I beg to differ; any stance is defensible.
-----Original Message-----
From: Jay D. Dyson [mailto:[EMAIL PROTECTED]]
Sent: Thursday, April 25, 2002 9:09 PM
To: Security-Basics List
Cc: [EMAIL PROTECTED]
Subject: Re: strong encryption - governments denying individuals the
right to use
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, 24 Apr 2002 [EMAIL PROTECTED] wrote:
> I am having to write a position paper on - should our government
> (Australian) deny individuals the use of strong encryption?
>
> Unfortunately I have challenged myself and decided that I would support
> the idea of the Government denying individuals the right to use strong
> encryption. Only problem is I can't find any information that
> explicitly supports this argument, nor am I sure what I should put in
> this 'Position Paper'.
That stance is indefensible. The reasons against this stance are
thus:
1. Strong encryption is already available to the general.
public. Attempts to control such access is a lost cause.
2. Forbidding public access to strong encryption is based on
the presumption of guilt of the general populace by the
government. (The argument being used is that if someone
has nothing to hide, then they don't need strong
encryption products; nevermind the individual's right to
privacy.)
3. Individuals -- as well as commercial entities -- have
legitimate needs to safeguard their data against access
to unauthorized parties.
4. Arguing that individuals should not have access to tools
to safeguard their digital assets is tantamount to arguing
that individuals should not be allowed to have locks on
their doors or safes in their homes.
5. Arguments that claim that access to strong encryption
should be denied because it potentially benefits the
criminal element (organized crime and terrorists) is
disingenuous at best. Every civil liberty a civilized
nation affords its people can be perverted by the
criminal element, but that does not legitimize any
attempt to rescind those civil liberties. Indeed, all
evidence gathered to date clearly indicates that even the
most virulent participants in the al Qaeda terrorist
network do not even use cryptographic or steganographic
software on their data.
6. Arguments that use of strong encryption circumvents
criminal investigations are dubious since law enforcement
has already demonstrated the capacity to bug the suspect's
computer to capture keystrokes and thus gain the suspect's
passphrase to their cryptographic products and ultimately
gain access to the encrypted data.
7. Restriction of cryptography for individual use would
ultimately have a negative impact on commerce, since
all cryptographic products would come under additional
regulation and all commerce would have to account to
various legal and government agencies for every use of
a cryptographic product. This would expose sensitive
commercial data to third parties who are not exempt from
corruption and could easily benefit from such data.
8. Restriction of cryptographic access for individuals is
done for one reason: the convenience of law enforcement.
It would be far wiser to bring law enforcement agencies up
on the technological curve rather than force the
dumbing-down of an entire people.
Those are the biggest reasons why you will be hard-pressed to find
any defense for your position.
And if I may be so bold, I'd like to ask this: if you're taking a
position on this, but you can't personally justify this stance to
yourself, then why are you taking that position? Mull that over.
- -Jay
( ( _______
)) )) .--"There's always time for a good cup of coffee"--. >====<--.
C|~~|C|~~| (>------ Jay D. Dyson -- [EMAIL PROTECTED] ------<) | = |-'
`--' `--' `- O Lord, make my enemies ridiculous. - Voltaire -' `------'
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (SunOS)
Comment: See http://www.treachery.net/~jdyson/ for current keys.
iEYEARECAAYFAjzIVEoACgkQGI2IHblM+8E2rwCeIw7aCzNzT9bw0Y1XTK2ItKJG
mdgAmgMY0/pBw3/+OFcLW+v6fR5+RxFj
=IsfK
-----END PGP SIGNATURE-----
