EFFector Online Volume 6
******************************************************************
////////////// ////////////// //////////////
/// /// ///
/////// /////// ///////
/// /// ///
////////////// /// ///
******************************************************************
EFFector Online Volume 6 No. 1 9/17/1993 editors@eff.org
A Publication of the Electronic Frontier Foundation ISSN 1062-9424
1098 lines
-==--==--==-<>-==--==--==-
In This Issue:
Clipper Escrow Agents Chosen
Barlow's "A Plain Text on Crypto Policy"
Crypto Conference in Austin
Virginians Against Censorship
-==--==--==-<>-==--==--==-
****************************
Clipper Escrow Agents Chosen
****************************
In the next several days, the Administration will announce it has
chosen at least one escrow agency and has developed procedures for
accessing escrow keys pursuant to warrant. Here is an account of an
Administration hill staff briefing on September 16, 1993, and the draft
procedures for law enforcement, foreign intelligence, and state and local
law enforcement wiretapping. We are looking for comments and analysis.
Please circulate widely.
Jerry Berman, EFF.
==================
RE: Clipper Escrow Agent Briefing for Congressional Staff
Yesterday, September 15, 1993, a briefing was held for
congressional staff regarding the status of the Clipper project. The lead
briefers for the Administration were Mark Richard, Deputy Assistant
Attorney General, Criminal Division, DOJ; Jim Kallstrom, FBI; Geoff
Greiveldinger, Special Counsel, Narcotic and Dangerous Drug Section, DOJ;
and John Podesta. Also present were Mary Lawton, Counsel for Intelligence
Policy and Review, DOJ; Mike Waguespack, NSC; and Dwight Price, National
District Attorneys Association.
The Administration has tentatively settled on NIST and a yet to be
determined non-law enforcement component of the Department of the
Treasury as the "escrow agents." The Administration will finalize the choices
in the next few days, according to John Podesta. The Attorney General will
make an announcement, in what form has not been determined, but it will
probably not be a Federal Register notice. The Attorney General will
announce that she has adopted, and the escrows have agreed to follow, the
attached procedures.
The system will work as follows:
(1) A black box (actually a PC) in the possession of a law enforcement
agency will be able to read the Law Enforcement Access Field in a Clipper
encrypted data stream and extract the identification number specific to the
Clipper chip being used by the intercept target. Cost of the black box yet
undetermined. How many will be purchased by law enforcement yet
undetermined, although if use of Clipper becomes common, the black boxes
will be in great demand, by federal as well as state and local agencies.
They will be available only to law enforcement, with yet to be specified
controls on their sale. Each black box will have a unique identifier.
(2) The law enforcement agency will fax the device ID number to
each of the escrow agents, along with a certification that the agency has
authority to conduct the intercept, the ID number of the intercepting
agency's black box, and the time period for which the intercept is
authorized (in the case of Title III's, up to thirty days, with
extensions).
(3) The escrow agents will transmit the key components by encrypted
link directly into the black box of the requesting law enforcement agency.
The key components will only work with that particular black box, and will
only work for the stated duration of the intercept. If the intercept is
extended, the law enforcement agency will have to send a new request to
the escrow agents to extend the life of the key components. The escrow
agents will maintain logs of the requests. Greiveldinger stressed that the
system is "replete with recordation of the transactions that will occur."
The escrow agents also have a responsibility for maintaining the integrity
of the chip manufacturing process.
In opening remarks describing the need for the Clipper escrow
system, Kallstrom had stressed that the AT&T product posed a unique threat
in terms of voice quality, affordability, portability and strength of the
encryption. The Administration rejects the argument that voice encryption
is readily available. The AT&T product, which isn't available yet, is
unique, and competing products, the Administration argues, are yet further
in the future.
The next voice encryption product in the pipeline is Motorola's,
and Motorola has expressed interest in using Clipper in its product. The
Administration argued that the need for compatibility would drive a
significant share of the market to Clipper or Capstone-based products.
Escrow coverage will not be complete, but the bad guys are careless and are
expected to use Clipper products.
The key criterion used in selecting the escrow agents was whether
the agency had experience in and an infrastructure for handling sensitive
information. The Administration did not want to use a law enforcement or
national security component, for credibility reasons. It did not want to
use private entities based on concerns about longevity and not wanting
security to be governed by the need to make a profit. The briefers
admitted that the proposed system is not really an escrow. The agencies
holding the key components will not have any duties or responsibilities to
the Clipper users. The escrows' obligation will be to the government, and
they will be liable to Clipper users only under the Bivens doctrine, where
any failure must be shown to be wilful.
Both John Podesta and Mark Richard stated that there is no plan on
or over the horizon to outlaw non-escrowed encryption.
John and Mark said that the international aspects of the
escrow/encryption issue are the thorniest to deal with, and there are no
answers yet. Clipper products would be exportable with a license, although
other countries may try to keep them out. (Nobody asked questions about
changes in the rules governing export of non-Clipper encryption.) Other
nations would not participate in the escrow system, nor, presumably, would
they be allowed to buy the black boxes. E.G., if the British intercepted an
IRA communication that appeared to be encrypted with Clipper, and came to
the FBI for help, the anticipated escrow system would not allow the FBI to
get the key from the escrow agents.
==================PROPOSED PROCEDURES
AUTHORIZATION PROCEDURES FOR RELEASE OF ENCRYPTION KEY
COMPONENTS IN CONJUNCTION WITH INTERCEPTS PURSUANT TO TITLE III
The following are the procedures for the release of escrowed key
components in conjunction with lawfully authorized interception of
communications encrypted with a key-escrow encryption method. These
procedures cover all electronic surveillance conducted pursuant to Title
III of the omnibus Crime Control and Safe Streets Act of 1968, as amended
(Title III), Title 18, United States Code, Section 2510 et seq.
1) In each case there shall be a legal authorization for the
interception of wire and/or electronic communications.
2) All electronic surveillance court orders under Title III shall
contain provisions authorizing after-the-fact minimization, pursuant to 18
U.S.C. 2518(5), permitting the interception and retention of coded
communications, including encrypted communications.
3) In the event that federal law enforcement agents discover during
the course of any lawfully authorized interception that communications
encrypted with a key escrow encryption method are being utilized, they may
obtain a certification from the investigative agency conducting the
investigation, or the Attorney General of the United States or designee
thereof. Such certification shall
(a) identify the law enforcement agency or other authority conducting the
interception and the person providing the certification; (b) certify that
necessary legal authorization has been obtained to conduct electronic
surveillance regarding these communications; (c) specify the termination
date of the period for which interception has been authorized; (d) identify
by docket number or other suitable method of specification the source of
the authorization; (e) certify that communications covered by that
authorization are being encrypted with a key-escrow encryption method; (f)
specify the identifier (ID) number of the key escrow encryption chip
providing such encryption; and(g) specify the serial (ID) number of the
key-escrow decryption device that will be used by the law enforcement
agency or other authority for decryption of the intercepted communications.
4) The agency conducting the interception shall submit this
certification to each of the designated key component escrow agents. If the
certification has been provided by an investigative agency, as soon
thereafter as practicable, an attorney associated with the United States
Attorney's Office supervising the investigation shall provide each of the
key component escrow agents with written confirmation of the certification.
5) Upon receiving the certification from the requesting investigative
agency, each key component escrow agent shall release the necessary key
component to the requesting agency. The key components shall be provided
in a manner that assures they cannot be used other than in conjunction with
the lawfully authorized electronic surveillance for which they were
requested.
6) Each of the key component escrow agents shall retain a copy of the
certification of the requesting agency, as well as the subsequent
confirmation of the United States Attorney's office. In addition, the
requesting agency shall retain a copy of the certification and provide
copies to the following:
(a) the United States Attorney's office supervising the investigation, and
(b) the Department of Justice, Office of Enforcement operations .
7) Upon, or prior to, completion of the electronic surveillance phase of
the investigation, the ability of the requesting agency to decrypt
intercepted communications shall terminate, and the requesting agency may
not retain the key components.
These procedures do not create, and are not intended to create, any
substantive rights for individuals intercepted through electronic
surveillance, and noncompliance with these procedures shall not provide the
basis for any motion to suppress or other objection to the introduction of
electronic surveillance evidence lawfully acquired.
AUTHORIZATION PROCEDURES FOR RELEASE OF ENCRYPTION KEY
COMPONENTS IN CONJUNCTION WITH INTERCEPTS PURSUANT TO FISA
The following are the procedures for the release of escrowed key
components in conjunction with lawfully authorized interception of
communications encrypted with a key-escrow encryption method. These
procedures cover all electronic surveillance conducted pursuant to the
Foreign Intelligence Surveillance Act (FISA), Pub. L. 9S-511, which appears
at Title 50, U.S. Code, Section 1801 et seq.
1) In each case there shall be a legal authorization for the
interception of wire and/or electronic communications.
2) In the event that federal authorities discover during the course of
any lawfully authorized interception that communications encrypted with a
key-escrow encryption method are being utilized, they may obtain a
certification from an agency authorized to participate in the conduct of
the interception, or from the Attorney General of the United States or
designee thereof. Such certification shall
(a) identify the agency participating in the conduct of the interception
and the person providing the certification; (b) certify that necessary
legal authorization has been obtained to conduct electronic surveillance
regarding these communications; (c) specify the termination date of the
period for which interception has been authorized; (d) identify by docket
number or other suitable method of specification the source of the
authorization; (e) certify that communications covered by that
authorization are being encrypted with a key-escrow encryption method; (f)
specify the identifier (ID) number of the key escrow encryption chip
providing such encryption; and(g) specify the serial (ID) number of the
key-escrow decryption device that will be used by the agency participating
in the conduct of the interception for decryption of the intercepted
communications.
4) This certification shall be submitted to each of the designated key
component escrow agents. If the certification has been provided by an
agency authorized to participate in the conduct of the interception, as
soon thereafter as practicable, an attorney associated with the Department
of Justice, office of Intelligence Policy and Review, shall provide each of
the key component escrow agents with written confirmation of the
certification.
5) Upon receiving the certification, each key component escrow agent
shall release the necessary key component to the agency participating in
the conduct of the interception. The key components shall be provided in a
manner that assures they cannot be used other than in conjunction with the
lawfully authorized electronic surveillance for which they were requested.
6) Each of the key component escrow agents shall retain a copy of the
certification, as well as the subsequent written confirmation of the
Department of Justice, Office of Intelligence Policy and Review.
7) Upon, or prior to, completion of the electronic surveillance phase
of the investigation, the ability of the agency participating in the
conduct of the interception to decrypt intercepted communications shall
terminate, and such agency may not retain the key components.
These procedures do not create, and are not intended to create, any
substantive rights for individuals intercepted through electronic
surveillance, and noncompliance with these procedures shall not provide the
basis for any motion to suppress or other objection to the introduction of
electronic surveillance evidence lawfully acquired.
AUTHORIZATION PROCEDURES FOR RELEASE OF ENCRYPTION KEY
COMPONENTS IN CONJUCTION WITH INTERCEPTS PURSUANT TO STATE
STATUTES
Key component escrow agents may only release escrowed key components to
law enforcement or prosecutorial authorities for use in conjunction with
lawfully authorized interception of communications encrypted with a key
escrow encryption method. These procedures apply to the release of key
components to State and local law enforcement or prosecutorial authorities
for use in conjunction with interceptions conducted pursuant to relevant
State statutes authorizing electronic surveillance, and Title III of the
omnibus Crime Control and Safe Streets Act of 1968, as amended, Title 18,
United States Code, Section 2510 et seq.
1) The State or local law enforcement or prosecutorial authority must
be conducting an interception of wire and/or electronic communications
pursuant to lawful authorization.
2) Requests for release of escrowed key components must be submitted
to the key component escrow agents by the principal prosecuting attorney of
the State, or of a political subdivision thereof, responsible for the
lawfully authorized electronic surveillance.
