PRIVACY Forum Digest Sunday, 27 February 1994 Volume 03 : Issue 05 Moderated by Lauren Weinstein (lauren@vortex.com) Vortex Technology, Woodland Hills, CA, U.S.A. ===== PRIVACY FORUM ===== The PRIVACY Forum digest is supported in part by the ACM Committee on Computers and Public Policy. CONTENTS The Clipper Saga continues... (Lauren Weinstein; PRIVACY Forum Moderator) Re: Emotion v. Reason (Marc Rotenberg) Re: Emotion vs. Reason in the Clipper "Debate" (Jerry Leichter) Privacy Forum comments, v3i4 (Prabhakar Ragde) Clipper, Denning and PRIVACY Forum Digest V03 #04 (Lee S. Parks) CPSR Clipper Petition /rsp to Denning (Marc Rotenberg) Newsday article: The Clipper Chip Will Block Crime (Dorothy Denning) FWD>FYI: Rivest's response to Dorothy Denning (Dave Banisar) The Return of the "Digital Telephony Proposal" (Lauren Weinstein; PRIVACY Forum Moderator) *** Please include a RELEVANT "Subject:" line on all submissions! *** *** Submissions without them may be ignored! *** ----------------------------------------------------------------------------- The Internet PRIVACY Forum is a moderated digest for the discussion and analysis of issues relating to the general topic of privacy (both personal and collective) in the "information age" of the 1990's and beyond. The moderator will choose submissions for inclusion based on their relevance and content. Submissions will not be routinely acknowledged. ALL submissions should be addressed to "privacy@vortex.com" and must have RELEVANT "Subject:" lines; submissions without appropriate and relevant "Subject:" lines may be ignored. Excessive "signatures" on submissions are subject to editing. Subscriptions are by an automatic "listserv" system; for subscription information, please send a message consisting of the word "help" (quotes not included) in the BODY of a message to: "privacy-request@vortex.com". Mailing list problems should be reported to "list-maint@vortex.com". All submissions included in this digest represent the views of the individual authors and all submissions will be considered to be distributable without limitations. The PRIVACY Forum archive, including all issues of the digest and all related materials, is available via anonymous FTP from site "ftp.vortex.com", in the "/privacy" directory. Use the FTP login "ftp" or "anonymous", and enter your e-mail address as the password. The typical "README" and "INDEX" files are available to guide you through the files available for FTP access. PRIVACY Forum materials may also be obtained automatically via e-mail through the listserv system. Please follow the instructions above for getting the listserv "help" information, which includes details regarding the "index" and "get" listserv commands, which are used to access the PRIVACY Forum archive. All PRIVACY Forum materials are also available through the Internet Gopher system via a gopher server on site "gopher.vortex.com". For information regarding the availability of this digest via FAX, please send an inquiry to privacy-fax@vortex.com, call (818) 225-2800, or FAX to (818) 225-7203. ----------------------------------------------------------------------------- VOLUME 03, ISSUE 05 Quote for the day: Chief: "What part did you miss?" Maxwell Smart: "Everything after, 'Now listen carefully...'" -- Ed Platt and Don Adams "Get Smart" (1965-1970) ---------------------------------------------------------------------- Date: Tue, 22 Feb 94 20:22 PST From: lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator) Subject: The Clipper Saga continues... While reading the latest round of Clipper-related submissions, I was struck by the observation that many persons seem more emotionally committed to views over voice encryption systems (which, by and large, most people in the population will probably never use) than they are over personal privacy problems that affect virtually everyone (e.g. credit and check abuse and fraud, problems with misuse of personal identification numbers, distribution of sales and other personal data to third parties by commercial firms, and so on). Discussions of the latter sorts of events tend to elicit little response or many of the, "there's nothing we can do about it" sorts of messages. On the other hand, Clipper seems to easily bring out the emotional "black and white" responses, with little room for any sort of compromise. As might be expected, there was considerable reaction to the previous digest. I received a note from EFF (Electronic Frontier Foundation) taking exception to my inferring that their current e-mail based anti-Clipper effort is a "petition drive." After reviewing the announcement of their effort and my editorial, I think some clarification is in order, since it was not my intention to imply that both efforts were of identical form. While CPSR is running what can be characterized pretty clearly as a petition, the EFF effort involves people sending e-mail letters to them for forwarding onward to Rep. Cantwell in support of HR 3627. EFF has asked that senders include the reasons for their support in their letters. Here are a couple of paragraphs from the original message announcing the effort (from Jerry Berman, Executive Director of EFF; "jberman@eff.org"). Readers should of course get full information on the bill from "cantwell-info@eff.org" and read it carefully before taking action one way or another regarding the EFF effort. [Quoted material begins] Rep. Cantwell introduced H.R. 3627 in the House of Representatives on November 22, 1993. H.R. 3627 would amend the Export Control Act to move authority over the export of nonmilitary software with encryption capabilities from the Secretary of State (where the intelligence community traditionally has stalled such exports) to the Secretary of Commerce. The bill would also invalidate the current license requirements for nonmilitary software containing encryption capablities, unless there is substantial evidence that the software will be diverted, modified or re-exported to a military or terroristic end-use. ... I urge you to write to Rep. Cantwell today at cantwell@eff.org. In the Subject header of your message, type "I support HR 3627." In the body of your message, express your reasons for supporting the bill. EFF will deliver printouts of all letters to Rep. Cantwell. With a strong showing of support from the Net community, Rep. Cantwell can tell her colleagues on Capitol Hill that encryption is not only an industry concern, but also a grassroots issue. *Again: remember to put "I support HR 3627" in your Subject header.