Marc Rotenberg's testimony before Markey committee
On June 9, 1993, Congressman Edward Markey, Chairman of the
House Subcommittee on Telecommunications and Finance held an oversight
hearing on encryption and telecommunications network security.
Panelists were Whitfield Diffie of Sun Microsystems, Dr. Dorothy
Denning, Steven Bryen of Secure Communications, Marc Rotenberg of the
CPSR Washington Office and E.R. Kerkeslager of AT&T.
Congressman Markey, after hearing the testimony presented,
noted that the Clipper proposal had raised an arched eyebrow among the
whole committee and that the committee viewed the proposal
skeptically. This statement was the latest indication that the Clipper
proposal has not been well recieved by policy makers. Last Friday, the
Computer Systems Security and Privacy Advisory Board of NIST issued two
resolutions critical of the encryption plan, suggesting that further
study was required and that implementation of the plan should be
delayed until the review is completed.
At the Third CPSR Cryptography and Privacy Conference on
Monday, June 7, the Acting Director of NIST, Raymond Kammer, announced
that the implementation of the proposal will be delayed and that a more
comprehensive review will be undertaken. The review is due in the fall.
Kammer told the Washington Post that maybe we won't continue in the
direction we started out.
Prepared Testimony
and
Statement for the Record
of
Marc Rotenberg, director
CPSR Washington Office
on
Encryption Technology and Policy
Before
The Subcommittee on Telecommunications and Finance.
Committee on Energy and Commerce
U.S. House of Representatives
June 9, 1993
Summary
The cryptography issue is of particular concern to CPSR.
During the past several years CPSR has pursued an extensive study of
cryptography policy in the United States. CPSR has organized public
conferences, conducted litigation under the Freedom of Information Act,
and has emphasized the importance of cryptography for privacy
protection and the need to scrutinize carefully government proposals
designed to limit the use of this technology.
To evaluate the Clipper proposal it is necessary to look at a
1987 law, the Computer Security Act, which made clear that in the area
of unclassified computing systems, the National Institute of Standards
and Technology (NIST) and not the National Security Agency (NSA), would
be responsible for the development of technical standards. The Act
emphasized public accountability and stressed open decision-making.
In the spirit of the Act, in 1989 NIST set out to develop a
public key cryptography standard. According to documents obtained by
CPSR through the Freedom of Information Act, NIST recommended that the
algorithm be "public, unclassified, implementable in both hardware or
software, usable by federal Agencies and U.S. based multi-national
corporation." However, the Clipper proposal and the full-blown Capstone
configuration that resulted is very different: the Clipper algorithm,
Skipjack, is classified; public access to the reasons underlying the
proposal is restricted; Skipjack can be implemented only in
tamper-proof hardware; it is unlikely to be used by multi-national
corporations, and the security of Clipper remains unproven.
The Clipper proposal undermines the central purpose of the
Computer Security Act. Although intended for broad use in commercial
networks, it was not developed at the request of either U.S. business
or the general public. It does not reflect public goals.
The premise of the Clipper key escrow arrangement is that the
government must have the ability to intercept electronic
communications. However, there is no legal basis to support this
premise. In law there is nothing inherently illegal or suspect about
the use of a telephone. The federal wiretap statute says only that
communication service providers must assist law enforcement execute a
lawful warrant.
CPSR supports the review of cryptography policy currently
underway at the Department of Commerce. CPSR also supports the efforts
undertaken by the Subcommittee on Telecommunications and Finance to
study the full ramifications of the Clipper proposal. However, we are
not pleased about the review now being undertaken at the White House.
That effort has led to a series of secret meetings, has asked that
scientists sign non-disclosure agreements and accept restrictions on
publication, and has attempted to resolve public concerns through
private channels. This is not a good process for the evaluation of a
technology that is proposed for the public switched network.
Even if the issues regarding Clipper are resolved favorably,
privacy concerns will not go away. Rules still need to be developed
about the collection and use of transactional data generated by
computer communications. Several specific steps should be taken.
First, the FCC should be given a broad mandate to pursue privacy
concerns. Second, current gaps in the communications law should be
filled. The protection of transactional records is particularly
important. Third, telecommunications companies should be encouraged to
explore innovative ways to protect privacy. "Telephone cards", widely
available in other countries, are an ideal way to protect privacy.