3) The principal prosecuting attorney of such State or political
subdivision of such State shall submit with the request for escrowed key
components a certification that shall
(a) identify the law enforcement agency or other authority conducting the
interception and the prosecuting attorney responsible therefore; (b)
certify that necessary legal authorization for interception has been
obtained to conduct electronic surveillance regarding these communications;
(c) specify the termination date of the period for which interception has
been authorized (d) identify by docket number or other suitable method of
specification the source of the authorization; (e) certify that
communications covered by that authorization are being encrypted with a
key-escrow encryption method; (f) specify the identifier (ID) number of the
key escrow chip providing such encryption; and (g) specify the serial (ID)
number of the key-escrow decryption device that will be used by the law
enforcement agency or other authority for decryption the intercepted
communications.
4) Such certification must be submitted by the principal prosecuting
attorney of that State or political subdivision to each of the designated
key component escrow agents.
5) Upon receiving the certification from the principal prosecuting
attorney of the State or political subdivision, each key component escrow
agent shall release the necessary key component to the intercepting State
or local law enforcement agency or other authority. The key components
shall be provided in a manner that assures they cannot be used other than
in conjunction with the lawfully authorized electronic surveillance for
which they were requested.
6) Each of the key component escrow agents shall retain a copy of the
certification of the principal prosecuting attorney of the State or
political subdivision. In addition, such prosecuting attorney shall provide
a copy of the certification to the Department of Justice.
7) The U.S. Department of Justice may, to assure conformance with
these procedures, make inquiry of the certifying prosecuting attorney
regarding, inter alia, the genuineness of the certification and
confirmation of the existence of lawful authorization to conduct the
relevant electronic surveillance. The inquiry of the U.S. Department of
Justice will not involve intrusion into matters that must, under relevant
statute, be kept from public disclosure.
8) Upon, or prior to, completion of the electronic surveillance phase of
the investigation, the ability of the intercepting law enforcement agency
or other authority to decrypt intercepted communications shall terminate,
and the intercepting law enforcement agency or other authority may not
retain the key components.
These procedures do not create, and are not intended to create, any
substantive rights for individuals intercepted through electronic
surveillance, and noncompliance with these procedures shall not provide the
basis for any motion to suppress or other objection to the introduction of
electronic surveillance evidence lawfully acquired.
*****************************
A Plain Text on Crypto Policy
*****************************
For the October, 1993 Electronic Frontier column
in Communications of the ACM
by
John Perry Barlow
The field of cryptography, for centuries accustomed to hermetic isolation
within a culture as obscure as its own puzzles, is going public. People who
thought algorithms were maybe something you needed to dig rap music are
suddenly taking an active interest in the black arts of crypto.
We have the FBI and NSA to thank for this. The FBI was first to arouse
public concerns about the future of digital privacy with its injection of
language year before last into a major Senate anti-crime bill (SB 266)
which would have registered the congressional intent that all providers of
digitized communications should provide law enforcement with analog access
to voice and data transmissions of their subscribers.
When this was quietly yanked in committee, they returned with a proposed
bill called Digital Telephony. If passed, it would have essentially called
a halt to most American progress in telecommunications until they could be
assured of their continued ability to wiretap. Strange but true.
They were never able to find anyone in Congress technologically backward
enough to introduce this oddity for them, but they did elevate public
awareness of the issues considerably.
The National Security Agency, for all its (unknown but huge) budget, staff,
and MIPS, has about as much real world political experience as the Order of
Trappists and has demonstrated in its management of cryptology export
policies the maddening counter-productivity that is the usual companion of
inexperience.
The joint bunglings of these two agencies were starting to infuriate a lot
of people and institutions who are rarely troubled by Large Governmental
Foolishness in the Service of Paranoia. Along with all the usual paranoids,
of course.
Then from the NSA's caverns in Fort Meade, Maryland there slouched a chip
called Clipper.
For those of you who just tuned in (or who tuned out early), the Clipper
Chip...now called Skipjack owing to a trademark conflict...is a hardware
encryption device that NSA designed under Reagan-Bush. In April it was
unveiled by the Clinton Administration and proposed for both governmental
and public use. Installed in phones or other telecommunications tools, it
would turn any conversation into gibberish for all but the speaker and his
intended listener, using a secret military algorithm.
Clipper/Skipjack is unique, and controversial, in that it also allows the
agents of government to listen under certain circumstances. Each chip
contains a key that is split into two parts immediately following
manufacture. Each half is then placed in the custody of some trusted
institution or "escrow agent."
If, at some subsequent time, some government agency desires to legally
listen in on the owner of the communications device in which the chip has
been placed, it would present evidence of "lawful authority" to the escrow
holders. They will reveal the key pairs, the agency will join them, and
begin listening to the subject's unencrypted conversations.
(Apparently there are other agencies besides law enforcement who can
legally listen to electronic communications. The government has evaded
questions about exactly who will have access to these keys, or for that
matter, what, besides an judicial warrant, constitutes the "lawful
authority" to which they continually refer.)
Clipper/Skipjack was not well received. The blizzard of anguished ASCII it
summoned forth on the Net has been so endlessly voluble and so painstaking
in its "How-many-Cray-Years-can-dance-on-the-head-of-a-Clipper-Chip"
technical detail that I would guess all but the real cypherpunks are by now
data-shocked into listlessness and confusion.
Indeed, I suspect that even many readers of this publication...a group with
prodigious capacity for assimilating the arid and obscure...are starting to
long for the days when their knowledge of cryptography and the public
policies surrounding it was limited enough to be coherent.
So I almost hesitate to bring the subject up. Yet somewhere amid this
racket, decisions are being made that will profoundly affect your future
ability to communicate without fear. Those who would sacrifice your liberty
for their illusions of public safety are being afforded some refuge by the
very din of opposition.
In the hope of restoring both light and heat to the debate, I'm going to
summarize previous episodes, state a few conclusions I've drawn about the
current techno-political terrain, and recommend positions you might
When I first heard about Clipper/Skipjack, I thought it might not be such a
bad idea. This false conclusion was partly due to the reality distorting
character of the location...I was about fifty feet away from the Oval
Office at the time...but it also seemed like one plausible approach to what
may be the bright future of crime in the Virtual Age.
I mean, I can see what the Guardian Class is worried about. The greater
part of business is already being transacted in Cyberspace. Most of the
money is there. At the moment, however, most of the monetary bits in there
are being accounted for. Accounting is digital, but cash is not.
It is imaginable that, with the widespread use of digital cash and
encrypted monetary exchange on the Global Net, economies the size of
America's could appear as nothing but oceans of alphabet soup. Money
laundering would no longer be necessary. The payment of taxes might
become more or less voluntary. A lot of weird things would happen after
that...
I'm pretty comfortable with chaos, but this is not a future I greet without
reservation.
So, while I'm not entirely persuaded that we need to give up our future
privacy to protect ourselves from drug dealers, terrorists, child
molesters, and un-named military opponents (the Four Horsemen of Fear
customarily invoked by our protectors), I can imagine bogeymen whose
traffic I'd want visible to authority.
Trouble is, the more one learns about Clipper/Skipjack, the less persuaded
he is that it would do much to bring many actual Bad Guys under scrutiny.
As proposed, it would be a voluntary standard, spread mainly by the market
forces that would arise after the government bought a few tons of these
chips for their own "sensitive but unclassified" communications systems. No
one would be driven to use it by anything but convenience. In fact, no one
with any brains would use it if he were trying to get away with anything.
In fact, the man who claims to have designed Clipper's basic specs, Acting
NIST Director Ray Kammer, recently said, "It's obvious that anyone who
uses Clipper for the conduct of organized crime is dumb." No kidding. At
least so long as it's voluntary.
Under sober review, there mounted an incredibly long list of reasons to
think Clipper/Skipjack might not be a fully-baked idea. In May, after a
month of study, the Digital Privacy and Security Working Group, a coalition
of some 40 companies and organizations chaired by the Electronic Frontier
Foundation (EFF), sent the White House 118 extremely tough questions
regarding Clipper, any five of which should have been sufficient to put the
kibosh on it.
The members of this group were not a bunch of hysterics. It includes DEC,
Hewlett-Packard, IBM, Sun, MCI, Microsoft, Apple, and AT&T (which was
also, interestingly enough, the first company to commit to putting
Clipper/Skipjack in its own products).
Among the more troubling of their questions:
o Who would the escrow agents be?
o What are Clipper's likely economic impacts, especially in regard to
export of American digital products?
o Why is its encryption algorithm secret and why should the public
have confidence in a government-derived algorithm that can't be privately
tested?
o Why is Clipper/Skipjack being ram-rodded into adoption as a
government standard before completion of an over-all review of U.S.
policies on cryptography?
o Why are the NSA, FBI, and NIST stone-walling Freedom of Information
inquiries about Clipper/Skipjack? (In fact, NSA's response has been,
essentially, "So? Sue us.")
o Assuming Clipper/Skipjack becomes a standard, what happens if the
escrow depositories are compromised?
o Wouldn't these depositories also become targets of opportunity for
any criminal or terrorist organization that wanted to disrupt US. law
enforcement?
o Since the chip transmits its serial number at the beginning of each
connection, why wouldn't it render its owner's activities highly visible
through traffic analysis (for which government needs no warrant)?
o Why would a foreign customer buy a device that exposed his
conversations to examination by the government of the United States?
o Does the deployment and use of the chip possibly violate the 1st,
4th, and 5th Amendments to the U.S. Constitution?
o In its discussions of Clipper/Skipjack, the government often uses
the phrase "lawfully authorized electronic surveillance." What, exactly, do
they mean by this?
o Is it appropriate to insert classified technology into either the
public communications network or into the general suite of public
technology standards?
And so on and so forth. As I say, it was a very long list. On July 29,
John D. Podesta, Assistant to the President and White House Staff Secretary
(and, interestingly enough, a former legal consultant to EFF and Co-Chair
of the Digital Privacy Working Group), responded to these questions. He
actually answered few of them.
Still un-named, undescribed, and increasingly unimaginable were the escrow
agents. Questions about the inviolability of the depositories were met with
something like, "Don't worry, they'll be secure. Trust us."
There seemed a lot of that in Podesta's responses. While the government had
convened a panel of learned cryptologists to examine the classified
Skipjack algorithm, it had failed to inspire much confidence among the
crypto establishment, most of whom were still disinclined to trust anything
they couldn't whack at themselves. At the least, most people felt a proper
examination would take longer than the month or so the panel got. After
all, it took fifteen years to find a hairline fissure in DES .
But neither Podesta nor any other official explained why it had seemed
necessary to use a classified military algorithm for civilian purposes. Nor
were the potential economic impacts addressed. Nor were the concerns about
traffic analysis laid to rest.
But as Thomas Pynchon once wrote, "If they can get you asking the wrong
questions, they don't have to worry about the answers." Neither asked nor
answered in all of this was the one question that kept coming back to me:
Was this trip really necessary?
For all the debate over the details, few on either side seemed to be
approaching the matter from first principles. Were the enshrined
threats...drug dealers, terrorists, child molesters, and foreign
enemies...sufficiently and presently imperiling to justify fundamentally
compromising all future transmitted privacy?
I mean...speaking personally now...it seems to me that America's greatest
health risks derive from the drugs that are legal, a position the
statistics overwhelmingly support. And then there's terrorism, to which we
lost a total of two Americans in 1992, even with the World Trade Center
bombing, only 6 in 1993. I honestly can't imagine an organized ring of
child molesters, but I suppose one or two might be out there. And the last
time we got into a shooting match with another nation, we beat them by a
kill ratio of about 2300 to 1.
