STATEMENT OF SENATOR PATRICK LEAHY (D-VT)
ON THE ADMINISTRATION'S NEW ENCRYPTION INITIATIVE
October 1, 1996
The timing of the Administration's announcement on encryption, within hours
of the Congress' likely adjournment, is unfortunate. The Administration
needs to work with Congress to develop a consensus on a national encryption
policy that takes account of the privacy, law enforcement and competitiveness
concerns of our Nation's citizens and businesses.
Taking unilateral steps will not resolve this issue, but instead could delay
building the consensus we so urgently need. This issue simply cannot by
resolved by Executive fiat.
While technology should not dictate policy, particularly when our public
safety and national security interests are at issue, any policy we adopt
must protect our privacy. As the Administration and industry rush to find
an alternative to unbreakable encryption, they should take heed that any
solution which fails to protect the Fourth Amendment and privacy rights
of our citizens will be unacceptable.
That is why, with bipartisan support, Senator Burns and I introduced legislation
in March that set out privacy safeguards to protect the decoding keys to
encrypted communications and stringent legal procedures for law enforcement
agencies to get access to those keys.
In this plan, the Administration is directing the resources of our high-tech
industry to develop breakable, rather than unbreakable, encryption. But
no one is yet clear about who will be legally allowed to break into encrypted
messages, and under what circumstances. These are questions that have to
be answered not only with our own government but also with foreign governments.
The weakest link in a key recovery system may be the country with the weakest
privacy protections. Internet users, who can send messages around the globe
seamlessly, do not want the privacy of their encrypted communications to
be at the mercy of a country that ignores the Fourth Amendment principles
we enjoy here.
These are significant privacy and security concerns not answered by the
Administration's plan.
Even without reading the fine print, the general outline of the Administration's
plan smacks of the government trying to control the marketplace for high-tech
products. Only those companies that agree to turn over their business plans
to the government and show that they are developing key recovery systems,
will be rewarded with permission to sell abroad products with DES encryption,
which is the global encryption standard.
Conditioning foreign sales of products with DES on development of key recovery
systems puts enormous pressure on our computer industry to move forward
with key recovery, whether their customers want it or not.
Internet users themselves -- not the FBI, not the NSA, not any government
regulator -- should decide what encryption method best serves their needs.
Then the marketplace will be able to respond. The Administration is putting
the proverbial cart before the horse, by putting law enforcement interests
ahead of every one elses.
But that is not the only catch in the Administration's plan. Permission
to export DES will end in two years. Allowing American companies to sell
DES overseas is a step long overdue. Given the fact that a Japanese company
is already selling "triple DES", one might say this step is too
little, too late. Threatening to pull the plug on DES in two years, when
this genie is already out of the bottle, does not promote our high-tech
industries overseas. Does this mean that U.S. companies selling sophisticated
computer systems with DES encryption overseas must warn their customers\\that
the supply may end in two years? Customers both here and abroad want stable
suppliers, not those jerked around by their government.
The most effective way to protect the privacy and security of our on-line
communications is to use encryption technology. Every American should be
concerned about our country's policy oencryption since the resolution of
this debate will affect privacy, jobs and the competitiveness of our high-tech
industries.
Back.
![[Home]](/images/s_home.gif)
CDT Home Page
Posted on October 1, 1996 || Transcribed from hard copy