* [Quoted material ends] It is to EFF's credit that they did *not* include wording for a "suggested letter" in their announcement. All too often, letter writing campaigns turn into form-letter writing campaigns when such wording is included. ------ At the risk of throwing gasoline on the fire, I'm going to address a couple of points here that are mentioned later in the digest in individual submissions. I'm accused below of saying (in my previous editorial) that there is "strong bipartisan support" for Clipper. That is *not* what I said. I chose my words quite carefully: ... is not necessarily applicable to arguing against a major cryptographic system with strong government backing and apparently not inconsiderable bipartisan support (at least outside of the "technical" community). There is a difference between "not inconsiderable support" and "strong support". My point was that it's important to keep in mind that there are more people supporting Clipper than one might imagine from reading on the network. I've received notes from people expressing their fear of making "politically incorrect" statements on the net by saying something publicly that might be viewed as "pro-Clipper". I believe that anti-Clipper efforts predicated on the assumption that there's no significant support for Clipper might be weakening their own effectiveness. Also, I was not suggesting that everyone who "signed" the CPSR petition was doing so on a "knee-jerk" basis (or necessarily anyone, for that matter). What I do believe is that e-mail petitions *can* be subject to such reactions, and, by extension, it can be difficult for persons to gauge what such numbers really mean as a result. As several people have pointed out, CPSR has a wealth of detailed arguments regarding Clipper available. However, it would be interesting to know what percentage of persons responding to the petition did so immediately after reading it and based only on the material they read in the petition itself. With a sufficiently large population and a well-worded document it might be possible to get 10's of 1000's of persons to sign-on to most any topic. I suspect that e-mail petition drives will end up being viewed as the electronic equivalent of form letter writing campaigns--which are nothing new to commercial firms and government entities alike. Such campaigns are not, in *my opinion*, the best way to deal with complex topics, but of course it is everyone's right to participate in them. Here's a question that might be interesting to discuss. For those who don't like Clipper (which includes myself), what would you like to see happen to Clipper? Do you want to have it banned? Do you wish to make key-escrow systems illegal--even among entities who agree to use them or like them? Should manufacturers be prohibited from incorporating such systems into their products? In the previous digest, there was a message by a person concerned about the money spent to develop Clipper and what he felt were possible unfair competition/export issues compared with other encryption systems. Perhaps a way to approach the overall situation is to try ensure that Clipper remains but a single choice among many--and a voluntary system--by ensuring the legal status and equal competition/export footings for competing non-key-escrowed systems. Of course, the new Digital Telephony Proposal (see later in this digest) could complicate this situation *greatly* if it becomes law. It's depressing how much lack of concern most persons have for privacy issues (until something happens that hits home specifically for them--like a credit rating mixup or fraud that affects them directly). Given the current public sentiment on crime issues, one might find that a majority of the population might vote to ban all non-key-escrow systems, based on the belief that they would be too likely to "help criminals." That such a vote would be an extremely misguided and onerous development is another matter. To the proponents of Clipper: How about some compromise ideas from your side, too? Are you willing to support a structure that would ensure the availability of non-key-escrow encryption systems on an equal footing with Clipper and other key-escrow systems? Are you willing to let Clipper rise or fall on the basis of a fair marketplace? Can we count on your support to ensure that alternative systems will *not* be banned in the future? So long as the arguments stay completely polarized with little room for compromise on either side, I do not foresee an outcome satisfactory to anyone. We now return you to your regularly scheduled digest. --Lauren-- ------------------------------ Date: Mon, 21 Feb 1994 13:58:01 EST From: Marc Rotenberg Subject: Re: Emotion v. Reason Good points are raised in the recent Privacy Forum editorial. There should be thoughtful debate on the Clipper proposal. Just as the proponents of Clipper speak too frequently of terrorists and pedaphiles, opponents must be careful not to ring the Big Brother alarms too quickly. CPSR strongly supports informed public debate on cryptography policy. In fact, that has been virtually our watchword since we first testified in Congress five years ago on the implementation of the Computer Security Act and warned that NSA's encroachment into standard setting for civilian computer systems would have serious consequences for the public use of cryptography and privacy protection for network users. We called for open hearings then and have pushed the issue at every opportunity since. Since that hearing, CPSR has also organized three cryptography policy conferences in Washington, litigated more than half a dozen Freedom of Information Act cases, appeared before numerous government panels to discuss cryptography policy, and made a wide range of policy documents available to the public through CPSR.ORG. Our conferences have included representatives from the NSA, the FBI, the Department of Justice, and the White House. Documents obtained from CPSR FOIA requests have been reported on in national papers, and copies of CPSR cryptography resource books may be found in the offices of members of Congress and the White House. We have been uncompromising in our commitment to an open, fair, thoughtful debate on cryptography policy. The CPSR Clipper petition grows out of a five-year history of litigation, testimony, reporting, analysis, and assessment involving cryptography issues. On January 24, before the White House announcement on Clipper, CPSR organized a letter to the President asking that the Clipper proposal be withdrawn. It was our hope, given the many concerns that had been raised about Clipper, that if the country's leading experts on cryptography and computer security expressed their concerns clearly and unequivocally the White House might back off the proposal, or at least defer to the recommendations of the Computer System Security and Privacy Advisory Board at the Department of Commerce, which had earlier recommended more careful review before going forward with theplan. The letter CPSR drafted cited several of the well-known problems with Clipper -- loss of privacy, NSA secrecy, doubts about effectiveness, and impact on future crypto research. The letter was then extensively revised by the primary signatories, in many cases producing a stronger statement than originally proposed. That letter, as sent to the White House, was signed by Whit Diffie, Ron Rivest, David Chaum, Martin Hellman, Peter Neumann, Ralph Merkle and others. Many other leading experts in cryptography and computer security signed the letter once they learned of it. After the White House announcement in early February of the plan to go forward with Clipper and in response to requests we received from many people who wanted to add their names to the original letter, we