|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
In-Reply-To: <199711070600.WAA18932@proxy3.ba.best.com> Date: Fri, 7 Nov 1997 15:55:18 -0500 To: "James A. Donald" <jamesd@echeque.com> From: Declan McCullagh <declan@well.com> Cc: cryptography@c2.net At 22:00 -0800 11/6/97, James A. Donald wrote: >Where is the GAK legislation now, and who is tracking it? There are bills in both the House and the Senate. In the House, there are (I recall) five different versions of Rep. Goodlatte's SAFE bill (H.R. 695). The House Intelligence committee approved the most FBI-friendly version -- with restrictions on the sale, manufacture and distribution of unapproved encryption. The House Rules committee, really an extension of the House leadership, is the next step; they'll reconcile the different versions, probably into a "compromise" package. Rep. Solomon, chair of House Rules, circulated a letter in September endorsing key escrow: "If this language is not incorporated into the bill, as the Chairman of the House Rules Committee I will not move the bill to the floor!" In the Senate, there's been little public action since the summer. The Commerce Committee killed off the generally pro-crypto ProCODE bill in June. The panel instead approved the McCain-Kerrey bill (S.909), which does not mandate key escrow but does set up a key escrow infrastructure. It also requires that government networks established "for transaction of government business" must use key escrow. The Senate Judiciary committee, with Sen. Dianne "GAK" Feinstein, will probably be the next committee to take up the issue directly. The best-organized web site I've found is: http://www.epic.org/crypto/ I'll attach two of my writeups below on the Senate Commerce and House Commerce votes. -Declan *************** Date: Thu, 19 Jun 1997 16:18:24 -0400 To: fight-censorship-announce@vorlon.mit.edu From: Declan McCullagh <declan@well.com> Subject: FC: Senate panel nixes ProCODE II, approves McCain-Kerrey bill Sender: owner-fight-censorship-announce@vorlon.mit.edu Reply-To: declan@well.com X-FC-URL: Fight-Censorship is at http://www.eff.org/~declan/fc/ In the end, it was child pornography that derailed encryption legislation in the U.S. Senate and dealt a bitter defeat to crypto supporters. Spurred by the chairman's denunciations of cyberporn, a majority of the Senate Commerce Committee rejected ProCODE II this morning -- and instead approved a bill introduced earlier this week that creates new Federal crimes for some uses of crypto and an all-but-mandatory key escrow infrastructure. Sen. John McCain (R-Ariz.), committee chair and chief sponsor of the measure, led the attack, saying Congress must "stop child pornography on the Internet and Internet gambling. These legitimate law enforcement concerns cannot and should not be overlooked or taken lightly." He warned that allowing encryption to be exported would permit child pornographers to use it. "If it's being used for child pornography? Are we going to say that's just fine? That's it's just business? I don't think so." Then Sen. Kay Bailey Hutchinson (R-Tex.) chimed in, saying she doesn't want "children to have access to pornography or other bad types of information." Sen. John Ashcroft (R-MO) tried to disagree. "It's like photography. We're not going to [ban] photography if someone takes dirty pictures." (At this point, one of the more deaf committee members asked, "Pornography? Are we going to ban pornography?") Between the child-porn attack team of senators McCain, Hollings, Kerry, and Frist, ProCODE sponsor Sen. Sen. Conrad Burns (R-Mont.) didn't stand a chance. Hunched over the microphone, Burns was outmaneuvered, outprepared, and outgunned on almost every point. Nevertheless, he introduced ProCODE II -- a so-called compromise measure -- and was defeated 8-12. The changes from ProCODE I gave the NSA, FBI, and CIA oversight over crypto exports and permitted only the export of up to 56-bit crypto products without key escrow. Products of any strength with key escrow could be exported freely. That's hardly a pro-privacy, pro-encryption bill, says the ACLU's Don Haines. "The ProCODE vote shows the political bankruptcy of the pro-business agenda. Even in the Commerce Committee, commerce arguments didn't work," he says. The committee also approved amendments proposed by Kerry that would give jurisdiction over crypto exports to a nine-member "Encryption Export Advisory Board." The panel would "evaluate whether [a] market exists abroad" and make non-binding recommendations to the president. Frist also introduced amendments to the McCain-Kerrey bill that were accepted: * Requiring that not any Federally-funded communications network, but only ones established "for transaction of government business" would use key escrow -- thereby jumpstarting the domestic market. * "Requirements for a subpoenas [sic] should be no less stringent for obtaining keys, then [sic] for any other subpoenaed materials." * Key recovery can mean recovering only a portion of the key "such as all but 40 bits of the key." * NIST after consulting with DoJ and DoD will "publish a reference implementation plan for key recovery systems;" the law will not take effect until the president tells Congress such a study is complete. After the vote, advocacy groups tried to put a good face on the devastating loss -- and an expensive defeat it was. After 15 months of lobbying, countless hearings, backroom dealmaking, and political capital spent, ProCODE is gutted and dead. "There's another day. We have confidence in the system," said BSA's Robert Holleyman. CDT's Jerry Berman said, "What is encouraging is that unlike the CDA other committees are getting involved." Of course, the involvement of other committees is only likely to add more key escrow provisions and limitations on crypto-exports. ProCODE's replacement -- the McCain-Kerrey bill -- now goes to the Senate Judiciary committee, and its chairman has already been talking about mandating key escrow in some circumstances... -Declan ************************* Date: Wed, 24 Sep 1997 21:38:37 -0400 To: fight-censorship-announce@vorlon.mit.edu From: