Too Secret Code.
Encryption is a mathematical formula used to protect privacy on an increasingly insecure Internet. In the United States, top of the line 128-bit key software--a key is a code similar to a password that allows you to access encrypted data--is routinely used to protect bank records, credit card transaction e-mail and medical records.
Law enforcement agencies insist on strict export restrictions, arguing that strong encryption software can be used to thwart high-tech surveillance of foreign drug dealers, child pornographers, terrorists and other criminals. The Feds have placed it along with hand grenade and jet fighter planes under the International Traffic in Arms Regulations. That means U.S. companies exporting stronger than 40-bit key must wade through a mound of State Department red tape and rarely do. Meanwhile, seriously security conscious Latin American firms zip past U.S. providers and their watered down encryption versions of Netscape and Explorer to stronger software from the rest of the world.
"Forty bit key technology is adequate to stop someone from nicking US$50 off your bank account but not for protecting industrial secrets and medical records," says Whitfield Diffie, a widely respected expert on cryptography and an engineer at Sun Microsystems. "The impact for regions like Latin America is lower security."
Javier Pino, Visa's vice president of chip technology for Latin America and the Caribbean, admits that Latin America's web-sites have less security but he insists credit card customers are adequately protected by an encryption program developed by Visa and MasterCard known as Secure Electronic Transaction (SET). SET doesn't require an export license since it is tailored for transactions and not data.
So what's the big fuss?
A report by the Economic Strategy Institute says current export restrictions will cost the U.S. economy $35 billion with-in the next five years. "Encryption lies at the heart of the major growth markets within each of these industries: wireless communications, online banking, corporate intranets and financial smart cards," says the report.
Foreign corporations are filling the void, and, in some instances, tweaking U.S. noses. A Canadian software firm proudly boasts on its software package: "Made in Canada, Land of Free Cryptography."
Civil liberty groups argue that current policy goes against free speech guaranteed by the First Amendment and that state-of-the-art encryption will protect Latin America and other regions from growing computer crime, fraud and theft.
But the most strident critics appear to be individuals.
Adam Back, a software engineer, has designed a website (online.offshore. com.ai/arms-trafficker) that asks web-surfers an international arms dealer" by clicking on a three-line encryption program he that then sends it over the Internet to the Caribbean island of Anguilla where he resides.
A U.S. Court of Appeals sided with University of Illinois computer science Professor Daniel Bernstein that source code export limits were a violation of free speech. In October 1999, another appeals court ruled that the Department of Justice could reexamine the Bernstein decision and some legal experts believe the controversy will ultimately wind up in the Supreme Court.
The Clinton Administration must no allow the encryption issue to drag out in the courts and acknowledge that it is impossible to control the exchange of data across international borders. A recent Lehman Brothers report on the Internet in Latin America suggests the region lacks enthusiasm for e-commerce because the "public's confidence in the integrity of such transactions remains relatively low." Undoubtedly, the lack of strong encryption software will do little to change their minds.
|Printer friendly Cite/link Email Feedback|
|Article Type:||Brief Article|
|Date:||Feb 1, 2000|
|Previous Article:||WHAT TITLE?|
|Next Article:||AACCLA conference spotlights important business issues.|