When privacy is outlawed only outlaws will have privacy
(NNN March 22, 1997)

"When privacy is outlawed only outlaws will have privacy."

That is the theme of Phil Zimmerman, creator of PGP (Pretty Good Privacy), the software encryption program which made him an outlaw until the case against him was dropped.

The government has a legitimate interest in criminal or terrorist use of encryption technology. There are equally legitimate concerns for the rights of individuals and businesses to keep information private.

Internet e-mail resembles a postcard rather than a letter in an envelope. It can be read by many people along the delivery route. While even a sealed envelope can be read by those with the incentive to do so, few of us are likely to be so targeted. Bank vaults are burglarized, but that doesn't stop us from locking valuables away from casual thieves or snoops. We expect and value security and privacy as a matter of course.

If business is to be conducted via the Internet, transactions must be secure. Signatures must be verified to be from the real sender. Forging e-mail is easy. At Oracle software company a disgruntled employee falsified incriminating e-mail from her supervisor to CEO Larry Ellison, resulting in a $100,000 sexual harassment settlement. (The employee was later convicted of perjury and falsification of evidence.)

It is also easy to forge Usenet discussion group messages, as shown by a series of racist messages posted over the signature of another person, whose reputation suffered until the forgery was exposed.

The dilemma in computing is similar to that in everyday life: how to maintain the security and privacy of individuals and businesses without crippling the ability of law enforcement to investigate criminal activity. One problem is that the encryption genie is out of the bottle. The U.S. government classifies advanced encryption technology as a munition, limiting its use in software for export. But encryption is not a U.S.-only technology. American businesses may lose out to less limited foreign competitors.

Reports suggest the European Union and the FBI cooperate to "monitor everyone and everything" (http://www.privacy.org/pi/activities/tapping/statewatch_tap_297.html). This is in addition to the well-known National Security agency (NSA) monitoring facilities. The UK Police bill pending in Parliament shows the U.S. is not unique among concerned Western nations. (See http://www.privacy.org/pi/countries/police_bill_statement.html.) On Feb. 27 Senator Conrad Burns (R-MT) re-introduced the Pro--CODE legislation (S. 377) to promote Internet commerce and privacy (http://thomas.loc.gov/cgi-bin/query/z?c105:S.377:).

Versions of Zimmerman's PGP are widely available for download. PGP's home page is here.

In Ceausescu's Romania the secret police were able to monitor any citizen by the simple expedient of replacing all telephones with bugged ones connected to a central exchange. Let's not permit a high-tech version of that system to convert our access to information into access to our private communications.

* * *

E-mail: jerry@maizell.com


Jerry Maizell

nnnews@ibm.net
The Near North News
222 W. Ontario St. 502
Chicago, IL 60610-3695
United States