Congress debates encryption--online

Cybercitizens participated in an online congressional hearing on encryption technology.

CNET News staff
3 min read
For the second time in two weeks, a Senate subcommittee heard testimony today in favor of a bill that would strike down most federal restrictions on the export of software encryption. This time, however, people around the world were able to participate thanks to a live Internet broadcast and online discussion of the proceedings.

Throughout the session, the cybercitizens were able to submit questions and statements through a chat room on HotWired magazine's Web site. Jonah Seiger, policy analyst at the Center for Democracy and Technology, helped set up the Internet broadcast and moderated the chat from his laptop.

"I was really impressed by the level of debate," said Seiger, who along with an aide to Senator Conrad Burns (R-Montana), sponsor of Pro-CODE and the subcomittee chairman, excerpted comments and questions and gave them to Burns to read into the congressional record.

Known as the Pro-CODE Act and backed by the software industry as well as a growing percentage of Congress, the bill seeks to do away with the Cold War-era policy that classifies software encryption as munitions. The Clinton administration and security officials argue that the export of strong encryption technology would make electronic criminal activity impossible to track. Proponents of the bill say the ban is ineffective and only damages the ability of U.S. companies to keep up with foreign competition and jeopardizes the privacy of Internet users.

Among those testifying before the subcommittee today were Sun Microsystems' Whitfield Diffie, the co-creator of public-key encryption, Marc Rotenberg, director of the Electronic Privacy Information Center, and Phil Zimmerman, inventor of Pretty Good Privacy encryption freeware and until recently a target of a federal investigation regarding the export of his program.

Many speakers cited the global, decentralized nature of the Internet, much of it beyond U.S. jurisdiction, as an incentive to protect privacy with strong encryption.

"Foreign governments can intercept [email] messages without the knowledge of the senders, and beyond the ability of the U.S. government to protect the privacy rights of its citizens," said Jerry Berman, executive director of the Center for Democracy and Technology.

Others pointed to the government itself as the problem: "If we do nothing, new technologies will give the government new automatic surveillance capabilities that Stalin could never have dreamed of," Zimmermann said.

The best question from the approximately 50 online participants, Seiger said, addressed the implications of Nippon Telegraph and Telephone's development of a chipset using 1,024-bit encryption created by a Japanese subsidiary of U.S.-based RSA Data Security. The case is seen as evidence that current U.S. restrictions do nothing to prevent the spread and development of strong encryption in foreign countries.

The first day of hearings earlier this month featured leaders of various software companies, including RSA's Jim Bidzos, who testified that encryption export bans were bad for business. Today's speakers were cryptography experts and privacy advocates who argued that the government's insistence on "key-escrow" systems--which require third-party storage of decryption codes, or "keys," that authorities could obtain with a court order--are a breach of constitutional rights to privacy.

The next step for the bill is a full Commerce Committee hearing in mid-July, where senior administration officials and law enforcement agents are expected to testify in favor of strong restrictions on the export of encryption. Sieger said he expects the entire proceedings to be broadcast on the Net and hopes such interactive coverage spreads to non-Internet issues.

No one has approached him yet. But, he said, "anyone wanting to improve communications with Congress, I'd be happy to help them in any way possible."

Related story:
Battle over encryption bill heats up
RSA signs encryption deal with NTT
NRC study recommends encryption use
White House revives Clipper chip idea
Burns bill would ease encryption rules