decided to circulate the petition on the network and encourage signatures. We did not expect the response we received. The Marketplace campaign generated 30,000 email messages over a six month period. It was highly publicized and well focused. The current debate about the Clipper proposal has been clouded by other related but less signficant issues. Nonetheless, the total number of people who signed the CPSR Clipper petition recently topped 25,000 and the number continues to grow. While I am sympathetic to Lauren's concerns about the possible misuse of the network to rally support for a particular political viewpoint, I think he would be a hard-pressed to find a similar petition that reflects more careful research, that is as strongly supported by those most knowledgeable about the problem or is more timely. I also disagree with Lauren's assessment of the politics of Clipper. There is not strong bi-partisan support -- there has never been a vote in Congress on Clipper -- nor is the government firmly behind the proposal. Documents obtained by CPSR through the FOIA make clear that virtually every agency other than the FBI or the NSA asked to assess Clipper and Clipper-like proposals have been deeply skeptical. Documents obtained by CPSR directly from the Department of Justice raise fundamental questions about the premise underlying Clipper. In fact, it would be difficult to find such a sweeping proposal with less supporting evidence or public support than Clipper. Clipper has gone this far precisely because the full range of interested parties -- particularly future users of the NII -- have not said clearly enough and forcefully enough that they oppose the proposal. It is almost that simple. The political calculation inside the White House is that they can "give" this issue to the NSA, and ride out the mild storm of criticism because not enough people understand the Clipper issue and not enough people will actually speak out publicly. That is why we need people to sign the petition. To send a clear, unambigous message to the White House that Clipper is a mistake and should be withdrawn. That is why we ask you to support our efforts. Marc Rotenberg, director CPSR Washington office ------------------------------ Date: Mon, 21 Feb 94 08:20:22 EDT From: Jerry Leichter Subject: re: Emotion vs. Reason in the Clipper "Debate" Bravo! I've watched, with much distress, the extremely low level of debate on this whole issue. You comment that it's heading straight for the sewers; as far as I can tell, it *started* somewhere near there. (The "debate", such as it is, pre-dates the Clipper proposal - the whole business started with the original FBI wiretap bill.) I've made one or two contributions here and there that were not seen as "po- litically correct", but I must say I've been reluctant to get involved. The level of vituperation in the attacks against Dorothy Denning everywhere, and against David Sternlight in the cryptography newsgroup - both at complete odds with the reasoned and often quite reasonable things they have to say - are hardly encouraging. A threat of a lawsuit as a response to one message I sent to CuD is hardly more so. My personal feeling is that the end result of all the ranting and raving will be to render any reasonable opposition to a number of government actions on cryptography and privacy ineffective - it's *so* easy to tar someone with a "nut case radical" label. People writing on the Internet seem to hold a couple of contradictory beliefs: (a) If everyone here agrees with me, *everyone* agrees with me; (b) What I say here is "among friends", and won't be seen by "the bad guys" - i.e., the non-agreeing members of Congress and so on; (c) the Net can influence the real world. In fact, (a) has never had much of any connection with reality, (b) was true but is rapidly becoming false, and (c) was false but is rapidly becoming true. And look how we of the net are presen- ting ourselves in our first major political contest. Depressing. ------------------------------ Date: Thu, 24 Feb 1994 09:36:56 -0500 From: Prabhakar Ragde Subject: Privacy Forum comments, v3i4 Dear Lauren, I greatly appreciated your recent remarks in the recent Privacy Forum digest on maintaining a rational tone of debate while using e-mail and on the dangers of electronic petitions. Here at the University of Waterloo, we are embroiled in a controversy over administration removal of some alt.sex newsgroups, and I have been cautioning against reactions that are similar to the ones that Clipper seems to be generating on a national level. Your comments apply in a much wider context, and I hope that you have persuaded some readers of the benefits of careful deliberation on complex issues. We can all use periodic reminders that a keyboard should not be used immediately just because it is within reach. --PR ----------------------------------------------------------------------- Prabhakar Ragde plragde@maytag.waterloo.edu Associate Professor, Computer Science DC 2119, (519)888-4660 University of Waterloo Waterloo, Ontario CANADA N2L 3G1 ------------------------------ Date: Tue, 22 Feb 1994 15:14:44 -0500 From: "Lee S. Parks" Subject: Clipper, Denning and PRIVACY Forum Digest V03 #04 I am afraid Ms. Denning that I do not understand or appreciate your point to view on Clipper. I do not have, unfortunately the time to debate your letter. point by point; however, I believe your introductory paragraph establishes your entire point of view. To wit: CPSR has announced a petition campaign to oppose the Clipper initiative. I would like to caution people about signing the petition. The issues are extremely complex and difficult. The Clipper initiative is the result of considerable deliberation by many intelligent people who appreciate and understand the concerns that have been expressed and who worked hard to accommodate the conflicting interests. The decisions that have been made were not made lightly. I do not believe in the "trust me" approach, which is all to close to the "trust me" defense. I don't think anyone should be estopped from expressing an opinion or taking a position on an issue of vital importance because the "issues are extremely complex" or people "have worked hard to accomodate the conflicting interests." First of all, the true issues aren't that complicated, at least in a technological sense or even in a political-philosophical sense. Even if they were, that doesn't mean that one shouldn't participate or be allowed to participate in the debate. For example, health care reform is probably a more complex issue and I doubt you suggesting that one should trust the "experts". Second, no matter how carefully considered the decisions by the "experts", that doesn't mean that the're right. The fundamental issue in Clipper is whether the government has a basic right to eavesdrop on American citizens. It is short sighted to assume (and, in a deeper sense, believe) that just because the government has had the technological ability to listen in on phone calls, it has an unfettered right, even within the existing legal constraints, to do so. Since the means now exist to fairly easily prevent