Story A: Militia Groups Band Together And Take Over The Country
The FBI has evidence that communication between Militia Groups has steadily increased and is currently at a record high. An inside resource reported that the Groups are forming a coalition to take over the United States. They plan to seize all communication networks so they can control any information given to the general public. They will take control over food distribution, power supply, and water supply. Everything will be rationed according to the Militias’ predetermined specifications. Nobody seems to know when, where, or how this is going to happen for all communications between the Militia groups are encrypted with a 60-bit key. Government Officials are trying to crack the code, but due to the sophistication of the encryption algorithm, it could take months. If the government had access to the encryption key, the Militia Groups’ plan of action could be intercepted—before it is too late.
Story B: The Government Has The “Key” To Your “Back Door”
Remember that e-mail you sent your best-friend about your deepest darkest secret? You thought you were being safe when you used that encryption program didn’t you? Your secret is no longer a secret. The government read that message. They wanted to make sure you were not a threat to society. They know what movie you watched on your digital TV last night too—I hope an adult watching Rug Rats isn’t considered inappropriate. Don’t bother using an encryption program when you call your wife to confess to eating the Oreos. They have it covered. The Cookie Police are on their way to your house right now. You have no privacy. The Government can read any communication you attempt to transmit over any network. They are watching you.
These stories are strictly fiction. They are merely included to make a statement about encryption and provide an example of two extremes on a spectrum. Encryption is a wonderful and powerful tool when trustworthy people use it in an appropriate manner. If the tool falls into the wrong hands, it becomes less wonderful and more powerful. So what are the wrong hands and what should be done about it? Many corporations from the technology industry and organizations like the American Civil Liberties Union (ACLU) say nothing should be done about it. Americans have the right to privacy and encryption can provide that. On the other sided of the controversy, the Clinton Administration wants to secure access to all encryption keys so any encrypted communication can be intercepted, which will ensure social welfare. Governmental involvement in the use of encryption is a controversial issue. Throughout history, Governmental Agencies have interfered with the development and implementation of surveillance technology; this behavior may foreshadow future involvement with encryption. The debate of the Government’s involvement is ongoing with valid points on both sides. In order to fairly evaluate both arguments, one must first understand cryptography and it’s history of development.
According to the Newton’s Telecom Dictionary, cryptography is, “the process of concealing the contents of a message from all except those who know the key,” (207). It is also defined as “. . . the science, or art, of secret writing,” (Huffman 2). The word “cryptography” originated in Greece: Crypto means hidden and Graphia means writing. The use of cryptography is dated back to the days of Julius Caesar when a method referred to as “Caesar Cipher” was used. The system used the third letter of the alphabet beyond the targeted letter to replace each letter of an encrypted message. The word “hello” encrypted with Caesar Cipher would be scrambled to read “khoor,” (Huffman 2).
Throughout the years, cryptography has provided security for “secret” messages. The encryption machine Enigma encoded and decoded messages during World War II (Huffman 2). Currently encryption programs are used to protect personal data such as medical records and financial data during its transmission over public and private networks. It is used to secure any information a person wishes to keep private. That includes data implicating criminal activities. Child pornographers can encrypt pornographic images of children over the Internet and terrorists can use encryption to keep their plans to destroy the world a secret from Government Officials.
It is a scary thought that evildoers are plotting their next attack behind encrypted doors. But before we relinquish our privacy rights to the Government out of fear, we must examine history and the Government’s involvement with similar privacy issues.
Governmental History With Privacy Issues
Founding Fathers Establish Rights/ FBI Violates Rights
Before the American Revolution, the English Parliament gave colonel revenue officers the authority to search and seize at will. As a result, homes were ransacked in search of smuggled goods and the privacy of individuals was intensely violated. On the eve of the Declaration of Independence, Samuel Adams expressed concern regarding general searches and the conflict between Great Britain and America; so the Fourth Amendment was adopted into the Constitution (ACLU 5). The Amendment was included to protect individuals’ privacy, but “when the framers struck the original balance between personal privacy and the needs of law enforcement, remote listening devices had not yet been invented,” (ACLU 5). Electronic surveillance is arguably considered a violation of the Fourth Amendment. It, by definition, “constitutes a general search, not a search limited to specific objects, people and places as required by the Fourth Amendment,” (ACLU 6). Electronic surveillance such as wiretaps and keys to encrypted messages intrude not only on the lives of the targeted party, but it also intrudes on the lives of any persons who electronically communicate with the party under surveillance (ACLU 6). Regardless of the constitutionality of electronic surveillance, the Governments behavior on this subject is questionable.
