Skip to main content

EFFector - Volume 10, Issue 2 - Pro-CODE Bill Announced Today: Free Crypto From Cold-War Regs

EFFECTOR

EFFector - Volume 10, Issue 2 - Pro-CODE Bill Announced Today: Free Crypto From Cold-War Regs

=========================================================================
    ________________          _______________        _______________
   /_______________/\        /_______________\      /\______________\
   \\\\\\\\\\\\\\\\\/        |||||||||||||||||     / ////////////////
    \\\\\________/\          |||||________\       / /////______\
     \\\\\\\\\\\\\/____      ||||||||||||||      / /////////////
      \\\\\___________/\     |||||              / ////
       \\\\\\\\\\\\\\\\/     |||||              \////   e  c  t  o  r

=========================================================================
EFFector        Vol. 10, No. 02        Feb. 27, 1997       editor@eff.org
A Publication of the Electronic Frontier Foundation        ISSN 1062-9424

IN THIS ISSUE:

Pro-CODE Bill Announced Today:  Free Crypto From Cold-War Regs
An Open Letter to the Internet Community from Senator Burns
Upcoming Events
Quote of the Day
What YOU Can Do
Administrivia

 * See http://www.eff.org/hot.html or ftp.eff.org, /pub/Alerts/ for more
 information on current EFF activities and online activism alerts! *

----------------------------------------------------------------------


Subject: Pro-CODE Bill Announced Today:  Free Crypto From Cold-War Regs
-----------------------------------------------------------------------

Below is a joint advisory from CDT, EFF and VTW about the re-introduction
of Sen. Conrad Burns's "Pro-CODE" encryption export deregulation bill. EFF
commends Burns and co-sponsors for continuing to raise this issue in
Congress, and for their opposition to the Administration's obsolete (and
unconstitutional) policies.

Though EFF does not *endorse* this legislation (principally because it
may perpetuate a policy of excluding the public from government
decision-making on encryption policy), we do recognize and laud the
bill as an improvement over the status quo in almost all respects.
Pro-CODE would turn the current export process upside down, permitting
export of most encryption, and requiring reportage of an encryption
program's capabilities only *after* export. The bill also creates no new
or redundant crime categories.



                     PRO-CODE BILL ANNOUNCED TODAY
    BILL WOULD LIBERATE ENCRYPTION FROM ANTIQUATED COLD-WAR REGULATIONS

                          February 27, 1997

      Please widely redistribute this document with this banner
                    intact until March 15, 1997

            From the Center for Democracy and Technology (CDT),
              the Electronic Frontier Foundation (EFF), and
                 the Voters Telecommunication Watch (VTW)

________________________________________________________________________
CONTENTS
        The Latest News
        What You Can Do Now
        Background On Pro-CODE
        What's At Stake
        For More Information / Supporting Organizations

________________________________________________________________________
THE LATEST NEWS

Today, a bi-partisan group of seventeen United States Senators, led by
Conrad Burns (R-MT) and Patrick Leahy (D-VT), introduced the "Promotion
of Commerce Online in the Digital Era (Pro-CODE) Act", a bill designed
to promote privacy and security on the Internet by relaxing government
controls on encryption technologies.

Encryption technologies are the locks and keys of the Information age
-- enabling individuals and businesses to protect sensitive information
as it is transmitted over the Internet. Pro-CODE aims to enable this by
removing some of the regulations that currently prevent Americans from
using this technology.

A short summary of the bill and background on the encryption policy
debate are attached below, along with information on what you can do to
help ensure that Congress takes action on this important issue.

________________________________________________________________________
WHAT YOU CAN DO NOW

1. CALL THE Pro-CODE SPONSORS AND THANK THEM FOR THEIR EFFORTS

   Members of Congress tend to hear from their constituents only when
   they do something constituents don't like.  Today however, several
   Senators have taken a stand on an issue of critical importance to
   Internet users.  It's crucial that we encourage them with phone
   calls of support.

   If you live in any of the states listed below, please take a moment
   to give these Senators a call.

