The Clinton administration is making a small concession to proponents of strong encryption by issuing new export guidelines for financial services companies. Commerce Secretary William Daley last week said the federal government is finalizing guidelines to allow the export of U.S.-manufactured encryption products of any bit length if the products are used by banks, financial institutions and their overseas branches to secure electronic transactions. Strong encryption products - with or without key recovery features - can now be exported to eligible organizations without a license after a one-time review. Previously, encryption products for financial institutions required approval under either export licensing arrangements or individual licenses. Plus, the products had to contain a key recovery system so law enforcement agencies, such as the FBI, could gain access to decrypted data if they suspected illegal activities. The products can be exported to institutions in 45 countries that are either members of the international anti-money laundering accord, the Financial Action Task Force, or have enacted anti-money laundering laws. Although the guidelines are a small step in the right direction, the government is still taking a piecemeal approach to the encryption debate instead of implementing a comprehensive policy. At this stage, a small step is better than nothing.