(Washington, DC) — The Computer & Communications Industry Association (CCIA) sees little advantage in today’s announcement that the Clinton Administration is allowing unlimited export of encryption for certain banking transactions.
“We have advocated for years the dangers of the various Clipper chip/key escrow/key recovery proposals to the future of electronic commerce and the security of financial applications,” said Ed Black, CCIA President. “The Administration’s revised rhetoric indicates that they have gotten part of the message that full development of global electronic commerce on the Internet rests on security and confidentiality afforded by strong encryption. However, the Administration still fails to acknowledge that their mandatory key recovery encryption policy undermines the security of those encryption protections,” he said.
“Read the fine print, and you’ll find that the Administration is not delivering all that it is promising,” Black explained. “While some financial products may not face strict export regulations, the Administration still insists that manufacturers and others using strong encryption technology to commit to developing key recovery products. When the government mandates the placement of a decoding key with a third party, digital data and communications on the Internet remain vulnerable to intrusion.
“Furthermore, the National Research Council study revealed that government- mandated key recovery increases the likelihood that foreign competition — not regulated by key recovery — will step in and take business from American companies. Unfortunately, that is already occurring.” Black said.
“It just hasn’t made sense to our industry that the very same Administration which has embraced high technology as the bridge to the next century would simultaneously handcuff the users and producers of that technology with unreasonable controls on the most effective method of protecting data, guarding computer systems, and securing the Internet,” Black continued.
“Today’s announcement at least recognizes the legitimate threat to electronic commerce when strong encryption is not used. But what the Administration recognizes as a necessary exception to its encryption policy for the banking industry should be afforded to everyone else as well,” Black explained.
“Earlier today CCIA and its member company Sun Microsystems presented a compelling case before the House Subcommittee on International Economic Policy and Trade about the pitfalls of the current encryption policy. Lawmakers in Congress are becoming increasingly critical of the Administration’s crypto policy. They realize that the policy is unworkable and lacks multilateral consensus. It is now time for the Administration to recognize today’s realities.”
CCIA is an association of computer and communications industry firms, as represented by their chairmen, presidents, chief executive officers, chief operating officers and other senior executives. Small, medium and large in size, these companies represent a broad, cross-section of the industry, including equipment manufacturers, software developers, telecommunications and on-line service providers, re-sellers, systems integrators, third-party vendors and other related business ventures.
CCIA member companies employ over a half million workers and generate annual revenues of nearly 200 billion dollars.