Interesting People mailing list archives
My testimony to the House in 1994 on Calea
From: Dave Farber <dave () farber net>
Date: Fri, 28 Oct 2005 09:22:12 -0400
Testimony before the Committee on Science, Space and Technology Subcommittee on Technology, Environment and Aviation U.S. House of Representatives Hearing on Communications and Computer Surveillance, Privacy and Security May 3, 1994 David J. Farber The Alfred Fitler Moore Professor of Telecommunication Systems University of Pennsylvania 200 S. 33 rd Street Philadelphia PA 19104-6389 Net: farber () cis upenn edu I. Introduction Good morning Mr. Chairman and members of the subcommittee. I want to thank the Committee for inviting me to testify today. I should start off by stating that the views I will give are my own, and not necessarily those of any organizations that I am affiliated with -- although I hope they agree with my views. I am speaking merely as a professional with long experience in the computer and communications field. My background has been focused on the understanding of and the development of technology in the computer and communications area. I started my career in 1956 with a BS in General Engineering from Stevens Institute of Technology. Due to the influence of a friend, I interviewed Bell Telephone Laboratories even though I was accepted into graduate school. I accepted a very challenging job at Bell Labs helping design the worlds first electronic switching system which was later installed at Morris, Illinois. It was the ENIAC of the computer-based telephone systems we have today. I later went on to do pioneer work in programming languages and after a period at the RAND Corp. I left industry to join the University of California at Irvine (UCI) as a faculty member. At UCI I was responsible for the conceptualization of the first operational distributed computer system sponsored by the NSF -- the DCS system which was the first use of client-server ideas, along with the first micro kernel and the first ring-type Local Area Network. On my journey to the University of Pennsylvania where I hold the Chair of The Alfred Fitler Moore Professor of Telecommunication Systems, I collaborated in the creation and operation of CSNET and the NREN as well as co-authoring the proposal for the Gigabit Testbeds. I have served on more industrial and government advisory committees than is reasonable and am a Fellow of the IEEE. I serve on the Board of Trustees of both the Electronic Frontier Foundation and the Internet Society. My career has been focused on the understanding of, and the development of, technology in the communications area. I have co-founded several of the data networks which have led to the National Information Infrastructure and have taken part in the creation of some of the technology that makes it possible. For the last several years I have also been increasingly involved with the policy problems and opportunities that this technology has created. So while my remarks will focus largely on the technical aspects of the Clipper and the Digital Telephony initiatives I would like to start out by expressing some of my views on policy and also my views as a concerned citizen. II. Public Policy Challenges Posed By New Information & Communication Technologies We are at a critical stage in the evolution of a capability that could rival the industrial revolution in bringing both good and bad to the citizens of this nation. The industrial revolution brought unheard of prosperity to parts of the world and pain and suffering also. The information revolution, and it is a revolution, can bring a burst of prosperity and vigor to a world which is increasingly stuck in a morass of slow growth, regionalization and trade conflicts. The information revolution is a stew based on a blend made possible by increasingly complex communications technology mixed with increasingly more powerful computers. The National Information Infrastructure (NII) and it's sister the Global Information Infrastructure (GII) are among the exciting developments arising out of this technology "stew". All in all, we have an unprecedented transfer of power into the hands of the public and the government that results from these technologies. Computer power that served the entire technical staff of Bell Labs when I was there is now available in my hand. Communications capabilities only dreamed of in the Saturday movie serials is now readily available worldwide. This vastly increased power in the hands of the public has created difficulties for the policy makers. While technology increases in power at a rate of two times per year, our ability to understand the policy implications of this, sadly, grows very slowly. This has shown itself recently in the debate about the Clipper encryption initiative and the Digital Telephony proposals both put forward by the Clinton/Gore administration and backed heavily by the law enforcement community. A careful look at each of these initiatives illuminates the fundamental national issues that are being fought out. It is critical that this discussion be brought out into that part of the policymaking process which has always represented the citizens -- the Congress. I take as one of my guidelines in thinking about these issues, a quote by Ben Franklin -- the Founder of the University I am at -- "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." < I removed a section on Key Escrow djf> III. Digital Telephony I will enumerate my objections to the proposal from a technical/economic point of view. I join others in attacking it from a privacy/freedom/necessity standpoint. In the Clipper controversy, one could find some benefits to the nation in a properly designed system. In the case of the Digital Telephony proposal it is difficult to see where there can be a silver lining. The Digital Telephony proposal calls for the manufacturers of telephone central office switches, tandom switches and SS7 signaling systems to make major design changes to their software systems. These changes would provide, to law enforcement at remote sites, electronic notification of calls to and from selected numbers/individuals as the individuals wander through the complex communications structure that has been created in the United States. I, and many others, expect that the law would have to be extended to cover