Even if these are real threats, was enhanced wire-tap the best way to
combat them? Apparently, it hasn't been in the past. Over the last ten
years the average total nation-wide number of admissible state and federal
wire-taps has numbered less than 800. Wire-tap is not at present a major
enforcement tool, and is far less efficient than the informants, witnesses,
physical evidence, and good old fashioned detective work they usually rely
on.
(It's worth noting that the World Trade Center bombing case unraveled, not
through wire-taps, but with the discovery of the axle serial number on the
van which held the explosives.)
Despite all these questions, both unasked and unanswered, Clipper continues
(at the time of this writing) to sail briskly toward standardhood, the full
wind of government bearing her along.
On July 30, NIST issued a request for public comments on its proposal to
establish Clipper/Skipjack as a Federal Information Processing Standard
(FIPS). All comments are due by September 28, and the government seems
unwilling to delay the process despite the lack of an overall guiding
policy on crypto. Worse, they are putting a hard sell on Clipper/Skipjack
without a clue as to who might be escrow holders upon whose political
acceptability the entire scheme hinges.
Nor have they addressed the central question: why would a criminal use a
key escrow device unless he were either very stupid...in which case he'd be
easily caught anyway...or simply had no choice.
All this leads me to an uncharacteristically paranoid conclusion:
The Government May Mandate Key Escrow Encryption and Outlaw Other
Forms.
It is increasingly hard for me to imagine any other purpose for the
Clipper/Skipjack operetta if not to prepare the way for the restriction of
all private cryptographic uses to a key escrow system. If I were going to
move the American people into a condition where they might accept
restrictions on their encryption, I would first engineer the wide-spread
deployment of a key escrow system on a voluntary basis, wait for some
blind sheik to slip a bomb plot around it and then say, "Sorry, folks this ain't
enough, it's got to be universal."
Otherwise, why bother? Even its most ardent proponents admit that no
intelligent criminal would trust his communications to a key escrow device.
On the other hand, if nearly all encrypted traffic were Skipjack-flavored,
any transmission encoded by some other algorithm would stick out like a
licorice Dot.
In fact, the assumption that Cyberspace will roar one day with Skipjack
babble lies behind the stated reason for the secrecy for the algorithm. In
their Interim Report, the Skipjack review panel puts it this way:
Disclosure of the algorithm would permit the construction of devices that
fail to properly implement the LEAF [or Law Enforcement Access Field],
while still interoperating with legitimate SKIPJACK devices. Such devices
would provide high quality cryptographic security without preserving the
law enforcement access capability that distinguishes this cryptographic
initiative.
In other words, they don't want devices or software out there that might
use the Skipjack algorithm without depositing a key with the escrow
holders. (By the way, this claim is open to question. Publishing Skipjack
would not necessarily endow anyone with the ability to build an
interoperable chip.)
Then there was the conversation I had with a highly-placed official of the
National Security Council in which he mused that the French had, after all,
outlawed the private use of cryptography, so it weren't as though it
couldn't be done. (He didn't suggest that we should also emulate France's
policy of conducting espionage on other countries' industries, though
wide-spread international use of Clipper/Skipjack would certainly enhance
our ability to do so.)
Be that as it may, France doesn't have a Bill of Rights to violate, which
it seems to me that restriction of cryptography in America would do on
several counts.
Mandated encryption standards would fly against the First Amendment,
which surely protects the manner of our speech as clearly as it protects the
content. Whole languages (most of them patois) have arisen on this planet
for the purpose of making the speaker unintelligible to authority. I know
of no instance where, even in the oppressive colonies where such languages
were formed, that the slave-owners banned their use.
Furthermore, the encryption software itself is written expression, upon
which no ban may be constitutionally imposed. (What, you might ask then,
about the constitutionality of restrictions on algorithm export. I'd say
they're being allowed only because no one ever got around to testing from
that angle.)
The First Amendment also protects freedom of association. On several
different occasions, most notably NAACP v. Alabama ex rel. Patterson and
Talley vs. California, the courts have ruled that requiring the disclosure
of either an organization's membership or the identity of an individual
could lead to reprisals, thereby suppressing both association and speech.
Certainly in a place like Cyberspace where everyone is so generally
"visible," no truly private "assembly" can take place without some
technical means of hiding the participants.
It also looks to me as if the forced imposition of a key escrow system
might violate the Fourth and Fifth Amendments.
The Fourth Amendment prohibits secret searches. Even with a warrant,
agents of the government must announce themselves before entering and
may not seize property without informing the owner. Wire-taps inhabit a
gray-ish area of the law in that they permit the secret "seizure" of an actual
conversation by those actively eavesdropping on it. The law does not permit
the subsequent secret seizure of a record of that conversation. Given the
nature of electronic communications, an encryption key opens not only the
phone line but the filing cabinet.
Finally, the Fifth Amendment protects individuals from being forced to
reveal self-incriminating evidence. While no court has ever ruled on the
matter vis a vis encryption keys, there seems something involuntarily
self-incriminating about being forced to give up your secrets in advance.
Which is, essentially, what mandatory key escrow would require you to do.
For all these protections, I keep thinking it would be nice to have a
constitution like the one just adopted by our largest possible enemy,
Russia. As I understand it, this document explicitly forbids governmental
restrictions on the use of cryptography.
For the moment, we have to take our comfort in the fact that our
government...or at least the parts of it that state their
intentions...avows both publicly and privately that it has no intention to
impose key escrow cryptography as a mandatory standard. It would be, to
use Podesta's mild word, "imprudent."
But it's not Podesta or anyone else in the current White House who worries
me. Despite their claims to the contrary, I'm not convinced they like
Clipper any better than I do. In fact, one of them...not Podesta...called
Clipper "our Bay of Pigs," referring to the ill-fated Cuban invasion cooked
up by the CIA under Eisenhower and executed (badly) by a reluctant
Kennedy Administration. The comparison may not be invidious.
It's the people I can't see who worry me. These are the people who actually
developed Clipper/Skipjack and its classified algorithm, the people who,
through export controls, have kept American cryptography largely to
themselves, the people who are establishing in secret what the public can
or cannot employ to protect its own secrets. They are invisible and silent
to all the citizens they purportedly serve save those who sit the
Congressional intelligence committees.
In secret, they are making for us what may be the most important choice
that has ever faced American democracy, that is, whether our descendants
will lead their private lives with unprecedented mobility and safety from
coercion, or whether every move they make, geographic, economic, or
amorous, will be visible to anyone who possesses whatever may then
constitute "lawful authority."
Who Are the Lawful Authorities?
Over a year ago, when I first fell down the rabbit hole into Cryptoland, I
wrote a Communications column called Decrypting the Puzzle Palace. In it, I
advanced what I then thought a slightly paranoid thesis, suggesting that
the NSA-guided embargoes on robust encryption software had been driven
not by their stated justification (keeping good cryptography out of the
possession of foreign military adversaries) but rather restricting its use
by domestic civilians.
In the course of writing that piece, I spoke to a number of officials,
including former CIA Director Stansfield Turner and former NSA Director
Bobby Ray Inman, who assured me that using a military organization to
shape domestic policy would be "injudicious" (as Turner put it), but no one
could think of any law or regulation that might specifically prohibit the NSA
from serving the goals of the Department of Justice.
But since then I've learned a lot about the hazy Post-Reagan/Bush lines
between law enforcement and intelligence. They started redrawing the map
of authority early in their administration with Executive Order 12333, issued
on December 4, 1981. (Federal Register #: 46 FR 59941)
This sweeping decree defines the duties and limitations of the various
intelligence organizations of the United States and contains the following
language:
1.4 The Intelligence Community. The agencies within the Intelligence
Community shall...conduct intelligence activities necessary for the...
protection of the national security of the United States, including:
...
(c) Collection of information concerning, and the conduct of activities to
protect against, intelligence activities directed against the United
States, international terrorist and international narcotics activities, and
other hostile activities directed against the United States by foreign
powers, organizations, persons, and their agents; (Italics Added)
Further, in Section 2.6, Assistance to Law Enforcement Authorities,
agencies within the Intelligence Community are
authorized to...participate in law enforcement activities to investigate or
prevent clandestine intelligence activities by foreign powers, or
international terrorist or narcotics activities.
In other words, the intelligence community was specifically charged with
investigative responsibility for international criminal activities in the
areas of drugs and terrorism.
Furthermore, within certain fairly loose guidelines, intelligence
organizations are "authorized to collect, retain or disseminate information
concerning United States persons" that may include "incidentally obtained
information that may indicate involvement in activities that may violate
federal, state, local or foreign laws."
Given that the NSA monitors a significant portion of all the electronic
communications between the United States and other countries, the
opportunities for "incidentally obtaining" information that might
incriminate Americans inside America are great.
Furthermore, over the course of the Reagan/Bush administration, the job of
fighting the War on Some Drugs gradually spread to every element of the
Executive Branch.
Even the Department of Energy is now involved. At an Intelligence
Community conference last winter I heard a proud speech from a DOE official
in which he talked about how some of the bomb-designing supercomputers
at Los Alamos had been turned to the peaceful purpose of sifting through
huge piles of openly available data...newspapers, courthouse records, etc....in
search of patterns that would expose drug users and traffickers. They are
selling their results to a variety of "lawful authorities," ranging from the
Southern Command of the U.S. Army to the Panamanian Defense Forces to
various County Sheriff's Departments.
"Fine," you might say, "Drug use is a epidemic that merits any cure." But I
would be surprised if there's anyone who will read this sentence who has
broken no laws whatever. And it's anybody's guess what evidence of other
unlawful activities might be "incidentally obtained" by such a wide net as
DOE is flinging.
The central focus that drugs and terrorism have assumed within the
intelligence agencies was underscored for me by a recent tour of the
central operations room at the CIA. There, in the nerve center of American
intelligence, were desks for Asia, Europe, North America, Africa and
"Middle East/Terrorism," and "South America/Narcotics." These bogeymen
are now the size of continents on the governmental map of peril.
Given this perception of its duties, the NSA's strict opposition to the
export of strong cryptographic engines, hard or soft, starts to make more
sense. They are not, as I'd feared, so clue-impaired as to think their
embargoes are denying any other nation access to good cryptography.
(According to an internal Department of Defense analysis of crypto policy,
it recently took 3 minutes and 14 seconds to locate a source code version
of DES on the Internet.)
Nor do they really believe these policies are enhancing national security
in the traditional, military sense of the word, where the U.S. is, in any
case, already absurdly over-matched to any national adversary, as was
proven during the Gulf War.
It's the enemies they can't bomb who have them worried, and they are
certainly correct in thinking that the communications of drug traffickers
and whatever few terrorists as may actually exist are more open to their
perusal than would be the case in a world where even your grandmother's
phone conversations were encrypted.
And Clipper or no Clipper, such a world would be closer at hand if
manufacturers hadn't known than any device that embodies good encryption
would not be fit for export.
But with Clipper/Skipjack, there is a lot that the combined forces of
government will be able to do to monitor all aspects of your behavior
without getting a warrant. Between the monitoring capacities of the NSA,
the great data-sieves of the Department of Energy, and the fact that, in
use, each chip would continually broadcast the whereabouts of its owner,
the government would soon be able to isolate just about every perpetrator
among us.
I assume you're neither a drug-user nor a terrorist, but are you ready for
this? Is your nose that clean? Can it be prudent to give the government
this kind of corrupting power?
I don't think so, but this is what will happen if we continue to allow the
secret elements of government to shape domestic policy as though the only
American goals that mattered were stopping terrorism (which seems pretty
well stopped already) and winning the War on Some Drugs (which no
amount of force will ever completely win).
Unfortunately, we are not able to discuss priorities with the people who
are setting them, nor do they seem particularly amenable to any form of
authority. In a recent discussion with a White House official, I asked for
his help in getting the NSA to come out of its bunker and engage in direct
and open discussions about crypto embargoes, key escrow, the Skipjack
algorithm, and the other matters of public interest.
"I'll see what we can do," he said.
