Encryption Bill: Ignorance Rears Its Head Again

Technophiles tend to be a smart and confident lot, convinced that their world view is just and that history is on their side. So it always comes as a shock when they realize that the principles they hold dear are viewed with nothing less than contempt by many politicians and much of the public.

On Capitol Hill last week, the vast gulf between the priorities of the technology community and those of the political establishment once again became clear. Responding to what was evidently a brilliant lobbying campaign by FBI Director Louis Freeh, the House Select Committee on Intelligence took a bill originally designed to loosen export restrictions on encryption software and turned it on its head.

The amended version of the so-called SAFE bill not only maintains current export restrictions, it also calls for a sweeping new regime to control the use of encryption domestically. For the computer industry, and for civil liberties and privacy activists, it was a devastating reversal.

And if anything resembling the Intelligence Committee bill becomes law, the federal government will find itself embroiled in a highly contentious, expensive and completely futile effort to monitor and control what happens on global communications networks.

The battle over encryption has been raging in one form or another for years. Encryption software makes it possible to scramble data--including voice communications--so that only the intended recipient can decipher it. Businesses routinely encrypt sensitive information, and as more consumers use computers for more things, they’ll be using encryption more too.

Law enforcement and national security officials don’t like this at all; it hinders their ability to conduct wiretaps and gather electronic information. They contend that encryption is making the world safe for terrorists and drug dealers and other criminals. They want a system that will give them a “back door” into encrypted information for use when they have a subpoena.

Various schemes directed at this end--notably the failed Clipper chip proposal--have gone nowhere. But Commerce Department rules treat “strong” encryption software as a munition for export purposes, making it very difficult for U.S. software companies to sell certain products overseas.

It was this restriction the industry was hoping to get lifted with the Security and Freedom through Encryption (SAFE) Act. Because many widely used products--such as the Windows NT operating system and Lotus Notes--include encryption, companies must create a separate version for export. In the meantime, they say, they’ve been losing sales to overseas rivals.

Until this week it looked as if the SAFE bill had significant momentum. But then Freeh got to work: In a series of secret briefings for members of Congress, he apparently told some very scary stories and persuaded many of them that encryption posed a grave threat to law enforcement, and that not only exports but also domestic use must be closely controlled.

“The scare tactics and bully tactics of the FBI . . . have put [Congress] members in a very difficult position,” says Lauren Hall, chief technologist of the trade group Software Publishers Assn. “The FBI is not playing fair. Encryption is a difficult technical issue . . . and now it’s become law enforcement versus high tech.”

For the large and vocal contingent of Netizens who tend toward libertarian politics, encryption is an ideological issue of the highest order. To them, the paramount virtue of the Internet is that it empowers individuals and tends to undercut government authority; encryption gives people more control over their own information, and therefore it should not simply be tolerated but promoted. Requiring that the government have the ability to access encrypted information is their worst nightmare.

Mainstream civil liberties groups and privacy advocates see encryption controls as Big Brotherism too. “From a privacy point of view, this is really a draconian bill,” says Alan Davidson, staff counsel at the Center for Democracy and Technology.

Even for those who believe that honest citizens have nothing to fear from the government, the practical issues are daunting. Providing the “back door” would require a complicated system for routing and storing billions of electronic keys. Many computer experts say such a system would inevitably create dangerous security holes in the Internet--if it worked at all. The two big professional associations of computer scientists hate the idea.

*

Criminals, meanwhile, would surely figure out ways to get their hands on encryption software that didn’t have the back door. Even if major Asian and European countries join with the United States in a crypto-control regime--which they show no signs of doing--the software isn’t so tough to create or copy that hard-up Russian mathematicians, or angry American anarchists for that matter, won’t be able to sate the inevitable demand.

The SAFE bill still must be considered by the House Commerce Committee, and then competing versions must be reconciled by the Rules Committee before it can reach a floor vote. There isn’t yet a companion version in the Senate. The Clinton administration is divided on the issue. Mercifully, then, the bill is a long way from becoming law.

But the abruptness with which the tables were turned last week is an ominous sign of just how uncomprehending the government and the public are when it comes to the broader implications of the information revolution.

Responding to a few scare stories on the assumption that their constituents will respond to them too, members of Congress--in closed session and on a voice vote--approve a radical bill that flies in the face of all kinds of democratic traditions, hurts an important industry and may well be unconstitutional.

It’s the Communications Decency Act all over again. And the technology world is learning, again, that its wealth creation might be broadly popular, but its social values are not. For now at least, history doesn’t carry many votes on Capitol Hill.