By Amy Branson
WASHINGTON (March 17) The debate over whether to allow Americans to use strong encryption technology without a built-in "backdoor" for police access surfaced again on Capitol Hill Tuesday, but this time privacy advocates had the upper hand and the Clinton administration softened its hardnosed, pro-law enforcement position.
Sen. John Ashcroft, R-Mo., a former governor and state attorney general, placed himself securely in the pro-privacy camp during a hearing he called on the issue for the Constitution, Federalism and Property Rights Subcommittee.
"To date, we in the Senate have heard a great deal about the needs of law enforcement in the digital age and the risk that robust encryption poses to the traditional methods employed by law enforcement," Ashcroft said. "At the same time, we have heard almost nothing about the privacy interests of law-abiding citizens."
Ashcroft argued that the Founding Fathers, who used cryptography to encode their own messages, crafted the Constitution to reflect a sense of balance between the needs of law enforcement and the public.
"Such balance is missing from the policies embraced by the administration and from the Senate Commerce Committee's bill," Ashcroft said, referring to legislation [S. 909] offered by Commerce panel Chairman John McCain, R-Ariz.
"The FBI has argued that a system of mandatory access would make it easier for law enforcement to do its job. Of course it would, but it would also make things easier on law enforcement if we simply repealed the Fourth Amendment," Ashcroft added. The Fourth Amendment protects against unreasonable searches and seizures.
But the Clinton administration's lone representative at the hearing backed away somewhat from its previous support for a so-called key recovery system. Robert Litt, principal associate deputy attorney general at the Justice Department, declared that the administration "is not wedded" to the concept of key recovery.
Key recovery, or key escrow, is a controversial system in which the users of encryption technology would deposit the key to their scrambled files with a third party. This would enable law enforcement officers with proper court authorization, such as a warrant, to immediately retrieve the plain text of files belonging to the person they are investigating.
"The administration is not advocating any single product, technology or even technical approach," Litt said. Commercial solutions crafted by the private sector would be preferable to a federal mandate, he added.
Indeed, earlier this month, Vice President Al Gore said in a letter to Senate Minority Leader Thomas Daschle, D-S.D., that the "best approach" to the problem would be "to pursue a good faith dialogue over the coming months between industry and law enforcement, which can produce cooperative solutions, rather than seeking to legislate domestic controls."
Still, Litt explained that national security and public safety concerns still are paramount within the administration when it comes to the issue of strong encryption. And, he said that federal law enforcement officials do not now have the resources to break tough cryptography.
"I don't think that it can reasonably be disputed that the unchecked spread of nonrecoverable encryption will also endanger the public safety and our national security," Litt said in prepared remarks. "In fact, commonly available encryption products are already so strong that we cannot break them."
The FBI plans to continue searching for a technical solution to ensure it will be able to access quickly the plain text of communications and information although establishing a mandatory key escrow system is not the agency's only preference, said Barry Smith, a supervisory special agent with the FBI's office of public and congressional affairs. But Litt did indicate Tuesday that the FBI was willing to work with industry leaders now to devise an acceptable solution to the problem.
But while the nation's top law enforcement officers are concerned about fighting crimes disguised by mathematical algorithms the essence of encryption one former police officer argued Tuesday that the country would be better off without the systems the government has been proposing.
James Fotis, executive director of the Law Enforcement Alliance of America, a coalition of law enforcement professionals and crime victims, said strong encryption without built-in weaknesses can be an effective deterrent to crime. Such encryption would make the transmission of confidential information, such as bank and financial records, medical records, trade secrets and even credit card numbers for Internet commerce, much more secure, he reasoned.
"If by using encryption we can reduce computer theft crimes and lower economic espionage, it is a net gain for law enforcement," Fotis said, noting that a Justice Department has reported that computer security breaches cost U.S. businesses and consumers $7 billion a year.
Criticizing the administration's stance to date on encryption, Fotis added, "The current administration's policy flies in the face of our Founding Fathers, running afoul of the First, Fourth, Fifth and 10th Amendments."
And, he said, many police officers share these views, but do not speak up about it for fear of losing federal funds.
Meanwhile, several law professors and lawyers also testified that mandatory key recovery policies would certainly be felled by constitutional challenges.
Stanford Law School Professor Kathleen Sullivan, who spoke on behalf of Americans for Computer Privacy, a large Washington-based advocacy group lobbying for the relaxation of export controls on U.S. encryption products, said the federal government would not be able to get around Fourth Amendment concerns by "outsourcing the dragnet."