PBXs and even personal computers as they are used more and more as personal communications devices. As a colleague of mine has often said "What guarantees that the job of law enforcement should be easy?". Yet law enforcement noting the increased complexity of the telecommunications systems and maybe even noticing the ability of all the components of the NII to carry such communications, has demanded the right to peek into our minds and to easily find out whom we call and who calls us. I have often been credited with using the term "the Full Software Employment Act of 1994" when I talk about the Digital Telephony proposal. The proposers talk about costs in the multi hundreds of millions of dollars to be borne by the Government for the first three years. After that all is left open. As one who has in his time designed and built complex systems and who understands the structure of the current telecommunications structure my reactions are as follows. Rational estimates obtained from sources in the industry talk about numbers from $1.5 to $3 billion per year. I consider that low. The complexity of just the Plain Old Telephone System software is enormous. Re-designing large and often the most complex parts of it will not be easy nor inexpensive. One must potentially re-engineer the cellular system with its multiple manufacturers plus the local and toll and tandem switching centers. The fact that they are programmed devices makes it feasible but not cheap. The potential for decreased reliability of the national telephone grid caused by the large scale changes (presently undefined) to the software architecture could cause major dangers to the health and economy of the country. If you watch the bugs (errors) that are distributed in well tested and much similar systems (like DOS or MACOS) you can appreciate the opportunities for chaos -- and it must be done in three years. One should carefully note that the national communications system is marginally reliable at this time. A National Research Council report on it cautioned that it was poorly equipped to survive in the event of catastrophies. The recent set of fiber cuts and the resultant severe disruption of the nation's business is a portent for the future. To spend money that is in short supply satisfying a poorly articulated and poorly justified "problem" with wire tapping is to place the nation's economic health in danger, for communication is the veins that carry the nation's economic blood -- information. From the standpoint of the future evolution of our NII, the Digital Telephony proposal presents a major drag. Whenever a new feature is being considered for implementation and marketing, one very important issue will be how much it will cost to implement it in such a manner as to pass the hurdles of the proposal. That could price many good ideas that would improve the usefulness of our NII off the feasibility horizon. Not only would our citizens not have access to these new and useful services but they would not be implemented in US manufactured systems and thus could make our systems less sellable in competition with those of foreign manufacturers of communications equipment for off shore sales. Note that off shore sales in the developing parts of the globe represent major markets which we could lose. IV. Summary * The Information Age poses hard problems for privacy protection, security and law enforcement * Increasing amounts of personally sensitive and proprietary information on global, digital networks creates need for security through encryption. * Technical knowledge of how to create powerful and practically unbreakable encryption technology is available throughout the world. * Powerful encryption poses real challenges for law enforcement and national security efforts. * These challenges will not be solved by just a single chip such as Clipper or even just a single legislative act such as the proposed Digital Telephony bill. * As a closed, secret, inflexible standard, Clipper will not be widely accepted by the market * Security systems must be trusted by the broad user community. Clipper will never be so trusted because the design of its internal algorithm is secret * Open systems are the only lasting solution to hard technical problems * The history of the computer and communications industry has shown that hard technical problems require open flexible solutions arrived at in an open manner. * The federal government should lead the way toward an open solution, rather than trying in vain to force a closed solution on the problem. * Real alternative to publicly revealed Clipper system design exist, which meet law enforcement goals while protecting privacy, civil liberties and preserving technological flexibility. V. Conclusion There should be no doubt that new computer and communciations technologies pose challenges for the law enforcement and national security communities. By the same token, for the National Information Infrastructure to succeed, and for US companies to be able to compete in the world market -- the Global Information Infrastructure -- user security and privacy must be protected through robust, open cryptography standards. The Congress and the Administration should lead the way toward solutions that are open, provide for flexibility in the future, and seek an appropriate balance of individual privacy and the legitimate needs of law enforcement. I thank this subcommittee again for its foresight and guidance in holding this hearing and look forward to working with you in the future. FOOTNOTE 1 I would like to explicitly support an idea originated by Steve Walker of Trusted Information Systems, who proposes the voluntary establishment of software interface standards to crypto devices and crypto software so that manufacturers around the world, but especially in the United States, can create software systems that can be used with nationally required crypto systems around the world. Such an initiative would greatly enhance the privacy of individuals and the market for such systems. It would also create a major opportunity for American companies to market to the world. Such an initiative would assist in the creation of the GII supported by the Vice President ------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- My testimony to the House in 1994 on Calea Dave Farber (Oct 28)