[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FYI] William A. Reinsch on SAFE


-------------------------------- CUT --------------------------------

William A. Reinsch
Under Secretary for Export Administration
Department of Commerce

Before the
House Committee on the Judiciary
Subcommittee on Courts and Intellectual Property

              The Security and Freedom
                through Encryption Act 

                    March 4, 1999 

Thank you, Mr Chairman, for the opportunity to testify on the
direction of the Administration's encryption policy. We have made a
great deal of progress since my last testimony on this subject in
September 1997. 

Even so, encryption remains a hotly debated issue. The Administration
continues to support a balanced approach which considers privacy and
commerce as well as protecting important law enforcement and national
security equities. We have been consulting closely with industry and
its customers to develop a policy that provides that balance in a way
that also reflects the evolving realities of the market place.

The Internet and other electronic media are becoming increasingly
important to the conduct of international business. One of the many
uses of the Internet which will have a significant affect on our
everyday lives is electronic commerce. According to a recent study,
the value of e-commerce transactions in 1996 was $12 million. The
projected value of e-commerce in 2000 is $2.16 billion. Many service
industries which traditionally required face to face interaction such
as banks, financial institutions, and retail merchants are now
providing cyber service. Customers can now sit at their home computers
and access their banking and investment accounts or buy a winter
jacket with a few strokes of their keyboard.

Furthermore, most businesses maintain their records and other
proprietary information, such as health records or sales strategies,
electronically. They now conduct many of their day-to-day
communications and business transactions via the Internet and E-mail.
An inevitable byproduct of this growth of electronic commerce is the
need for strong encryption to provide the necessary secure
infrastructure for electronic communications, transactions and
networks. The disturbing increase in computer crime and electronic
espionage has made people and businesses wary of posting their private
and company proprietary information on electronic networks if they
believe the infrastructure may not be secure. A robust secure
infrastructure can help allay these fears, and allow electronic
commerce to continue its explosive growth.

Developing a new encryption policy has been complicated because we do
not want to hinder its legitimate use -- particularly for electronic
commerce; yet at the same time we want to protect our vital national
security, foreign policy and law enforcement interests. We have
concluded that the best way to accomplish this was to continue a
balanced approach: to promote the development of strong encryption
products that would allow lawful government access to plaintext under
carefully defined circumstances; to promote the legitimate uses of
strong encryption to protect confidentiality; and continue looking for
additional ways to protect important law enforcement and national
security interests. 


With respect to H.R.850, the Administration opposes this legislation
as we did its predecessor in the last Congress. The bill proposes
export liberalization far beyond what the Administration can entertain
and which would be contrary to our international export control
obligations. Despite some cosmetic changes the authors have made, the
bill in letter and spirit would destroy the balance we have worked so
hard to achieve and would jeopardize our law enforcement and national
security interests. I defer to other witnesses to describe the impact
of the bill on their equities, but let me describe two of its other

First, I want to reiterate that this Administration is not seeking
controls or restraints on domestic manufacture or use of encryption.
We continue to believe the best way to make progress on ways to assist
law enforcement is through a constructive dialogue. As a result, we
see no need for the statutory prohibitions contained in the bill.

Second, once again we must take exception to the bill's export control
provisions. In particular, the references to IEEPA as I understand
them would preclude controls under current circumstances and in any
future situation where the EAA had expired, and the definition of
general availability, as in the past, would preclude export controls
over most software.

In addition, whether intended or not, we believe the bill as drafted
could inhibit the development of key recovery even as a viable
commercial option for those corporations and end users that want it in
order to guarantee access to their data. The Administration has
repeatedly stated that it does not support mandatory key recovery, but
we endorse and encourage development of voluntary key recovery
systems, and, based on industry input, we see growing demand for them,
especially corporate key recovery, that we do not want to cut off.

As this Committee knows better than most, public debate over
encryption policy has been spirited. Many on both sides of the debate
have had difficulty grasping their counterparts' views or realizing
that there is a middle ground. Our dialogue with industry has gone a
long way toward bridging that gap and finding common ground. We will
continue this policy of cooperative exchange as it is clearly the best
way to pursue our policy objectives of balancing public safety,
national security, and the competitive interests of US companies. 

-------------------------------- CUT --------------------------------