Date: Thu, 03 Jun 93 14:34:26 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@PICA.ARMY.MIL Subject: Computer Privacy Digest V2#048 Computer Privacy Digest Thu, 03 Jun 93 Volume 2 : Issue: 048 Today's Topics: Moderator: Dennis G. Rears Re: Calif requires ID? Re: Calif requires ID? Re: Retaliatory Crimes WANTED: E-Mail Privacy Policies Clinton Goes Online with E-Mail California ID Requirement CPSR NIST Crypto Statement The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@pica.army.mil and administrative requests to comp-privacy-request@pica.army.mil. Back issues are available via anonymous ftp on ftp.pica.army.mil [129.139.160.133]. ---------------------------------------------------------------------- From: Les Earnest Subject: Re: Calif requires ID? Date: 1 Jun 93 21:42:59 GMT Reply-To: les@cs.stanford.edu Organization: Computer Science Department, Stanford University Tansin A. Darcos & Company writes: California has a law on the books requiring anyone who is stopped by police to show identification upon request; this essentially is the law he was charged with violating. (This is separate and different from the one requiring the operator of a motor vehicle to carry his or her license on their person at all times while operating a motor vehicle and to show it when involved in an accident or stopped by a police officer). I believe that there is no such law. Please cite the code if you believe there is. [Moderator's Note: Susanna Elaine Johnson in a later provides some citations. ._dennis ] -- Les Earnest (Les@cs.Stanford.edu) Phone: 415 941-3984 Computer Science Dept.; Stanford, CA 94305 Fax: 415 941-3934 ------------------------------ Return-Path: From: Steve Forrette Subject: Re: Calif requires ID? Date: 2 Jun 1993 19:12:51 GMT Organization: Walker Richer & Quinn, Inc., Seattle, WA In article "Tansin A. Darcos & Company" <0005066432@mcimail.com> writes: > >> A couple of nights ago on the local TV news I heard >> that California now requires that all adults carry >> identification at all times. > >California has a law on the books requiring anyone who is stopped by >police to show identification upon request; this essentially is the law he >was charged with violating. (This is separate and different from the one >requiring the operator of a motor vehicle to carry his or her license on >their person at all times while operating a motor vehicle and to show it >when involved in an accident or stopped by a police officer). > >I think he was convicted or he fought the law in court, but it was >reported on some tabloid talk show a few years ago: the California Supreme >Court struck down the law as unconstitutional because it violated the >right to privacy. There's more to the story. Sometime after this ruling by the California Supreme Court, the voters passed Proposition 9, which among other things prevented the state from restricting search and seizure that was legal under the United States Constitution, but illegal under the California Constitution. So, in effect, this ruling by the state supreme court was overturned by the voters, since it was made on the basis that the original incident violated the specific right of privacy granted by the California Constitution, but not by the United States Constitution. The main purpose of this provision of Proposition 9 is that the voters finally got fed up with the state supreme court throwing out convictions on "technicalities" that were illegal under the state constitution, but legal under the federal constitution. Remember that Chief Justice Rose Bird and several other Justices got thrown out of office by the voters as a result of the uproar. More specifically, what Proposition 9 says is that any evidence that is obtained illegally according to state law or the state constitution, but is legal under federal law or the federal constitution, is admissable in court. So, although the state can place search and seizure restrictions on the police that are more stringent than those granted federally, the traditional mechanism of enforcing these restrictions (making illegally seized evidence inadmissable) was removed. The "ID required at all times" law is still on the books, but I've seen something from the Attorney General's office that advises police to not enforce it. Actually, I don't think the law had any specific requirement that people carry ID, but that they identify themselves to police upon request. It is strongly recommended by the AG that police have probable cause before requiring someone to identify themselves (of course, they can always ask someone for voluntary compliance at any time). I don't think that this is the ideal solution to the problem, but I agree that something had to be done. It got to the point that so many "rights" had been granted to the people by the state courts, that the people had a reduction in effective rights due to rampant criminal activity that was not being checked properly. It is indeed a delicate balance between rights granted to protect the accused (many of whom may be innocent), and allowing the police and the courts effective ways to control and punish the true criminals. Steve Forrette, stevef@wrq.com ------------------------------ Date: Tue, 1 Jun 93 19:28 PDT From: John Higdon Reply-To: John Higdon Organization: Green Hills and Cows Subject: Re: Retaliatory Crimes "Tansin A. Darcos & Company" <0005066432@mcimail.com> writes > In short, > some of these intruders have better incoming call security on THEIR > online systems than the commercial sites they broke into! This is a common problem and leads to much system intrusion. Large companies (and some smaller ones) somehow feel immune to penetration by by miscreants. A couple of years ago, I had a heated debate with an official from "ThriftyTel" (a long distance reseller in southern California) over