unwanted eavesdropping, there is no legal reason why we can not avail ourselves of the technology. The attempt by the U.S. government to promote Clipper as a technology is to try to achieve economically through the back door and through indirect legal mechanisms (ITAR) which have never been tested in court, what the government has no legal right to compel. Moreover, the government is doing this with the our tax dollars. On the subject of "experts", experts once said that airplanes were impossible, disease was incurable and our resources were going to be exhausted in 1980. Experts also said President Nixon could use the IRS to investigate its enemies, there was no serious downwind fallout from atomspheric nuclear tests in Nevada, and the New York Times couldn't publish the pentagon papers. Experts can be wrong, can have their own agenda and, every once and a while, can be manipulated by other experts. I'm not paranoid, but that doesn't mean I should be gullible either when the issue involved could effect so many sensitive government operations. -lee (lsp@athena.mit.edu) ------------------------------ Date: Wed, 23 Feb 1994 10:44:40 EST From: Marc Rotenberg Subject: CPSR Clipper Petition /rsp to Denning Dorothy Denning has raised important questions about the Clipper proposal. As she says "the issues are extremely complex and difficult." Below I've tried to answer the points she has raised. Please read her comments and my response. Speak with others interested in the Clipper proposal. If on balance, after reviewing the arguments, you decide Clipper is a mistake then you should express your opposition by sending a message to: CLIPPER.PETITION@CPSR.ORG with the words "I oppose Clipper" in the subject header. If you have already signed the petition, ask a friend or colleague to sign. Your help is needed. Marc Rotenberg, director, CPSR Washington office >> The Clipper proposal, developed in secret by the >> National Security Agency, is a technical standard >> that will make it easier for government agents to >> wiretap the emerging data highway. > The standard (FIPS 185) is not a standard for the > Internet or any other high speed computer network. It > is for the telephone system. The letter to the President makes clear that we are concerned about "Clipper and associated standards" which include the Capstone EES configuration for data transmission. It is clearly the intent of the EES proposal to cover both voice and data transmissions. > The standard will not make it any easier to tap phones, > let alone computer networks. All it will do is make it > technically possible to decrypt communications that are > encrypted with the standard, assuming the communications > are not superencrypted with something else. This is a little bit like saying that leaving a master key for every house on your block with the police will not make it easier for the police to open locked doors. We may disagree about whether this is a good idea, but let's be clear about the intent of the proposal. > The purpose of the standard is to provide a very strong > encryption algorithm - something much stronger than DES > - and to do so in a way that does not thwart law > enforcement and national security objectives. Keys are > escrowed so that if someone uses this technology, they > cannot use it against national interests. The NSA is responsible for foreign signal interception. It has no legal authority to conduct wire surveillance. What are the NSA's "national security" interests in domestic wire surveillance? >> Industry groups, professional associations and >> civil liberties organizations have expressed almost >> unanimous opposition to the plan since it was first >> proposed in April 1993. >> The private sector and the public have expressed >> nearly unanimous opposition to Clipper. > As near as I know, neither CPSR nor any other group has > conducted any systematic poll of industry, professional > societies, or the public. To the best of my knowledge, there has never been a proposed technical standard that generated more opposition. Firms across the telecommunications and computer industry oppose Clipper. Computer security people and cryptographers oppose Clipper. Privacy experts oppose Clipper. >> The Administration ignored the overwhelming >> opposition of the general public. When the Commerce >> Department solicited public comments on the >> proposal last fall, hundreds of people opposed the > plan while only a few expressed support. > Hundreds of people is hardly overwhelming in a > population of 250 million, especially when most of the > letters were the same and came in through the net > following a sample letter that was sent out. I would encourage Dorothy, or anyone else, to take a poll of any representative user group -- PRIVACY FORUM readers perhaps -- if there is any doubt about how the public feels about the proposal. >> The technical standard is subject to misuse and >> compromise. It would provide government agents with >> copies of the keys that protect electronic >> communications. "It is a nightmare for computer >> security." > I have been one of the reviewers of the standard. We > have completed our review of the encryption algorithm, > SKIPJACK, and concluded it was very strong. While we > have not completed our review of the key escrow system, > from what I have seen so far, I anticipate that it will > provide an extremely high level of security for the > escrowed keys. Dorothy endorsed the proposal before she joined the "review" team. The group that she refers to, a White House task force, has an interesting history. The majority of cryptographers asked to participate declined. >> The underlying technology was developed in secret >> by the NSA, an intelligence agency responsible for >> electronic eavesdropping, not privacy protection. >> Congressional investigations in the 1970s disclosed >> widespread NSA abuses, including the illegal >> interception of millions of cables sent by American >> citizens. > NSA is also responsible for the development of > cryptographic codes to protect the nation's most > sensitive classified information. They have an > excellent track record in conducting this mission. Senator Frank Church, who conducted the most extensive hearings ever held on the National Security Agency, said that the NSA's intelligence gathering capabilities were important for the security of the United States. He also said that the massive eavesdropping capability created "A tremendous potential for abuse." If ever turned against the communications system of the United States: no American would have any privacy left . . . there would be no place to hide. We must see to it that this agency and all agencies that possess this technology operate within the law and under proper supervision, so that we never cross over that abyss. That is an abyss from which there is no return. " (NBC Meet the Press, 1975) >> Computer security experts question the integrity of >> the technology. Clipper was developed in secret and >> its specifications are classified. > The 5 of us who reviewed the algorithm unanimously > agreed that it was very strong. We will publish a final > report when