Contents | < Browse | Browse >

/// Federal Inquiry on Software Examines Privacy Programs
    By John Markoff

 The New York Times  *  Tuesday, 21 September 1993  *  Business Day

 SAN FRANCISCO, Sept. 20 -  In a Government investigation with
 implications for free speech and privacy in the information age, a
 Federal grand jury in San Jose, Calif., has issued subpoenas to two
 software publishers selling versions of a program that protects the
 privacy of electronic mail and other computer data.

 The investigation appears to focus on whether the program has been
 illegally exported in violation of State Department regulations
 that control the sale of weapons and other technologies whose
 export the Government believes may compromise national security.
 The relevance of such regulations in the post-cold war era is the
 topic of growing debate in Washington, where communications and
 computer executives plan to testify before Congress on Wednesday.
 [Page C3.]

 The software program, known as Pretty Good Privacy, or P.G.P., was
 written several years ago by an independent programmer in response
 to Federal threats to crack down on the distribution of encryption
 software which is used to protect computer data by converting them
 into secret code.  No one can read the encoded information without
 access to mathematical keys - one that is publicly known, a second
 known only to the recipient of the coded message.

 The program has since been freely distributed around the world,
 used on thousands of personal computers and work stations.

 Receiving the Federal subpoenas were Viacrypt, a Phoenix company
 that plans to sell a licensed version of P.G.P., and Austin Code
 Works of Austin, Tex., which is selling a version of P.G.P. for
 other software developers to incorporate their own programs.  The
 grand jury subpoenas, which the companies received Sept. 9, ordered
 them to supply all correspondence and records related to the
 international distribution of P.G.P. and other information related
 to computer cryptography.

 A Customs Department official refused to comment on the case today.
 William P. Keane, the assistant United States attorney who signed
 the subpoenas, confirmed that there was a grand jury investigation,
 but said he could not comment.

 Both publishers said they had no plans to sell their products abroad.

 "I think they're more concerned with our intentions than what we've
 done," said Leonard Mikus, president of Viacrypt, which is a
 division of the software company Lemcom Systems Inc. of Phoenix.
 "They're on a fishing expedition, but this could become a landmark
 case that sets the limits that distinguish between electronic and
 conventional publishing."

 Battling the N.S.A.

 The investigation is the latest round in a growing battle in recent
 years between the National Security Agency and a variety of groups
 in this country, including high-technology companies, computer
 researchers and civil libertarians, over the role of coding
 software in protecting computer data.  The N.S.A., whose role is to
 monitor electronic communications around the world, has
 consistently acted to block the adoption of new technologies that
 would make its mission more difficult.

 But the widespread availability of high-speed digital communication
 links and inexpensive personal computers may make it impossible to
 enforce technology restrictions in the future - as the widespread
 international dissemination of P.G.P. has already indicated.

 President Clinton alluded to the problems of controlling
 distribution of software technology in a speech last week promoting
 the North American Free Trade Agreement.

 "Nothing we do in this great capital can change the fact that
 factories or information can flash across the world, that people
 can move money around in the blink of an eye," the President said.
 "Nothing can change the fact that technology can be adopted, once
 created, by people all across the world and then rapidly adapted in
 new and different ways by people who have a little different take
 on the way that technology works."

 Question of Legality

 Government regulations, enforced by the State Department, make it
 illegal to export cryptographic software without a special
 munitions export license issued for weapons sales.

 Those restrictions have angered many computer industry executives
 who argue that encryption software is the crucial technology
 underlying a variety of information-age services, ranging from
 secure electronic mail to computerized payment of bills.

 Last year, a number of United States software companies,
 represented by the Software Publishers Association, a trade group,
 struck a deal with the N.S.A. permitting them to export software
 that contained coding functions.  Those codes, however, are
 believed to be easily cracked by the N.S.A. The P.G.P. software
 under investigation is thought to defy most N.S.A. code-cracking

 The legitimacy of the export regulations is also disputed by legal
 scholars who argue that they restrict freedom of speech.

 "There is a First Amendment right to speak in a encrypted way,"
 said Eben Moglen, a professor of law and legal history at Columbia
 University who is familiar with the case.  "The right to speak
 P.G.P. is like the right to speak Navajo.  The Government has no
 particular right to prevent you from speaking in a technical manner
 even if it is inconvenient for them to understand."

 Protection from Code-Breaking

 P.G.P. has been controversial since it was written by the
 programmer, Philip Zimmerman, because it uses a coding formula that
 many researchers believe powerful enough to protect information
 from even the National Security Agency's high-speed code-cracking
 computers.  The formula was developed by three well known computer
 scientists: Ronald Rivest, Adi Shamir, and Leonard Adelman.

      The preceding story was reprinted without permission, under the
        "Reasonable Use" interpretation of the 1976 Copyright Act.