British and Foreign Civil Rights Organisations Oppose Encryption Paper

9 April 1997

A critical civil-liberties issue is brewing, both in the U.K. and internationally. This issue will affect the freedom of speech, the privacy, and the commercial interests of ever-greater numbers of people as the 21st century approaches. The issue is cryptography.

Why should cryptography interest all citizens? Because increasingly, our communications and commerce will take place over electronic networks that make them open to snooping and corruption by malicious parties. Cryptography is the mathematical science for improving the privacy, authenticity, and integrity of communications, independent of the communications medium or the distance the message travels. Cryptography on digital networks is becoming an important part of the commercial and political scene.

Many predict that we will make purchases and update our bank accounts over digital lines; that cellular phones will grow in popularity; and that electronic mail will form a larger and larger portion of business and personal exchanges. The threats of having our money stolen, of being impersonated, and of having our secrets revealed to our enemies loom large.

Unfortunately, many governments are afraid of privacy. They are trying to put limits on cryptography so that they can secretly intercept and read any communications they desire.

The British government has just taken a plunge into this violation of privacy with the release of a paper by the U.K. Department of Trade and Industry, “Licensing of Trusted Third Parties for the Provision of Encryption Services,” on March 20, 1997. A critique of this paper is enclosed. The government allowed only a very brief period for comments (since the deadline, May 30, is just two months away and comes one month after the general elections), but we believe the British public deserves a greater chance to consider the implications of the proposal. We urge you to publicise the matter and to include excerpts from our critique. The undersigned organisations strongly protest against governmental restrictions on encryption like those planned by the British government.

Cyber-Rights & Cyber-Liberties (UK)
CommUnity, The Computer Communicators Association (UK)
ALCEI - Electronic Frontiers Italy
American Civil Liberties Union
AUI (Association des Utilisateurs d’Internet) - France
CITADEL Electronic Frontier France
CommUnity, The Computer Communicators Association (UK)
Computer Professionals for Social Responsibility
EFF-Austin (Austin, Texas, USA)
Electronic Frontier Foundation
Electronic Frontiers Australia
Electronic Frontiers Ireland
Electronic Privacy Information Center
FrEE-Fronteras Electrónicas España (Electronic Frontiers Spain)
Freedom on the Internet (Switzerland)
NetAction
Privacy International
Stichting Digitale Burgerbeweging Nederland (Digital Citizens Foundation in the Netherlands)

Written by Andrew Oram, Computer Professionals for Social Responsibility. Contact information:

Andrew Oram
O’Reilly & Associates, Inc. (organisation for identification purposes only)
90 Sherman Street
Cambridge, MA 02140-3233
USA
phone: 1-617-499-7479
fax: 1-617-661-1116
email: andyo@oreilly.com

Nigel Hickson
Information Security Policy Group
Communication & Information Industries Directorate
Department of Trade & Industry
Room 224
151 Buckingham Palace Road
London SW1W 9SS
United Kingdom

Dear Mr. Hickson:

We are writing to offer an expert opinion in response to the paper released by the U.K. Department of Trade and Industry, “Licensing of Trusted Third Parties for the Provision of Encryption Services.” We are a group of public-interest organisations in Great Britain and elsewhere that inform the public about policy matters related to computers and networking. The principles in the U.K. paper are quite similar to those promoted in the Clipper Chip proposal by the U.S. government in April 1993, and related U.S. proposals since then. Therefore, we have been researching and debating the issue for four years.

We feel it necessary to argue against the whole notion of government access to keys. There are several political and technical difficulties with such a plan. While we understand that the British public is willing to give their government more investigative leeway than the U.S. public is, we think the British will be unhappy with the level of surveillance currently being suggested.

First, the plan involves an unprecedented level of government intrusion into daily life, because the government would potentially have access to all digital communications by all people living within the borders of the country, as well as anyone outside the country exchanging information in digital form with people within. Despite the formal guarantee that a warrant would be required to give law enforcement officials access to a key, there is a long history of abusing surveillance techniques by government officials. It is unfeasible to assume that government employees would refrain from asking for keys without just cause, or that the companies holding on to these keys would refuse to surrender them in response to an inappropriate request. In this context it is worth remembering that agents from one country often penetrate the security forces of another; not every responsible employee is automatically trustworthy.

In the United States, memories remain of the widespread illegal use of surveillance by the FBI against political opponents of the government in the 1950’s through 1970’s. Despite the passage of laws to prevent future abuse, incidents continue to come to light where the highest authorities break laws to obtain information.

Similar abuses have been documented in many other countries. The practice of wiretapping the civilian population to suppress political and civil rights was widespread throughout the Eastern Bloc, and continues unabated in many Asian and Latin American countries today. Citizens working peaceably for basic rights like free speech or democratic governance are bugged, tapped, harassed, tortured, and murdered by their own governments every day. Establishing an international regime which glorifies “the right of governments to successfully wiretap their citizens” will have serious consequences for basic human rights all over the globe.

