Encryption experts downplay White House’s break for banks
A White House announcement this week that the administration will allow export of some strong encrypted messages leaves encryption experts unimpressed.
Barry Steinhardt, executive director of the Electronic Frontier Foundation, described the policy change as “a very small bone with not a lot of meat on it” because it applies only to banks and financial institutions dealing with countries that have firm money-laundering laws.
“It's a very small movement on the government's part,” Steinhardt said. “They have sliced off a sector of the business community and given them some apparent relief. It will do nothing to foster the ability of average Americans, or even the lion's share of the business community, to use strong encryption to protect their private communications.”
Encryption programs enable computers to scramble data so they can't be read without a numerical access key. Current federal law prohibits posting all-but-unbreakable encryption on the Internet or sending it abroad on a disk without a license, saying that to do so violates export codes.
But Steinhardt and officials with the Electronic Privacy Information Center and Americans for Computer Privacy say unrestrained encryption not only protects privacy but also stimulates the growth of the Internet and the U.S. computer industry.
Commerce Secretary William Daley announced the policy change during an exporters' conference Wednesday. While the new encryption export guidelines left critics unimpressed, Daley said they would affect about 70 percent of the encryption exports of the world's 100 largest banks.
“This action gives our nation's financial institutions the flexibility they need to remain globally competitive,” Daley said in his speech. “Importantly, it balances those needs with law enforcement, national security and foreign policy concerns.”
Daley said he expects more changes to follow in the next few months. In the meantime, he said the private sector must keep informed about encryption developments and find ways to work with government officials.
“Are you doing your part?” he asked. “If not, it's time to step up to the plate.”
Sue Richards, spokewoman for Americans for Computer Privacy, said “a little bit of change is a good thing, but we don't have an overwhelming reaction except to say that we would prefer not to have policy changes done piecemeal. This is really a baby step.”