Freeh's plea for all keys (CNET coverage)

   FBI wants domestic crypto keys
   By Alex Lash
   July 10, 1997, 12:45 p.m. PT
   
   After months on the fence, Federal Bureau of Investigation director
   Louis Freeh is making it clear that controlling the domestic use of
   encryption software is a greater priority than limiting its export.
   
   "Law enforcement is more concerned about the significant and growing
   threat to public safety and effective law enforcement that would be
   caused by the proliferation and use within the United States of a
   communications infrastructure that supports strong encryption products
   but cannot support timely law enforcement decryption," Freeh told the
   Senate Judiciary Committee yesterday.
   
   The director's comments yesterday underline the conflict within the
   administration on encryption policy and the influence the security
   agencies have on that policy. Other voices in the administration,
   including Vice President Al Gore and an early draft of the White
   House's e-commerce white paper, have long insisted that domestic use
   would remain unregulated.
   
   In the hearing convened by committee chairman Orrin Hatch (R-Utah),
   Freeh also expressed concern that pending Senate legislation doesn't
   go far enough in giving law enforcement access to encrypted electronic
   data within U.S. borders.
   
   "These legislative proposals still do not contain adequate assurances
   that the impact on public safety and effective law enforcement of the
   widespread availability of encryption will be addressed," he told the
   committee.
   
   Freeh was referring specifically to Senate bill 909, which mandates
   domestic key recovery--a technology that gives access to a user's
   private keys--for all encryption products purchased with federal money
   and for all federally funded electronic networks. Security officials
   like Freeh argue that inaccessible encryption will let criminals
   communicate on the Internet without fear of being caught.
   
   The bill, sponsored by Sens. Bob Kerrey (D-Nebraska) and John McCain
   (R-Arizona), would also require key recovery for anyone within the
   United States using a government-approved digital certificate. Digital
   certificates are ID tags that verify the sender of a communication or
   transaction as well as the integrity of the data within.
   
   "Registration and the use of registered agents and [digital
   certificate] authorities are entirely voluntary," Kerrey told the
   committee yesterday.
   
   Because digital certificates are considered necessary to spur
   Net-based commerce, critics of the McCain-Kerrey bill argue that a
   federal "stamp of approval" program for certificates creates an
   environment of mistrust for those who choose not to participate in the
   program. Such an environment is bad for business, critics say, and
   will make the federal program and the use of key recovery a de facto
   standard.
   
   The bill has already been approved by the Senate Commerce Committee,
   and Judiciary might take it up for debate soon. The bill has not yet
   been referred to the committee, however, and no further hearings have
   been scheduled, according to the committee press secretary Jeanne
   Lopatto.
   
   Opponents of McCain-Kerrey are already taking unprecedented steps to
   state their case. The Electronic Frontier Foundation, an online rights
   organization, has gone beyond its usual Net-based advocacy to create a
   60-second radio spot. The commercial urges listeners to contact McCain
   and complain about the bill.
   
   "We feel that if this bill passes it will have an extreme impact to
   privacy for the American public in the next 100 years, and the
   majority of people walking down the street will never know what even
   happened," EFF executive director Lori Fena told CNET's NEWS.COM.
   "We're preaching to the choir already on the Net; it's more effective
   to reach people in their cars."
   
   The radio ad is airing this week during rush-hour drive times in San
   Francisco, New York, and Washington, D.C. The organization will gauge
   the volume of response to the ad before buying more air time, but Fena
   is encouraged by the response so far. The nonprofit group has spent
   "in the low thousands of dollars" on the advertisements, Fena added.
   
    related news stories
    • JavaScript hole exposes form data July 9, 1997
    • Germany urges strong encryption July 7, 1997
    • New crypto bill clears committee June 19, 1997
    • Group cracks 56-bit encryption June 18, 1997
    • Leaders want crypto rules lifted June 5, 1997
   
   Copyright ©1995-97 CNET, Inc. All rights reserved.