January 15, 1998 12:45 PM PST
Clinton's new crypto adviser
The Clinton administration has recently brought in Steven Honigman, the general counsel to the U.S. Navy, to coordinate the administration's efforts to develop and purchase encryption products and make sure those purchases are in accordance with federal encryption policy.
Honigman's appointment, announced late last month, comes as Congress and the administration gird for another year of battle over a wide range of legislation that aims to shift current encryption regulations. As they stand, federal rules allow the export of products with strong built-in encryption only if the codes, or "keys," to unscramble encrypted messages and documents are made available to law enforcement agencies without the user's knowledge. Such availability is possible with a technology called "key recovery." There are currently no limits on encryption sold and used within the United States.
The Clinton administration is also running several pilot projects to determine what types of key recovery are feasible for government use. The findings from the pilot projects, administered by the White House's Office of Management and Budget, could well shape the overall development of key recovery and encryption systems.
"The industry position is that key recovery is expensive and difficult to do, so one of purpose of the government funding of these projects is to rebut that claim," said Stewart Baker, former general counsel of the National Security Agency and a partner at the Washington law firm Steptoe & Johnson. "[The administration] wants to demonstrate that it's not as expensive and address one of the stronger arguments that industry makes."
With wide-scale purchases of the encryption systems it favors, the government also hopes to influence market standards, Baker said.
Another Washington observer, however, pointed to past history as an example of the government's failure to drive market standards.
"That was the theory behind the Clipper Chip, and where are all the Clipper chips now?" asked James X. Dempsey, senior staff counsel at the online civil liberties organization Center for Democracy and Technology.
As Honigman shores up the procurement program, one issue to follow is whether high-level government officials will feel comfortable transmitting confidential information when the encryption system allows for back-end retrieval of that data without their knowledge.
"I think most senior government managers wouldn't accept that," Dempsey said.
The administration has somewhat of a split personality on encryption matters. Law enforcement agencies led by the Federal Bureau of Investigation demand access to encrypted messages both at home and abroad because of the threat of hidden criminal activity, while business-friendly officials such as Commerce Department undersecretary William Reinsch lean toward looser regulations.
Mandatory key recovery with law-enforcement access would scare potential customers into the arms of foreign software developers who don't operate under the same laws and thus hurt American companies, the government's opponents argue.
Honigman's portfolio also will contain policy matters, but it remains unclear if he will have enough influence to sway policy or if he will simply carry the administration's message to the computer industry and other private-sector users of encryption. The previous "cryptography ambassador," David Aaron, lasted less than a year in the post before taking an undersecretary post at the Commerce Department.
"This is just another appointment that reinforces current federal policy," said a technology issues manager at a large Washington trade association.
Several observers of the encryption industry when contacted were surprised to hear of Honigman's appointment, which came around Christmas.