High-technology companies today criticized the Clinton administration's latest proposals for national encryption regulations, saying that the policies
will force the industry to strike an unacceptable deal that gives away the right to secure communications.
The administration proposed a series of new
data-scrambling policy initiatives Friday that would permit U.S. companies to more effectively compete internationally. In a press roundtable, Vice President Al Gore said the
administration would consider liberalizing export controls on encryption software and was willing to work with the industry to
develop an international system for managing the mathematical keys used to scramble data, making it possible for law-enforcement officials to monitor messages.
If the computer industry is willing to cooperate on these key-escrow
systems, Gore said, the government would transfer jurisdiction over
encryption products from the State Department to the Commerce Department.
In a written statement, the administration also said that encryption keys
would be provided "voluntarily" by computer users and that in some cases,
organizations might guard their own keys.
But those in the software industry saw nothing substantially new about the
administration's position. Observers say the concessions are
minor and include expanding the licensing of encryption technology for
export to include health care and insurance companies. Also, the
administration would transfer jurisdiction over encryption products from
the State and Commerce departments, a move that would be
mostly of impact to those charged with violations.
Philip Zimmermann, chairman and chief technology officer of Pretty Good Privacy, says that the
administration isn't committed strongly enough to liberalizing export
controls. "We know that the American computer industry is hurting. They
want us to strike a Faustian deal by allowing us to export encryption
technology in exchange for key escrow," but he feels that because it is a
civil liberties issue, it is a deal Zimmermann doesn't want to strike.
The administration itself would seem to back Zimmermann's claim. A
study done by the Commerce Department
found that even though U.S. software companies hold the majority of the
worldwide general purpose encryption software market, "export controls
limit U.S. market share in  countries."
"Even as an economic issue we should still win this argument without giving
them keys," Zimmermann added. "We need to participate in global information
infrastructure. There are two ends to every wire, and if we don't supply
cryptography to people at other end of wire they're going to supply it
FTP Software is one company facing the
Faustian deal that Zimmermann talks of. FTP announced today that they will
be including encryption technology licensed from PGP in their email
package. According to the company, 46 percent of their sales are to overseas
firms--none of which can buy their new product.
"For the customer base we
have, encrypted email is a very big concern because they want secure
communications," said John O'Hara, director of security for FTP. "For FTP and many other companies like us, a large
percentage of the market is outside of the U.S."
He added that "there are many countries that don't regulate the export of encryption, and
companies that are based there enjoy an advantage over us. Obviously, we'd
be very apreciative of relief from artificial restrictions."
Even if export controls were relaxed, companies like FTP would still face
the dillemma of developing two distinct products, one for the U.S. market,
which isn't amenable to a key escrow system, and one for the worldwide
market. The administration also appeared to hold to its latest proposal for
the export of 64-bit encryption, meaning that in order to tap foreign
markets, companies would also likely give U.S. customers the security
system that they could export, rather than the strongest possible
During the last three years the administration has attempted to persuade
the public to support an approach to protecting the privacy of computer and
telephone communications that would permit law-enforcement and
intelligence-agency officials to continue to wiretap electronically
scrambled messages and conversations.
Originally proposed as a system known as Clipper Chip, the data-scrambling
technique would split the mathematical "keys"--large numbers--that are
used to scramble data and then hold those keys in escrow, making them
available to law-enforcement officials who have court orders, permitting
them to eavesdrop.
The administration policy, driven by law-enforcement and
intelligence-agency requirements, has created bitter opposition from U.S.
computer makers, which insist that they are losing sales because of export
controls, and by civil libertarians, who argue that Clipper would allow for
Big Brother-style surveillance.