September 14, 1999 6:20 PM PDT
U.S. may lighten encryption export policy
Commerce Department officials said today that by Thursday an announcement will be made regarding the administration's export restrictions on data scrambling technology. The House also is moving toward a floor vote on legislation to lift most of the regulations.
Despite foreign availability, encryption is currently restricted on grounds that tech-savvy criminals or hostile countries could use it to cover up illegal activities or plans that threaten national security.
The White House has repeatedly scaled back its encryption policy, but not fast enough for the U.S. software industry, which wants the bureaucratic red tape cut so they can ship the best encryption products overseas and compete with foreign manufacturers. Encryption is seen as a critical component to protecting privacy, as well as for bolstering consumer confidence in e-commerce and securing intellectual property in the digital age.
The administration could scale back its regulations based on recommendations by President Clinton's Export Council Subcommittee on Encryption this June. The subcommittee, which is made up of industry executives and law enforcement officials, called for "license-free zones" to allow the unfettered export of encryption products to "friendly" countries. It also called for the lifting of restrictions on mass-market software and hardware with encryption key lengths of 128 bits--one of the strongest standards generally available.
"The U.S. government should recognize the market realities," the subcommittee said. "Furthermore, mass-market products play an important role in protecting the communications and data of individuals--a segment of the encryption user community that has been neglected in recent liberalizations to the U.S. export policy."
Although the administration has granted certain industries easy access to strong encryption--such as the medical and e-commerce sectors--opponents of the export policy still want to see it overhauled.
"The committee's recognition of the competitive disadvantage the U.S. industry faces should be a real eye-opener for the administration," said Lauren Hall, chief technologist for industry trade group the Software & Information Industry Association. "If the administration goes with the subcommittee's recommendations, then that is a significant improvement from where we are."
Advocates of export relief are still working to get a reprieve from Congress through the Security and Freedom Through Encryption Act (SAFE).
"Regardless of what the administration announces, we need to make this statutory language as opposed to a yearly process that tries to keep up with technology and the information age," said Tim Dike, coalition manager for the Americans for Computer Privacy.
The bill has more than 250 cosponsors and would change the law so that companies would only have to submit to a one-time review from the Commerce Department to ship generally available encryption products. However, to placate law enforcement concerns, the legislation also makes it a felony to use encryption in the furtherance of a crime.
Members of the House Democratic Caucus, who support SAFE, also wrote to Clinton today to request a meeting with him next week to discuss the encryption policy.
"Strong encryption actually provides vital support for both law enforcement and U.S. national security," stated Reps. Zoe Lofgren and Anna Eshoo of California, and minority leader Richard Gephardt of Missouri, who spearheaded the letter. "We must change our current encryption policy that needlessly places American companies behind the curve of technological advancements and international competition."