"But you guys are the government," I protested. "Surely they'll do as you
tell them."
"I'll see what we can do," he repeated, offering little optimism.
That was months ago. In the meantime, the NSA has not only remained
utterly unforthcoming in public discussions of crypto policy, they have
unlawfully refused to comply with any Freedom of Information Act requests
for documents in this area.
It is time for the public to reassert control over their own government. It
is time to demand that public policy be made in public by officials with
names, faces, and personal accountability.
When and if we are able to actually discuss crypto policy with the people
who are setting it, I have a list of objectives that I hope many of you
will share. There are as follows:
1. There should no law restricting any use of cryptography by private
citizens.
2. There should be no restriction on the export of cryptographic
algorithms or any other instruments of cryptography.
3. Secret agencies should not be allowed to drive public policies.
4. The taxpayer's investment in encryption technology and related
mathematical research should be made available for public and scientific
use.
5. The government should encourage the deployment of wide-spread
encryption.
6. While key escrow systems may have purposes, none should be
implemented that places the keys in the hands of government.
7. Any encryption standard to be implemented by the government should
developed in an open and public fashion and should not employ a secret
algorithm.
And last, or perhaps, first...
8. There should be no broadening of governmental access to private
communications and records unless there is a public consensus that the
risks to safety outweigh the risks to liberty and will be effectively
addressed by these means.
If you support these principles, or even if you don't, I hope you will
participate in making this a public process. And there are a number of
actions you can take in that regard.
The National Institute of Standards and Technology (NIST) has issued a
request for public comments on its proposal to establish the "Skipjack"
key-escrow system as a Federal Information Processing Standard. You've
got until September 28 to tell them what you think of that. Comments on the
NIST proposal should be sent to:
Director, Computer Systems Laboratory
ATTN: Proposed FIPS for Escrowed Encryption Standard
Technology Building, Room B-154
National Institute of Standards and Technology
Gaithersburg, MD 20899
If you belong to or work for an organization, you can encourage that
organization to join the Digital Privacy Working Group. To do so they
should contact EFF's Washington office at:
Electronic Frontier Foundation
1001 G Street, NW
Suite 950 East
Washington, DC 20001
202/347-5400
Fax 202/393-5509
eff@eff.org
I also encourage individuals interested in these issues to either join EFF,
Computer Professionals for Social Responsibility, or one of the related
local organizations which have sprung up around the country. For the
addresses of a group in your area, contact EFF.
New York City, New York
Monday, September 6, 1993
***************************
Crypto Conference in Austin
***************************
EFF / EFF-Austin Cryptography Conference
September 22, 1993 - Ramada Inn North, Austin
9220 N. IH-35 at Rundberg
Introductory Remarks: 1 to 1:30 p.m.
Steve Jackson - Welcome.
Bruce Sterling - Keynote Address.
Panel #1: 1:45 to 3:00. POLICY.
Mitch Kapor
Jerry Berman
Dave Farber
Panel #2: 3:15 to 4:30. LAW ENFORCEMENT.
Esther Dyson
Mike Godwin
FBI Representative (invited but not confirmed)
(Possibly others tba)
Panel #3: 4:45 to 6:00. CYPHERPUNKS.
John Perry Barlow
Eric Hughes
John Gilmore
(Possibly others tba)
Dinner Break: 6 to 8 p.m. Everyone is on their own. The hotel
restaurant will offer a buffet, or you can order from the
menu, or there is other good dining nearby.
Reception: 8-10 p.m. - cash bar, everyone is invited.
*****************************
Virginians Against Censorship
*****************************
P.O. BOX 64608 - VIRGINIA BEACH, VA 23467 (804) 499-3303
In a revolution as significant as that of the printing press, computers are
changing the way we communicate and store knowledge. Gutenberg's
invention led to our Constitutional protection of Freedom of the Press. Will
this protection be extended to speech in the form of electrons?
In order to give citizens an opportunity to examine the issues, Virginians
Against Censorship will hold a free informational program, The First
Amendment in Cyberspace, on Thursday, September 30, 1993, at 7:00pm in
meeting room B of the Virginia Beach Central Library, 4100 Virginia Beach
Blvd.
Everyone is invited to hear Shari Steele, Director of Legal Services for
the Electronic Frontier Foundation describe threats to civil liberties in
cyberspace: seizure of a publishing company's computers because an
employee was suspected of hacking; seizure and erasure of email messages
from and to people who were suspected of nothing at all; arrest and trial
of a teenage electronic magazine publisher because information in an
article had originally been hacked; refusal of the government to permit
development of encryption software that would allow individual citizens to
protect their privacy. Law enforcement excesses don't mean there's no need
for law on the electronic frontier, but that law must be created and
monitored by informed citizens.
To register for this program, call 804/431-3071 between 9:00am and
5:00pm.
For more information, call Carolyn Caywood at 804/460-7518.
Internet: ccaywood@wyvern.wyvern.com
=============================================================
EFFector Online is published biweekly by:
Electronic Frontier Foundation
1001 G Street, N.W., Suite 950 East
Washington, DC 20001 USA
Phone: +1 202 347 5400 FAX: +1 202 393 5509
Internet Address: eff@eff.org
Coordination, production and shipping by Shari Steele,
Director of Legal Services & Community Outreach (ssteele@eff.org)
Reproduction of this publication in electronic media is encouraged. Signed
articles do not necessarily represent the view of the EFF. To reproduce
signed articles individually, please contact the authors for their express
permission.
*This newsletter is printed on 100% recycled electrons.*
=============================================================
MEMBERSHIP IN THE ELECTRONIC FRONTIER FOUNDATION
In order to continue the work already begun and to expand our efforts and
activities into other realms of the electronic frontier, we need the
financial support of individuals and organizations.
If you support our goals and our work, you can show that support by
becoming a member now. Members receive our bi-weekly electronic
newsletter, EFFector Online (if you have an electronic address that can be reached through the Net), and special releases and other notices on our activities. But because we believe that support should be freely given, you can receive these things even if you do not elect to become a member.
Your membership/donation is fully tax deductible.
Our memberships are $20.00 per year for students and $40.00 per year for
regular members. You may, of course, donate more if you wish.
=============================================================
Mail to:
Membership Coordinator
Electronic Frontier Foundation
1001 G Street, N.W.
Suite 950 East
Washington, DC 20001 USA
Membership rates:
$20.00 (student or low income membership)
$40.00 (regular membership)
[ ] I wish to become a member of the EFF. I enclose: $_______
[ ] I wish to renew my membership in the EFF. I enclose: $_______
[ ] I enclose an additional donation of $_______
Name:
Organization:
Address:
City or Town:
State: Zip: Phone: ( ) (optional)
FAX: ( ) (optional)
E-mail address:
I enclose a check [ ].
Please charge my membership in the amount of $
to my Mastercard [ ] Visa [ ] American Express [ ]
Number:
Expiration date:
Signature: ______________________________________________
Date:
I hereby grant permission to the EFF to share my name with
other nonprofit groups from time to time as it deems
appropriate. Initials:______________________
******************************************************************
////////////// ////////////// //////////////
/// /// ///
/////// /////// ///////
/// /// ///
////////////// /// ///
******************************************************************
EFFector Online Volume 6 No. 2 10/1/1993 editors@eff.org
A Publication of the Electronic Frontier Foundation ISSN 1062-9424
-==--==--==-<>-==--==--==-
In This Issue:
***VERY IMPORTANT*** Critical Files to Remove from Your BBS
EFF to Defend Crypto Rights Legally
WIRE: Women's Information Resource & Exchange Opens Online Doors
Senator Kennedy Offers Info Online
EFF Welcomes Dan Brown, Stanton McCandlish, & Kathleen Zaffina
-==--==--==-<>-==--==--==-
************************************************************
***VERY IMPORTANT*** Critical Files to Remove from Your BBS
************************************************************
EFF has learned that the following graphic image files have been the
subject of a recent federal indictment alleging receipt and possession of
child pornography and transportation of obscene materials through
interstate commerce. ***EFF STRONGLY ADVISES ALL SYSOPS TO REMOVE THESE
FILES FROM THEIR ELECTRONIC BULLETIN BOARD SYSTEMS IMMEDIATELY IN ORDER TO
AVOID LEGAL REPERCUSSIONS.*** Please distribute this message widely and
quickly.
Alleged child pornography files:
PPO4@.GIF
FAMO3.GIF
CHERRYA.GIF
CHERRYB.GIF
CHERRYC.GIF
WC221501.GIF
LITSIS.GIF
MBON006.JPG
MBON007.JPG
DS-X-219.GIF
INOCNT.JPG
KID013.GIF
Alleged adult obscenity files:
ORGY6.ZIP (A DL FILE)
WC1C2332.GIF
BAMS-039.JPG
________________________________________
Shari Steele
Director of Legal Services
Electronic Frontier Foundation
1001 G Street, NW
Suite 950 East
Washington, DC 20001
202/347-5400 (voice), 202/393-5509 (fax)
ssteele@eff.org
***********************************
EFF to Defend Crypto Rights Legally
***********************************
Washington, D.C. -- The Electronic Frontier Foundation has committed
itself this week to legal defense efforts in response to what is
apparently a U.S. government campaign against the use and export of
cryptographic technology.
EFF's response to the anti-cryptography campaign, which has been directed
initially against the "Pretty Good Privacy" (PGP) encryption program
written by Phil Zimmermann, is three-fold:
o EFF and EFF board members will immediately contribute
funds to Phil Zimmermann's current legal expenses as they relate
to constitutional issues and will encourage others to make donations
for this legal effort.
o EFF will continue to vigorously investigate the facts of the PGP case,
and other cryptography-related cases that may arise, in order
to spotlight the constitutional issues raised by such cases.
o EFF is planning to launch in the near future a First Amendment
campaign aimed both at raising funds to support legal work on the
constitutional issues raised by these cases and at educating policymakers
and the general public about need to reform our outmoded export control laws.
The basic facts of the PGP case is as follows:
The Customs Bureau has interviewed Phil Zimmermann and others involved with
PGP. A San Jose grand jury subpoenaed documents relating to PGP from
ViaCrypt and Austin Code Works, two companies that intend to offer
commercial products related to PGP. The State Department has sent a letter
to Austin Code Works requiring them to register as an arms dealer, even if
they don't plan to export cryptography.
In light of these developments, the Electronic Frontier Foundation Board of
Directors met in Austin on Sept 22-23 to plan EFF's response.
EFF's Board of Directors believes that this case may involve fundamental
issues in the application of the U.S. Constitution to digital media. At
stake is the right to privacy, the right to public access to secure
cryptography, the right to publish digital writings, and the right to equal
protection under the law. We are resolved to take this matter very
seriously.
For this reason, EFF will undertake a vigorous investigation of the facts
in this and any other PGP related cases which might arise.
If the Grand Jury issues indictments that would, in the view of EFF,
threaten the future of digital liberty, we are prepared to assist in the case,
and any other cases that might have similar adverse effects. We are also
prepared to seek to amend the export laws to protect constitutional speech
and the right to disseminate and use encryption to protect the citizens'
right to privacy and to the security of their communications.
In the short run, EFF will assist Phil and others involved with PGP to find
criminal defense attorneys, explore ways to get any cases handled pro
bono publico, or for expenses only, and contribute funds to Phil and other
possible defendants for pre-indictment constitutional research, and we
encourage others to do the same. As of this announcement, several thousand
dollars have been pledged by EFF and EFF board members, including John
Gilmore, Mitchell Kapor and John Perry Barlow.
In the near future, EFF will launch a national campaign designed to provide
legal and financial support for cases or legislative efforts that would
promote the constitutionally guaranteed rights to develop, discuss, and
use cryptographic technology.
