Encryption Technology Export Plan Draws Fire

Privacy advocates and high-tech firms on Tuesday reacted angrily to a new Clinton administration proposal for easing U.S. export controls on powerful data-scrambling technology, saying it falls short of promised reforms.

The administration promised in September to develop new export rules that would clear the way for companies to more freely sell the hardest-to-crack encryption technology overseas, despite concern by the U.S. military and law enforcement officials that it could be abused by terrorists.

A 15-page discussion draft being circulated this week by the Commerce Department would significantly ease export controls on retail software-encryption products, except for sales to customers in countries such as Iraq and Libya whose governments support terrorism. But it would maintain stricter limits on hardware-data-scrambling equipment aimed at the fastest-growing segment of the booming global telecommunications market: computer networking.

Makers of hardware products such as data routers and switches would be free to sell to individuals and private companies overseas, like their software counterparts. But hardware makers would have to apply for a license to sell high-strength encryption products directly to governments.

The Clinton administration is racing to meet a mid-December deadline for reforming its export-control rules. Commerce Department officials, who will administer the plan, say the draft proposal is likely to be modified further but will need no formal approval from Congress or the White House.

Since most telecommunications facilities outside of North America and Britain are at least partially state-controlled, encryption proponents see the new rules as unduly restrictive.

“What the administration has done is take two steps forward and one-and-a-half steps back,” said Alan Davidson, staff counsel for the Center for Democracy and Technology, a Washington-based advocacy group on technology and privacy issues. “The proposed regulations fall far short of actually doing what the administration promised to do.”

Even companies that have major businesses involving the Internet voiced their objections.

“This overly complex draft falls well short of achieving” our goals, said Laura Ipsen, senior government relations manager for Cisco Systems Inc., a San Jose-based company that is the leading maker of computer switches and routers directing data over the Internet.

Encryption technology is based on mathematical algorithms that create electronic keys and locks that can scramble and unscramble computer data of any sort, but especially communications that travel over unsecured computer networks such as the Internet.

Proponents say the spread of stronger encryption tools would encourage worldwide adoption of more secure standards for conducting electronic commerce. Consumers and business would have less fear that their credit card numbers or other private communications might be intercepted by third parties when making purchases over the Internet.

While the Clinton administration has generally been considered an ally of Silicon Valley and has supported efforts to deregulate technology, it has adamantly argued that the government should maintain some oversight of sales of encryption technology to preserve national security.

William A. Reinsch, undersecretary of commerce for export, said the administration is open to modifying its proposal to accommodate industry concerns. But Reinsch said he is dismayed that criticism of the plan is appearing in the press before being aired to officials working directly on the plan.

“We recognize that it [the proposal] is going to need further work,” said Reinsch. “But [critics] should keep this thing in perspective: The [reforms] we announced in September took care of 90% of their problem; now we are going to argue about the remaining 10%.”

American consumers can buy encryption technology of any strength. But under current law, U.S. companies are not allowed to sell strong encryption overseas without first obtaining an export license.

“We want to keep closer track on nation-states” that might be unfriendly toward the United States, said Reinsch. “We want to know what is being exported to those locations.”

But rather than single out suspected nations, Reinsch said the government thought it would be fairer to review all transactions, so it could make determinations on “a case-by-case basis.”