Testimony
Mr. Chairman, members of the Subcommittee, thank you for the
opportunity to testify today on encryption policy and the Clipper
proposal. I especially wish to thank you Congressman Markey, on behalf
of CPSR, for your ongoing efforts on the privacy front as well as your
work to promote public access to electronic information.
The cryptography issue is of particular concern to CPSR.
During the past several years we have pursued an extensive study of
cryptography policy in the United States. We have organized several
public conferences, conducted litigation under the Freedom of
Information Act, and appeared on a number of panels to discuss the
importance of cryptography for privacy protection and the need to
scrutinize carefully government proposals designed to limit the use of
this technology.
While we do not represent any particular computer company or
trade association we do speak for a great many people in the computer
profession who value privacy and are concerned about the government's
Clipper initiative.
Today I will briefly summarize our assessment of the Clipper
proposal. Then I would like to say a few words about the current
status of privacy protection.
Clipper
To put the Clipper proposal in a policy context, I will need to
briefly to describe a law passed in 1987 intended to address the roles
of the Department of Commerce and the Department of Defense in the
development of technical standards. The Computer Security Act of 1987
was enacted to improve computer security in the federal government, to
clarify the responsibilities of the National Institute of Standards and
Technology (NIST) and the National Security Agency, and to ensure that
technical standards would serve civilian and commercial needs.
The law made clear that in the area of unclassified computing
systems, NIST and not NSA, would be responsible for the development of
technical standards. It emphasized public accountability and stressed
open decision-making. The Computer Security Act also established the
Computer System Security and Privacy Advisory Board (CSSPAB), charged
with reviewing the activities of NIST and ensuring that the mandate of
the law was enforced.
The Computer Security Act grew out of a concern that classified
standards and secret meetings would not serve the interests of the
general public. As the practical applications for cryptography have
moved from the military and intelligence arenas to the commercial
sphere, this point has become clear. There is also clearly a conflict
of interest when an agency tasked with signal interception is also
given authority to develop standards for network security.
In the spirit of the Computer Security Act, NIST set out in
1989 to develop a public key standard FIPS (Federal Information
Processing Standard). In a memo dated May 5, 1989, obtained by CPSR
through the Freedom of Information Act, NIST said that it planned:
to develop the necessary public-key based security standards. We
require a public-key algorithm for calculating digital signatures and
we also require a public-key algorithm for distributing secret keys.
NIST then went on to define the requirements of the standard:
The algorithms that we use must be public, unclassified, implementable
in both hardware or software, usable by federal Agencies and U.S. based
multi-national corporation, and must provide a level of security
sufficient for the protection of unclassified, sensitive information
and commercial propriety and/or valuable information.
The Clipper proposal and the full-blown Capstone configuration,
which incorporates the key management function NIST set out to develop
in 1989, is very different from the one originally conceived by NIST.
The Clipper algorithm, Skipjack, is classified,
Public access to the reasons underlying the proposal is restricted,
Skipjack can be implemented only in tamper-proof hardware,
It is Unlikely to be used by multi-national corporations, and
The security of Clipper remains unproven.
The Clipper proposal undermines the central purpose of the
Computer Security Act. Although intended for broad use in commercial
networks, it was not developed at the request of either U.S. business
or the general public. It does not reflect public goals. Rather it
reflects the interests of one secret agency with the authority to
conduct foreign signal intelligence and another government agency
responsible for law enforcement investigations.
Documents obtained by CPSR through the Freedom of Information
Act indicate that the National Security Agency dominated the meetings
of the joint NIST/NSA Technical Working group which made
recommendations to NIST regarding public key cryptography, and that a
related technical standard for message authentication, the Digital
Signature Standard, clearly reflected the interests of the NSA.
We are still trying to determine the precise role of the NSA in
the development of the Clipper proposal. We would be pleased to
provide to the Subcommittee whatever materials we obtain.
Legal and Policy Issues
There are also several legal and constitutional issues raised
by the government's key escrow proposal. The premise of the Clipper
key escrow arrangement is that the government must have the ability to
intercept electronic communications, regardless of the economic or
societal costs. The FBI's Digital Telephony proposal, and the earlier
Senate bill 266, were based on the same assumption.
There are a number of arguments made in defense of this
position: that privacy rights and law enforcement needs must be
balanced, or that the government will be unable to conduct criminal
investigations without this capability.
