IP: more on Crypto regs draft released

[Dave Farber <farber () cis upenn edu>]

> Date: Tue, 23 Nov 1999 20:03:11 -0500
> To: farber () cis upenn edu
> From: Will Rodger <rodger () worldnet att net>
>
>
>
> http://www.usatoday.com/life/cyber/tech/ctg734.htm
> Critics attack encryption proposal
>
> By Will Rodger, USATODAY.com
>
> Critics Tuesday attacked a new Clinton administration proposal that was 
> supposed to relax controls on the export of encryption technologies 
> crucial to online business and individual privacy.
>
> A draft of those regulations, written by the Commerce Department, was 
> obtained by USATODAY.com.
>
> Representatives of online businesses and public interest groups say they 
> are deeply dissatisfied with the plan.
>
> "This is a very modest step forward cloaked in the guise of a great 
> advance," said David Banisar, an attorney in the Washington DC area and 
> author of several books on encryption policy.
>
> It's designed "solely to relieve pressure for Congress to step in" and 
> take stronger action, he said.
>
> "A lot of questions remain," added Ed Gillespie, executive director of the 
> industry-backed Americans for Computer Privacy. "Two months ago we were 
> talking about a clean lifting of export restrictions. Today we're looking 
> at a complex morass of regulations."
>
> Bill Reinsch, undersecretary for export administration at Commerce, 
> defended the proposal. "So far most (critics) have chosen to make their 
> comments to the press," he said. "It sounds to me like most people are 
> doing the press release first and the careful analysis second."
>
> The proposal, he added, is a work in progress. "We don't have any 
> illusions here at Commerce that it's a finished product," he said. "I take 
> all the complaint with good cheer because we want to make some repairs."
>
> As the White House explained it Sept. 16, American businesses would soon 
> be allowed to export most encryption technologies to all but a handful of 
> countries starting sometime next year. With that permission in hand, US 
> companies would be free to compete with foreign companies that are 
> increasingly taking over computer security markets abroad.
>
> Nonetheless, the Administration has continued to insist on banning export 
> of the most powerful encryption technologies for fear terrorists and 
> criminals would hide their online activities from police and the 
> eavesdropping capabilities of the National Security Agency.
>
> The new proposal, critics say, leaves confusion in its wake:
>
> The regulations say companies can export "retail" encryption software that 
> does not require extensive support by the manufacturer. Yet in a world in 
> which even difficult-to-use network software is available at the corner 
> software store, no one seems sure what does and does not fit this definition.
>
> The administration promised to decontrol exports to non-government 
> entities, but even that definition is vague. For example, is Italy's car 
> manufacturer Fiat, with less than 10% government ownership, considered a 
> governmental entity?
>
> Some language lifts restrictions on software for "low-end" Internet 
> servers. Yet industry representatives who have met with the Commerce 
> Department say no one knows what "low-end" really means.
>
> Administration backers insist time will smooth out the details.
>
> "Everybody was afraid the government wasn't going to deliver," said 
> Stewart D. Baker, former counsel to the National Security Agency. "This 
> utterly changes the encryption control landscape. This means very strong 
> encryption is going to become widespread."
>
> In addition to lifting controls on encryption products most people use to 
> secure e-mail and bank accounts to protect against online hackers, the 
> proposal would also permit export of so-called "open source" computer code 
> that programmers write before converting it into a program others can use.
>
> That much, at least, draws praise.
>
> "If that's true that's very good for the open source community," said Erik 
> Troan Director of Engineering at Red Hat Software in Research Triangle, 
> N.C. "I suppose that's very good for the proprietary companies as well, as 
> so much encryption technology is well understood and widely disseminated 
> in the academic press."
>
>
>
>
>
>
> Front page, News, Sports, Money, Life, Weather, Marketplace © Copyright 
> 1999 USA TODAY, a division of Gannett Co. Inc.