we complete or full evaluation. Nothing can > be concluded from a statement questioning the technology > by someone who has not seen it regardless of whether > that person is an expert in security. The original CPSR letter to the President, asking for the withdrawal of Clipper, was signed by Hellman, Rivest, Diffie, Merkle, and others. Many more experts are adding their names daily to the CPSR petition. >> NSA overstepped its legal authority in developing >> the standard. A 1987 law explicitly limits the >> intelligence agency's power to set standards for >> the nation's communications network. > The 1987 Computer Security Act states that NIST "shall > draw on the technical advice and assistance (including > work products) of the National Security Agency." The original replacement for DES, proposed by the Department of Commerce in 1989, would have had these characteristics: -- public, unclassified -- implementable in both hardware or software -- usable by federal Agencies and U.S. based multi-national corporation -- a level of security sufficient for the protection of unclassified, sensitive information and commercial propriety and/or valuable information. The final proposal, developed with the "technical assistance" of the NSA, has these characteristics. -- The Clipper algorithm Skipjack is classified -- Public access to the reasons underlying the proposal is restricted -- Skipjack can be implemented only in tamper-proof hardware -- It will not be used by multi-national corporations -- The security of the configuration remains unproven. The Computer Security Act was passed precisely because the NSA tried previously to grab civilian computer security turf. The law was specifically intended to control the type of abuse that results from secret standard-setting arrangements. If there any doubt among PRIVACY FORUM readers about the illegal activities of the NSA in the development of the EES, please consult the minutes of the NSA/NIST Technical Working Group (TWG) that produced the standard. The minutes should be available from the National Security Agency Public Information Office. That phone number is 301/688-6524. >> There is no evidence to support law enforcement's >> claims that new technologies are hampering criminal >> investigations. CPSR recently forced the release of >> FBI documents that show no such problems. > CPSR obtained some documents from a few FBI field > offices. Those offices reported no problems. CPSR did > not get reports from all field offices and did not get > reports from local law enforcement agencies. I can tell > you that it is a fact that new communications > technologies, including encryption, have hampered > criminal investigations. The statement is illogical. There is still no evidence to support the FBI's claims. The FBI made certain claims that cryptography was impeding criminal investigation conducted by wiretap. CPSR investigated the FBI's claims by filing a Freedom of Information Act suit to obtain the relevant documents. The documents provided to us by the Department of Justice revealed that none of the FBI field officers had encountered any obstacles. The Department of Justice has just informed us that they provided to us all relevant documents concerning the Clipper proposal. There is one reported case where cryptography made it difficult for law enforcement to obtain evidence. That case concerned reading the contents of a file on a hard disk after it was seized. If this is the problem that the Clipper proposal is intended to solve, then the key escrow scheme must be extended to every single encrypted file -- not just encrypted communications -- everywhere in the world. Every encrypted file. Everywhere. >> If the plan goes forward, commercial firms that >> hope to develop new products will face extensive >> government obstacles. Cryptographers who wish to >> develop new privacy enhancing technologies will be >> discouraged. > The standard is voluntary -- even for the government. An FBI legislative proposal now under consideration at the White House would mandate a Clipper-like scheme. That proposal is backed by fines up to $10,000 per day and jail time. That's not voluntary. >> Mr. Rotenberg said "We want the public to >> understand the full implications of this plan. >> Today it is only a few experts and industry groups >> that understand the proposal. > I support this objective. Unfortunately, it is not > possible for most of us to be fully informed of the > national security implications of uncontrolled > encryption. For very legitimate reasons, these cannot > be fully discussed and debated in a public forum. This assertion has never been supported by evidence. It has been used simply to stifle criticism. > The Feb. 4 decision was made > following an inter-agency policy review, headed by the > National Security Council, that examined these issues > using considerable input from industry, CPSR, EFF, and > individuals as well as from law enforcement and > intell CPSR did not participate in the inter-agency policy review. Our position from the very beginning is that these decisions must be made openly. > In the absence of understanding > the national security issues, I believe we need to > exercise some caution in believing that we can > understand the full implications of encryption on > society. This premise, if accepted, would mean that people in the United States would have no right to express political views when the government claimed "national security." Certainly, there are matters of national security that must be protected, but when an agency with expertise in wire surveillance develops a secret standard for eavesdropping and tells those who raise questions that there are matters of national security that they would not understand, there is good reason for concern. If you believe that Clipper is a mistake, please express your views by sending email with the words "I oppose Clipper" in the subject header to CLIPPER.PETITION@CPSR.ORG. ------------------------------ Date: Wed, 23 Feb 1994 08:28:05 -0500 (EST) From: denning@cs.georgetown.edu (Dorothy Denning) Subject: Newsday article: The Clipper Chip Will Block Crime ====================================================================== | Newsday, Tuesday, February 22, 1994, Viewpoints | ====================================================================== [ "Viewpoints" is the "Op-Ed" section of Newsday -- MODERATOR ] The Clipper Chip Will Block Crime By Dorothy E. Denning Hidden among the discussions of the information highway is a fierce debate, with huge implications for everyone. It centers on a tiny computer chip called the Clipper, which uses sophisticated coding to scramble electronic communications transmitted through the phone system. The Clinton administration has adopted the chip, which would allow law enforcement agencies with court warrants to read the Clipper codes and eavesdrop on terrorists and criminals. But opponents say that, if this happens, the privacy of law-abiding individuals will be a risk. They want people to be able to use their own scramblers, which the government would not be able to decode. If the opponents get their way, however, all