[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Horns@t-online.de: OECD-Paper "Reglementierung der Kryptographie"]
- To: undisclosed-recipients:@fitug.de, ;@fitug.de
- Subject: [Horns@t-online.de: OECD-Paper "Reglementierung der Kryptographie"]
- From: Thomas Roessler <Thomas.Roessler@sobolev.iam.uni-bonn.de>
- Date: Fri, 14 Mar 1997 15:56:38 +0100
- Comment: This message comes from the debate mailing list.
- Sender: owner-debate@fitug.de
-----Forwarded message from "Axel H. Horns" <Horns@t-online.de>-----
Return-Path: <owner-krypto@odb.rhein-main.de>
Organization: Private Site
To: krypto@rhein-main.de
Date: Thu, 13 Mar 1997 23:42:09 +0100
http://cgi.pathfinder.com/netly/:
It turned out to be a copy -- stamped
"Restricted" -- of the crypto-policy
guidelines from the influential
Organisation for Economic
Co-operation and Development. The
United States has demanded that the
Paris-based OECD endorse key
escrow, or government access to the
secret keys used to encode files and
communications. Would the OECD be
swayed by arguments from the
Department of Justice, or would it stand
firm on privacy principles? Nobody
knew. The guidelines had been secret --
until now.
The document revealed that the feds
didn't get what they wanted. "The
fundamental rights of individuals to
privacy, including secrecy of
communications and protection of
personal data, should be respected in
national cryptographic policies," it said.
Instead of prescribing crypto-laws
and regulations, the draft guidelines left
the hairy details up to individual
countries: "National cryptographic
policies may allow lawful access to
plaintext, or cryptographic keys, of
encrypted data... Governments should
cooperate to coordinate cryptography
policies."
I went looking for Marc Rotenberg,
the head of the Electronic Privacy
Information Center, who won EFF's
Pioneer Award last night. (Julf
Helsingius, former operator of
anon.penet.fi, won the other award.)
"The U.S. failed at the OECD,"
Rotenberg told me. "They failed to get
international support for key escrow."
The OECD guidelines, which will be
published on March 27, come at a time
when countries are engaging in a sort of
joint head-scratching over what kind of
crypto-laws to pass. Should they attract
international firms and investors with
deregulatory laws, or will that approach
hinder wiretapping and domestic
surveillance? France and Russia ban
unapproved encryption, and the U.S.
tightly controls exports. But what should
Germany, the U.K., Canada and every
other country do? "Most countries have
not fully developed their policies yet," a
Canadian representative to the OECD
says.
The U.S. is hoping to change this.
"The international domain is key,"
Associate Deputy Attorney General
Michael Vatis said yesterday. "All
governments are concerned about the
impact of unbreakable encryption on
national security." Vatis, however, also
is concerned about legislation recently
reintroduced in the U.S. Congress that
would lift export controls on crypto -- an
idea that's anathema to the Department
of Justice.
The bills, which are scheduled for
hearings next week, grew out of a
growing consensus that U.S. rules are
fatally flawed. American businesses
have contended for years that overseas
competitors aren't hindered by
restrictive laws and are free to sell
strong encryption around the globe.
Executives have told Congress that
current regulations cost U.S. industry
millions. They point to RSA Data
Security's decision to license its patents
to NTT, a Japanese firm. They warn that
European or Asian software makers
may drive U.S. firms off the encryption
playing field forever.
President Clinton responded by
appointing a crypto-ambassador to
lobby foreign governments to comply
with U.S. rules and move toward a
global framework requiring key escrow.
If successful, the move would nullify the
industry's argument; after all, foreign
firms would be equally hobbled.
Yet is crypto really necessary? David
Brin, science fiction author and arrogant,
irascible futurist, spent an hour railing
against cypherpunks, privacy advocates
and conventional Net wisdom in a
luncheon address called "The Case
Against Privacy."
"Accountability has always been a
greater friend of freedom than privacy,"
he said. "Why do we instinctively reach
for solutions that reduce the flow of
information?"
Netizens, he argued, should embrace
technologies that provide more
information, not less. Imagine miniature
cameras on street corners -- eliminating
privacy, but ensuring safety. Says Brin:
"Rest assured, the cameras are
coming!"
-----End of forwarded message-----
--
Thomas Roessler · 74a353cc0b19 · We did it. · http://home.pages.de/~roessler/