   Allard (R-CO)     Ashcroft (R-MO)     Boxer (D-CA)     Brownback (R-KS)
   Burns (R-MT)      Craig (R-ID)        Dominici (R-NM)  Dorgan (D-ND)
   Faircloth (R-NC)  Grahms (R-MN)       Hutchison (R-TX) Inhoffe (R-OK)
   Kempthorne (R-ID) Leahy (D-VT)        Lott (R-MS)      Murray (D-WA)
   Nickles (R-OK)    Thomas (R-WY)       Wyden (D-OR)

   Please take a moment to give these Senators a call.

        
        
        You:Senator Mojo's office please!
        Sen:Hello, Senator Mojo's office!

        You:

SAY     I heard that the Senator introduced Pro-CODE to add more privacy
on
THIS->  the Internet.  Please thank the Senator for me and I support
        efforts to fix antiquated encryption export laws.  I live in .

        Sen: Ok, thanks!

2. ADOPT YOUR LEGISLATOR

   If you were one of the thousands of people that have adopted their
   legislator at http://www.crypto.com/, you would have received a
   personalized letter telling you that your legislator announced his
   or her sponsorship of Pro-CODE today.

   These personalized letters contain all the phone numbers you need,
   and we'll send them to you any time your legislator takes any action
   that would have a significant impact on the net.

   The Adopt Your Legislator campaign is the most effective method of
   mobilizing grass-roots support available today.  Since late last
   year, VTW and CDT have been building a network of thousands of
   Internet users who are active and engaged in the fight for privacy
   and security on the Internet.

   By focusing our efforts on the constituents of specific legislators
   as well as on the net as a whole, we can ensure that members of
   Congress know that they have support within their district as well
   as throughout the Internet community.

   You can adopt your legislator at http://www.crypto.com/adopt/

________________________________________________________________________
BACKGROUND ON THE PRO-CODE BILL

The Promotion of Commerce Online in the Digital Era (Pro-CODE) Act is
similar to a bill introduced by Senators Burns (R-MT) and Leahy (D-VT)
last year (then S.1726).  Pro-CODE enjoyed broad bi-partisan support in
the Senate and was the subject of 3 hearings, including 2 which were
cybercast live on the Internet.

This year's Pro-CODE bill (no bill number yet available) is designed to
encourage the widespread availability of strong, easy-to-use encryption
technologies to protect privacy and security on the Internet.
Specifically, Pro-CODE would:

1. Encourage the widespread availability of strong privacy and security
   products by relaxing export controls on encryption technologies that
   are already available on the mass market or in the public domain.
   This would include popular programs like Pretty Good Privacy (PGP)
   and World Wide Web browsers like those made by Netscape and Microsoft.

   Current US encryption policy restricts export of encryption products
   with key-lengths of more than 40 bits.  A recent study by renowned
   cryptographers including Whit Diffie (one of the fathers of modern
   cryptography), Matt Blaze, and others concluded that 40 bits is
   "woefully inadequate" to protect personal and business communications.
   Over the last eighteen months, several examples of the weakness of
   40-bit encryption have been demonstrated by college students with
   spare personal computers.

2. Prohibit the federal government from imposing mandatory key-escrow or
   key-recovery encryption policies on the domestic market and limit the
   authority of the Secretary of Commerce to set standards for
   encryption products.

3. Require the Secretary of Commerce to allow the unrestricted export of
   other encryption technologies if products of similar strength are
   generally available outside the United States.

For more information on the Pro-CODE bill, background information on
efforts to pass encryption policy reform legislation last year, and
other materials please visit:

For more information, see the Encryption Policy Resource Page at
http://www.crypto.com/

________________________________________________________________________
WHAT'S AT STAKE

Encryption technologies are the locks and keys of the Information age
-- enabling individuals and businesses to protect sensitive information
as it is transmitted over the Internet. As more and more individuals
and businesses come online, the need for strong, reliable, easy-to-use
encryption technologies has become a critical issue to the health and
viability of the Net.

