Congressional committees pass crypto, digital signature bills

www.computerworld.com |  Business

The U.S. Senate and House Commerce committees yesterday approved bills that would
liberalize the encryption export regulations, while the Senate committee also passed
bills calling for the promotion of digital signatures and filtering software to block
pornography.

The House Security and Freedom through Encryption (SAFE) Act removes the
government's restrictions on exporting strong encryption if a comparable encryption
product is commercially available outside the U.S. It also bars the government from
requiring key recovery, whereby the government would have access to keys to decode
encrypted messages for law-enforcement purposes.

Government officials argue they need to control the export of strong encryption for
national-security purposes to fight terrorism, while vendors argue that the
restrictions hamper their global competitiveness because strong encryption is readily
available outside the U.S. The government wants vendors to develop encryption software
that includes a key-recovery mechanism.

Several amendments approved by the House committee would require that a comparable
encryption product be available in a country outside the U.S. in order for a U.S.
company to export similar technology there; bar export to the Chinese military; allow
the secretary of Commerce to deny the export of encryption products if they would be
used to harm national security, sexually exploit children or execute other illegal
activities; require the secretary of Commerce to consult with the secretaries of State
and Defense, the director of Central Intelligence and the attorney general when
reviewing a product; and subject a person to criminal penalties for not providing
access to encrypted data if a subpoena were served and the person had the capability to
decrypt the data.

Senate proposes stronger encryption exports

Meanwhile, the Senate encryption bill, proposed by John McCain, an Arizona
Republican, would allow exporting encryption key lengths up to 64 bits. In general,
companies currently must get a license to export encryption higher than 56 bits in key
length.

The McCain encryption bill also would allow export of stronger "non-defense"
encryption to "responsible entities" and governments in the North Atlantic Treaty
Organization, the Association of Southeast Asian Nations and the Organization for
Economic Cooperation and Development. It would, however, allow the secretary of
Commerce to prohibit export of particular encryption products to an individual or
organization in a foreign country.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

Ask a Question