By Amy Branson
WASHINGTON (July 29) Members of Congress returning to their districts for the August recess may find themselves fielding constituent questions about encryption technology, thanks to a national campaign launched by online civil liberties groups Tuesday.
The campaign declares August to be "Meet Your Member Month." Anyone with an interest in promoting the use and export of strong encryption technology is encouraged to contact members of Congress during the month-long "district work period."
"We are really engaged in a door to door, member to member campaign," said Jerry Berman, director of the Center for Democracy and Technology (CDT).
This national campaign is being organized by the CDT as well as the Electronic Frontier Foundation, Voters Telecommunications Watch, Wired Magazine and EFF- Austin, which is a Texas-based Internet advocacy group.
Netizens now can visit http://www.crypto.com/member to see whether their U.S. representative is a cosponsor of legislation [H.R. 695] that would lift export controls on strong encryption products and prohibit the federal government from mandating a "key recovery system."
Such a system could require encryption users to deposit the "key" to their encoded information with a third party, thus enabling U.S. law enforcement agencies to obtain a warrant and quickly decode that information.
The site also posts the telephone number of the member's local office to encourage people to find out when and where town hall meetings are scheduled. Background information on the bill is available at that site so constituents can familiarize themselves with the legislation before they meet with their member of Congress.
"We are going to prevail," Berman said.
Meanwhile, sponsors of the legislation held their own briefing Tuesday on the status of H.R. 695.
Reps. Bob Goodlatte, R-Va., and Zoe Lofgren, D-Calif., announced they had collected 250 cosponsors in the House for their legislation, including most of the Democratic and Republican leaders. A bill requires 218 votes to pass in the House, if all members are present and voting.
"We think that this bill is headed to the floor of the House sometime this fall," Goodlatte said.
However, the biggest obstacles to the legislation are in the Senate and the White House.
Sponsors of the encryption campaign effort say the second phase of their effort will target U.S. senators.
"We are not ignoring the Senate," said CDT spokesman Jonah Seiger. "This is a multi-phase project."
Key recovery, which Goodlatte, Lofgren and the technology industry oppose, lies at the heart of the encryption debate. v The administration would like to institute a key recovery system, which officials say will assist U.S. law enforcement investigations and bolster national security.
"Our encryption export controls have existed primarily to protect the interest of national security and foreign policy," said one law enforcement source.
He added that law enforcement agencies do not oppose "robust" encryption, as long as there is some mechanism like key recovery to allow "real time" access to encoded information. And real time, according to the source, means instant access.
"Uncrackable encryption will allow drug lords, spies, terrorists and even violent gangs to communicate about their crimes and their conspiracies with impunity," FBI Director Louis Freeh previously has testified to Congress.
But proponents of the Goodlatte-Lofgren bill say it goes further to protect Americans from criminals.
"Strong encryption enables businesses and consumers to protect their data," said Kim Willard, spokeswoman for the Business Software Alliance. The BSA is a trade organization for the software industry.
Goodlatte also defended his bill as a crime-fighting tool.
"This is not an issue of industry versus law enforcement," Goodlatte said. "Our legislation does more to fight crime and prevent crime than theirs does."
"Your credit card number is not always secure on the Internet," he added. "Nor are some of our major institutions secure from terrorists or hacker attacks because of the fact that we have not promoted strong encryption as a national policy in this country."
Nonetheless, Senate Commerce Committee Chairman John McCain, R-Ariz., is sympathetic to administration concerns.
He and Senate Intelligence Committee ranking member Robert Kerrey, D-Neb., have crafted legislation [S. 909] to raise export controls of encryption technology up to 56-bit DES. But their legislation also requires key recovery for encryption products that are stronger.
However, McCain is not singularly committed to S. 909 in its current form, although national security concerns remain paramount.
"He wants to compromise, but he's not going to compromise national security," said committee spokeswoman Pia Pialorsi.
Pialorsi could not say, however, to what extent McCain might compromise on key recovery although she said he is meeting with the industry and national security agencies to try to forge a consensus.
"He wants to bring an encryption bill to the floor ... because the current system is much worse" than the solutions now being offered, she said.
At the press briefing, Goodlatte expressed confidence that differences between the House and Senate could be worked out.
Several senators, including Senate Majority Leader Trent Lott, R-Miss., support the Goodlatte bill.
"What I've found is that when people take a look at the issues [and] understand the technology, they pretty quickly come to our side of the argument," Lofgren said Tuesday.
Current regulations permit anyone within the U.S. to use any strength encryption. There are no restrictions on the export of encryption technology that is 40-bit DES or less.
Products using up to 56-bit encryption require the exporter to obtain a license and present a business plan showing he or she is going to implement a key recovery system by December 1998.
U.S. companies can use any strength encryption in their foreign branches as long as they institute a key recovery system.
However, all financial institutions have been cleared to export 128-bit encryption technology without key recovery.
BSA President Robert Holleyman Tuesday cited a study by International Data Corporation, a private research firm, estimating that electronic commerce could dramatically increase if everyone were able to use strong encryption.
"The International Data Corporation recently concluded that electronic commerce could grow from $2.6 billion of revenue in 1996 to more than $220 billion of revenue in 2001 if online security is improved," Holleyman said.