U.S. OFFICIAL CONCEDES THAT "KEY RECOVERY" ENCRYPTION IS INFERIOR TO ALTERNATIVE PRIVACY TECHNIQUES
FOR IMMEDIATE RELEASE
Wednesday, March 25, 1998
WASHINGTON, DC -- A top U.S. official acknowledged more than a year ago that the Internet privacy technique championed by the Clinton Administration is "more costly and less efficient" than alternative methods that the government seeks to suppress. The concession is contained in a newly-released high-level document on encryption policy obtained by the Electronic Privacy Information Center (EPIC).
In a November 1996 memorandum to other government officials, William A. Reinsch, the Commerce Department's Under Secretary for Export Administration, discussed the Administration's efforts to promote "escrowed" or "recoverable" encryption techniques in overseas markets. Such techniques enable government agents to unscramble encrypted information and they form the cornerstone of current U.S. encryption policy.
After noting that government regulations permit the export of non- escrowed encryption products only to "safe end-users" such as foreign police and security agencies, Reinsch recognized the inferiority of the Administration's favored technology:
Police forces are reluctant to use "escrowed" encryption products (such as radios in patrol cars). They are more costly and less efficient than non-escrowed products. There can be long gaps in reception due to the escrow features -- sometimes as long as a ten second pause. Our own police do not use recoverable encryption products; they buy the same non-escrowable products used by their counterparts in Europe and Japan.
Ironically, Reinsch's concession is contained in a memorandum that discusses the Administration's strategy to "help the market transition from non-recoverable products to recoverable products." According to EPIC Legal Counsel David Sobel, the newly released document "suggests that the Clinton Administration is trying to sell key recovery technology while quietly recognizing its inferiority. This approach will ultimately weaken the global position of the American computer industry and hold back the development of the privacy protections so badly needed on the Internet."
EPIC and other critics of current U.S. encryption policy have long maintained that "key escrow" and "key recovery" approaches compromise the security of private information by providing "backdoor" access to encrypted data.
The Reinsch memo was released in response to a Freedom of Information Act request EPIC submitted to the Department of State concerning the international activities of former U.S. "crypto czar" David Aaron. That request is the subject of a pending federal lawsuit initiated by EPIC last year.
The memorandum is available at the EPIC website at:
- end -
Return to the EPIC Crypto Policy Page