In 1934, The Communications Act deemed wiretapping illegal and it remained so for 34 years. The FBI disregarded this law and “relied on directive executives” to conduct wiretaps anyway. A later review of FBI policies concerning wiretaps revealed that the “agency was much more involved in wiretapping than previously had been thought and that the agency had used the information it gathered from wiretaps to advance its own political and bureaucratic objective,” (Huffman 2). Even after the enactment of the Omnibus Crime Control and Safe Streets Act of 1968, which legalized wiretapping, the Government abused the use of electronic surveillance. Statistics reported from the Administrative Office of the U.S. Courts show that “from 1985 to 1995, more than 12 million conversations were intercepted through law enforcement wiretaps, and all but a relative handful were completely innocent,” (ACLU 4). One may think the innocent would be protected because Government Agents are required by law to obtain a warrant to conduct electronic surveillance. The innocent are not protected because the request for a warrant is rarely rejected. In fact, as of March 1998, “only one request by law enforcement for an intercept was rejected in the previous eight years,” (ACLU 4). The way Government Agencies have handled wiretapping policies and civilian privacy may be detrimental. The Government’s involvement may also foreshadow its involvement with other forms of electronic surveillance.
Development Of Encryption And The Government’s Involvement
Government Agencies Guide Encryption Development
In the early 1970’s the United States set a goal to lead the world in encryption. The United States National Bureau of Standards (NBS) wished to establish a national encryption standard with the hopes that the rest of the world would adopt the standard as well. The NBS sought the advice of private sectors for a proposal for a Data Encryption Standard (DES). As a result, IBM and the National Security Agency (NSA) developed an encryption algorithm, which became a federal standard in 1977 (Huffman 2). Congress wished to limit NSA’s involvement in “. . . developing standards for the civilian communications system,” (EPIC 1). In 1987, as an attempt to limit NSA’s involvement, Congress passed the Computer Security Act. This law granted the National Institute for Standards and Technology (NIST) control of unclassified, non-military computers (Epic/CSA). In spite of this, the Government remained involved in the development of encryption technology. The FBI used Congressional avenues to pave its path.
The FBI became concerned with the development of technology such as fiber-optic cabling and digital phone systems for they new this could hinder their ability to use existing analog technology for wiretapping. As a result, it presented the FBI Digital Telephony Proposal. This proposal would require the installation and maintenance of expensive equipment to facilitate wiretaps. Due to the expense, the proposal failed to reach the House floor. In 1994, the proposal re-surfaced as the Communications Assistance for Law Enforcement Act (CALEA); this time the proposal included reimbursement measures for telecommunications providers. The bill “. . . was signed into law in October, 1994, (Huffman 7). The FBI now has the ability to intercept communication that travels across fiber cabling and digital phone systems.
CALEA secured the Governments ability to tap into the advanced technology but what is the purpose of wiretapping if you can’t read the information transmitted across the medium? This is why the Government turned its focus to securing access to encrypted information. In 1993, the Clinton Administration introduced the Clipper Chip. The Clipper Chip (Clipper I) is “. . . an NSA developed, hardware oriented, cryptographic device that implements a symmetric encryption/decryption algorithm and a law enforcement satisfying key escrow system,” (ISU). Every encryption user would be required to register their decryption key with the government to allow access to “stored data and real-time communications,” (ACLU 4). Although the Clipper Chip was proposed as voluntary, it didn’t catch on and the administration was forced to abandon it. Shortly after, Clipper II was introduced. The encryption proposal was the same as the first with the exception that “. . . anyone using encryption would have to leave the key with a government-approved ‘escrow agent,’’ (ACLU 4). Because this proposal wasn’t accepted either, Clipper III was developed. Clipper III had no significant differences from earlier proposals.
A year after the proposals, the Electronic Privacy Information Center (EPIC) exposed the truth behind the Clipper Chip. The government knew that a standard such as the Clipper Chip “. . . would succeed only if other alternative security techniques were outlawed,” (Huffman 7). The NSA and FBI endorsed a document stating that legislation requiring the use of Government-approved encryption would be necessary for the technical solutions to function as they are designed (ACLU 7). Just as the FBI failed to comply with the Communications Act concerning wiretapping in the 1930’s to 1960’s, the Clinton Administration failed to abide by the Computer Security Act. The Administration supported a proposal fully aware of the need to enforce the encryption technology as a standard for civilian communications.
