997
>
> [Excerpts]
> House Committees
>
> Committee on National Security, September 9, to markup H.R. 695,
> Security and Freedom Through Encryption (SAFE) Act, 1 p.m., 2118
> Rayburn.
>
> Permanent Select Committee on Intelligence, September 9,
> executive, hearing on Encryption legislation, 10 a.m., H-405
> Capitol.
> September 11, executive, to markup Encryption legislation, 10
> a.m., H-405 Capitol.
>
> Committee on Science, September 10, hearing on Next Generation
> Internet Initiative, 10 a.m., 2318 Rayburn.
>
> September 11, Subcommittee on Courts and Intellectual Property,
> hearing on H.R. 2265, No Electronic Theft (NET) Act, and also on
> electronic copyright piracy, 10 a.m., 2237 Rayburn.
>
> September 11, Subcommittee on Crime, hearing regarding cellular
> telephone fraud, 9:30 a.m., 2141 Rayburn.
>
> Senate Committees
>
> Select Committee on Intelligence: September 10, to hold a closed
> briefing on intelligence matters, 2:30 p.m., SH-219.
>
> Committee on Labor and Human Resources: September 11, to hold
> hearings to examine the confidentiality of medical information, 10
> a.m., SD-430.
>
>
>
>
>
>