Jacking in from the Narco-Terrorist Encryption Port:

Washington, DC -- The other shoe has dropped. Several times.

In the political backlash and emotional fallout of the bombing of of the federal building in Oklahoma City, FBI Director Louis Freeh has begun to wage his own private war on the use of private, encryption schemes.

According to Administration sources, several different proposals are now being discussed on how to implement a policy of government mandated, government "certified" encryption. The most hardline of these proposals would outlaw the public's ability to choose an encryption scheme which the government couldn't break, under the authority of a court order.

Freeh has left no doubts about his intentions. Not satisfied with a proposal he successfully rammed through Congress last year -- the bill that gives law enforcement agencies "easy wiretap access" to digital conversations, at a cost of $500 million in taxpayer money -- his next target is private encryption.

During an appropriations hearing May 11th, Freeh told a congressional panel: "[W]e're in favor of strong encryption, robust encryption. The country needs it, industry needs it. We just want to make sure we have a trap door and key under some judge's authority where we can get there if somebody is planning a crime."

That means an end to private, non-government encryption, which don't have keys the government can use.

Private encryption schemes allow a person to scramble an electronic message that, if intercepted by an unintended party, renders it unreadable. These scrambling programs are useful from to a wide range of people and interests, including researchers that want to keep their proprietary breakthroughs safe from prying eyes to corporations sending trade secrets to a distant office across the Net to ordinary folks sending a steamy love letter to a lover.

But these same encryption programs are being used by "terrorists and international drug traffickers," as well, claims FBI Director Freeh, and that makes private encryption schemes a threat to national security.

Freeh's crusade against encryption has been enjoined by members of the Justice Department, with the gleeful back alley goading the nation's top spook group, the National Security Agency.

And when it comes right down to it, your privacy rights don't stand a snowball's chance in hell of outweighing pictures of dead babies or pieces of dead babies.

During an April 27th Senate Judiciary Committee on terrorism, Freeh boldly told a panel of lawmakers eager to give his agency more latitude to "catch the bad guys" (and civil rights violations be damned... as long as we don't have to watch the guts of little kids being splattered on steel girders and broken concrete...): "The FBI cannot and should not tolerate any individuals or groups... which would kill innocent Americans, which would kill 'America's kids.'"

To meet the "challenges of terrorism," Freeh said, several things must be done, among them, deal with "encryption capabilities available to criminals and terrorists" because such technology endangers "the future usefulness of court-authorized wiretaps. This problem must be resolved."

While Freeh used the Oklahoma City bombing as convenient "news hook" to again make a pitch to "resolve" the private encryption "problem," the Director was basically reading from a dog-eared script. Within the last 3 months he repeatedly has testified publicly before Congress about the "evils" of encryption.

On March 30 the House Judiciary Committee's Subcommittee on Crime he said: "Even though access is all but assured [by the passage of the Digital Wiretap Act] an even more difficult problem with court-authorized wiretaps looms. Powerful encryption is becoming commonplace. The drug cartels are buying sophisticated communications equipment.... This, as much as any issue, jeopardizes the public safety and national security of this country. Drug cartels, terrorists, and kidnappers will use telephones and other communications media with impunity knowing that their conversations are immune from our most valued investigative technique."

Then during a May 3 appearance before the same Committee, Freeh said: "Encryption capabilities available to criminals and terrorists, both now and in days to come, must be dealt with promptly. We will not have an effective counterterrorism counterterrorism strategy if we do not solve the problem of encryption."

But there's nothing to be alarmed at here, according to Freeh. Just because he's asking the Congress and the White House to strip you of the right to choose how you scramble your messages, using a program that the government doesn't hold all the keys too, doesn't mean that the Director isn't a sensitive guy or that he has suddenly taken a liking to wearing jackboots.

Freeh steadfastly maintains all these new powers he's asking for are simply "tools" and "not new authorities." These new powers are "well within the Constitution," Freeh told Congress.

Freeh hasn't publicly outlined just how he proposes to "resolve" the "encryption problem." However, according to an FBI source, several plans are in the works. The source refused to detail any specific plan, but added: "Let's just say everything is on the table." Does that include outlawing private encryption schemes? "I said 'everything,'" the source said.