We urge you to help Phil Zimmermann in preparing his constitutional defense
by contacting Phil's lawyer, Philip Dubois (dubois@csn.org, +1 303 444 3885,
or 2305 Broadway, Boulder, CO 80304, USA). He is accepting legal defense
contributions relating directly to Phil's defense as an individual.
Board of Directors
Electronic Frontier Foundation
*****************************************************************
WIRE: Women's Information Resource & Exchange Opens Online Doors
*****************************************************************
-- 500 Founding Subscribers To Gain Access to New Information and
Conferencing System for Women --
SOUTH SAN FRANCISCO, Calif., October 1, 1993 -- Women's
Information Resource & Exchange (WIRE), the first international,
interactive computer network dedicated to women, today opened its
gateways to Founding Subscribers, defined as people actively interested
in building this electronic frontier community.
"More demographic balance in the online world is crucial," commented
Cliff Figallo, online communications coordinator of the Electronic
Frontier Foundation and former general manager of the WELL. "WIRE is
providing a vital information clearinghouse and an easy-to-use
networked meeting place for the half of our population that has, until
now, been vastly underrepresented and underserved in the online world.
By offering a safe and welcoming haven where women can assemble and
learn, WIRE will help seed the world network with net-savvy females and
bring the electronic community more in balance with Real World
demographics."
WIRE provides women with an easily accessed centralized source of
women-oriented information and conversation. For the first time,
individuals and organizations can quickly and easily access up-to-date
databases, discussions, alerts, abstracts, resources and experts on
health, politics, career, finance, technology, parenting, education,
lifestyle and many other issues of interest to women. Women and men
can log onto WIRE and discuss topics of interest with each other,
network to solve problems, instantly access information, keep in touch
with family and friends via email, and participate in newsgroups and
mailing lists from other systems on the Internet.
"We think WIRE will be a great new destination on the information
superhighway," explained Ellen Pack, co-founder and president of
WIRE. "There's a wealth of information for women to tap into -- health
studies, tips on starting a business or traveling alone, parenting
stories, legislative updates, funding sources, and discussions about
art and literature. WIRE is excited to bring resources and dialog
directly to people's home and office computers. WIRE is providing a
place for women around the world to get connected to what's happening
and to each other."
WIRE Founding Subscribers will be limited to 500 people who want
to be early influencers committed to actively developing the online
community. The Grand Opening for WIRE is scheduled for early 1994.
"We want to foster diversity," says Pack. "In Founding
Subscribers, we are looking for people with something to contribute,
personally, intellectually or through their involvements. While many
subscribers will already be familiar with computer conferencing, our
goal is to make it so easy to get around online that it's completely
unnecessary to be technologically sophisticated."
"WIRE's interface uses familiar desktop conventions with some nice
extensions -- a most refreshing alternative to the usual tangle of
Unixoid arcana," said Dr. Brenda Laurel, researcher at Interval
Research "The big news with WIRE, however, is the content -- the pump
is primed with topics and points of view that invite women-centered
discourse and community building. I'm looking forward to living with
WIRE. It seems like the right place to introduce my daughters (ages 5
and 8) to the wonderful world of networking, too."
USING WIRE IS EASY
The point-and-click, graphical user interface makes it especially
easy for people to find the information they want and reduces the
learning curve required to use the system. The graphical user
interface is currently available for Mac and Windows computers, with a
DOS version to be announced within a few months. A command line
interface is also currently available.
WIRE ENCOURAGES CALLS TO CUSTOMER SUPPORT
A friendly customer support team is available to users at no
charge. "Part of our mission is to introduce more women to computer
networking which involves friendly and consistent user support."said
Nancy Rhine, co-founder and development director of WIRE. "We want
people to ask questions! We even hold face-to-face workshops at our
offices to demo the how-tos of exploring the online world. At WIRE
there is no such thing as a 'stupid question'."
ACCESS TO THE VAST WORLD OF THE INTERNET
Currently, WIRE offers Internet email, mailing lists, UPI
Newswires, and Usenet newsgroups. Subscribers can telnet to WIRE using
either the vt-100 based command line interface or the Mac GUI
supporting color, sounds, and pictures.
"Along with all the really juicy information available on WIRE, we
want to encourage women to access other information resources out there
on the Internet. We are working towards providing the full range of
popular applications available via the Internet, including gopher,
WAIS, archie, ftp, and others", said Rhine. "WIRE will be rolling out
technical tools one-at-a-time, both to ensure technical quality and to
provide the appropriate customer support. We think focusing on quality
is the only proper way to keep up with the latest and greatest tools
available."
WIRE NETWORKS, INC.
WIRE is an international, interactive, computer network serving
the information and networking needs of women. WIRE's management and
support office is located in South San Francisco. WIRE's computer
hardware is located and supported around the clock by Pandora Systems
of San Francisco. WIRE is available today to founding subscribers at a
cost of $15/month which includes 2 free hours of online time,
additional hours cost $2.50/hour. For long distance users, access is
available thru SprintNet at an additional cost, which varies according
to time of day. WIRE is also available via telnet from a remote
Internet site. Discounts are available for groups. Gift certificates
are also available.
For more information contact WIRE at 415/615-8989 or send email to
info@wire.net.
Press contacts: Naomi Pearce (415/615-7914) or
Nancy Rhine (415/615-8989)
**********************************
Senator Kennedy Offers Info Online
**********************************
______________________________________________________________________________
from the office of
Senator Edward M. Kennedy
______________________________________________________________________________
FOR IMMEDIATE RELEASE CONTACT: PAM HUGHES
SEPTEMBER 14, 1993 202/224-2633
SENATOR KENNEDY IS FIRST TO OFFER DIRECT ACCESS TO CONSTITUENTS THROUGH
COMPUTER OUTREACH
Sen. Edward M. Kennedy is the first member of the U.S. Congress to offer
constituents direct access to his speeches, press releases and Senate
statements through their personal computers. In a pioneering experiment,
Kennedy began posting releases in May on computer bulletin boards for reading
by his Massachusetts constituents.
"Massachusetts citizens are among the most technologically sophisticated in
the nation," said Kennedy. "By communicating directly with my constituents
in their homes, schools, and workplaces, I hope to make my day-to-day work
in Washington more accessible to the people of Massachusetts. I invite
Massachusetts citizens to take advantage of this inno vation in electronic
democracy."
Kennedy's public statements are accessible on several computer bulletin
boards, as well as in two USENET news groups via the Internet. The bulletin
boards provide a cost-effective way for voters to directly access information
from Sen. Kennedy on various policy issues.
Readers of the Kennedy releases may provide the Senator with immediate
feedback on the issues by commenting via computer. While all comments will be
monitored, staff limitations will prohibit individual replies for the
foreseeable future. Constituents are encouraged to contact Kennedy's
Boston or Washington office by mail when a reply is desired.
Response during the summer experiment has been so positive that Kennedy's
office has expanded its reach of bulletin boards and is actively alerting the
general public about the availability of the Kennedy postings. Comments from
con stituents have included:
"I would like to thank you for making the effort to publish these press
releases on our bulletin board. It is admirable that you are sincerely making
an effort to get your opinions out into the public arena..."
"I'm all for our elected reps getting 'with it'."
"I recommend that everyone check out the Sen. Kennedy press release
conference..."
Senator Kennedy, who chairs the Senate Committee on Labor and Human Resources,
will play a major role in the Senate's consideration of President Clinton's
comprehensive health care proposal. The Labor Committee also has jurisdiction
over federal legislation involving jobs and education. Constituents
interested in these and other policy matters can read his electronic
postings to obtain up-to-date information.
North Shore Mac, a free bulletin board run by Jonathan Gourd in Beverly,
Massachusetts, provides the home location for the "Sen. Kennedy Releases"
conference. This board can be reached at 508/921-4716 and can be accessed
with standard telecommunications software, or in its graphical interface
via
Macintosh or Windows client software available for downloading on-line.
Visitors can sign-on with the User ID: visitor, Password: visitor.
On the Internet, releases can be found in the following USENET news groups:
ne.politics and talk.politics.misc
These releases are also available via anonymous FTP:
ftp ftp.ai.mit.edu, (login as) anonymous, cd incoming/Kennedy
Technical assistance and distribution to the Internet is provided as a public
service by the Intelligent Information Infrastructure Project, at the
Artificial Intelligence Laboratory, Massachusetts Institute of Technology.
*************************************************************
EFF Welcomes Dan Brown, Stanton McCandlish & Kathleen Zaffina
*************************************************************
Beginning this month, EFF welcomes three new additions to our staff.
Dan Brown will be EFF's new Systems Administrator. Recently, Dan has been
administering the system and providing technical support at Case Western in
Cleveland, Ohio. One of Dan's earliest tasks will be to relocate EFF's
cluster of SUN Sparkstations from Cambridge, MA, to Washington, DC. Dan
will then be responsible for administering our gopher, wais and ftp sites.
You can reach Dan at brown@eff.org.
Stanton McCandlish is starting as EFF's Online Activist. Stanton may be
familiar to many of you already, as he is a relatively outspoken member of
several popular mail lists. Stanton has just moved all of his belongings
to DC from Albuquerque, New Mexico, where he ran his own BBS. One of
Stanton's earliest tasks will be to set up an EFF BBS. Stanton will also
be taking over editorial responsibility for EFFector Online. You can reach
Stanton at mech@eff.org.
Kathleen Zaffina will be replacing Kirsten Erickson as EFF's Executive
Assistant. Kathleen has over 15 years of experience in similar positions,
most recently working at Amideast, a nonprofit organization in DC that
promotes understanding between people in the United States and Middle
Eastern countries. Kathleen will be responsible for making sure that EFF's
office runs smoothly, providing support to EFF staff and board. You can
reach Kathleen at kzaffina@eff.org.
=============================================================
EFFector Online is published biweekly by:
Electronic Frontier Foundation
1001 G Street, N.W., Suite 950 East
Washington, DC 20001 USA
Phone: +1 202 347 5400 FAX: +1 202 393 5509
Internet Address: eff@eff.org
Coordination, production and shipping by Shari Steele,
Director of Legal Services & Community Outreach (ssteele@eff.org)
Reproduction of this publication in electronic media is encouraged. Signed
articles do not necessarily represent the view of the EFF. To reproduce
signed articles individually, please contact the authors for their express
permission.
*This newsletter is printed on 100% recycled electrons.*
=============================================================
MEMBERSHIP IN THE ELECTRONIC FRONTIER FOUNDATION
In order to continue the work already begun and to expand our efforts and
activities into other realms of the electronic frontier, we need the
financial support of individuals and organizations.
If you support our goals and our work, you can show that support by
becoming a member now. Members receive our bi-weekly electronic newsletter,
EFFector Online (if you have an electronic address that can be reached
through the Net), and special releases and other notices on our activities.
But because we believe that support should be freely given, you can
receive these things even if you do not elect to become a member.
Your membership/donation is fully tax deductible.
Our memberships are $20.00 per year for students and $40.00 per year for
regular members. You may, of course, donate more if you wish.
=============================================================
Mail to:
Membership Coordinator
Electronic Frontier Foundation
1001 G Street, N.W.
Suite 950 East
Washington, DC 20001 USA
Membership rates:
$20.00 (student or low income membership)
$40.00 (regular membership)
[ ] I wish to become a member of the EFF. I enclose: $_______
[ ] I wish to renew my membership in the EFF. I enclose: $_______
[ ] I enclose an additional donation of $_______
Name:
Organization:
Address:
City or Town:
State: Zip: Phone: ( ) (optional)
FAX: ( ) (optional)
E-mail address:
I enclose a check [ ].
Please charge my membership in the amount of $
to my Mastercard [ ] Visa [ ] American Express [ ]
Number:
Expiration date:
Signature: ______________________________________________
Date:
I hereby grant permission to the EFF to share my name with
other nonprofit groups from time to time as it deems
appropriate. Initials:______________________
********************************************************************
////////////// ////////////// //////////////
/// /// ///
/////// /////// ///////
/// /// ///
////////////// /// ///
********************************************************************
EFFector Online Volume 6 No. 3.01 10/20/1993 editors@eff.org
A Publication of the Electronic Frontier Foundation ISSN 1062-9424
-==--==--==-<>-==--==--==-
In This Issue:
EFF Changes: New Editor, Suns Move to DC!