Second, centralised storage for keys presents an irresistible target for intruders. One of the central principles of network security is that there cannot be a complete guarantee against break-ins, at least given current technology. The United States military has experienced break-ins many times, as have huge numbers of private organisations. One must assume that malicious intruders with large financial or other incentives will, at times, crack the security of the Trusted Third Parties (TTPs). By contrast, in the highly popular technology known as “public key encryption,” each private key is held only by an individual.

Third, human weakness must be considered. The employees of the TTP will be subject to the temptation to share keys due to bribes, vengeful motives, or simple curiosity.

In short, government access and key escrow are inescapably insecure and subject to abuse. Furthermore, they’re bad for business: British companies making encryption products will be at a competitive disadvantage with companies in other countries where encryption is not restricted. The Department is addressing this problem by proposing that other countries adopt the system as well.

However, the flaws in key escrow are greatly magnified as they extend across multiple countries. If one country imposes a requirement for government access, it legitimises corresponding demands by other countries, particularly those with poor records in human rights where encryption may be needed to protect people’s lives.

In the United States, key escrow with government access has been criticised by virtually every public interest group that has taken an interest in the subject. In addition to our protests:

• In March, 1997, the Organisation for Economic Co-operation and Development (OECD) rejected the U.S. proposal to make key escrow a policy. On March 27, 1997 the OECD issued cryptography recommendations that warn against “unjustified obstacles to international trade and the development of information and communications networks” and “legislation which limits user choice.”
• On May 15, 1996, 27 U.S. Representatives wrote the President asking him to drop key escrow.
• On July 24, 1996, key standard-setting bodies, the Internet Architecture Board (IAB) and the Internet Engineering Steering Group (IESG), rejected attempts to put private keys in the hands of government. These organisations are continuing to design international standards for high-quality privacy, integrity, and security that cannot be subverted by governments.
• The British Labour Party in their “Communicating Britain’s Future” manifesto has also rejected key escrow, preferring simply to make suspects decrypt documents under warrant.

The most secure form of digital transaction is one where the users choose their own keys and are responsible for managing the keys themselves. In some such systems, users’ “public” keys are published in order to make each user’s identity verifiable by any recipient. Normally the “private” keys are held securely by each user, never being revealed to anyone else. An organisation may choose to escrow its members’ private keys so that information cannot be lost to the whole organisation, though in contrast to most government-inspired escrow schemes, such keys would normally be “backed up” to another location inside the company rather than being given to an outside firm to guarantee government access. These practices can flourish without government intervention. To use licensing as a subterfuge to quietly undermine the privacy of citizens is intolerable.

TTPs are useful because they allow individuals and organizations that have no prior knowledge of each other to communicate with the assurance that neither is being impersonated. But this service should not be used as a Trojan horse in which to sneak a system under which the government can access the keys—a system that undermines trust.

We understand the public’s fear of terrorist violence, and certainly want to see it reduced. But outside of law enforcement agencies, most commentators have declared that the threat of increased terrorist or criminal activity is not so great as to justify the requirement that all members of society surrender their privacy.

Government attempts to impose key escrow are likely to eliminate privacy for the average citizen of the average country when communicating using telephones or computer-mediated networks. The rights of free speech, free association, personal privacy, financial privacy, private property, and doctor- and lawyer-client privilege, would all be weakened or eliminated. The role of digital transactions in our future is too important to permit such risks.

Cyber-Rights & Cyber-Liberties (UK)
CommUnity, The Computer Communicators Association (UK)
ALCEI - Electronic Frontiers Italy
American Civil Liberties Union
AUI (Association des Utilisateurs d’Internet) - France
CITADEL Electronic Frontier France
CommUnity, The Computer Communicators Association (UK)
Computer Professionals for Social Responsibility
EFF-Austin (Austin, Texas, USA)
Electronic Frontier Foundation
Electronic Frontiers Australia
Electronic Frontiers Ireland
Electronic Privacy Information Center
FrEE-Fronteras Electrónicas España (Electronic Frontiers Spain)
Freedom on the Internet (Switzerland)
NetAction
Privacy International
Stichting Digitale Burgerbeweging Nederland (Digital Citizens Foundation in the Netherlands)

Written by Andrew Oram, Computer Professionals for Social Responsibility. Contact information:

Andrew Oram
O’Reilly & Associates, Inc. (organisation for identification purposes only)
90 Sherman Street
Cambridge, MA 02140-3233
USA
phone: 1-617-499-7479
fax: 1-617-661-1116
email: andyo@oreilly.com

Back to Cyber Rights home page.