Electronic Frontier Canada cirulated this letter among top mathematicians and computer scientists. Fourteen of the leading cryptography experts in the country signed letter, or a letter very similar to this. These letters were delivered to Industry Canada on Monday, April 20, 1998 as part of EFC's formal submission.
Dear Ms. McDonald:
We are writing in reference to your call for public comments to the document "A Cryptography Policy Framework for Electronic Commerce -- Building Canada's Information Economy and Society", available on the world-wide web at: http://strategis.ic.gc.ca/crypto
To make clear out credentials, we are some of Canada's leading scientists, engineers, and mathematicians with knowledge and expertise in cryptography, representing both business and academia.
We wish to express our firm opposition to any policy or legislation that would limit or prohibit the manufacture, import/export, or use of strong encryption (without key recovery) for stored data or real-time communications.
In particular, we are firmly opposed to the following proposals, (as detailed in Part 4: Policy Options of the document mentioned above).
First, it would unreasonably and unconstitutionally infringe upon the right of Canadians to freedom of expression, as guaranteed by the Charter of Rights and Freedoms.
Second, it would unreasonably deny Canadians the opportunity to use strong encryption products to exercise their right to privacy and to protect the confidentiality of their personal communications.
Third, it would unreasonably hinder and interfere with the use of encryption products whose legitimate use is essential to the transition to a wired economy. Strong encryption is essential to the growth and success of electronic commerce.
Any requirement for key-escrow or key-recovery creates an unnecessary risk of unlawful interception of personal communications, or unlawful access to sensitive financial transaction data by criminals.
Fourth, and finally, it would be unenforceable in practice, since the basic mathematical and algorithmic methods for strong encryption (without key recovery) are published and well known and can easily be implemented in software by any bright high-school student with access to a personal computer. Such strong encryption software is already widely available on the Internet, for anyone to download, for free.
(A few more signatures were faxed in to EFC at the last moment. These will be added to our online list shortly.)