Roth: Clipper lacks support

An aide to Sen. William V. Roth (R-DE), the incoming chair of the Senate Governmental Affairs Committee, said the senator plans to take a hard look at the Clinton administration's Clipper key escrow encryption policies as well as other issues that may threaten privacy.

Walter Koscinski, a LEGIS fellow on Roth's staff, told members of the National Institute of Standards and Technology's Computer System Security and Privacy Advisory Board that the Clipper initiative suffers from a lack of support from industry that will hinder its success. Consequently, Roth and his staff will seek changes, he said.

"The Clipper chip had no buy-in from industry," Koscinski said. "Clearly whatever we do in the future will require the cooperation of industry."

He added that Roth also plans to reconsider the government's process of creating Federal Information Processing Standards (FIPS) for security products. He said the FIPS "may not serve any purpose," and standards may be best developed cooperatively by industry and government. One criticism of the Clipper standard has been that it was developed by the National Security Agency in a classified environment that did not allow industry and the general public to participate in the process.

Koscinski said the committee will hold hearings on Clipper and other issues early this spring. "Privacy is the senator's number one concern," he said. "His view and the public's perception of government as big brother is absolutely heinous. It's something he wants to attack head on."

Roth also will hold hearings on how to "clean up government's own house" and better protect federal data and computers, Koscinski said. "Lack of management attention, training and security focus make government vulnerable to security breaches," he told the board.

He said personnel at the Office of Management and Budget are working on a revision of the guidelines to agencies to help them comply with the Computer Security Act of 1987. Koscinski said Roth intends to keep an eye on OMB's work.