Declan McCullagh <declan@well.com> Subject: FC: Crypto-victory in Commerce; Oxley talks about nuking Congress Sender: owner-fight-censorship-announce@vorlon.mit.edu Reply-To: declan@well.com X-Loop: fight-censorship-announce@vorlon.mit.edu X-FC-URL: Fight-Censorship is at http://www.eff.org/~declan/fc/ So I'm sitting here in the lobbyist warren of the Capitol Grille on Pennsylvania Avenue getting sloshed on expensive beer -- and sick on the clouds of cigar smoke from industry representatives flush from their victory in the House Commerce committee earlier this evening. And they do have cause to celebrate. A week ago, the outlook in Congress was dismal. The House Intelligence committee had approved (during a closed hearing) the first-ever domestic restrictions on what technologies Americans can use to protect their privacy. The House Commerce committee seemed certain to follow. Rep. Oxley, who was pushing the proposal, told me last week he had the votes sewn up. The tide changed today when the Commerce committee overwhelmingly defeated Oxley's amendment. In a 35-16 vote, members rejected restrictions on manufacturing unapproved encryption devices and instead approved a modified version of Rep. Goodlatte's original Security and Freedom through Encryption (SAFE) bill. The vote came after a last-minute press by a diverse coalition of industry groups, including some who had never weighed in on crypto before, including the automobile companies and the Baby Bells. (In fact, the Bells may have been the deciding factor in defeating the measure.) The version of SAFE the Commerce committee approved includes: criminal penalties (doubled from the original) for the use of encryption in a crime, a prohibition on mandatory domestic key escrow, delinking certificate authorities from key escrow requirements, a "NET" center to coordinate law enforcement codebreaking, a classfied study to be conducted by the Attorney General, a NIST study on crypto, and liability limitations on firms providing key recovery. It also includes SAFE's original export relaxation on encryption products that are already available overseas or are in the public domain. Many of those changes were proposed by Reps. Markey and White, who had their amendment approved 40-11. The amended bill was approved out of the committee by a 44-6 vote. (One lobbyist just leaned over, martini in hand, and asked me, "Do you need a quote, Declan?" //sigh//) Today's discussion before the committee was all about compromise -- which, after all, shouldn't be surprising. Washington politicians thrive on it. If politics is the art of the possible, compromise is its lifeblood. But to the chagrin of politicans, staffers, and bureaucrats alike, the politics of encryption doesn't provide one. Either you use backdoored crypto or you don't. Either you have unalloyed privacy or you don't. There's no middle ground. Of course it's one thing to compromise on tax bills or spending measures. That's not only expected, it's necessary. But it's another thing entirely to compromise on a bill that deals with fundamental freedoms. How many newspapers is it acceptable for the government to review and censor before publication? How many Americans can be imprisoned without a public trial? Sometimes, including now, Americans should stand on principle and reject that any and all "compromises." A coalition of groups from the American Civil Liberties Union to the Eagle Forum sent out just that letter earlier today. Those groups understand what high tech firms have been slow to realize: Congress will not, and cannot, approve a bill that benefits crypto-liberty. Right now there are no domestic controls on encryption. After Congress passes a bill, that will surely change. The crypto-in-a-crime provisions are destined to stay in. When crypto becomes omnipresent, Congress might just as well punish you for speaking Spanish in the commission of a crime. (By now the lobbyists are drunk. One just leaned over, laughing excitedly, and yelled in my ear: "Cold fusion still doesn't work!" Huh? Whatever. Seriously, folks, I do not make this stuff up. Another fellow says the quote of the day is: "The FBI tried to take the country hostage.") Anyway, today firms saw their arguments used against them. For years companies have testified before Congress that crypto was readily available at the corner software store. One Congressman recently even waved around a shrinkwrapped copy of Lotus Notes as a prop. At last the techno-impaired members of the House Commerce committee have realized that strong crypto was available through a point-and-click download (or for $19.95). But instead of allowing the //overseas// distribution of encryption, they instead came close to banning the //domestic// distribution. By now even the more censorhappy members of Congress are sick and tired of hearing about pedophiles and child pornographers and molesters and such. Even the druglords-wielding-crypto claims pales after a while -- at least if you've heard it 17 times in the past few weeks. So today Rep. Oxley whipped out his trump card: if you don't vote for my amendment, you'll get blown up! "How about some terrorist orgainztion acting with impunity because they have the ability to communicate with impunity gets a hold of a Russian nuclear device and threatens to blow up the Capitol of the United States?" In the end, Oxley's amendment didn't carry the day. It was of course almost entirely the successful lobbying -- and if firms can't win in the //Commerce// committee, where can they win? -- but to their credit, some Congressmen actually talked about the Constitutional issues involved. "This is about our liberty and how far we will go in protecting our liberties," said Rep. Rogan, a former prosecutor and judge who spoke against Oxley. The future, however, is uncertain. The bill now goes to the House Rules committee, whose chairman said today in a strongly-worded letter that he'd only allow a bill to go to the floor if it included Oxley's amendment. Look for a hell of a lot of behind-the-scenes lobbying on this now... -Declan
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |