Early bird tickets for Baltimore’s BEST party on sale now!

Software makers seek liberal exporting Industry pressures Clinton administration on cryptography issue


The computer software industry is turning up the heat on the Clinton administration in a bid to force liberal regulation of the export of computer encryption technology.

The Business Software Alliance, a lobbying group for more than a dozen leading computer and software firms, claims that the administration is backing away from its commitment in October to liberalize the rules covering exports of strong cryptography.

"We seriously doubt the regulations will work, meet computer user demands, or be accepted by the private sector unless the administration radically changes its approach," BSA President Robert W. Holleyman II wrote to Vice President Al Gore this week.

The issue has galvanized software companies, who say the administration's limits on exports of encryption threaten their competitiveness, and free-speech advocates, who claim that it violates the First Amendment to place any limits on the ability to make information transmitted over the Internet incomprehensible to law enforcement.

But the administration has contended that agencies like the FBI and the National Security Agency must be able to wiretap Internet transmissions if they obtain a court order, using the same standards that apply to government eavesdropping on telephone calls.

Approving unlimited cryptography with no safeguards could make it technically impossible to enforce the law, even when officials do have wiretap authorization, officials say.

In 1993, the administration proposed allowing the export of strong encryption systems only if their makers gave the government the mathematical keys that unscramble the complex algorithms that make encryption work. Under that plan, the keys could only be used with a warrant. But opponents insisted that the plan left too much room for government abuse.

By October 1996, the administration backed down in the face of the industry backlash and promised to allow the export of much stronger encryption. The exports could include systems that computer security expert Stephen T. Walker calls "hundreds of millions of times harder" for hackers to crack than the toughest encryption previously approved for export. And no keys would ++ have to be placed in the government's hands.

That compromise was a boon for Walker's company, Glenwood-based Trusted Information Systems Inc., which has the only export-approved technology that allows recovery of descrambling keys without government registration.

Since Oct. 1, TIS has been included in two major industry alliances to develop exportable strong cryptography. Hewlett-Packard will begin building TIS' technology into some computers by next year.

But the strongest encryption can be exported only under the regulations the government is now developing. The software industry is pushing to make sure that those rules are as liberal as the companies can force the administration to make them, and )) has threatened to break off the talks if they are not liberal enough.

"I hope it's not likely, but the way things are going, it looks likely," Business Software Alliance lobbyist Rebecca Gould said.

But William A. Reinsch, undersecretary of commerce for export administration, said the industry is panicking without having seen the administration's proposals, which could be ready as soon as today.

"My frustration is that they have not seen the rules we are working on, yet they assume that we will answer all their questions negatively," Reinsch said.

The hardest-fought issue is the circumstances under which companies can keep the only copy of their own encryption keys -- which allow them to recover files from rogue employees or workers who die and take their codes with them -- and what circumstances will require them to register the keys to exported encryption systems with a third party.

The third party would agree to hold the descrambling codes in case they are subpoenaed. Systems that aren't exported can use the strongest encryption without any requirements about who must be given the descrambling codes.

Reinsch said Gore has committed the administration to allowing many companies to hold on to their own keys without using a so-called escrow agent.

Pub Date: 12/06/96

Copyright © 2019, The Baltimore Sun, a Baltimore Sun Media Group publication | Place an Ad