Interesting People mailing list archives
Government Accounting Office Report on Communications Privacy
From: David Farber <farber () central cis upenn edu>
Date: Thu, 11 Nov 1993 20:24:45 -0500
A few days ago, the Government Accounting Office (GAO) -- a pretty sharp internal gov't investigative organization that's about a lot more than accounting -- issued a report on communications privacy. (Much of what's in the report will probably raise of big "duh, we've been saying this for a decade," from cypherpunks and other digerati, but it's still very important to have the GAO saying this stuff.) The report makes four very important findings: 1. Privacy-protecting technology (crytopgraphy) is increasingly important for protecting the security of business communications and personal information. But federal policy is getting in the way of this technology. "Increased use of computer and communications networks, computer literacy, and dependence on information technology heighten US industries risk of losing proprietary information to economic espionage. In part to reduce the risk, industry is more frequently using hardware and software with encryption capabilities. However, federal policies and actions stemming from national security and law enforcement concerns hinder the use and the export of U.S. commercial encryption technology and may hinder its development." 2. The NSA's role in this area is has been extensive, and possibly beyond the spirit of the Computer Security Act. "Although the Computer Security Act of 1987 reaffirmed NIST's reponsibility for developing federal information-processing standards for security of sensitive, unclassified information, NIST follows NSA's lead in developing certain cryptographic standards" 3. Opportunity for public input in the standards process has been insufficient, leading to proposals like Clipper which lack public support. "These policy issues are formulated and announced to the public, however, with very little input from directly affected business interests, academia, and others." The report draws no specific policy conclusions, but provides excellent ammunition for those of us who are trying to open up the standards process and get export controls lifted. Full text of the report (GAO/OSI-94-2 Communications Privacy: Federal Policy and Actions) is supposed to be made available by ftp from GAO. As soon as it is, I'll let people know where it is. ...................................................................... Daniel J. Weitzner, Senior Staff Counsel <djw () eff org> Electronic Frontier Foundation 202-347-5400 (v) 1001 G St, NW Suite 950 East 202-393-5509 (f) Washington, DC 20001 *** Join EFF!!! Send mail to membership () eff org for information ***
Current thread:
- Government Accounting Office Report on Communications Privacy David Farber (Nov 11)