News

U.S. OFFICIAL CONCEDES THAT "KEY RECOVERY" ENCRYPTION
          IS INFERIOR TO ALTERNATIVE PRIVACY TECHNIQUES


FOR IMMEDIATE RELEASE                     CONTACT:
Wednesday, March 25, 1998                 David Sobel/Dave Banisar
                                          (202) 544-9240

WASHINGTON, DC -- A top U.S. official acknowledged more than a
year ago that the Internet privacy technique championed by the
Clinton Administration is "more costly and less efficient" than
alternative methods that the government seeks to suppress.  The
concession is contained in a newly-released high-level document on
encryption policy obtained by the Electronic Privacy Information
Center (EPIC).

In a November 1996 memorandum to other government officials,
William A. Reinsch, the Commerce Department's Under Secretary for
Export Administration, discussed the Administration's efforts to
promote "escrowed" or "recoverable" encryption techniques in
overseas markets.  Such techniques enable government agents to
unscramble encrypted information and they form the cornerstone of
current U.S. encryption policy.

After noting that government regulations permit the export of non-
escrowed encryption products only to "safe end-users" such as
foreign police and security agencies, Reinsch recognized the
inferiority of the Administration's favored technology:

     Police forces are reluctant to use "escrowed" encryption
     products (such as radios in patrol cars). They are more
     costly and less efficient than non-escrowed products.
     There can be long gaps in reception due to the escrow
     features -- sometimes as long as a ten second pause. Our
     own police do not use recoverable encryption products;
     they buy the same non-escrowable products used by their
     counterparts in Europe and Japan.

Ironically, Reinsch's concession is contained in a memorandum that
discusses the Administration's strategy to "help the market
transition from non-recoverable products to recoverable products."
According to EPIC Legal Counsel David Sobel, the newly released
document "suggests that the Clinton Administration is trying to
sell key recovery technology while quietly recognizing its
inferiority.  This approach will ultimately weaken the global
position of the American computer industry and hold back the
development of the privacy protections so badly needed on the
Internet."

EPIC and other critics of current U.S. encryption policy have long
maintained that "key escrow" and "key recovery" approaches
compromise the security of private information by providing
"backdoor" access to encrypted data.

The Reinsch memo was released in response to a Freedom of
Information Act request EPIC submitted to the Department of State
concerning the international activities of former U.S. "crypto
czar" David Aaron.  That request is the subject of a pending
federal lawsuit initiated by EPIC last year.

The memorandum is available at the EPIC website at:

     http://www.epic.org/crypto/key_escrow/reinsch_memo.html


                             - end -

.



==================================================================
Marc Rotenberg, director                *   +1 202 544 9240 (tel)
Electronic Privacy Information Center   *   +1 202 547 5482 (fax)
666 Pennsylvania Ave., SE Suite 301     *   rotenberg@epic.org
Washington, DC 20003   USA              +   http://www.epic.org
==================================================================