The Clinton Administration was put under a lot of pressure. To help relieve some of the pressure, the administration met with “a consortium, including industry, civil liberty, and law enforcement groups, . . .”(Huffman 8). Their goal was to develop an encryption standard. After meeting with the administration, the industry group, which consisted of companies like Apple Computer, MCI Communications, and Microsoft, rejected a compromise proposal. They said the government was “unwilling to compromise: the government insisted on having a “back door” to any encryption used (Huffman 8).
In March of 1997, the government tried again. The Clinton Administration introduced a proposal for the Electronic Data Security Act of 1997. The proposal would allow one to voluntarily register the decryption key with government-approved agents. The problem was, the proposal made it “. . . virtually impossible to participate in electronic commerce. . .” without registering the decryption key (Huffman 9). The Administration reached an extreme to secure its access to encrypted data. Obviously its attempts caused great controversy. The Government claims its nobleness in protecting society from the “bad guys” while others claim violations of their rights.
Controversy Over Encryption Policies
A Violation of Rights To Protect Society
It is evident that the government is trying anything possible to establish access to encrypted information. Some people argue that their constitutional rights are at risk if the government succeeds in controlling an encryption standard. As discussed before, electronic surveillance affects any person communicating with a person under surveillance; therefore, the non-targeted person’s privacy is invaded without just cause. This is a violation of their fourth Amendment right (ACLU 6).
In addition to a Fourth Amendment violation, it is argued that the First Amendment would also be violated by proposals such as the Clipper Chip. In the case Daniel J. Berstein v. United States Department of State, encryption was accepted as a form of language and ordered protection by the First Amendment. Other cases establish First Amendment protection for forms of communication such as technical information, music, and flag burning. “If technical information, music, and languages are considered speech and subject to First Amendment protection, so too then must encrypted messages containing elements of communication be speech,” (Huffman 4). Does the Clinton Administration not find the First and Fourth Amendments significant? It is the Governments responsibility to protect the constitutional rights of the citizens. Perhaps it is not that the Amendments are not significant, but social welfare is of much more significance. In addition to protecting constitutional rights, the Government is responsible for protecting society.
The government argues that a violation of these rights is acceptable and necessary to protect the general public from harm. In “US Cryptography Policy: Why We Are Taking the Current Approach,” the NIST reports,
. . . there is a growing recognition, affirmed most recently by the National Academy of Sciences that the use of encryption to conceal illegitimate activities ‘poses a problem for society as a whole, not just for law enforcement and national security.’ In brief, criminals can use encryption to frustrate legal wiretaps and render useless search warrants for stored electronic data (NIST 1).
Currently, the “bad guy” is one step ahead of the “good guy.” Encryption has interfered with the prosecution of child pornographers. “Aldrich Ames was instructed by Soviet handlers to encrypt computer files that he passed to the Soviet,” (NIST 1). It is obvious something must be done to protect society. The Government argues that possession of the encryption key is the answer. Having access to encrypted communication is an urgent necessity. Without it, major tragedies may occur. Others argue that the Government’s possession of the encryption key is a violation of constitutional rights.
It is safe to say the issue of encryption is a controversial one. The government wants to control the standard and secure access to the key. Others want to secure their privacy and live by their constitutional rights. There is a spectrum with two extremes and a median. One extreme is a world filled with crime being committed behind “encrypted doors.” The other extreme is a world of civilian lives filled with invasions of privacy. As far as the median, it is yet to be determined. The only way to determine the median is by compromise. In order to compromise, all parties must give up on the idea that they are going to have more control than the other. Once a compromise is reached, a suitable standard can be implemented and the world can move on to bigger and better problems.
Electronic Privacy Information Center (EPIC). “The Clipper Chip.” (13 April 2000).
EPIC. “Computer Security Act (CSA).” (13 April 2000).
American Civil Liberties Union (ACLU). “Big Brother in the Wires.” 1998. (13 April 2000).
Huffman, John L., Jan H. Samoriski, and Denise M. Trauth. “Encryption and the First Amendment.” 1997. (13 April 2000).
National Institute for Standards and Technology (NIST). “US Cryptography Policy: Why We Are Taking the Current Approach.” 1996. (13 April 2000).
Stefanick, Jennifer L., Edware M. Pinter, and John J. Witmeyer III. “Coded Communications On the Internet: Who Should Hold The Key?” 1996. (13 April 2000).