EFF Elects Two New Members to Its Board of Directors
Notes from House Hearing on Cryptography Export Controls
Administration Expands FOIA Rights
UK Cryptoprivacy Association Meeting
-==--==--==-<>-==--==--==-
EFF Changes: New Editor, Suns Move to DC!
EFFector Online is now produced by Stanton "Mechanism" McCandlish, EFF's
Online Activist, mech@eff.org. Besides UseNet ubiquity, Stanton has been
active in the BBS scene for some time, particularly in FidoNet, and is
the founder of IndraNet. Mech hails from Albuquerque, New Mexico, and is
finding EFF and Washington DC to be a fascinating change of pace and
place.
Some new formatting: All articles are separated by the -==-==-==... line you
see above, which should make it convenient to scan forward to a new article
quickly.
General comments about EFFector, EFF, and the issues raised should be
directed to editors@eff.org.
Other important addresses, one of which is new:
eff@eff.org - to get on mailing lists, and other tech stuff.
ask@eff.org - to ask questions about EFF or the issues we are involved in.
EFF's Sun Microsystems SPARCstations finally have been moved down to our
offices in DC. Chris Davis and Helen Rose-Davis, EFF's former Systems
Administrators, journeyed with the machines and, with the help of new
Systems Administrator Dan Brown (brown@eff.org), had them up and running
within one hour of arrival onsite! Chris and Helen now will be able to
devote their complete energies to KEI, which was kind enough to loan us
their talents. We thank them for all they've done for us and wish them the
best of luck.
Note that EFF *is* still reachable at eff.org, the ftp site is still
ftp.eff.org, the gopher site is still gopher.eff.org, wais is wais.eff.org,
as always. However, kragar.eff.org may not be a valid host domain name much
longer, so avoid using it and use ftp.eff.org instead.
-==--==--==-<>-==--==--==-
EFF Elects Two New Members to Its Board of Directors
The Electronic Frontier Foundation (EFF) today announced the election of
two individuals to its Board of Directors: David Johnson, a Washington,
D.C. attorney specializing in computer law, and Rob Glaser, a software
industry executive and multimedia pioneer.
David Johnson is counsel in the Washington, D.C. law firm of Wilmer,
Cutler & Pickering where his areas of practice include software and
systems contracting, electronic publishing and privacy issues, newspaper
distribution systems, litigation, property valuation and administrative
law. He also serves as President and CEO of Counsel Connect, an
electronic mail and conferencing system that connects corporate counsel
and outside law firms, and has been instrumental in encouraging the use of
information technology in the legal profession. Johnson serves on the
Board of Directors of the Center for Computer-Assisted Legal Instruction
(CALI) and is a Trustee of the National Center for Automated Information
Research (NCAIR).
"EFF has provided unique leadership by helping everyone involved in
building and using the new electronic networks to understand the
importance of preserving core democratic values in this new medium," said
Johnson. "The founders of EFF have pushed vigorously for networks that
preserve freedom of speech, privacy and enhanced opportunities for all. I
am excited to have a chance to participate in EFF's continuing discussion
of these vital questions."
Rob Glaser is presently a consultant to Microsoft Corporation. He most
recently served as the company's Vice President for Multimedia and
Consumer Systems, where he led Microsoft's development of multimedia
technology and the company's strategy for entering the emerging market for
consumer digital appliances. Prior to that, Glaser held positions at
Microsoft related to the development and marketing of networking systems
software and desktop applications such as Microsoft Word and Excel. Before
joining Microsoft in 1983, Glaser was founder and President of Ivy
Research, a PC software startup company. Glaser also is a minority owner of
the Seattle Mariners baseball team, and serves on the board of the Target
Margin Theater Company of New York, and Dwight Hall, the umbrella
organization for Yale University student social and political activism.
"I'm honored and excited to be joining the board," said Glaser about his
involvement in EFF. "In its brief history EFF has established itself as
the leading organization working to ensure that the Electronic Frontier is
organized and run in accordance with fundamental American principles of
openness, democracy, and social justice. I hope to help EFF extend its
work into the arena of video and multimedia information."
Johnson and Glaser join with other members of the Foundation's Board of
Directors, including EFF co-founders Mitchell Kapor and John Perry
Barlow, Jerry Berman, John Gilmore, Stewart Brand, Esther Dyson, and David
Farber.
-==--==--==-<>-==--==--==-
Notes from House Hearing on Cryptography Export Controls
by Danny Weitzner, EFF Senior Staff Counsel
October 12, 1993
House Foreign Affairs Committee
Subcommittee on Economic Policy, Trade, and the Enviornment
Hearing on mass market cryptography and export controls
Rep. Sam Gejdenson (D-Conn.), Chair
Committee Members present:
Gejdenson, Cantwell (D-Wash.), Fingerhut (D-Ohio), Rohrbacher (R-Calif.)
Manzullo (R-Ill.)
Witnesses:
PANEL 1 (Open)
J. Hendren, Arkansas Systems (A data security firm that does a lot of
international banking work)
Ray Ozzie, IRIS Associates for Business Software Alliance (Lotus Notes
developer)
Stephen Walker, Trusted Information Systems for Software Publishers Association
Philip Zimmermann, PGP developer
Don Harbert, Digital Eqiupment Corp.
PANEL 2 (Secret Session)
NSA representative
Opening Statement of Gejdenson:
"This hearing is about the well intentioned attempts of the National
Security Agency to try to control the uncontrollable.... The NSA itself
acknowledges that if you have a long distance telephone line and a modem,
you can send this software anywhere in the world. If you have a computer
and a modem you can take this software off of the Internet anywhere in the
world.... I do not question the value of the information sought by the
National Security Agency. But once it is determined that the dispersion of
this software cannot be controlled, then however much we might want to
protect our ability to obtain information, it is beyond our means to do so.
Just as in the case of telecommunications, the National Security Agency is
attempting to put the genie back in the bottle. It won't happen; and a
vibrant and productive sector of American indsutry may be sacrificed in the
process."
The main points raised by witnesses were these:
1. DES and other strong encryption which is barred by ITAR is in the public
domain and available on the global market from foreign software
manufacturers:
-Ray Ozzie used his laptop and a modem to show how to get a DES
implementation from ftp.germany.eu.net. The committee loved it and most of
them seemed to understand what was going on on the screen, even though they
had never heard of ftp.
-Stephen Walker described the results of an SPA study which uncovered over
250 cryptography packages which offer DES-based or stronger algorithms.
-Phil Zimmermann testified that he designed PGP from publicly available
information.
2. Foreign DES implementations are just as good as US versions.
Surprisingly enough, this is a contentious issue. Some members of the
committee seemed to have been told by someone or another that foreign
versions of DES may not be as strong as those that are made in the USA. If
this were true, then export controls might still be justified despite the
numerous foreign versions of DES on the market. In my view, this is a
pretty desperate argument.
-Steve Walker demonstrated that all DES works the same way by encrypting a
passage from Mozart's Eine Kleine Nachtmusik with several different foreign
DES packages, and then decrypting them. Surprise! They all sounded just
the same.
3. Lots of money is being lost by US software/hardware vendors:
-Don Harbert from DEC told of loses of over $70 Million in just the last
few months.
-BSA estimates that export controls exclude access to a global market the
is $6-9 Billion.
4. People want their privacy
-Phil Zimmermann told the committee about his experience with PGP users and
how badly people need and want to protect their privacy in electronic
environments
Committee Responses:
Overall, the committee was quite sympathetic to the witnesses. Chairman
Gejdenson seemed very supportive of changing export controls. Rep. Dana
Rohrbacher, no flaming liberal, said, "the cold war is over. I sympathize
with everything that has been said here."
-==--==--==-<>-==--==--==-
Administration Expands FOIA Rights
In an announcement made on Monday, October 4, 1993, President Bill Clinton
has called on all federal departments and agencies "to renew their
commitment to the Freedom of Information Act (FOIA), to its underlying
principles of government openness, and to its sound administration."
Attorney General Janet Reno specified some changes the Administration will
be making in its enforcement of FOIA. First, the Department of Justice
will no longer allow agencies the excuse that there MIGHT be a legal basis
for withholding information. Instead, agencies will be encouraged to
disclose unless there is a clear legal reason that prevents disclosure.
"In short, it shall be the policy of the U.S. Department of Justice to
defend the assertion of a FOIA exemption only in those cases where the
agency reasonably foresees that disclosure would be harmful to an interest
protected by that exemption."
Attorney General Reno also announced that the Department of Justice would
be reviewing regulations implementing FOIA and forms used in the process.
DoJ will also strive to reduce the current FOIA backlogs over the coming
year.
The Electronic Frontier Foundation (EFF) was especially pleased that
President Clinton refered to enhancing "public access through the use of
electronic information systems." EFF believes that electronic access to
information is critical, and EFF has been working with Congress (through
support of Senator Patrick Leahy's (D-VT) Electronic FOIA amendments and
other legislation) and members of the Administration to ensure that
electronically stored information is as easily obtainable as printed
documents. EFF Director of Legal Services Shari Steele commented, "We are
encouraged that the Clinton Administration has recognized the importance of
this method of information dissemination. In this electronic era, it is
critical that information be made available in a format that is most useful
to citizens as they inquire about the activities of their government."
After over a decade of government whittling away at citizen access to
public information, EFF is pleased to see this shift in priorities. "We
applaud the Clinton Administration for taking this first step toward
restoring our vital right to access information," Ms. Steele continued,
"and we are hopeful that the Administration will take further steps in this
direction, particularly when it comes to information that is stored
electronically."
A copy of the Administration's memorandum is available for anonymous ftp at
/pub/EFF/legislation/freedom-info-act-10.4.93 on ftp.eff.org.
-==--==--==-<>-==--==--==-
UK Cryptoprivacy Association Meeting
Date: Sunday, 31 October 1993
Time: 1430
At the offices of:
FOREST
4th floor
2 Grosvenor Gardens
London SW1W 0DH
[ FOREST is located at the corner of Grosvenor Gardens and Hobart
Place, a couple of blocks west of Victoria Station. There is a
taxi shelter across the street from the office. Those who have
trouble finding this location can page Russell Whitaker on
081-812-2661, and stand by the payphone or cellphone for a callback. ]
The UK Cryptoprivacy Association has its roots in the U.S. cypherpunk
advocacy of strong personal cryptography. The next UKCA meeting, to be
held at the offices of FOREST (see the above), will feature roundtable
discussion on such issues as:
- The recent well-publicised discovery of a larger number of U.S.
National Security Agency (NSA) electronic listening posts
than had been previously suspected;
- Further news on the spread of freely-available public key
cryptography software in Eastern Europe, Russia, and the
Transcaucasian states;
- The status of the various UK and Moscow PGP public key servers and
software archive sites, with input from a couple of maintainers
of these services in the UK;
- The implications of the legal controversy surrounding the
development and distribution of PGP encryption software in the
U.S., with further discussion on the possibility of volunteer
contributions to Phil Zimmermann's legal defence fund;
- Introduction to public key cryptography for novices
Attendees are encouraged to bring and exchange diskettes with their
PGP public keys. A few of us will bring along our MS-DOS laptops, to
sign public keys on site. In the interest of speeding things along, it is
recommended that all keys signed at the meeting be submitted later, with
their newly appended signatures, to the PGP Key Server at Demon
Internet Services. Send a message with the subject line "help" to
pgp-public-keys@demon.co.uk, for more information. PGP (Phil
Zimmermann's "Pretty Good Privacy") public key encryption software can
be obtained by ftp from, among other places, ftp.demon.co.uk in the
directory /pub/pgp. Versions include, but are not limited to, Unix,
MS-DOS, Archimedes, and MacOS. Full source code is available.
