Encryption Bill Reintroduced in House
(February 25, 1999) Rep. Bob Goodlatte, Rep. Zoe Lofgren, and over 200 other members of the House of Representatives are re-introducing the Security and Freedom through Encryption (SAFE) Act. The bill would ensure that Americans can use any type of encryption, prohibit the government from mandating a backdoor into people's computer systems, and relax current export controls on encryption products.
|Summary of HR 850, SAFE Act.
Copy of HR 850 IH (106th).
Rep. Bob Goodlatte (R-VA) (web site | bio) and Rep. Zoe Lofgren (D-CA) (web site | bio) sponsored a similar bill in the 105th Congress which never made it to the floor for a vote. The two hosted an event in the U.S. Capital building on Thursday morning, February 25, to announce the re-introduction of the bill. They were joined by House Majority Leader Dick Armey, other House members, and representatives of groups which support the bill.
"The SAFE Act would loosen export controls on encryption products, enable Americans to communicate securely, and protect the integrity of our public networks," said Rep. Lofgren. "It is time for the government to recognize that superior encryption products are already widely available and being sold by overseas competitors, and that the current controls only hurt American industry without furthering law enforcement and national security goals."
The list of original co-sponsors of the bill is both large and bipartisan. It also includes many key leaders in the House, such as Majority Leader Richard Armey (R-TX), Minority Leader Richard Gephardt (D-MO), Majority Whip Tom Delay (R-TX), Minority Whip David Bonior (D-MI), House Republican Conference Chairman J.C. Watts (R-OK), House Policy Committee Chairman Chris Cox (R-CA), Rules Committee Chairman David Dreier (R-CA), and Democratic Caucus Chairman Martin Frost (D-TX).
However, neither Commerce Committee Chairman Tom Bliley (R-VA), nor Judiciary Committee Chairman Henry Hyde (R-IL) are co-sponsors. Both Committees have jurisdiction over the bill. Both Rep. Lofgren and Rep. Goodlatte sit on the Judiciary Committee.
"Every American is vulnerable on-line," said Rep. Goodlatte. "Credit card numbers can be stolen, medical records can be exposed, and financial transactions can be compromised, all because of the Administration's current encryption policy. Strong encryption protects consumers, and helps law enforcement by preventing crime on the Internet."
However, the Clinton administration, and particularly the Federal Bureau of Investigation, remain opposed to the bill.
The bill is supported by a broad coalition which includes industry and privacy groups. Companies and trade groups from the computer, software, e-commerce, financial, and telecommunications industries actively support the bill. The umbrella group Americans for Computer Privacy has been organized to win passage of encryption legislation.
Public interest groups which are concerned about the privacy rights of individuals are also behind the bill. These include the Center for Democracy and Technology and the American Civil Liberties Union. Jerry Berman of the CDT said that "the SAFE Act is way overdue. We commend its sponsors and will work vigorously to support their efforts."
Excerpts from the SAFE Act
|§ 2802. Freedom to use encryption|
|Subject to section 2805, it shall be lawful for any person within any State, and for any United States person in a foreign country, to use any encryption, regardless of the encryption algorithm selected, encryption key length chosen, or implementation technique or medium used.|
|§ 2803. Freedom to sell encryption|
|Subject to section 2805, it shall be lawful for any person within any State to sell in interstate commerce any encryption, regardless of the encryption algorithm selected, encryption key length chosen, or implementation technique or medium used.|
|§ 2804. Prohibition on mandatory key escrow|
|(a) GENERAL PROHIBITION.---Neither the Federal Government nor a State may require that, or condition any approval on a requirement that, a key, access to a key, key recovery information, or any other plaintext access capability be---|
|(1) built into computer hardware or software for any purpose;|
|(2) given to any other person, including a Federal Government agency ... or|
|(3) retained by the owner or user ...|
|§ 2805. Unlawful use of encryption in furtherance of a criminal act|
|(This section criminalizes the use of encryption in connection with a felony.)|
The bill provides that people in the United States can use any kind of encryption. Moreover, the government cannot mandate any kind of key escrow.
However, the bulk of the seventeen page bill deals with the export of encryption products. Section 3 of the bill would amend the Export Administration Act of 1979 in many ways. Some of the highlights are as follows. First, it would place all encryption products, except those specifically designed or modified for military use, under the jurisdiction of the Secretary of Commerce.
Second, it would provide that after a one-time, 15-day technical review by the Secretary, no export license may be required for generally available encryption software and hardware products, generally available products containing encryption, generally available products with encryption capabilities, technical assistance and data used to install or maintain generally available encryption products, products containing encryption, and products with encryption capabilities, and encryption products not used for confidentiality purposes.
Third, it would provide that after a one-time, 15-day technical review by the Secretary, the Secretary shall allow the export of custom-designed encryption products and custom-designed products with encryption capabilities if those products are permitted for use by banks or if comparable products are commercially available outside the U.S.
Fourth, it would provide that encryption products that do not require an export license as of the date of enactment of the bill would not require an export license on or after that date.
Finally, the bill provides that nothing in the bill would limit the authority of the
President to prohibit the export of encryption products to terrorist nations or nations
that have been determined to repeatedly support acts of international terrorism, or to
impose an embargo on exports to and imports from a specific country. The bill would also
allow the Secretary of Commerce to prohibit the export of specific encryption products to
specific individuals or organizations in specific foreign countries, if the Secretary
determines that there is substantial evidence that such products will be used for military
or terrorist purposes.
|Goodlatte and Boucher Criticize British Key Escrow,
Wassenaar Agreement Restricts Encryption, 12/4/98.
ACP Plans Ad Campaign on Encryption, 7/23/98.
EFF Cracks 56 Bit DES in 3 Days, 7/20/98.
Burns Says Encryption Bill To Be Considered This Session, 6/17/98.
Industry Leaders Meet with Justice Officials, 6/10/98.
Industry Leaders to Meet With Freeh on Encryption, 6/2/98.
Compromise Encryption Bill Introduced in Senate, 5/14/98.
Freeh Warns of Encryption Use, 4/23/98.
Secretary Daley Condemns Encryption Policy, 4/16/98.
Democrats Write Clinton on Encryption, 4/6/98.
Senate Holds Hearing on Encryption, 3/17/98.
ACP Brings Together Strange Bedfellows, 3/16/98.
Americans for Computer Privacy Organizes, 3/4/98.