communications on the information highway would be immune from lawful interception. In a world threatened by international organized crime, terrorism, and rogue governments, this would be folly. In testimony before Congress, Donald Delaney, senior investigator with the New York State Police, warned that if we adopted an encoding standard that did not permit lawful intercepts, we would have havoc in the United States. Moreover, the Clipper coding offers safeguards against casual government intrusion. It requires that one of the two components of a key embedded in the chip be kept with the Treasury Department and the other component with the Commerce Department's National Institute of Standards and Technology. Any law enforcement official wanting to wiretap would need to obtain not only a warrant but the separate components from the two agencies. This, plus the superstrong code and key system would make it virtually impossible for anyone, even corrupt government officials, to spy illegally. But would terrorists use Clipper? The Justice Department has ordered $8 million worth of Clipper scramblers in the hope that they will become so widespread and convenient that everyone will use them. Opponents say that terrorists will not be so foolish as to use encryption to which the government holds the key but will scramble their calls with their own code systems. But then who would have thought that the World Trade Center bombers would have been stupid enough to return a truck that they had rented? Court-authorized interception of communications has been essential for preventing and solving many serious and often violent crimes, including terrorism, organized crime, drugs, kidnaping, and political corruption. The FBI alone has had many spectacular successes that depended on wiretaps. In a Chicago case code-named RUKBOM, they prevented the El Rukn street gang, which was acting on behalf of the Libyan government, from shooting down a commercial airliner using a stolen military weapons system. To protect against abuse of electronic surveillance, federal statutes impose stringent requirements on the approval and execution of wiretaps. Wiretaps are used judiciously (only 846 installed wiretaps in 1992) and are targeted at major criminals. Now, the thought of the FBI wiretapping my communications appeals to me about as much as its searching my home and seizing my papers. But the Constitution does not give us absolute privacy from court-ordered searches and seizures, and for good reason. Lawlessness would prevail. Encoding technologies, which offer privacy, are on a collision course with a major crime-fighting tool: wiretapping. Now the Clipper chip shows that strong encoding can be made available in a way that protects private communications but does not harm society if it gets into the wrong hands. Clipper is a good idea, and it needs support from people who recognize the need for both privacy and effective law enforcement on the information highway. ====================================================================== | Copyright Newsday. All rights reserved. This article can be freely | | distributed on the net provided this note is kept intact, but it may | | not be sold or used for profit without permission of Newsday. | ====================================================================== ------------------------------ Date: Fri, 25 Feb 1994 22:43:48 EST From: Dave Banisar Subject: FWD>FYI: Rivest's response to Dorothy Denning Forwarded with permission... ------- Forwarded Message From: rivest@theory.lcs.mit.edu (Ron Rivest) Date: Fri, 25 Feb 94 16:24:20 EST To: denning@cs.cosc.georgetown.edu Cc: efbrick@cs.sandia.gov, hellman@isl.stanford.edu, Rivest@mc.lcs.mit.edu, silvio@theory.lcs.mit.edu, smb@research.att.com, mab@research.att.com, jim@rsa.com, diffie@eng.sun.com Subject: Newsday Editorial Hi Dorothy -- Thanks for sending me a copy of your editorial. But I find the reasoning you present misleading and unpersuasive. First, you argue that the clipper chip will be a useful law enforcement tool. Given the small number of currently authorized wiretaps per year (under 1000) and the ease of using alternative encryption technology or superencryption, it seems plausible to me that law enforcement could expect at most ten "successful" clipper wiretaps per year. This is a pretty marginal basis for claiming that clipper will "block crime". Second, you seem to believe that anything that will "block crime" must therefore be a "good thing" and should therefore be adopted. This is not true, even if it is not subject to government abuse. For example, a system that could turn any telephone (even when on-hook) into an authorized listening microphone might help law enforcement, but would be unacceptable to almost all Americans. As another example, tatooing a person's social security number on his or her buttocks might help law enforcement, but would also be objectionable. Or, you could require all citizens to wear a bracelet that could be remotely queried (electronically, and only when authorized) to return the location of that citizen. There are all kinds of wonderfully stupid things one could do with modern technology that could "help" law enforcement. But merely being of assistance to law enforcement doesn't make a proposal a good thing; many such ideas are objectionable and unacceptable because of the unreasonably large cost/benefit ratio (real or psychological cost). The clipper proposal, in my opinion, is of exactly this nature. Third, you seem unnecessarily polly-annish about our government and the potential for abuse. The clipper proposal places all trust for its management within the executive branch; a corrupt president could direct that it be used for inappropriate purposes. The unspecified nature of many of the associated procedures leaves much room to speculate that there are "holes" that could be exploited by government officials to abuse the rights of American citizens. Even if the proposal were modified to split the trust among the various branches of government, one might still reasonably worry about possible abuse. Merely because you've met the current set of representatives of various agencies, and feel you can trust them, doesn't mean that such trust can be warranted in their successors. One should build in institutional checks and balances that overcome occasional moral lapses in one or more office holders. Fourth, your discussion of "searching your home and seizing your papers" is misleading. You seem to imply that because law enforcement can be issued a warrant to search your home, that we should adopt clipper. Yet this analogy only makes sense if individuals were required to deposit copies of their front door keys with the government. I can build any kind of house I wish (out of steel, for example), and put any kind of locks on it, and wire up any kind of intrusion detectors on it, etc. The government, armed with a search warrant, is not guaranteed an "easy entry" into my home at all. The appropriate analogical conclusion is that individuals should be able to use any kind of encryption they want, and the government should be allowed (when authorized, of