--- begin forwarded text Date: Thu, 16 Sep 1999 15:32:09 -0400 To: [EMAIL PROTECTED] From: David Farber <[EMAIL PROTECTED]> Subject: IP: Statement By The Press Secretary: Administration Announces New Approach to Encryption Sender: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] > > THE WHITE HOUSE > > Office of the Press Secretary >___________________________________________________________________________ > ________________ >For Immediate Release >September 16, 1999 > > > STATEMENT BY THE PRESS SECRETARY > > Administration Announces New Approach to Encryption > > One year ago today, Vice President Gore announced updates to the >Administration?s encryption policy to serve the full range of national >interests: promoting electronic commerce, supporting law enforcement and >national security, and protecting privacy. The announcement permitted the >export of strong encryption to protect sensitive information in the >financial, health, medical, and electronic commerce sectors. It also >included support for the continued ability of the nation?s law enforcement >community to access, under strictly defined legal procedures, the plain >text of criminally related communications and stored information. At that >time the Administration committed to reviewing its policy in one year. >Today, the Administration announces the results of that review, conducted >in consultation with industry and privacy groups and the Congress. > > The strategy announced today continues to maintain the balance among >privacy, commercial interests, public safety and national security. This >approach is comprised of three elements ? information security and privacy, >a new framework for export controls, and updated tools for law enforcement. >First, the strategy recognizes that sensitive electronic information ? >government, commercial, and privacy information -- requires strong >protection from unauthorized and unlawful access if the great promise of >the electronic age is to be realized. Second, it protects vital national >security interests through an updated framework for encryption export >controls that also recognizes growing demands in the global marketplace for >strong encryption products. Finally, it is designed to assure that, as >strong encryption proliferates, law enforcement remains able to protect >America and Americans in the physical world and in cyberspace. > > With respect to encryption export controls, the strategy announced >today rests on three principles: a one-time technical review of encryption >products in advance of sale, a streamlined post-export reporting system, >and a process that permits the government to review the exports of strong >encryption to foreign government and military organizations and to nations >of concern. Consistent with these principles, the government will >significantly update and simplify export controls on encryption. > > The updated guidelines will allow U.S. companies new opportunities to >sell their products to most end users in global markets. Under this >policy: > >? Any encryption commodity or software of any key length may be exported > under license exception (i.e., without a license), after a technical > review, to individuals, commercial firms, and other non-government end > users in any country except for the seven state supporters of > terrorism. > >? Any retail encryption commodities and software of any key length may > be exported under license exception, after a technical review, to any > end user in any country, except for the seven state supporters of > terrorism. > >? Streamlined post-export reporting will provide government with an > understanding of where strong encryption is being exported, while also > reflecting industry business models and distribution channels. > >? Sector definitions and country lists are eliminated. > > The Administration intends to codify this new policy in export >regulations by >December 15, 1999, following consultations on the details with affected >stakeholders. > > In support of public safety, the President is today transmitting to the >Congress legislation that seeks to assure that law enforcement has the >legal tools, personnel, and equipment necessary to investigate crime in an >encrypted world. Specifically, the Cyberspace Electronic Security Act of >1999 would: > >? Ensure that law enforcement maintains its ability to access decryption > information stored with third parties, while protecting such information > from inappropriate release. > >? Authorize $80 million over four years for the FBI?s Technical Support > Center, which will serve as a centralized technical resource for > Federal, State, and local law enforcement in responding to the > increasing use of encryption by criminals. > >? Protect sensitive investigative techniques and industry trade secrets > from unnecessary disclosure in litigation or criminal trials involving > encryption, consistent with fully protecting defendants? rights to a > fair trial. > > In contrast to an early draft version of the bill, the >Administration?s legislation does not provide new authorities for search >warrants for encryption keys without contemporaneous notice to the subject. >The bill does not regulate the domestic development, use and sale of >encryption. Americans will remain free to use any encryption system >domestically. > > The Administration looks forward to continuing to work with the >Congress, industry, and privacy and law enforcement communities to ensure a >balanced approach to this issue. > > > # # # --- end forwarded text ----------------- Robert A. Hettinga <mailto: [EMAIL PROTECTED]> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'