This meeting will also feature discussion on the upcoming First European
Conference on Computers, Freedom and Privacy (ECFP '93) to be held on
20 November 1993, which will feature speakers including John Gilmore,
David Chaum, and Duncan Frissell, as well as a representative of the
UK's Data Protection Registry.
Russell Earl Whitaker
ECFP Ventures Ltd
russell@eternity.demon.co.uk
-==--==--==-<>-==--==--==-
EFFector Online is published biweekly by:
Electronic Frontier Foundation
1001 G Street, N.W., Suite 950 East
Washington, DC 20001, USA
Phone: +1 202 347 5400, FAX: +1 202 393 5509
Internet Address: eff@eff.org or ask@eff.org
Coordination, production and shipping by:
Stanton McCandlish, Online Activist <mech@eff.org>
Reproduction of this publication in electronic media is encouraged. Signed
articles do not necessarily represent the view of the EFF. To reproduce
signed articles individually, please contact the authors for their express
permission.
*This newsletter is printed on 100% recycled electrons.*
-==--==--==-<>-==--==--==-
MEMBERSHIP IN THE ELECTRONIC FRONTIER FOUNDATION
In order to continue the work already begun and to expand our efforts and
activities into other realms of the electronic frontier, we need the
financial support of individuals and organizations.
If you support our goals and our work, you can show that support by
becoming a member now. Members receive our bi-weekly electronic
newsletter, EFFector Online (if you have an electronic address treached
through the Net), and special releases and other notices on our
activities. But because we believe that support should be freely given, you
can receive these things even if you do not elect to become a member.
Your membership/donation is fully tax deductible.
Our memberships are $20.00 per year for students and $40.00 per year for
regular members. You may, of course, donate more if you wish.
-==--==--==-<>-==--==--==-
Mail to:
Membership Coordinator
Electronic Frontier Foundation
1001 G Street, N.W.
Suite 950 East
Washington, DC 20001 USA
Membership rates:
$20.00 (student or low income membership)
$40.00 (regular membership)
[ ] I wish to become a member of the EFF. I enclose: $_______
[ ] I wish to renew my membership in the EFF. I enclose: $_______
[ ] I enclose an additional donation of $_______
Name:
Organization:
Address:
City or Town:
State: Zip: Phone: ( ) (optional)
FAX: ( ) (optional)
E-mail address:
I enclose a check [ ].
Please charge my membership in the amount of $
to my Mastercard [ ] Visa [ ] American Express [ ]
Number:
Expiration date:
Signature: ______________________________________________
Date:
Optional:
I hereby grant permission to the EFF to share my name with
other nonprofit groups from time to time as it deems
appropriate. Initials:______________________
********************************************************************
////////////// ////////////// //////////////
/// /// ///
/////// /////// ///////
/// /// ///
////////////// /// ///
********************************************************************
EFFector Online Volume 6 No. 4 10/29/1993 editors@eff.org
A Publication of the Electronic Frontier Foundation ISSN 1062-9424
In This Issue:
Markey Applauds Initiative to Put SEC Corporate Filings on Internet
Commerce Dept.'s Economic Bulleting Board on the Internet
First European Conference on Computers, Freedom and Privacy
Extenisve Govt. Fax/Email Gateways Provided in Canada
--==--==--==-<>-==--==--==--
Subject: Markey Applauds Initiative to Put SEC Corporate Filings on Internet
WASHINGTON -- Representative Edward J. Markey (D-MA), Chairman of
the House Telecommunications and Finance Subcommittee, today
applauded the National Science Foundation's decision to fund a
pilot project aimed at making corporate disclosure documents
available through the Internet computer network. The project
will take corporate filings submitted to the SEC's Electronic
Data Gathering and Retrieval (EDGAR) system and make them
available electronically, where they can be accessed by the
public.
"This project will launch EDGAR right into cyberspace," said Rep.
Markey, who explained that, "Soon, the public will be able to
obtain low-cost electronic access to a mother lode of
information, including registration statements, and annual and
periodic reports from virtually every major U.S. corporation."
Rep. Markey said, "This pilot project may help to demonstrate new
and more efficient ways of making large government databases
available to the public over the information superhighway."
"It can potentially benefit investors seeking access to current
information about companies, economists and other researchers
interested in corporate trends and developments, journalists
covering the business beat, and other individuals or public
interest groups interested in understanding what is going on in
corporate America."
Since the early 1980's, the SEC has been developing the EDGAR
program to automate the filing, acceptance, dissemination, and
analysis of the more than 10 million pages of disclosure
information annually submitted by public companies.
In February, the SEC approved formal implementation of the EDGAR
program, under which the first mandatory electronic filings began
earlier this week for about 500 large corporations and investment
companies. Another 1,200 companies were required to use the
system starting in July, and over 3,0000 companies will be
required to file their disclosures using EDGAR by the end of this
year. Eventually, all 15,000 SEC-registered companies will be
required to use the system.
As the EDGAR program has moved towards operational status, many
potential users of the filings -- such as investors, finance
professionals, journalists, researchers, and public interest
groups -- have expressed concerns about the potential high cost
of public access to EDGAR information under the SEC's current
dissemination strategy. This strategy relies on a private
information vendor, who sells EDGAR at a regulated wholesale
price to other retial information vendors, who in turn resell the
data to the public. Over the last several months, the
Subcommittee on Telecommunications and Finance, which has
jurisdiction over the SEC and is responsible for national
telecommunications policy, has been examining the adequacy of
this dissemination strategy.
In response to the Subcommittee's inquiries, in April, the SEC
announced two steps aimed at offering the public greater access
to corporate filings submitted through its Electronic Data
Gathering Analysis and Retrieval (EDGAR) system, including
providing CD-ROMs to Federal Depository Libraries and making
diskettes available through the SEC's public reading rooms. At
the same time, the SEC expressed technical and cost concerns
regarding suggestions that it directly fund electronic access to
EDGAR data.
In July, the House of Representatives approved the SEC's
Authorization Bill (H.R. 2239), which earlier was reported by the
Subcommittee and the full Energy and Commerce Committee. The
Committee report accompanying the bill expressed support for
initiatives aimed at making EDGAR data available over the
Internet, stating that:
The Committee agrees that there exists a need for a
broad-based government policy on information
dissemination, and it also believes that it would be
unacceptable if time- and cost-efficient access to
Commission filings in electronic form were denied to
significant groups of market participants and other
interested parties because of a failure of the existing
dissemination approach to meet their needs.
The Committee noted that the prospects for a significant retail
market for EDGAR data developing "are at present uncertain" and
that therefore, "a pilot project aimed at providing EDGAR data to
the university research community and other interested persons
over the Internet ... may prove to be a useful supplement to the
current dissemination strategy, which will continue to rely on
private vendors for distribution of EDGAR data."
Rep. Markey concluded, "I want to commend the National Science
Foundation for their leadership in taking the initiative to
provide the funding for this project. Both the New York
University Stern School of Business and the Internet Multicasting
Service are performing an invaluable public service in agreeing
to investigate ways of making EDGAR data available over the
Internet, and I wish them success as they move forward with this
important project."
****
According to Carl Malamud of the Internet Multicasting Service, EDGAR
should be available for public access "sometime early in 1994." To get a
copy of the press release, and info on how to get updates on the EDGAR
database's availability, send requests to edgar-announce@town.hall.org.
--==--==--==-<>-==--==--==--
Subject: Commerce Dept.'s Economic Bulletin Board on the Internet
The Commerce Department's Economic Bulletin Board (EBB) will be accessible
through the Internet without charge between July 26, 1993 until September 30,
1993. During this introductory period, the EBB will be available via telnet.
To access the EBB, telnet to EBB.STAT-USA.GOV and login as TRIAL; no password
is required.
The EBB is a one-stop source for current information from the Department of
Commerce, Department of Labor, Treasury Department, the Federal Reserve Board,
and many others federal agencies. Over 2,000 files covering topics such as
gross domestic product, employment, foreign trade information, financial and
monetary indicators, and regional statistics, are available.
You can search for files among the following general topics:
Summaries of Current Economic Conditions U.S. Treasury Auction Results
National Income and Product Accounts Regional Economic Statistics
Major Economic Indicators Energy Data
Price and productivity Data Daily Trade Opportunities (TOPS)
Foreign Trade Data International Market Insights
Industry Sector Analysis Current Business Statistics
Industry Statistics Fiscal and Monetary Policy Data
U.S. Trade Representative Press Releases Employment data
Bureau of Export Administration Notices Special Studies and Reports
For more information, please call (202) 482-1986 or send E-mail to
awilliams@esa.doc.gov
--==--==--==-<>-==--==--==--
Subject: First European Conference on Computers, Freedom and Privacy
ECPF-93
The New Cavendish Club
London, England
20th November 1993
Organised by ECFP Ventures Limited
Co-operating organisations :
The Libertarian Alliance
Privacy International, UK
UK Cryptoprivacy Association
SCOPE
______________________________
The widespread use of computers and
communication systems has brought considerable
benefits to our business and personal lives and will
continue to change and shape the way in which we
live. However, with those benefits come unprecedented
threats to our personal privacy and potential for abuse.
A variety of different models for protection of
individual privacy in the electronic age have been
suggested, ranging from state regulation to individual
action through the use of strong cryptography.
However, these solutions bring with them their own
class of problems, including excessive state
involvement in private matters and the frustration of
law enforcement and national security objectives.
The First European Conference on Computers,
Freedom and Privacy will both provide an introduction
to these issues and the technological developments
that drive them, and examine different ways in which
individual rights can be guaranteed. These questions
are central to the preservation of a free society in the
Information Age.
John M. Brimacombe
Conference Chair
KEYNOTE SPEAKER
______________________________
John Gilmore
Email: gnu@cygnus.com
OTHER SPEAKERS
______________________________
John Brimacombe (Chairman)
Email: john@mantis.co.uk
Simon Davies
Email: davies@privint.demon.co.uk
Tom Burroughes
Email: tom@reptile.demon.co.uk (after 10 October 1993)
David Chaum
Email: chaum@digicash.nl
Duncan Frissell
Email: frissell@panix.com
Elaine Fletcher
Chris Tame
Russell Whitaker
Email: whitaker@eternity.demon.co.uk
FEES
______________________________
Student 10.00 ($16.00 U.S.)
Normal 17.50 ($28.00 U.S.)
Normal before 1 Nov 93: 15.00 ($24.00 U.S.)
Press (Contact for arrangements)
You may pre-order copies of transcripts of the proceedings,
which will be shipped within 90 days after the conference:
Video and audio recordings will be made of the conference, in
its entirety. No pre-sales will be made; tapes go on sale in
December 93/January 94.
For more detailed information, contact:
16 Circus Road
MM Box 8593
London NW8 6PG
England
Please direct any further enquiries to the above address, or:
ecfp-1st@eternity.demon.co.uk (Email)
+44 81-812-2661 (Manned message service; quick response)
Note: this is a shortened form of the conference announcement. The full text,
giving information on the speakers, registration form, directions, schedule,
etc., is available as /pub/EFF/Temp/Confs/cfp1.uk, by anonymous ftp to
ftp.eff.org.
--==--==--==-<>-==--==--==--
Subject: Extensive Govt. Fax/Email Gateways Provided in Canada
Planet Communications & Computing Facility in association with
Digital Chicken is pleased to announce a new fax/email gateway
for City and Metropolitan Toronto Politicians, Greater Toronto
Members of Parliament, Hospitals, Ontario Government ministries,
churches, etc. etc.