course) to try and break their encryption. Finally, you argue (elsewhere, not in this editorial) that the decision rests in part on "classified" information. Such an argument only makes sense if there is a specific law-enforcement situation that makes such classified information timely and relevant. (E.g., if there was a current investigation as to whether the Department of the Treasury had been infiltrated by organized crime.) The use of "classified information" is otherwise generally inappropriate in discussing communications policy that will last over decades. This hardly covers all of the relevant issues, but it covers the points that came immediately to mind in reading your editorial... Cheers, Ron P.S. Feel free to pass along, quote, or otherwise re-distribute this... ------------------------------ Date: Sun, 27 Feb 94 03:09 PST From: lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator) Subject: The Return of the "Digital Telephony Proposal" Greetings. As if the current situation with Clipper weren't complex enough, the Digital Telephony Proposal, which you may recall from intense discussions last year, has returned again to enter the fray and further complicate matters. The new draft is included below, and is also available in the PRIVACY Forum archive. Students of this topic will note that the new bill is quite similar in concept to the older ones, so previous discussions regarding this topic in this digest would still seem relevant. In my opinion, it is unfortunate that these concepts, which were so roundly criticized from a wide array of quarters previously, are still being seriously considered at this level. In any case, non-inflammatory submissions for the Forum regarding this topic, both pro and con, are of course invited. --Lauren-- ==================================== 103rd Congress Draft 2/9/94 2nd Session S. _____ [H.R. _____] IN THE SENATE IN THE HOUSE OF REPRESENTATIVES M. __________ introduced the following bill; which was referred to the Committee on __________ A BILL To ensure continued law enforcement electronic surveillance access to the content of wire and electronic communications and call setup information when authorized by law, to improve communications privacy protection, and for other purposes. By it enacted by the Senate and House of Representatives of the United States of America in Congress assembled, SEC. 1. SHORT TITLE. This Act may be cited as the "Digital Telephony and Communications Privacy Improvement Act of 1994." SEC. 2. PURPOSE. The purpose of this Act is to clarify and define the responsibilities of common carriers, providers of common carrier support services, and telecommunications equipment manufacturers to provide the assistance required to ensure that government agencies can implement court orders and lawful authorizations to intercept the content of wire and electronic communications and acquire call setup information under chapters 119 and 206 of title 18 and chapter 36 of title 50. Otherwise, except for the provisions in section 4, nothing in this Act is intended to alter any provision contained in the Federal electronic surveillance, pen register, or trap and trace statutes, or those of any state or other jurisdiction. In particular, nothing herein is intended to enlarge or reduce the government's authority to lawfully intercept the content of communications or install or use pen register or trap and trace devices, or to increase or decrease any criminal penalties for unlawfully intercepting the content of communications or installing or using pen register or trap and trace devices, or to alter the provisions regarding service provider assistance, payment for assistance, causes of action, civil liability, or good faith defenses. The Act is further intended to improve communications privacy protection for cordless telephones, certain radio-based data communications and networks, communications transmitted using certain privacy-enhancing modulation techniques, and to clarify the lawfulness of quality control and service provision monitoring of electronic communications. SEC. 3. COMMON CARRIER ASSISTANCE (a) _New section_. Chapter 109 of title 18, United States Code, is amended by adding the following new section: "Sec. 2237. Common carrier assistance to government agencies. "(a) Assistance requirements. Common carriers shall be required to provide forthwith, pursuant to court order or lawful authorization, the following capabilities and capacities in order to permit the government to conduct electronic surveillance and pen register and trap and trace investigations effectively: "(1) The ability to execute expeditiously and simultaneously within a common carrier's system all court orders and lawful authorizations for the interception of wire and electronic communications and the acquisition of call setup information related to the facilities or services of subscribers of such common carrier; "(2) the ability to intercept the content of communications and acquire call setup information concurrent with the transmission of the communication to or from the subscriber's facility or service that is the subject of the court order or lawful authorization, to the exclusion of any wire or electronic communication or call setup information of any other subscriber, notwithstanding the mobile nature of the facility or service that is the subject of the court order or lawful authorization or the use by the subscriber who is the subject of the court order or lawful authorization of any features offered by the common carrier; "(3) the ability to intercept the content of communications and acquire call setup information unobtrusively and with a minimum of interference with any subscriber's telecommunications service; and "(4) the ability to receive, in a generally available format, the intercepted content of communications and acquired call setup information at a location identified by the government distant from the facility that is the subject of the interception, from the interception access point, and from the premises of the common carrier (except where emergency or exigent circumstances such as those described in 18 U.S.C. 2518(7), 2518(11)(b), or 3125, or in 50 U.S.C. 1805(e), necessitate monitoring at the common carrier's premises). "(b) Systems security. The government shall notify a common carrier of any interception of wire or electronic communications or any acquisition of call setup information that is to be effected within the premises of such common carrier pursuant to court order or lawful authorization. After notification, such common carrier shall designate an individual or individuals to activate such interception or acquisition forthwith. Such individual(s) shall be available at all times to activate such interceptions or acquisitions. Such interceptions or acquisitions effected within the premises of a common carrier may be activated only by the affirmative intervention of such individual(s) designated by such common carrier. "(c) Compliance date. To the extent that common carriers providing service within the United States currently cannot fulfil the requirements set forth in subsection (a) of this