The encryption debate has been raging for years. Two years ago the Clinton Administration unveiled a new policy in which it proposed to flood the market with its own home-grown encryption devices -- a product of the National Security Agency -- called the "Clipper Chip."

The Clipper is based on a "key-escrow" system. Two government agencies would hold the keys "in escrow", which are uique to each chip, in a kind of "data vault." Any time the FBI-- or your local sheriff -- wanted to tap your phone conversations, they would have to ask a judge to give the two government agencies to turn over the keys to you Clipper chip. With those keys, the FBI could then unscramble any of your conversations at will.

That policy raised a huge firestorm of controversy and the Clipper sunk from sight, down, but not out. The intent of the White House, acting as a front man for the NSA and other intelligence agencies along with the FBI, was to have Americans adopt Clipper voluntarily. The FBI took it on good faith -- and I'm not joking here -- that criminals, too, would buy Clipper equipped phones, allowing the government to easily unscramble their wiretapped conversations.

Why would criminals knowingly use a device they knew the government could easily tap? "Because criminals are stupid," was the FBI's party line. No, I'm not making this up.

The "voluntary" aspect didn't stop the controversy. Indeed, buried in the Administration's own background briefing papers on the Clipper was the no nonsense statement that the Administration, after reviewing the Constitution, had determined that "American's have no Constitutional right to choose their own method of encryption." Call it a peremptory strike on privacy.

The end of freely chosen encryption comes as no surprise to Jim Dempsey, currently the executive director of the Center for National Security Studies. Dempsey, you might remember, walked point for former Congressman Don Edwards during last year's tussle over the FBI's Digital Wiretap access bill. Dempsey, in fact was one of the bill's principal authors. "I always felt [the Administration] had to know they would ultimately go to [some kind of government] mandatory encryption scheme," Dempsey said. "I don't think it's a big leap for the government to think of private encryption like they do kiddie porn."

An NSA source, when questioned about his agency's role in the process, was reluctant to speak. He did say that Clipper was merely "Act One" of a "Three part play." Pressed for further details, he said, "do your own homework."

During the Senate Subcommittee on Terrorism hearing May 11, Robert Litt, deputy assistant attorney general for the Criminal Division of Justice, said the "widespread use of reliable, strong encryption that allows government access, with appropriate restrictions... is designed to achieve" a "delicate balance" between privacy rights and law enforcement needs.

When Dispatch asked Litt to elaborate, he said his comments refereed to the use of the Clipper Chip. But what if criminals bypass Clipper, using private encryption schemes, such as those now being decried by Freeh? "If one solution doesn't work, then we have to go to the next step," he said. Is that next step the outlawing of private encryption? Litt smiled and repeated his answer.

Dispatch has learned that one proposal being seriously discussed would, indeed, outlaw all private, non-government approved encryption schemes. Here's how the government plan breaks out, according to sources familiar with the proposal:

  1. The government would "certify" a few so-called "Commercial Key-Escrow" programs. These are similar in design to the government's Clipper Chip, but industry would hold the keys and some of these systems might not be classified, as is the software underlying Clipper. However, the companies producing such "certified" programs could claim trade secrets, not allowing the public access the underlying programs.

  2. The government, tossing a bone to industry, would lift export controls on all "certified" encryption programs. Currently, it's against the law to export encryption programs, as they are controlled by the State Department under the same classification as munitions.

  3. The use of government certified encryption would become a federal mandate, making it illegal to use private encryption schemes that had not passed the "certification" test.
The plans are "still really liquid," said an Administration source. "We all know what a bitch this going to be trying to sell it to the selling public," he said. "The flashpoint potential of this idea isn't lost on anyone."

The Administration is hoping the public will buy off on the fact that: (1) It's private industry holding the keys, not government agencies. (2) The availability of "choice" amog several different vendors will squash the imagery of Big Brother.

Expect the rise of an off-shore, black market "encryption" trade. It will surely come. And it will have to be a black market; the FBI has already gone around the world preaching the evils of private encryption, trying to get other law enforcement groups to push for outlawing such programs in their own countries. And they already have a convert: Russia. That country recently adopted such a policy... nice to know we're following in Mr. Yeltsin's footsteps.

Meeks out...


Copyright © 1995 CyberWire Dispatch / Brock N. Meeks <brock@well.com>