|
|
Cryptography, Scientific Freedom, and Human Rights
AAAS Projects and Activities
- AAAS Letter to House
International Relations Committee Chairman Ben Gilman expressing support for
lifting current US government export controls on encryption, June 25, 1999
(signed by Dr. Richard Nicholson, AAAS Executive Officer).
- AAAS Letter to Speaker of the House
Gingrich and Representative Solomon on cryptography and human rights work,
September 29, 1997 (signed by Dr. Richard Nicholson, AAAS Executive Officer).
- Letter
from 13 leading scientific societies opposing efforts in the House of
Representatives to restrict encryption technology, September 24, 1997 (signed
by the AAAS Committee on Scientific Freedom and Responsibility).
- AAAS Letter to Department of Commerce
on implications of U.S. export controls of encryption for scientific freedom
and human rights work, February 7, 1997 (signed by Dr. Richard Nicholson,
AAAS Executive Officer).
- AAAS Amicus Brief in Bernstein
v. U.S. Department of Commerce, et. al., November 10, 1997.
- Affidavit
of Patrick Ball in American Civil Liberties Union of Georgia, et al.,
vs. Zell Miller, Governor of the State of Georgia, et al .
- Symposium on "Analysis of Electronic Threats in Human Rights Information
Management," AAAS Annual Meeting, February 19, 2000. Organized by Patrick
Ball. Speakers included Bruce Schneier, Counterpane Systems; Ken Ward, UN
Verification Mission in Guatemala; Oliver Mazariegos, Human Rights Office/Archbishop
of Guatemala; and Philip Zimmermann, Network Associates, Inc.
- Symposium on "Policing
the Internet: Cybercensorship and Its Potential Impact," AAAS Annual
Meeting, January 22, 1999 (Organized by Stephen Hansen). Speakers included
Stephen A. Hansen, Alexander Fowler, Eric Goldstein, Patrick Ball, and Philip
R. Reitinger.
- Congressional Briefing on "Cryptography: Scientific Freedom and Human Rights
Issues," August 1, 1997. Organized with the AAAS
Center for Science, Technology, and Congress. Presentations were made
by Matt Blaze, Ian Goldberg, Patrick Ball, and Dinah PoKempner. All
presentations are still available in HTML and RealAudio.
- Symposium on "Privacy and Encryption in an Electronic Environment," AAAS
Annual Meeting, February 14, 1995 (Organized by Alexander Fowler). Speakers
included Ronald Rivest, Marc Rotenberg, Matt Blaze, George Trubow, and Daniel
Weitzner.
- "Security Problems and Cryptographic
Solutions for Human Rights Organizations," Patrick Ball, CUSHRID-Net Conference,
2 May 1998.
- "Cracking
the Codes," Science (Letter to the Editor), February 27, 1998,
p. 1283.
- "Security Problems and Cryptographic
Solutions for Human Rights Organizations," Patrick Ball, Computers, Freedom,
and Privacy, 19 February 1998.
- "The Debate Over Cryptography Policy
and Scientific Freedom," Alexander Fowler, Professional Ethics Report,
Fall 1997, p.1.
- "Cryptography in America," Irving Lerch and Mary Gray (Co-Chairs, AAAS
Committee on Scientific Freedom and Responsibility), Science, 28 November
1997, p. 1545. [Click
here if you're a subscriber to Science Online]
- "Information Technology, Information Management, and Human Rights: A Response
to Metzl," Patrick Ball, Mark Girouard, and Audrey Chapman, Human Rights
Quarterly, November 1997, p. 836.
- "Security
Problems and Cryptographic Solutions for Human Rights Organizations Working
on the Internet," Patrick Ball, Presentation, Congressional Briefing on
"Cryptography: Scientific Freedom and Human Rights," August 1, 1997.
- Striking a Balance: National Security and Scientific Freedom, Edited
by Harold C. Relyea (Washington, DC: AAAS, May 1985). This compilation of
essays discuses the controversy concerning increased national security controls
on traditional scientific communication, including export controls on cryptography.
Authors include Peter Denning, Bobby Inman, Harold Green, Paul McCloskey,
Jr., Daniel Schwartz, and the editor.
As a growing proportion of international human rights work is done online, it
has become increasingly important that human rights organizations safeguard
the confidentiality, authenticity, and integrity of their communications.
That is, it is important that unauthorized attackers not be able to read sensitive
materials. Attackers should be unable to pose undetected as a human rights
group online. And finally, attackers should not be able to tamper with
messages crossing the Internet. The technologies necessary to assure confidentiality,
authenticity, and integrity are encryption and digital signatures. Collectively,
the family of tools used to guarantee electronic security (including but not
limited to the applications described above) is known as cryptography.
Program staff members Patrick Ball, Mark Girouard, and Stephen Hansen have
given talks and provided hands-on training to U.S. and foreign human rights
groups since 1995. In 1995 and 1996, Ball and Hansen provided training
in the use of cryptographic software to non-government human rights groups
in Guatemala, Haiti, Turkey, Mexico, Honduras, and South Africa. At
every meeting of the Canada-US Human
Rights Information and Documentation Network (CUSHRID-Net) since 1995,
staff have given talks and workshops on the need for and use of cryptographic
software.
In 1997, the focus shifted to U.S. based groups. Ball and Girouard
spent a total of five days with Human Rights
Watch (HRW), both in New York and in Washington, teaching HRW staff the
rudiments of cryptographic theory and the use of common software packages.
Ball gave a one-day cryptography training workshop to the Columbia
University Human Rights Advocates' Program in February 1997. Ball
also spent four days with the Amnesty
International USA Urgent Action coordinator, training him in the use of
"clear-signed" email messages, that is, messages that can be read by anyone,
but that can be verified for authenticity and integrity.
In May 1997, AAAS Science and Human Rights Program provided cryptographic
training to several human rights and social action groups in Hong Kong.
Responding to concerns raised by the return of Hong Kong to Chinese sovereignty
in July 1997, Girouard and Hansen conducted a needs-assessment mission to
Hong Kong in June 1996. They found that while an increasing number of human
rights groups in Hong Kong were using email in their work, none of them had
made provisions to ensure the security of their electronic communications.
The resulting training sessions, carried out in May 1997, focused primarily
on the use of email encryption and digital signatures. They also addressed
intra-office electronic file security, traffic analysis and other anonymity
concerns, and the use of steganography.
Groups trained include:
- The Hong Kong offices of three international human rights organizations,
all of which conduct research on human rights in both Hong Kong and mainland
China;
- Five regional groups based in Hong Kong. These included groups which
focus on immigrant workers' rights, on human rights and legal reform in
Southeast Asia, and on labor rights in mainland China and in the Asia-Pacific
Economic Cooperation (APEC) region.
- A local human rights monitoring coalition; and
- An umbrella organization for a network of local social action groups.
|
|
|
