Interesting People mailing list archives
IP: LETTER FROM SENATOR PATRICK LEAHY (D-VT) ON ENCRYPTION
From: Dave Farber <farber () central cis upenn edu>
Date: Thu, 02 May 1996 13:03:41 -0400
To: farber () eff org Please post where appropriate -----BEGIN PGP SIGNED MESSAGE----- LETTER FROM SENATOR PATRICK LEAHY (D-VT) ON ENCRYPTION May 2, 1996 Dear Friends: Today, a bipartisan group of Senators has joined me in supporting legislation to encourage the development and use of strong, privacy-enhancing technologies for the Internet by rolling back the out-dated restrictions on the export of strong cryptography. In an effort to demonstrate one of the more practical uses of encryption technology (and so that you all know this message actually came from me), I have signed this message using a digital signature generated by the popular encryption program PGP. I am proud to be the first member of Congress to utilize encryption and digital signatures to post a message to the Internet. As a fellow Internet user, I care deeply about protecting individual privacy and encouraging the development of the Net as a secure and trusted communications medium. I do not need to tell you that current export restrictions only allow American companies to export primarily weak encryption technology. The current strength of encryption the U.S. government will allow out of the country is so weak that, according to a January 1996 study conducted by world-renowned cryptographers, a pedestrian hacker can crack the codes in a matter of hours! A foreign intelligence agency can crack the current 40-bit codes in seconds. Perhaps more importantly, the increasing use of the Internet and similar interactive communications technologies by Americans to obtain critical medical services, to conduct business, to be entertained and communicate with their friends, raises special concerns about the privacy and confidentiality of those communications. I have long been concerned about these issues, and have worked over the past decade to protect privacy and security for our wire and electronic communications. Encryption technology provides an effective way to ensure that only the people we choose can read our communications. I have read horror stories sent to me over the Internet about how human rights groups in the Balkans have had their computers confiscated during raids by security police seeking to find out the identities of people who have complained about abuses. Thanks to PGP, the encrypted files were undecipherable by the police and the names of the people who entrusted their lives to the human rights groups were safe. The new bill, called the "Promotion of Commerce On-Line in the Digital Era (PRO-CODE) Act of 1996," would: o bar any government-mandated use of any particular encryption system, including key escrow systems and affirm the right of American citizens to use whatever form of encryption they choose domestically; o loosen export restrictions on encryption products so that American companies are able to export any generally available or mass market encryption products without obtaining government approval; and o limit the authority of the federal government to set standards for encryption products used by businesses and individuals, particularly standards which result in products with limited key lengths and key escrow. This is the second encryption bill I have introduced with Senator Burns and other congressional colleagues this year. Both bills call for an overhaul of this country's export restrictions on encryption, and, if enacted, would quickly result in the widespread availability of strong, privacy protecting technologies. Both bills also prohibit a government-mandated key escrow encryption system. While PRO-CODE would limit the authority of the Commerce Department to set encryption standards for use by private individuals and businesses, the first bill we introduced, called the "Encrypted Communications Privacy Act", S.1587, would set up stringent procedures for law enforcement to follow to obtain decoding keys or decryption assistance to read the plaintext of encrypted communications obtained under court order or other lawful process. It is clear that the current policy towards encryption exports is hopelessly outdated, and fails to account for the real needs of individuals and businesses in the global marketplace. Encryption expert Matt Blaze, in a recent letter to me, noted that current U.S. regulations governing the use and export of encryption are having a "deleterious effect ... on our country's ability to develop a reliable and trustworthy information infrastructure." The time is right for Congress to take steps to put our national encryption policy on the right course. I am looking forward to hearing from you on this important issue. Throughout the course of the recent debate on the Communications Decency Act, the input from Internet users was very valuable to me and some of my Senate colleagues. You can find out more about the issue at my World Wide Web home page (http://www.leahy.senate.gov/) and at the Encryption Policy Resource Page (http://www.crypto.com/). Over the coming months, I look forward to the help of the Net community in convincing other Members of Congress and the Administration of the need to reform our nation's cryptography policy. Sincerely, Patrick Leahy United States Senator -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMYjdVBM5YGSLu9/1AQGFwwQArk/HYG65cSOr3dsykvkDFonjISjur7xb SEMCFLI3E4KSoXSy4+6cNogICGADxDnwI8j/29Gviu+d93eQ2veeNmKP43+r0R+S Zcv86b3/pK6btq3QqVN6+x3G8CEA2MnDtuSWbNyANEdValtpOYTCzU2Sm6gNfg9Q 4QxUZ4R4+Ps= =VJ87 -----END PGP SIGNATURE-----
Current thread:
- IP: LETTER FROM SENATOR PATRICK LEAHY (D-VT) ON ENCRYPTION Dave Farber (May 02)