Current US encryption policy, which limits the strength of encryption
products US companies can sell abroad, also limits the availability of
strong, easy-to-use encryption technologies in the United States. US
hardware and software manufacturers who wish to sell their products on
the global market must either conform to US encryption export limits or
produce two separate versions of the same product, a costly and
complicated alternative.

The export controls, which the NSA and FBI argue help to keep strong
encryption out of the hands of foreign adversaries, are having the
opposite effect. Strong encryption is available abroad, but because of
the export limits and the confusion created by nearly four years of
debate over US encryption policy, strong, easy-to-use privacy and
security technologies are not widely available off the shelf or "on the
net" here in the US. Because of this policy problem, US companies are
now at a competitive disadvantage in the global marketplace.

All of us care about our national security, and no one wants to make it
any easier for criminals and terrorists to commit criminal acts. But we
must also recognize encryption technologies can also aid law
enforcement and protect national security by limiting the threat of
industrial espionage and foreign spying.

What's at stake in this debate is nothing less than the future of
privacy and the fate of the Internet as a secure and trusted medium for
commerce, education, and political discourse.

________________________________________________________________________
FOR MORE INFORMATION / SUPPORTING ORGANIZATIONS

This alert was brought to you by the Center for Democracy and
Technology, the Electronic Frontier Foundation, and the Voters
Telecommunications Watch.

http://www.cdt.org           http://www.eff.org       http://www.vtw.org

There are many excellent resources online to get up to speed on the
crypto issue including the following WWW sites:

           http://www.crypto.com       http://www.privacy.org

Please visit them often.    Press inquiries should be directed to:

 Jonah Seiger of CDT at jseiger@cdt.org or +1.202.637.9800
 Stanton McCandlish of EFF at mech@eff.org or  +1.415.436.9333
 Shabbir J. Safdar of VTW at shabbir@vtw.org or +1.917.978.8430 (beeper).

________________________________________________________________________
End alert

------------------------------


From: Conrad Burns 
Subject: An Open Letter to the Internet Community from Senator Burns
--------------------------------------------------------------------

February 27, 1997

Today I am pleased to announce that I have reintroduced legislation to
reform US encryption policy in a way that recognizes the realities of
the global information infrastructure and the need for strong privacy
and security protections on the Internet.   The "Promotion of Commerce
Online in the Digital Era (Pro-CODE) Act" would promote the growth of
electronic commerce, encourage the widespread availability of strong
privacy and security technologies for the Internet, and repeal the
cold war-era regulations limiting the export of encryption
technologies. The bill enjoys widespread support from both my
Republican and Democratic colleagues and was introduced with 20
cosponsors.

As a fellow Internet user, I am excited by the vast potential of the
Net to facilitate new forms of commerce and communication.  In order
for the Net to reach its potential as a trusted medium for personal
communications and proprietary business transactions however,
Internet users must have access to strong privacy and security
technologies.  Yet for years, the federal government has pursued an
encryption policy which has limited the availability of privacy and
security products -- leaving Internet users and businesses out in the 
cold.

Last year, the Pro-CODE bill (then S. 1726) received broad bipartisan
support in the Senate.  Internet users, rallying to the cry of "My
Lock, My Key," expressed their support for the bill in meetings
members of Congress in live interactive chat sessions.  Netizens also
participated in the first interactive online Senate hearings and
provided valuable testimony for the Committee on this issue.

Yet almost a year after Congress entered this critical Internet policy
debate, and despite the overwhelming call for encryption policy
reform, the Administration remains committed to an outdated and
unworkable approach to US Encryption policy.  In November of 1996, the
Administration announced yet another effort to reform US encryption
policy.  The proposal, which would allow the export of strong
encryption programs only if they include government-approved
"key-recovery" mechanisms, has met with uniform criticism from
Internet users, privacy experts, and the computer and communications
industry.

Current export controls are serving only to limit the availability of
privacy and security technologies for Internet users inside the US and
disadvantage US industry on the competitive global market, while doing
nothing to keep strong encryption out of the hands of foreign
adversaries.

By relaxing encryption export controls, the Pro-CODE bill will reform
US encryption policy in a way that recognizes the realities of the
information revolution and the competitive global marketplace.

