U.S. Encryption Policy
"Clipper 3.1.1" (Export Controls on Key Recovery): November 15, 1996
On November 15, 1996, President Clinton issued an executive order establishing the current encryption export policy. The regulations, known as Clipper 3.1.1, contain the following provisions:
- The International Trade and Arms Regulations (ITAR) were amended to transfer encryption products designed for personal, non-military use from the Department of State's US Munitions List (USML) to the Department of Commerce's Commerce Control List (CCL).
- The Commerce Department was given exclusive authority over encryption export regulation.
- 56 bit encryption systems (DES standard) were permitted for export by companies that make "satisfactory commitments" to develop and market key recovery products by December 1998.
In addition, Vice President Gore appointed a special envoy for cryptography, David L. Aaron to promote international cooperation on encryption issues.
Reference documents on Clipper 3.1.1
Bureau of Export Administration
Regulations (EAR) and explanations of export criteria
Clinton's Executive Order
Clinton's Letter to Congressional Leaders on Encryption Export Policy
Clinton's Memorandum on Encryption Export Policy
Text of Vice President Gore's Press Statement
CDT Policy Post 2.35 provides analysis of the Administration policy at the time of its proposal.
CDT Policy Post 2.38 announces the implementation of Clipper 3.1.1 and discusses details of new regulations.
Privacy and Security Concerns
Mandatory Key Recovery for Export The Administration continued to use export controls to force encryption users to adopt key recovery systems, both domestically and abroad. Encryption experts have testified that key escrow systems weaken security and raise costs for individual encryption users.
Only 56 Bit-Length The level of encryption permitted for export under these regulations did not provide adequate protection for our nation's critical infrastructure.
Expanded Law Enforcement Access Without Privacy Protections
Law enforcement was guaranteed access to stored data and electronic files under the current regulations, representing a greater intrusion into personal privacy than wiretapping privileges.
Attempted to Compel Domestic Use of Key Recovery
Rather than allowing market influences to set standards for crypto systems, the Administration was attempting to control the domestic sale and use of encryption by making key escrow a pre-requisite to participating in a national key management infrastructure.
Did Not Acknowledge International Interoperability
A global key escrow system endangered the privacy rights of computer users communicating in countries that have no Fourth Amendment protections.
Highlights from the debate
Letter to Secretary of Commerce Kantor Twenty-one Senators and Represenatives, including Senator Ron Wyden (R-OR)
and Senator Conrad Burns (R-MT) signed a letter opposing the latest Administration proposal to ease export controls on products using strong encryption. The bipartisan letter was sent to Department of Commerce Secretary Mickey Kantor on October 15, 1996.
Statement from Senator Burns: "Burns Cautious on Encryption Plan"
Statement from Senator Leahy on "significant privacy and security concerns"
Business Software Alliance letter to Vice President Gore
Press Clips
"Clinton Encryption Plan Is Generating Resistance" - New York Times article [October 2, 1996]
[Must be registered with NYT web site to access article]
"White House Releases Encryption Export Plan" - Interactive Week article [October 1, 1996]
| |
The Center For Democracy & Technology
1634 Eye Street NW, Suite 1100
Washington, DC 20006
(v) 202.637.9800
(f) 202.637.0968
Contact CDT
Copyright © 2005 by Center for Democracy and Technology.
The content throughout this Web site that originates with CDT can be freely copied and used as long as you make no substantive changes and clearly give us credit. Details.
|