the matter of security (or in TT's case, the lack thereof). I accused the company (on KFI's air, no less) of purposely keeping security lax so for the purpose of entrapping kids who found the company's five-digit security codes literally child's play to defeat. ThriftyTel got even by invoking a very nasty "hacker tariff" that called for holding system penetrators liable for charges an order of magnitude higher than normal. It was (and still is) quite a nice cash cow for the operation. It also supplies the company with computers, which they are allowed to seize. And there are quite a few families in very dire straights right now trying to pay off TT's confiscatory judgments. Rebecca Bigeley (of ThriftyTel) tried to argue that there was "no way to keep hackers out" of their system. This is rubbish. Putting aside the matter of the company's five-digit codes (industry standard is ten digits), there are MANY ways to thwart intruders. And I mean keeping them out in the first place rather than "retaliating". I run a long distance aggregating operation that uses outside dialup access. I would be willing to challenge anyone with any kind of "hacking" program to gain access and make calls on my nickel. But then I am more interested in just keeping unauthorized people out rather than "getting even" or creating a supplemental source of income. -- John Higdon | P. O. Box 7648 | +1 408 264 4115 | FAX: john@ati.com | San Jose, CA 95150 | 10288 0 700 FOR-A-MOO | +1 408 264 4407 ------------------------------ From: 13501MBC@msu.edu Subject: WANTED: E-Mail Privacy Policies Date: Wed, 02 Jun 93 15:43:20 EDT Organization: Michigan State University I am writing a research paper for a Telecommunications Technology class about electronic mail privacy. Accordingly, I would like to collect samples of e-mail privacy policies from people so that I can discuss employees' right to privacy vs. employer's right to monitor e-mail. If anyone has a copy of the e-mail privacy policy adopted by their organization (and is able to share it), I would appreiciate it if you could e-mail me at cravitma@studentc.msu.edu. Thanks to anyone who replies (and to everyone else for bothering to read this). /Matthew Cravit College of Communication Arts and Sciences, Michigan State University East Lansing, Michigan ------------------------------ Date: Wed, 2 Jun 1993 20:59:24 -0400 (EDT) From: "Tansin A. Darcos & Company" <0005066432@mcimail.com> Reply-To: "Tansin A. Darcos & Company" <0005066432@mcimail.com> Subject: Clinton Goes Online with E-Mail Just reported today (6/2) on page F3 of The Washington Post: "Move over 1600 Pennsylvania Avenue, Bill Clinton has a second address: president@whitehouse.gov". Several paragraphs later, it reports: "People who send complaints or praise by E-Mail won't reach the president directly or jump the queue in getting attention. The messages will be read by the White House correspondence staff, with the same priority as paper letters. A sampling will be show to the president and Vice President Al Gore, who made White House E-Mail a personal priority. (His address: vice.president@whitehouse.gov)." "The White House already had addresses with three commercial E-Mail services. Through them, it was receiving as many as 5,000 messages a week." The article later points out that the messages were sent using sneakernet, i.e. copied to diskette and carried by mail or courier. In the article, it kept printing the E-Mail addresses such that the line breaks kept making the system divide the messages as "president@white- house.gov" or also, in the second place, the address "vice.president@white- house.gov". So I decided to see if it really was on line, or if the Post had made a mistake; I telnetted to rs.internic.net and did a lookup: Whois: whois whitehouse.gov Executive Office of the President USA (WHITEHOUSE-HST) 198.137.240.100 WHITEHOUSE.GOV Whitehouse Public Access (WHITEHOUSE-DOM) Whois: whitehouse-dom Whitehouse Public Access (WHITEHOUSE-DOM) Executive Office of the President USA Office of Administration Room NEOB 4208 725 17th Street NW Washington, D.C. 20503 Domain Name: WHITEHOUSE.GOV Administrative Contact, Technical Contact, Zone Contact: Fox, Jack S. (JSF) fox_j@EOP.GOV (202) 395-7323 Record last updated on 26-May-93. Domain servers in listed order: WHITEHOUSE.GOV 198.137.240.100 NS.UU.NET 137.39.1.3 whois: The article mentions that selected items will be shown to the President and the Vice President directly. So here's your chance to send positive comments directly as E-Mail, or, if desired, to vent your spleen without delay! ----- Paul Robinson -- TDARCOS@MCIMAIL.COM ------------------------------ Date: Wed, 2 Jun 93 23:15:27 -0400 From: Susanna Elaine Johnson Subject: California ID Requirement The law used to be that you had to have ID on you at all times (even in the shower??), and if you didn't the statute you were violating was PC Section 647(f) in that you would have "failed to give a proper account of yourself". However, this was overturned. What the police do now is cite you under Section 148(a) of the California Penal Code (Resisting arrest or obstructing or delaying a peace officer in the lawful (sic) performance of hs duty). This is a jailable offence. Then, because you do not have proper ID, you are considered a transient and are not eligible for on recognisance release. If you also do not have the required amount of cash money ($50.00) on you at the time of arrest you will be cited for also violating Section 647(g) of the California Penal Code, in that you are a vagrant "Without visible means of support and/or sufficient funds to support a legal lifestyle". Any guesses as to how I spent my weekend? And you still want to live in California? Anna Johnson ------------------------------ Organization: CPSR Civil Liberties and Computing