The Internet community has been instrumental in helping to educate my
colleagues in the Congress about the importance of encryption policy
reform.  In the coming months I will need your help and support as
this bill makes its way through the legislative process.

As the bill moves forward, I want to invite you to take advantage of
several online resources set up to educate the Congress and the public
about the need for encryption policy reform.  You can find out more by
visiting my web page at http://www.senate.gov/~burns/.

Thank you for your support,

Conrad Burns
United States Senator
 or call 202-872-4200

Apr. 22-
     24 - CHICAGO, IL - DCI Internet Expo; the world's largest Internet,
          Web and email conference and exposition; comprehensive program
          will cover Web-enabled marketing, best practices for e-commerce
          and application development; San Jose Convention Center; also
          will be held February 18-20 at the San Jose Convention Center;
          email: ExpoReg@dciexpo.com
          URL: http://www.dciexpo.com

June 2-
     4  - American Society for Information Science 1997 Mid-Year Conference;  
          gathering will focus on privacy and security issues online; 
          Scottsdale Arizona; paper submissions due Nov. 1, 1996.
	  Contacts:
		Gregory B. Newby, Co-Chair GSLIS/UIUC
	  	 Tel: (217) 244-7365; Email: gbnewby@uiuc.edu
		Mark H. Needleman, Co chair UCOP
		 Tel: (510) 987-0530; Email: mhn@stubbs.ucop.edu
		Karla Petersen, Panel  Sessions
		 Tel: (312) 508-2657; Email: kpeter1@luc.edu
		Richard Hill, Executive Director, ASIS
		 Tel: (301) 495-0900; Email: rhill@cni.org
	  URL: http://www.asis.org

June 14-
     19 + CALGARY, CANADA
	  ED-MEDIA/ED-TELECOM 97--World Conference on Educational 
	  Multimedia and Hypermedia and World Conference on Educational 
	  Telecommunications are jointly held international conferences, 
	  organized by the Association for the Advancement of Computing 
	  in Education (AACE). These annual conferences serve as multi-
	  disciplinary forums for the discussion and dissemination of 
	  information on the research, development, and applications on all 
	  topics related to multimedia/hypermedia and distance education.  
	  We invite you to attend ED-MEDIA/ED-TELECOM 97 and submit proposals 
	  for papers, panels, roundtables, tutorials, workshops, 
	  demonstrations/posters, and SIG discussions. Proposals may be 
	  submitted in either hard copy (send 5 copies or fax 1 copy) 
	  or in electronic form.  Electronic proposals in the form of 
	  URL addresses or ASCII files (uncoded) are preferred.
	  Submission Deadline: Oct. 25, 1996; Send to:
	  Program Chairs
	  ED-MEDIA 97/AACE
	  P.O. Box 2966
	  Charlottesville, VA 22902, USA
	  E-mail: AACE@virginia.edu; Phone: 804-973-3987; Fax: 804-978-7449
	  URL: http://www.aace.org/conf/edmedia

June 19-
     20 - WASHINGTON, DC - CyberPayments '97
	  Conference will investigate issues of online commerce including
	  electronic cash and checks, credit cards, encryption systems 
	  and security products; Sheraton Washington Hotel, Washington, DC
	  For more information contact:
	  email: vinceiaboni@msn.com
	  tel: +1 216 464 2618 x228
	       +1 800 529 7375

June 20-
     21 + GLASGOW, SCOTLAND - International Symposium on Technology and 
	  Society 1997 (ISTAS'97): Technology and Society at a Time of 
	  Sweeping Change; University of Strathclyde in Glasgow, Scotland
	  ISTAS '97 aims to tackle questions of how advancements in 
	  technology are affecting the social and natural landscape;
	  ISTAS '97 Secretariat
	  Conference Services Department
	  The Institution of Electrical Engineers
	  Savoy Place
	  London WC2R 0BL
	  UK
	  Tel: + 44(0)171 344 5469/8425
	  Fax: +44 (0)171 240 8830
	  E-mail: ISTAS@iee.org.uk
	  URL: http://www.iee.org.uk/LSboard/Conf/call_for/istas97.htm