section, they shall fulfil such requirements within three years from the date of enactment of this Act. "(d) Cooperation of support service providers and equipment manufacturers. Common carriers shall consult, as necessary, in a timely fashion with appropriate providers of common carrier support services and telecommunications equipment manufacturers for the purpose of identifying any services or equipment, including hardware and software, that may require modification so as to permit compliance with the provisions of this Act. A provider of common carrier support services or a telecommunications equipment manufacturer shall make available to a common carrier on a timely and priority basis, and at a reasonable cost, any support service or equipment, including hardware or software, which may be required so as to permit compliance with the provisions of this Act. "(e) Enforcement. The Attorney General shall have authority to enforce the provisions of subsections (a), (b), (c), and (d) of this section. The Attorney General may apply to the appropriate United States District Court for an order restraining or enjoining the provision of service of any common carrier who violates subsection (a), (b), (c), or (d) of this section. The District Courts shall have jurisdiction to issue such restraining order or injunction. The Attorney General may also request the Federal Communications Commission to assist in enforcing the provisions of this Act. "(f) Penalties. Any common carrier that violates any provision of subsection (a) of this section shall be subject to a civil penalty of $10,000 per day for each day in violation. The Attorney General may file a civil action in the appropriate United States District Court to collect, and the United States District Courts shall jurisdiction to impose, such penalties. After consultation with the Attorney General, the Federal Communications Commission may also impose regulatory sanctions or fines otherwise authorized by law. "(g) Consultation. The Attorney General is encouraged to consult with the Federal Communications Commission and common carrier representatives and to utilize common carrier standards bodies, associations, or other such organizations to discuss details of the requirements, such as those related to capacity, in order to facilitate compliance with the provisions of this Act. "(h) Funding. Notwithstanding any other provision of law, the Federal Communications Commission shall implement promptly methods and procedures that allow each common carrier to be remunerated by the Federal Government for all reasonable costs incurred in the course of complying with the requirements of this Act. "(i) Definitions. -- As used in this Section -- (1) 'common carrier' means any person or entity engaged as a common carrier for hire, as defined by section 3(h) of the Communications Act of 1934, and includes a commercial mobile service or interconnected service, as defined in section 6002(b) of Public Law 103-66; (2) 'provider of common carrier support services' means any person or entity who provides services to a common carrier that are integral to processing, directing, forwarding, or completing telephone calls or electronic communication transmissions; (3) 'wire communication' shall have the same meaning as set forth in subsection 2510(1) of title 18, United States Code; (4) 'electronic communication' shall have the same meaning as set forth in subsection 2510(12) of title 18, United States Code; (5) 'intercept' shall have the same meaning as set forth in subsection 2510(4) of title 18, United States Code, except that with regard to a common carrier's transmission of a communication encrypted by a subscriber, the common carrier shall not be responsible for ensuring the government agency's ability to acquire the plaintext of the communications content, unless the encryption was provided by the common carrier and the common carrier possesses the information necessary to decrypt the communication; (6) 'concurrent with the transmission of the communication,' as used in section 3(a)(2) of this Act, means contemporaneous with the transmission; but it shall include, with regard to electronic communications, the ability of a government agency to acquire such communications at the conclusion of the transmission, and, with regard to call set up information, the ability to acquire such information either before, during, or immediately after the transmission of the communication; (7) 'call set up information' shall mean the information generated which identifies the origin and destination of a wire or electronic communication placed to, or received by, the facility or service that is the subject of a court order or lawful authorization, including information associated with any telecommunication system dialing or calling features or services; and (8) 'government' means the Government of the United States and any agency or instrumentality thereof, the District of Columbia, any commonwealth, territory or possession of the United States, and any state or political subdivision thereof authorized by law to conduct electronic surveillance." SEC. 4. COMMUNICATIONS PRIVACY IMPROVEMENT AND MONITORING CLARIFICATION. Chapter 119 of title 18 is amended by making the following changes: (1) Cordless telephones. (a) _Definitions_. - Section 2510 of title 18, United States Code, is amended - (1) in paragraph (1), by striking ", but such term does not include" and all that follows through "base unit"; and (2) in paragraph (12), by striking subparagraph (A) and redesignating subparagraphs (B) through (D) as subparagraphs (A) through (C), respectively. (b) _Penalty_. - Section 2511 of title 18, United States Code, is amended - (1) in subsection (4)(b)(i), by inserting "a cordless telephone communication that is transmitted between a cordless telephone handset and the base unit," after "cellular telephone communication,"; and (2) in subsection (4)(b)(ii), by inserting "a cordless telephone communication that is transmitted between a cordless telephone handset and the base unit," after "cellular telephone communication,". (2) Radio based data communications. Section 2510(16) of title 18, United States Code, is amended by striking the word "or" at the end of subparagraph (D) and inserting an "or" at the end of subparagraph (E) and adding the following new subparagraph: "(F) an electronic communication;". (3) Penalties for monitoring radio communications that are not scrambled, encrypted, or non-public. Section 2511(4)(b) of title 18, United States Code, is amended by deleting the phrase "or encrypted, then--" and inserting the following: ", encrypted, or transmitted using modulation techniques whose essential parameters have been withheld from the public with the intention of preserving the privacy or such communication, then--". (4)Technical correction. Section 2511(2)(a)(i) of title 18, United States Code, is amended by striking out "used in the transmission of wire communication" and inserting in lieu thereof "used in the transmission of a wire or electronic communication.". ------------------------------ End of PRIVACY Forum Digest 03.05 ************************