Tuesday, September 16, 1997

U.S. Crypto Policy Violates Treaty

by David Braun

WASHINGTON -- U.S. cryptography policy violates an international agreement Washington made with more than two dozen countries earlier this year at the Organization for Economic Cooperation and Development (OECD), according to two leading privacy organizations.

The Washington-based Electronic Privacy Information Center (EPIC) and London-based advocacy group Privacy International said recent U.S. legislative proposals to establish controls on the use of data-scrambling technology were contrary to the principles adopted by the international organization and should be withdrawn.

"The OECD framework is based on the voluntary, market-driven development of encryption products and services", said Marc Rotenberg, director of EPIC, from Brussels Monday. The international framework was specifically intended to remove technical and legal obstacles to the use of cryptography, Rotenberg said.

The Clinton administration has not officially endorsed an FBI initiative to persuade the U.S. Congress to make key recovery mandatory in all encryption products made or imported into the United States. There was no immediate reaction from the White House about the reported violations.

The U.S. policy for data-scrambling technology now points in exactly the opposite direction as the worldwide view, Rotenberg said. The American proposals call for extensive government regulation, little regard for privacy, and the rapid development of key escrow techniques regardless of the consequences, he added.

"The United States accepted the judgment of the OECD and endorsed the final recommendations", Rotenberg said. The United States should now honor its commitment, he added.

"The rush to encourage technologies for communications surveillance comes at exactly the wrong time", said Simon Davies, director general of Privacy International. "Illegal wiretapping is on the rise around the world", he said. "Dissidents, political opponents, journalists, and human rights organizers are most often the targets."

The policy adopted by the Americans stands as the single greatest barrier to the development of tools to protect privacy and security on the Internet, according to critics.

Copyright © 1997 by CMP Media, Inc. All Rights Reserved. Reprinted with permission.