June 22-
     25 + TORONTO - GLOBAL KNOWLEDGE '97; given the vital role of
          knowledge in economic and social development, and the
          opportunities and challenges posed by new information
          and communication technologies, how can developing countries,
          and particularly the world's poor, access and harness knowledge
          for development, so as to promote empowerment, enable life-long
          learning, and reduce poverty?
          URL: http://www.bvx.ca/ict/gk97.htm
          Conference Secretariat
          The World Bank Economic Development Institute
          1818 H Street, NW, M7-075
          Washington, DC 20433 USA
          Tel: 202-473-6442
          Fax: 202-676-0858
          E-mail: GlobalKnowledge@worldbank.org
          Alain Brousseau
          Phone: (819) 997-6849
          Fax: (819) 953-6356
          E-mail: alain_brousseau@acdi-cida.gc.ca

July 13-
     17 - ACUTA 26th Annual Conference; Atlanta, Georgia.
          Contact: +1 606 278 3338 (voice)

Aug. 24 + NAGOYA, JAPAN - IJCAI-97 Workshop on AI in Digital Libraries: 
	  Moving From Chaos to (More) Order; Nagoya Congress Center, 
	  Nagoya, Japan;
          URL: http://www.dlib.com/people/innes/aiindl/cfp.html

Sep. 7 -
     11 + LANCASTER, UK - ECSCW'97, the Fifth European Conference on 
	  Computer Supported Cooperative Work; deadline for paper 
	  submissions is January 13, 1997; papers must contain an abstract 
	  of not more than 100 words and not exceed 16 pages in length; full 
	  formatting instructions are available from
	  http://www.comp.lancs.ac.uk/computing/research/cseg/ecscw97/papers/
	  queries: ecscw97-papers@comp.lancs.ac.uk
	  for more information:
	  snail mail: ECSCW'97 Conference Office
		      Computing Department
		      Lancaster University
		      Lancaster  LA1 4YR  UK
	  URL: http://www.comp.lancs.ac.uk/computing/research/cseg/ecscw97/
	  email: ecscw97@comp.lancs.ac.uk

Sep. 12-
     14   SAN DIEGO - Association of Online Professionals Annual 
	  Conference; sysop trade association's yearly gathering to 
	  discuss issues of relevance to the industry
	  URL: http://www.aop.org/confrnc.html

Sep. 25-
     27 + PRAGUE, CZECHOSLOVAKIA - RUFIS'97: Role of Universities in the
          Future Information Society; Czech Technical University, Prague,
          Czechoslovakia; to obtain a registration form, please, send an
          empty e-mail message to:
          rufis-call@mail.vc.cvut.cz
          Karel Kveton
          UNESCO International Centre for Scientific Computing
          Czech Technical University - Prague
          Computing Centre
          Zikova 4, 166 35 Prague 6
          Phone: + 42 2 2431 0369, fax: + 42 2 311 7529
          e-mail: kveton@vc.cvut.cz
          URL: http://www.cvut.cz/RUFIS97

Oct. 7-
     10 + BEIJING, CHINA - '97 China Database: Electronic Publications 
	  & Software Exhibition; Beijing International Convention Center
	  Contact: Mr. Cheng Bin and Ms. Hu Yongning
	  Beijing Evertrust Exposition Co. Ltd.
	  15 Fuxing Road, Beijing, China
	  Post code: 100038
	  Tel: +86-10-68514007
	  Fax: +86-10-68537092
	  URL: http: // www.sti.ac. cn/Exhibition/ invi.htm
	  E-mail: expo@istic.sti.ac.cn

Oct. 28-
     31 - EDUCOM '97; Minneapolis-St. Paul, Minnesota.
          Contact: +1 202 872 4200 (voice)
          Email: conf@educom.edu

Dec. 1  - Computer Security Day (started by Washington DC chapter of the
          Assoc. for Computing Machinery, to "draw attention to computer
          security during the holdiay season when it might otherwise become
          lax."   

