Academic journal article Federal Communications Law Journal

Taking Account of the World as It Will Be: The Shifting Course of U.S. Encryption Policy

Academic journal article Federal Communications Law Journal

Taking Account of the World as It Will Be: The Shifting Course of U.S. Encryption Policy

Article excerpt

It is change, continuing change, inevitable change, that is the dominant factor in society today. No sensible decision can be made any longer without taking into account not only the world as it is, but the world as it will be.(1)


On January 12, 2000, the U.S. Department of Commerce Bureau of Export Regulation ("BXA") issued new encryption export regulations that removed most of the prior limitations on the export of U.S. encryption technology. The previous export limitations, combined with efforts by the Clinton Administration to encourage the use of key escrow, had sparked contentious debate among public interest privacy groups, law enforcement, and the high-tech software industry.(2) The relaxation in policy signaled another retreat by the Clinton Administration from strong restrictions on export technology. While some questioned the complicated nature of the regulations, one software executive characterized the liberalization as "an 'inside the ball park' home run."(3) The finalized regulations had been eagerly anticipated since September 16, 1999, when the White House announced its proposal to loosen restrictions ("September proposal"), perhaps because of increasing pressure from Congress through proposed legislation over the previous three years.(4)

In the wake of the new regulations and the furor that led to them, however, little mention has been made of the Cyberspace Electronic Security Act of 1999 ("CESA"), which was announced by the Clinton Administration in tandem with the September proposal to loosen export restrictions.(5) As proposed, CESA would "establish[] limitations on government use and disclosure of decryption keys obtained by court process and provide[] special protections for decryption keys stored with third party 'recovery agents,'" and authorize appropriations for a Federal Bureau of Investigations ("FBI") Technical Support Center to serve as a resource for federal, state, and local law enforcement.(6) Online privacy proponents strongly criticized CESA, claiming it would allow the government to circumvent the Fourth Amendment and easily gain access to encrypted e-mails, business documents and private files.(7) Former President Clinton left office without Congress taking any action on CESA, despite the White House's transmittal letter to Congress in September 1999.(8)

This Note argues that the marked changes in U.S. encryption policy in the past seven years, specifically the relaxation of export regulations and key escrow advocacy, result from governmental and societal recognition and acceptance of how the world will be in the information age. Despite these expansive actions, introduction of CESA signals yet another attempt at government regulation of encryption technology. Therefore, this Note encourages critical study of CESA and similar legislation to ensure public awareness, understanding, and active involvement in shaping encryption policies affecting those living and working in the interconnected twenty-first century. Part II of this Note offers a brief history of cryptography and explains modern terminology essential to comprehension of the encryption debate. Part III traces governmental regulation of encryption technology--until recently almost solely a creation of executive directive--and offers competing arguments regarding key escrow systems and restrictive export regulations. Part IV analyzes both facets of the September proposal: export relaxation and CESA. Finally, Part V argues that Internet advances have caused the dramatic policy shift of the past three years, and that the U.S. government will continue to remove impediments to encryption exportation. This section cautions, however, that legislation concerning encryption, like CESA, should be monitored continuously to ensure that privacy concerns are adequately addressed.


A. What is Encryption?

Stanford Law Professor Lawrence Lessig writes with only slight exaggeration that encryption technologies are the most important technological innovations of the last millennium. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed


An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.