| About CRA |
| CRA for Students |
| CRA for Faculty |
| Events |
| Jobs |
| Government Affairs |
| Computing Research Blog |
| CRA-Women |
| Projects |
| Publications |
| Data & Resources |
| Membership |
| What's New |
|
Home |
Bill restricts encryption
By Juan Antonio Osuna
CRA Staff
| Date: | September 1995 |
| Section: | Policy News |
Legislation introduced in June would restrict online distribution of any encryption software in a way accessible to foreign nationals or governments.
However, the bill specifically excludes encryption techniques that can be reversed by "a universal decoding device or program that was provided to the Department of Justice prior to the distribution."
These provisions are part of the Anti-Electronic Racketeering Act of 1995, a bill introduced by Sen. Charles E. Grassley (R-IA), which has not been received well in the online community.
Privacy advocates see the bill as almost a mandate for government key escrow, an idea that could plausibly gain acceptance in Congress and in the Clinton administration. However, other provisions of the bill have been ridiculed as absurdly worded.
For example, the bill tries to clamp down on computer crime by making it "unlawful for any person to damage electronically or digitally stored data."
"You evidently can't delete or edit files under the new regime," quipped Jim Gillogly in the electronic Privacy Forum Digest (Vol. 4, No. 16).
Another provision makes it "unlawful to use a computer or computer network to transfer unlicensed computer software."
"This means no more code fragments, shareware or freeware to be distributed on the Net," Gillogly said.
As for the encryption provisions, the bill prohibits the distribution of "computer software that encodes or encrypts electronic or digital communications to computer networks that the person distributing the software knows or reasonably should know is accessible to foreign nationals and foreign governments."
"As drafted, the legislation would appear to prohibit the distribution of any program that contains security features, including Netscape Navigator, various digital cash applications and even PKZIP," said David Banisar of the Electronic Privacy Information Center (EPIC).
Although Banisar and other experts worry about the imprecise nature of the language, many are also concerned about the bill's intentions, which seemingly take the Clipper chip proposal one step closer to making it a mandatory standard.
EPIC is ready to cite comments made by the Clinton administration, suggesting a more ambitious agenda than outlined in press releases.
For instance, FBI Director Louis Freeh said in congressional testimony in May, "We're in favor of strong encryption, robust encryption. The country needs it; industry needs it. We just want to make sure we have a trap door and key under some judge's authority where we can get there if somebody is planning a crime."
The bill has been referred to the Senate Judiciary Committee.