------------------------------


Subject: Quote of the Day
-------------------------

"Moderation in temper is always a virtue; moderation in principle is
always a vice."
  - Thomas Paine

Find yourself wondering if your privacy and freedom of speech are safe 
when bills to censor the Internet are swimming about in a sea of of 
surveillance legislation and anti-terrorism hysteria?  Worried that in 
the rush to make us secure from ourselves that our government 
representatives may deprive us of our essential civil liberties? 
Concerned that legislative efforts nominally to "protect children" will 
actually censor all communications down to only content suitable for 
the playground?  Alarmed by commercial and religious organizations abusing
the judicial and legislative processes to stifle satire, dissent and 
criticism?

Join EFF!   
http://www.eff.org/join (or send any message to info@eff.org).

Even if you don't live in the U.S., the anti-Internet hysteria will soon 
be visiting a legislative body near you.  If it hasn't already.


------------------------------

Subject: What YOU Can Do
------------------------

* Keep and eye on your local legislature/parliament
All kinds of wacky censorious legislation is turning up at the US state 
and non-US national levels.  Don't let it sneak by you - or by the 
online activism community. Without locals on the look out, it's very 
difficult for the Net civil liberties community to keep track of what's 
happening locally as well as globally.


* Inform your corporate government affairs person or staff counsel
if you have one. Keep them up to speed on developments you learn of,
and let your company's management know if you spot an issue that warrants
your company's involvement.


* Find out who your congresspersons are

Writing letters to, faxing, and phoning your representatives in Congress
is one very important strategy of activism, and an essential way of
making sure YOUR voice is heard on vital issues.

If you are having difficulty determining who your US legislators are,
try contacting your local League of Women Voters, who maintain a great 
deal of legislator information, or consult the free ZIPPER service
that matches Zip Codes to Congressional districts with about 85%
accuracy at:
http://www.stardot.com/~lukeseem/zip.html

Computer Currents Interactive has provided Congress contact info, sorted 
by who voted for and against the Communications Decency Act:
http://www.currents.net/congress.html (NB: Some of these folks have, 
fortunately, been voted out of office.)


* Join EFF!

You *know* privacy, freedom of speech and ability to make your voice heard
in government are important. You have probably participated in our online
campaigns and forums.  Have you become a member of EFF yet?  The best way to
protect your online rights is to be fully informed and to make your
opinions heard.  EFF members are informed and are making a difference.  Join
EFF today!

For EFF membership info, send queries to membership@eff.org, or send any
message to info@eff.org for basic EFF info, and a membership form.

------------------------------


Administrivia
=============

EFFector is published by:

The Electronic Frontier Foundation
1550 Bryant St., Suite 725
San Francisco CA 94103 USA
+1 415 436 9333 (voice)
+1 415 436 9993 (fax)
Membership & donations: membership@eff.org
Legal services: ssteele@eff.org
General EFF, legal, policy or online resources queries: ask@eff.org

Editor: Stanton McCandlish, Program Director/Webmaster (mech@eff.org)

This newsletter is printed on 100% recycled electrons.

Reproduction of this publication in electronic media is encouraged.  Signed
articles do not necessarily represent the views of EFF.  To reproduce
signed articles individually, please contact the authors for their express
permission. Press releases and EFF announcements may be reproduced individ-
ually at will.

To subscribe to EFFector via email, send message body of "subscribe
effector-online" (without the "quotes") to listserv@eff.org, which will add
you to a subscription list for EFFector.

Back issues are available at:
ftp.eff.org, /pub/EFF/Newsletters/EFFector/
gopher.eff.org, 1/EFF/Newsletters/EFFector
http://www.eff.org/pub/EFF/Newsletters/EFFector/

To get the latest issue, send any message to effector-reflector@eff.org (or
er@eff.org), and it will be mailed to you automagically.  You can also get
the file "current" from the EFFector directory at the above sites at any 
time for a copy of the current issue.  HTML editions available at:
http://www.eff.org/pub/EFF/Newsletters/EFFector/HTML/ 
at EFFweb.

------------------------------





End of EFFector Online v10 #02 Digest
*************************************

$$

Back to top

JavaScript license information