|Domestic Encryption Controls Rejected
By House Panel
On September 24, the House Commerce Committee rejected a proposal which would have imposed, for the first time, restrictions on the domestic use of encryption products.
The science of cryptography developed out of the need for governments to protect sensitive information, particularly in military activity. Because of the importance of cryptography as a tool for preserving national security, code-scrambling products have been treated as munitions by the U.S. government for the past few decades. However, the widespread use of personal computers and large-scale networks has created a need for mass-market encryption products. Encryption is widely recognized as an important way of promoting secure electronic commerce.
The push for widespread public use of encryption, however, has created a policy gap. Encryption technology is considered by the Administration and many Members of Congress to be potentially dangerous in the wrong hands, constituting a threat to national security and public safety. This conflict of public interests has led to the current debate which has raged on Capitol Hill for the past two years. On the one hand, policy-makers like Rep. Bob Goodlatte (R-VA) and Rep. Zoe Lofgren (D-CA) have introduced legislation (H.R. 695) which would allow unrestricted exportation of encryption products and would prohibit giving government the power to collect "keys" to the data of encryption users.
On the other hand, the Administration and many Members of Congress believe that legislation like H.R. 695 would create an unreasonable national security risk. So the stage was set for the Commerce Committee markup of H.R. 695 on September 24. Rep. Michael Oxley (R-OH) and Rep. Thomas Manton (D-NY) planned to introduce an amendment which would require all encryption products produced and distributed in the United States to allow for immediate decryption by an authorized law enforcement officer. This amendment reflects the position of the FBI on encryption, and is similar to an earlier amendment which was passed by the House Intelligence Committee.
The prospect of the Oxley-Manton amendment passing in the Commerce Committee provoked outcries from software producers, telecommunications companies, and advocates for civil liberties. The scientific community also weighed in on the issue, in a letter signed by several leading societies, including the Association for Computing Machinery, the Institute for Electronics and Electrical Engineers, and the Committee on Scientific Freedom and Responsibility of the American Association for the Advancement of Science (AAAS, which publishes this newsletter). The letter states that current policies make it difficult for cryptographic researchers to publish their findings, collaborate with overseas colleagues, and develop secure public networks.
The Oxley-Manton amendment was defeated by 35-16. After voting down the amendment, the panel approved a measure offered by Rep. Rick White (R-WA) and Rep. Ed Markey (D-MA) which would establish a National Electronic Technologies (NET) Center within the Department of Justice. NET Center would provide assistance and information to law enforcement authorities on decryption, serve as a central source of computer security information for businesses, and investigate new information technologies. The Commerce Committee passed the amended bill by 44-6. It now goes before the House Rules Committee before being sent to the floor.
While the defeat of the Oxley-Manton amendment renewed the optimism
of many of the lobbyists and activists interested in promoting unrestricted
use of encryption, the legislative process in this matter is likely to
continue to grind on for a while. Although the House leadership has hinted
that encryption legislation may make it to the floor for a vote if it gets
marked up in time, the Rules Committee may hold up H.R. 695. Rep. Gerald
Solomon (R-NY), committee chairman, has stated that he would not allow
the bill to go to the floor without language that he feels protects the
interests of the law enforcement community. On the Senate side, legislation
introduced by Sen. John McCain (R-AZ) and Sen. Bob Kerrey (D-NE) to control
exportation of encryption products hasn't seen any committee action since
June. The likelihood of both chambers passing encryption legislation and
achieving a consensus bill before Congress recesses for the year is very