Regardless of how one views these various claims, there is one
point about the law that should be made very clear: currently there is
no legal basis -- in statute, the Constitution or anywhere else --
that supports the premise which underlies the Clipper proposal. As the
law currently stands, surveillance is not a design goal. General
Motors would have a stronger legal basis for building cars that could
go no faster than 65 miles per hour than AT&T does in marketing a
commercial telephone that has a built-in wiretap capability. In law
there is simply nothing about the use of a telephone that is inherently
illegal or suspect.
The federal wiretap statute says only that communication
service providers must assist law enforcement in the execution of a
lawful warrant. It does not say that anyone is obligated to design
systems to facilitate future wire surveillance. That distinction is
the difference between countries that restrict wire surveillance to
narrow circumstances defined in law and those that treat all users of
the telephone network as potential criminals. U.S. law takes the first
approach. Countries such as the former East Germany took the second
approach. The use of the phone system by citizens was considered
inherently suspect and for that reason more than 10,000 people were
employed by the East German government to listen in on telephone calls.
It is precisely because the wiretap statute does not contain
the obligation to incorporate surveillance capability -- the design
premise of the Clipper proposal -- that the Federal Bureau of
Investigation introduced the Digital Telephony legislation. But that
legislation has not moved forward and the law has remained unchanged.
The Clipper proposal attempts to accomplish through the
standard-setting and procurement process what the Congress has been
unwilling to do through the legislative process.
On legal grounds, adopting the Clipper would be a mistake.
There is an important policy goal underlying the wiretap law. The
Fourth Amendment and the federal wiretap statute do not so much balance
competing interests as they erect barriers against government excess
and define the proper scope of criminal investigation. The purpose of
the federal wiretap law is to restrict the government, it is not to
coerce the public.
Therefore, if the government endorses the Clipper proposal, it
will undermine the basic philosophy of the federal wiretap law and the
fundamental values embodied in the Constitution. It will establish a
technical mechanism for signal interception based on a premise that has
no legal foundation. The assumption underlying the Clipper proposal is
more compatible with the practice of telephone surveillance in the
former East Germany than it is with the narrowly limited circumstances
that wire surveillance has been allowed in the United States.
Unanswered Questions
There are a number of other legal issues that have not been
adequately considered by the proponents of the key escrow arrangement
that the Subcommittee should examine. First, not all lawful wiretaps
follow a normal warrant process. The proponents of Clipper should make
clear how emergency wiretaps will be conducted before the proposal goes
forward. Second, there may be civil liability issues for the escrow
agents, if they are private parties, if there is abuse or compromise of
the keys. Third, there is a Fifth Amendment dimension to the proposed
escrow key arrangement if a network user is compelled to disclose his
or her key to the government in order to access a communications
network. Each one of these issues should be examined carefully.
CPSR conference
At a conference organized by CPSR this week at the Carnegie
Endowment for International Peace we heard presentations from staff
members at NIST, FBI, NSA and the White House about the Clipper
proposal. The participants at the meeting had the opportunity to ask
questions and to exchange views.
Certain points now seem clear:
The Clipper proposal was not developed in response to any
perceived public or business need. It was developed solely to address
a law enforcement concern.
Wire surveillance remains a small part of law enforcement
investigations. The number of arrests resulting from wiretaps has
remained essentially unchanged since the federal wiretap law was enacted
in 1968.
The potential risks of the Clipper proposal have not been
assessed and many questions about the implementation remain unanswered.
Clipper does not appear to have the support of the business or
research community.
Many comments on the Clipper proposal, both positive and
negative as well the materials obtained by CPSR through the Freedom of
Information Act, are contained in the Source book compiled by CPSR for
the recent conference. I am please to make a copy of this available to
the Subcommittee.
Network Privacy Protection
Communications privacy remains a critical test for network
development. Networks that do not provide a high degree of privacy are
clearly less useful to network users. Given the choice between a
cryptography product without a key escrow and one with a key escrow, it
would be difficult to find a user who would prefer the key escrow
requirement. If this proposal does go forward, it will not be because
network users or commercial service providers favored it.
Even if the issues regarding the Clipper are resolved
favorably, privacy concerns will not go away. Cryptography is a part
of communications privacy, but it is only a small part. Rules still
need to be developed about the collection and use of transactional data
generated by computer communications. While the federal wiretap law
generally does a very good job of protecting the content of
communications against interception by government agencies, large holes
still remain. The extensive use of subpoenas by the government to
obtain toll records and the sale of telephone records by private
companies are just two examples of gaps in current law.
