When will they learn that encryption back doors and clipper chips have no place in a free society? 01/10/08 ReleVents hed: Ban the back door man dek: When will they learn that encryption back doors and clipper chips have no place in a free society? by James Mathewson
In the wake of the terrorist attacks, many ill-conceived ideas about how to defend our country in the future have come forward. Two nights after the attack, one person called into Fox’s “The O’Reilly Factor” saying we should deport everyone of Arab or Middle Eastern origin. That would be a problem for me: my wife and son would be deported even though they are peaceful Christians who were both born here. While no proposal is as preposterous as that guy’s, lots of other proposals are motivated by the same kind of illogical reaction to clear and present danger. I’ve written about aspects of this flight from logic related to Attorney General Achcroft’s antiterrorism proposals. But that is not the only proposed legislation we should fight.
Another place where this cropped up is in encryption. A lot of people have pointed to encryption as the primary reason we did not see the attacks coming. It is now known that some of the attackers used Pretty Good Privacy (PGP) to encrypt their e-mail communication related to the attacks, hence, even though the FBI intercepted some of them, agents could not be deciphered. In response to this, New Hampshire Senator Judd Greg hastily drafted a bill that would give law enforcement agencies the keys to encrypted messages.
This is a bad idea for a number of reasons, as a news item on our site over the weekend shows. First of all, any law giving the Feds the keys to all our encrypted messages, would run head on into the First Amendment. Second, the bill would not cover PGP, as it does not work like commercial encryption software in which communicators share a single key. And third, it is very dangerous to have all the keys stored in one place. What if that vault got hacked and suddenly someone had all the keys to every encrypted message. Those were the reasons outlined in the story.
My own reason this is a bad idea is that it would put U.S. encryption products on a different playing field in an international market. This is basically what happened during the Clinton administration, whose policies regarding encryption export hampered the U.S. software industry. Rather than keeping the international community from having more powerful encryption, the the policy led to non-U.S. software companies taking the upper hand in being able to provide stronger encryption than U.S.-made software. We have had a year of being able to export software containing stronger encryption and it has really helped the software industry in international markets. If this bill becomes law, it would put us back to square one in international competition. In a time when the software industry is suffering, this bill could kill several U.S. software companies.
James Mathewson is editor of ComputerUser magazine and CcmputerUser.com.