From: John Ashcroft Subject: Re: To: cipher@mindspring.com Dear On-line friend: I thought the following oped on Technology would be of interest to you. I wrote it for the United States Information Agency. Please feel free to contaact me if you have any questions or comments. I look forward to hearing from you soon. Sincerely, John Ashcroft U.S. Senate The Internet provides a great opportunity to our country, in part by representing the most inviting form of communication ever developed. It draws people together from all corners of the globe to share and communicate on an unprecedented level, and brings all branches of government closer to the public that they serve. The Internet allows small businesses to reach out across the globe and conquer the distances between them and potential customers. Individuals can view merchandise and make purchases without leaving home. The Internet also holds great promise for education. Students -- rural, suburban, and urban -- are increasingly able to access a wealth of information with their fingertips that was previously beyond their reach. In order to guarantee that the United States meets the challenge of this new means of commerce, communication, and education, government must be careful not to interfere. We should not harness the Internet with a confusing array of intrusive regulations and controls. Yet, the Clinton Administration is trying to do just that. The Clinton Administration would like the Federal government to have the capability to read any international or domestic computer communications. The FBI wants access to decode, digest and discuss financial transactions, personal e-mail, and proprietary information sent abroad -- all in the name of national security. To accomplish this, President Clinton would like government agencies to have the keys for decoding all exported U.S. software and Internet communications. This proposed policy raises obvious concerns about Americans' privacy, in addition to tampering with the competitive advantage that our U.S. software companies currently enjoy in the field of encryption technology. Not only would Big Brother be looming over the shoulders of international cyber-surfers, but the Administration threatens to render our state-of-the-art computer software engineers obsolete and unemployed. There is a concern that the Internet could be used to commit crimes and that advanced encryption could disguise such activity. However, we do not provide the government with phone jacks outside our homes for unlimited wiretaps. Why, then, should we grant government the Orwellian capability to listen at will and in real time to our communications across the Web? The protections of the Fourth Amendment are clear. The right to protection from unlawful searches is an indivisible American value. Two-hundred-years of court decisions have stood in defense of this fundamental right. The state's interest in effective crime-fighting should never vitiate the citizens' Bill of Rights. The President has proposed that American software companies supply the government with decryption keys to high level encryption programs. Yet, European software producers are free to produce computer encryption codes of all levels of security without providing keys to any government authority. Purchasers of encryption software value security above all else. These buyers will ultimately choose airtight encryption programs that will not be American-made programs to which the U.S. government maintains keys. In spite of this truism, the President is attempting to foist his rigid policy on the exceptionally fluid and fast-paced computer industry. Furthermore, recent developments in decryption technology bring into question the dynamic of government meddling in this industry. Three months ago, the 56-bit algorithm government standard encryption code that protects most US electronic financial transactions from ATM cards to wire transfers was broken by a low-powered 90 MHZ Pentium processor. In 1977, when this code was first approved by the U.S. government as a standard, it was deemed unbreakable. And for good reason ..... there are 72 quadrillion different combinations in a 56-bit code. However, with today's technology these 72 quadrillion different combinations can each be tried in a matter of time. Two days after this encryption code was broken, a majority of the U.S. Senate Commerce Committee voted, in accordance with Administration policy, to force American software companies perpetuate this already compromised 56-bit encryption system. In spite of the fact that 128-bit encryption software from European firms is available on websites accessible to every Internet user. Interestingly, European firms can import this super-secure encryption technology (originally developed by Americans) to the U.S., but U.S. companies are forbidden by law from exporting these same programs to other countries. I believe that moving forward with the President's policy or the Commerce Committee's bill would be an act of folly, creating a cadre of government peeping toms and causing severe damage to our vibrant software industries. Government would be caught in a perpetual game of catch-up with whiz-kid code-breakers and industry advances. Majority Leader Lott has signaled his objection to both proposals. The Leader and I would like to work to bring solid encryption legislation to the Senate floor. Any proposal should give U.S. encryption software manufacturers the freedom to compete on equal footing in the international marketplace, by providing the industry with a quasi-governmental Board that would decide encryption bit strength based on the level of international technological development. U.S. companies are on the front line of on-line technologies -- value-added industries of the future. Consider this: Every eighteen months, the processing capability of a computer doubles. The speed with which today's fastest computers calculate will be slug-like before the next millennium .... or the next presidential election comes along. The best policy for encryption technology is one that can rapidly react to breakthroughs in decoding capability and roll back encryption limits as needed. The Administration's interest in all e-mail is a wholly unhealthy precedent, especially given this Administration's track record on FBI files and IRS snooping. Every medium by which people communicate can be subject to exploitation by those with illegal intentions. Nevertheless, this is no reason to hand Big Brother the keys to unlock our e-mail diaries, open our ATM records, read our medical records, or translate our international communications. Additionally, the full potential of the Internet will never be realized without a system that fairly protects the interests of those who, use the Internet for their businesses, own copyrighted material; deliver that material via the Internet, or individual users. The implications here are far-reaching, with impacts that touch individual users, companies, libraries, universities, teachers and students. In December 1996, two treaties were adopted by the diplomatic conference of the World Intellectual Property Organization (WIPO) to update international copyright law. These treaties would extend international copyright law into the digital environment, including the Internet. However, these treaties do not provide a comprehensive response to the many copyright issues raised by the flourishing of the Internet and the promise of digital technology. We must work to keep the scales of copyright law balanced, providing important protections to creators of content, while ensuring their widespread distribution. In an attempt to meet these goals, I introduced the Digital Copyright Clarification and Technology Education Act of 1997. Equally important, we must begin a process that is structured to balance the rights of copyright owners with the needs and technological limitations of those who enable the distribution of the electronic information, and with the rights and needs of individual end users. The current treaties and statements are not sufficient, and include some language that could create legal uncertainty. This vague language could lead to laws that ignore technical realities, blindly shifts liability and frustrates serious issues. The language must be clarified through the enactment of legislation in conjunction with the Senateis ratification of the treaties. Another issue which could prevent the Internet from reaching its potential is taxation. If we tax the Internet prematurely or allow discriminatory taxing, we may stifle a burgeoning technological development that holds much commercial, social, and educational promise for all Americans. Taxation should be considered only after we have fully examined and understand the impact that unequivocal taxation would have on this new means of commerce. The Internet Tax Freedom Act would allow for full consideration of the opportunities and possible abuses by placing a moratorium on further taxation of online commerce and technologically discriminatory taxes. It is important to note that S. 442 will allow states and local jurisdictions to continue to collect any tax already levied on electronic commerce. On-line communications technology is akin to the Wild West of 19th century. To best settle this new frontier, we should unleash American know-how and ingenuity. The government's police-state policy on encryption is creating hindrances and hurdles that will eventually injure our ability to compete internationally. Government's role should be to break down barriers, to allow everyone to excel to their highest and best.