The enforcement of privacy laws is also a particularly serious
concern in the United States. Good laws without clear mechanisms for
enforcement raise over-arching questions about the adequacy of legal
protections in this country. This problem is known to those who have
followed developments with the Privacy Act since passage in 1974 and
the more recent Video Privacy and Protection Act of 1988. I make this
point because it has been the experience in other countries that
agencies charged with the responsibility for privacy protection can be
effective advocates for the public in the protection of personal
privacy.
Recommendations
Regarding the Clipper proposal, we believe that the national
review currently underway by the Computer Security and Privacy Advisory
Board at the Department of Commerce will be extremely useful and we
look forward to the results of that effort. The Panel has already
conducted a series of important open hearings and compiled useful
materials on Clipper and cryptography policy for public review.
We are also pleased that the Subcommittee on Telecommunications
and Finance has undertaken this hearing. This Subcommittee can play a
particularly important role in the resolution of these issues. We also
appreciate the Chairman's efforts to ensure that the proper studies are
undertaken, that the General Accounting Office fully explores these
issues, and that the Secretary of Commerce carefully assesses the
potential impact of the Clipper proposal on export policy.
We are, however, less pleased about the White House study
currently underway. That effort, organized in large part by the
National Security Council, has led to a series of secret meetings, has
asked that scientists sign non-disclosure agreements and accept
restrictions on publication, and has attempted to resolve public
concerns through private channels. This is not a good process for the
evaluation of a technology that is proposed for the public switched
network. While we acknowledge that the White House has been reasonably
forthcoming in explaining the current state of affairs, we do not think
that this process is a good one.
For these reasons, we believe that the White House should
properly defer to the recommendations of the Computer System Security
and Privacy Advisory Board and the Subcommittee on Telecommunications
and Finance. We hope that no further steps in support of the Clipper
initiative will be taken. We specifically recommend that no further
purchase of Clipper chips be approved.
Speaking more generally, we believe that a number of steps
could be taken to ensure that future communications initiatives could
properly be viewed as a boost to privacy and not a set-back.
The FCC must be given a strong mandate to pursue privacy
concerns. There should be an office specifically established to
examine privacy issues and to prepare reports. Similar efforts in
other countries have been enormously successful. The Japanese Ministry
of Post and Telecommunications developed a set of privacy principles to
ensure continued trade with Europe. The Canada Ministry of
Communications developed a set of communications principles to address
public concerns about the privacy of cellular communications. In
Europe, the EC put forward an important directive on privacy protection
for the development of new network services.
Current gaps in the communications law should be filled. The
protection of transactional records is particularly important.
Legislation is needed to limit law enforcement access to toll record
information and to restrict the sale of data generated by the use of
telecommunication services. As the network becomes digital, the
transaction records associated with a particular communication may
become more valuable than the content of the communication itself.
Telecommunications companies should be encouraged to explore
innovative ways to protect privacy. Cryptography is a particular
method to seal electronic communications, but far more important for
routine communications could be anonymous telephone cards, similar to
the metro cards here in the District of Columbia, that allow consumers
to purchase services without establishing accounts, transferring
personal data, or recording personal activities. Such cards are widely
available in Europe, Japan, and Australia.
I thank you very much for the opportunity to appear before the
Subcommittee and would be pleased to answer your questions Computer
Professionals for Social Responsibility
CPSR is a national membership organization, established in 1981, to address the social impact of computer technology. There are members worldwide. It's office is in Palo Alto, California. The organization is governed by a board of elected officers and meetings are open to the public. CPSR sponsors an annual meeting and the biennial conference on Directions and Implications of Advanced Computing. CPSR sponsored the first conference on Computers, Freedom, and Privacy in 1991. CPSR also operated the Internet Library at cpsr.org. The library contains documents from the White House on technology policy and a wide range of public laws covering privacy, access to information, and communications law and is available free of charge to all users of the Internet.
As of June 1993:
Marc Rotenberg is the director of the CPSR Washington office and an adjunct professor at Georgetown University Law Center. He is chairman of the ACM Committee on Scientific Freedom and Human Rights, an editor for the Computer Law and Security Report (London), and the secretary of Privacy International, an organization of human rights advocates and privacy scholars in forty countries. He received an A.B. from Harvard College and a J.D. from Stanford Law School, and is a member of the bar of the United States Supreme Court. His forthcoming article "Communications Privacy: Implications for Network Design" will appear in the August 1993 issue of Communications of the ACM.