WASHINGTON-The federal government moved closer to life in the 21st century with two actions that will help law enforcement, while allowing companies to develop new technologies.
The White House announced on Thursday a three-pronged plan for dealing with the controversial issue of encryption.
Additionally, last week the Department of Justice announced it had reached an agreement with Ameritech Services Corp. and Nortel Networks to license software to implement the digital wiretap act.
Encryption
Encryption is technology used to scramble computer data. The computer industry has been trying for years to get export controls on encryption technology relaxed, but the FBI and National Security Agency have resisted.
The action taken by the Clinton administration “fundamentally alters the debate over encryption,” said Attorney General Janet Reno.
The debate over encryption products has been waging since 1996, when the Clinton administration moved encryption export control policy from State Department jurisdiction to Commerce Department jurisdiction. This move resulted in an export control policy that said U.S. computer companies could not export encryption products with bit strengths greater than 56 bits with restrictions and 40 bits without restrictions. These bit strengths are considered weak by the computer industry, which has developed products with bit strengths of at least 128 bits.
The first prong relaxes restrictions that will allow high-tech companies to export encryption products after a one-time review, with some exceptions.
Officials at the ceremony were vague about what the review would entail, but Commerce Secretary William Daley said he expected it to take about a month. Deputy Defense Secretary John Hamre said the review would take longer if companies did not present more information than a brochure.
More than 250 members of the House have sponsored legislation to relax export controls. The legislation, known as the Security and Freedom through Encryption, or SAFE Act, has been passed by five different House committees and is expected to be considered by the full House sometime this fall.
While all five committees passed the bill, some committees replaced the entire original bill with new language. These additional versions are expected to be considered by the full House as well.
Hamre said the Department of Defense would recommend the president veto the SAFE Act and similar Senate legislation because they did not contain the one-time review or the post-export reporting system.
The post-export reporting system is necessary because national security and law enforcement need to know where encryption products are so they can prepare for their eventual use by criminals, Hamre said.
Secondly, the White House will ask Congress for $80 million to fund the FBI’s Technical Support Center.
And finally, the administration on Thursday sent legislation to Capitol Hill that will “ensure that law enforcement maintains its ability to access decryption information stored with third parties, while protecting such information from inappropriate release,” said the White House.
CALEA
The Justice Department has signed a letter agreement with Ameritech and Nortel to begin implementing the Communications Assistance for Law Enforcement Act of 1994.
The agreement allows DOJ to reimburse Nortel to develop a CALEA-compliant solution and then to license that solution by carriers. It is the first of a series that will allow Nortel to develop CALEA-compliant solutions for all of their switches, said Stephen Colgate, assistant attorney general for administration.
Nortel also agreed to make the CALEA-compliant solution available to carriers with switches that were deployed after Jan. 1, 1995, commonly referred to as the grandfather date for compliance.
CALEA authorized $500 million to implement CALEA. Colgate said the Nortel agreement will not spend the entire amount, but he would not say how much DOJ plans to pay Nortel.
DOJ is also negotiating with other telecommunications manufacturers, Colgate said.
The DOJ/Nortel/Ameritech agreement is the latest chapter in the CALEA saga. It was predicted last March when Reno said they were in negotiations.
Last month, the FCC completed rules telling the telecommunications industry what technical capabilities must be included to implement CALEA.
The industry is meeting next week at the FBI’s CALEA office to begin the process of developing a standard to implement these rules, said Grant Seiffert, vice president for government relations for the Telecommunications Industry Association.