As many of you know, we have a funny mailing address, and since
our node is still unregistered (registration Nov. 5th - we hope)
in order to take advantage of this gateway you must address your
email as follows.
utgpu!plan9!chyk!<user_id@utcc.utoronto.ca
Please substitute the <user_id above with the correct USER I.D.
listed below for the organization or individual you want to
reach.
Please remember, this is mainly a fax gateway - so include your
fax telephone number or/and address so that the individuals /
organizations listed can reply to you. I hope you enjoy the
service and find it beneficial.
Name/Individual/Organizations User I.D. Fax Number
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
June Rowlands, Mayor Toronto rowlands 416-392-0026
Green Party of Canada green 613-232-3081
Chief McCormack mccormac 416-324-6026
Metro Toronto Police
General metcop 416-324-0695
Public Complaints Bureau metcopcb 416-324-0551
Board of Commissioners metcopbr 416-324-0693
Ontario Police Public
Complaints Commissioner copcomp 416-325-4704
Premier of Ontario ontprem 416-325-3745
Minister of Health onthlth 416-326-1571
Minister of Finance ontfin 416-326-9096
Ombudsman of Ontario ombud 416-586-3485
Chief Electoral Officer
of Ontario elect 416-321-6853
York Regional Police yorkcop 905-853-5810
Peel Regional Police peelcop 905-453-7370
Ontario Provincial Police opp 705-329-6195
Halton Regional Police haltcop 416-825-9416
Minister of Agriculture & Food ontagri 416-326-3083
Ontario Film Review Board ontfilm 416-314-3632
Minister of Transportation onttrans 416-327-9185
Town of Ajax ajax 905-686-8352
Town of Oakville oakville 905-815-2025
City of Mississauga mississ 905-896-5575
City of Toronto toronto 416-392-1446
City of Etobicoke etobicok 416-394-8895
Borough of East York eastyork 416-778-9134
City of North York noryork 416-395-7337
City of York york 416-394-2803
City of Brampton brampton 905-874-1119
Minister of Economic Trade
& Development ontecdev 416-325-6918
Minister of Labour ontlabor 416-326-1449
Solicitor General and Minister
of Correctional Service ontsolg 416-326-5085
Attorney General ontatg 416-326-4016
Minister of Natural Resources ontnatur 416-314-2159
Minister of Citizenship ontcitiz 416-314-0022
Minister of Consumer and
Corporate Relations ontcons 416-326-5820
Minister of Community and
Social Services ontsoc 416-325-5221
Minister of Education ontedu 416-325-2608
Minister of Environment ontenvir 416-323-4682
Minister of Housing onthouse 416-585-6935
Ontario Human Rights
Commission onthumrt 416-314-4533
Canadian Human Rights
Commission canhumrt 416-973-6184
MPP Don Mills donmills 416-696-0181
MPP Oakville-South oaksouth 905-842-0332
MPP Fort York fortyork 416-363-0835
MPP Lake Nipigon nipigon 416-327-0968
MPP Dovercourt overcou 416-653-1054
MPP Etobicoke-West etobwest 416-695-1222
MPP Mississauga-South misssth 416-278-1525
MPP Oriole oriole 416-494-2440
MPP Downsview dwnsview 416-740-2474
MPP Eglinton eglinton 416-482-2776
MPP Etobicoke-Lakeshore etoblake 416-259-3704
MPP Beaches-Woodbine beachwd 416-421-3741
MPP Oakwood oakwood 416-781-4116
MPP Etobicoke-Humber etohumb 416-233-4321
MPP High Park-Swansea highpark 416-762-4499
MPP Lawrence lawrence 416-785-4524
MPP Mississauga-North missnor 416-826-4553
MPP Mississauga-West misswest 416-566-5264
MPP Etobicoke-Rexdale etobrex 416-745-5670
MPP Mississauga-East misseast 416-276-6933
MPP Brampton-North bramnor 416-840-7845
MPP Durham-West durwest 416-683-8643
Ministry of Northern
Development & Mines northern 416-327-0665
Ministry of Culture, Recreation
and Tourism tourism 416-325-6195
Information and Privacy
Commissioner/Ontario ipcont 416-325-9195
Roman Catholic Archdiocese of
Toronto romantor 416-977-6063
Anglican Church of Canada anglican 416-968-7983
United Church of Canada united 416-925-3394
Bahai' Faith Toronto bahaitor 416-889-8184
Letters to the editor
Toronto Star torstar 416-869-4322
Globe and Mail globe 416-585-5085
Toronto Sun torsun 416-947-3228
Now Magazine now 416-461-2886
Xtra! xtra 416-925-6674
Eye Weekly eye 416-971-7786
City Councillors
City of Toronto - Councillors council 416-392-1050
Chairman, Metro Toronto
Council chairman 416-392-3799
The Hospital for Sick Children sickkids 416-813-7161
The Toronto Hospital torhosp 416-340-5888
Addiction Research Foundation addict 416-595-5017
Donwood Institute donwood 416-425-7896
Casey House (AIDS hospice) casey 416-962-5147
Humber Memorial Hospital humber 416-249-1312
Oakville Trafalgar Memorial
Hospital trafalg 416-338-4636
Orthopaedic/Arthritic Hospital ortharth 416-967-8593
Sunnybrook Health Science
Centre sunny 416-480-4588
Doctor's Hospital doctors 416-923-1370
Central Hospital central 416-969-4183
Wellesley Hospital wellesly 416-926-4874
North York Gen.Hospital nyghosp 416-756-6384
Etobicoke Gen.Hospital eghosp 416-747-8608
York-Finch Gen.Hospital yfghosp 416-747-3883
Bloorview Children's Hospital blrview 416-494-9985
Hugh McMillan Rehabilitation
Centre hughrhb 416-425-6591
St. Michael's Hospital stmike 416-864-5669
St. Joseph's Health
Centre (Toronto) stjoetor 416-530-6346
Queensway Gen.Hospital queens 416-253-0111
North York Branson Hospital branson 416-635-2537
Toronto East General &
Orthopaedic Hospital, Inc. tegh 416-469-6106
Scarborough Centenary Health
Centre scarcent 416-281-7323
Scarborough Grace General
Hospital scargrac 416-495-2631
Scarborough General Hospital scargen 416-438-9318
Grace Hospital, Toronto gracetor 416-925-3211
Northwestern General Hospital nwestgen 416-658-2192
Mount Sinai Hospital mtsinai 416-586-8787
Princess Margaret Hospital prmarg 416-926-6547
Women's College Hospital womens 416-323-7314
Lyndhurst Hospital lyndhrst 416-422-5216
Peel Memorial Hospital peelmem 416-451-8439
Ajax-Pickering General
Hospital ajaxpick 416-683-1262
Mississauga General Hospital missgen 416-848-7139
Credit Valley Hospital credit 416-820-0020
Queen Street Mental Health
Centre queenst 416-583-4307
Clarke Institute of Psychiatry clarke 416-979-5679
Markham-Stouffville Hospital mrkstouf 416-472-7086
Shouldice Hernia Surgery shouldic 416-889-4216
Toronto Transit Commission ttc 416-485-9394
Prime Minister of Canada primemin 613-941-6900
Toronto Public Library torlib 416-393-7782
Etobicoke Public Library etoblib 416-394-5050
Scarborough Public Library scarlib 416-396-8808
Brampton Public Library bramlib 905-799-0806
Mississauga Public Library misslib 905-615-3615
City of York Public Library yorklib 416-394-2781
East York Public Library eylib 416-396-3812
North York Public Library nylib 416-395-5542
Metro Toronto Reference
Library referenc 416-393-7229
East York Board of Education eyedu 416-465-2237
Etobicoke Board of Education etobedu 416-394-3803
Metro Toronto Roman Catholic
Separate School Board rcssbedu 416-229-5345
North York Board of Education nyedu 416-395-8210
Peel Board of Education peeledu 905-890-6698
Scarborough Board of Education scarbedu 416-396-4856
Toronto Board of Education toredu 416-393-9969
York Board of Education yorkedu 416-727-3984
CityTV citytv 416-593-6397
CFMT TV cfmttv 416-265-0509
CFTO TV cftotv 416-299-2273
Canadian Broadcasting
Corporation (CBC) cbc 416-963-9036
Global Television Network global 416-446-5371
CTV Television Network ctv 416-928-0907
Beaches-Metro News beachmet 416-698-1253
Ontario Legal Aid Plan olap 416-979-8669
Ontario Legal Aid Plan
Scarborough Area olapscar 416-750-7184
Fire Departments
City of Toronto torfire 416-392-0161
City of Scarborough scarfire 416-396-7765
City of North York nyfire 416-395-7286
City of Etobicoke etobfire 416-394-8589
City of York yorkfire 416-394-2764
Borough of East York eyfire 416-396-3757
Town of Ajax ajaxfire 905-683-8119
City of Brampton bramfire 905-874-2727
City of Mississauga missfire 905-615-3756
Ambulance Services
Metro Toronto ambulanc 416-392-2008
Art Gallery of Ontario artont 416-979-6646
New Democratic Party of Canada ndpcan 613-996-9584
Canadian Federal Immigration
and Refugee Board immrefbr 416-954-1165
Government of Canada
Minister of Health & Welfare health 613-952-7746
Minister of the Environment environ 819-953-3457
Minister of Transportation transpor 613-995-0327
Minister of Fisheries/Oceans fisherie 613-990-7292
Minister of Labour labour 819-953-3419
Minister of Supply & Service supply 819-953-1908
Minister of National Revenue revenue 613-952-6608
Minister of Agriculture agricult 613-996-9219
Minister of Consumer and
Corporate Affairs consumer 819-953-4930
Toronto Blue Jays bluejays 416-341-1250
Toronto Maple Leafs leafs 416-977-5364
EFFector Online is published biweekly by:
Electronic Frontier Foundation
1001 G Street, N.W., Suite 950 East
Washington, DC 20001, USA
Phone: +1 202 347 5400, FAX: +1 202 393 5509
Internet Address: eff@eff.org or ask@eff.org
Coordination, production and shipping by:
Stanton McCandlish, Online Activist <mech@eff.org>
Reproduction of this publication in electronic media is encouraged. Signed
articles do not necessarily represent the view of the EFF. To reproduce
signed articles individually, please contact the authors for their express
permission.
*This newsletter is printed on 100% recycled electrons.*
--==--==--==-<>-==--==--==--
MEMBERSHIP IN THE ELECTRONIC FRONTIER FOUNDATION
In order to continue the work already begun and to expand our efforts and
activities into other realms of the electronic frontier, we need the
financial support of individuals and organizations.
If you support our goals and our work, you can show that support by
becoming a member now. Members receive our bi-weekly electronic
newsletter, EFFector Online (if you have an electronic address reached
through the Net), and special releases and other notices on our
activities. But because we believe that support should be freely given, you
can receive these things even if you do not elect to become a member.
Your membership/donation is fully tax deductible.
Our memberships are $20.00 per year for students and $40.00 per year for
regular members. You may, of course, donate more if you wish.
--==--==--==-<>-==--==--==--
Mail to:
Membership Coordinator
Electronic Frontier Foundation
1001 G Street, N.W.
Suite 950 East
Washington, DC 20001 USA
Membership rates:
$20.00 (student or low income membership)
$40.00 (regular membership)
[ ] I wish to become a member of the EFF. I enclose: $_______
[ ] I wish to renew my membership in the EFF. I enclose: $_______
[ ] I enclose an additional donation of $_______
Name:
Organization:
Address:
City or Town:
State: Zip: Phone: ( ) (optional)
FAX: ( ) (optional)
E-mail address:
I enclose a check [ ].
Please charge my membership in the amount of $
to my Mastercard [ ] Visa [ ] American Express [ ]
Number:
Expiration date:
Signature: ______________________________________________
Date:
Optional:
I hereby grant permission to the EFF to share my name with
other nonprofit groups from time to time as it deems
appropriate. Initials:______________________
Comments
Post a Comment