Project From: Dave Banisar Date: Wed, 2 Jun 1993 21:20:10 EST Subject: CPSR NIST Crypto Statement CPSR NIST Crypto Statement Department of Commerce National Institute of Standards and Technology Computer System Security and Privacy Advisory Board Review of Cryptography Policy June 1993 Statement of CPSR Washington office Marc Rotenberg, director (rotenberg@washofc.cpsr.org) with David Sobel, legal counsel, Dave Banisar, policy analyst Mr. Chairman, members of the Advisory Panel, thank you for the opportunity to speak today about emerging issues on cryptography policy. My name is Marc Rotenberg and I am director of the CPSR Washington office. Although CPSR does not represent any computer firm or industry trade association, we speak for many in the computer profession who value privacy and are concerned about the government's Clipper proposal. During the last several years CPSR has organized several meetings to promote public discussion of cryptography issues. We have also obtained important government documents through the Freedom of Information Act. We believe that good policies will only result if the public, the profession, and the policy makers are fully informed about the significance of these recent proposals. We are pleased that the Advisory Board has organized hearings. This review of cryptography policy will help determine if the Clipper proposal is in the best interests of the country. We believe that a careful review of the relevant laws and policies shows that the key escrow arrangement is at odds with the public interest, and that therefore the Clipper proposal should not go forward. Today I will address issues 1 through 3 identified in the NIST announcement, specifically the policy requirements of the Computer Security Act, the legal issues surrounding the key escrow arrangement, and the importance of privacy for network development. 1. CRYPTOGRAPHY POLICY The first issue concerns the 1987 statute enacted to improve computer security in the federal government, to clarify the responsibilities of NIST and NSA, and to ensure that technical standards would serve civilian and commercial needs. The Computer Security Act, which also established this Advisory Panel, is the true cornerstone of cryptography policy in the United States. That law made clear that in the area of unclassified computing systems, the Department of Commerce and not the Department of Defense, would be responsible for the development of technical standards. It emphasized public accountability and stressed open decision-making. The Computer Security Act grew out of a concern that classified standards and secret meetings would not serve the interests of the general public. As the practical applications for cryptography have moved from the military and intelligence arenas to the commercial sphere, this point has become clear. There is also clearly a conflict of interest when an agency tasked with signal interception is also given authority to develop standards for network security. In the spirit of the Computer Security Act, NIST set out in 1989 to develop a public key standard FIPS. In a memo dated May 5, 1989 and obtained by CPSR through the Freedom of Information Act, NIST said that it planned: to develop the necessary public-key based security standards. We require a public-key algorithm for calculating digital signatures and we also require a public-key algorithm for distributing secret keys. NIST then went on to define the requirements of the standard: The algorithms that we use must be public, unclassified, implementable in both hardware or software, usable by federal Agencies and U.S. based multi-national corporation, and must provide a level of security sufficient for the protection of unclassified, sensitive information and commercial propriety and/or valuable information. The Clipper proposal and the full-blown Capstone configuration, which incorporates the key management function NIST set out to develop in 1989, is very different from the one originally conceived by NIST. % The Clipper algorithm, Skipjack, is classified, % Public access to the reasons underlying the proposal is restricted, % Skipjack can be implemented only in tamper-proof hardware, % It is unlikely to be used by multi-national corporations, and % Its security remains unproven. The Clipper proposal undermines the central purpose of the Computer Security Act. Although intended for broad use in commercial networks, it was not developed at the request of either U.S. business or the general public. It does not reflect public goals. Rather it reflects the interests of one secret agency with the authority to conduct foreign signal intelligence and another government agency responsible for law enforcement investigations. It is our belief that the Clipper proposal clearly violates the intent of the Computer Security Act of 1987. What is the significance of this? It is conceivable that an expert panel of cryptographers will review the Skipjack algorithm and find that it lives up its billing, that there is no "trap door" and no easy way to reverse-engineer. In fact, the White House has proposed just such a review process But is this process adequate? Is this the procedure the Advisory Board would endorse for the development of widespread technical standards? The expert participants will probably not be permitted to publish their assessments of the proposal in scientific journals, further review of the standard will be restricted, and those who are skeptical will remain in the dark about the actual design of the chip. This may be an appropriate process for certain military systems, but it is clearly inappropriate for a technical standard that the government believes should be widely incorporated into the communications infrastructure. Good government policy requires that certain process goals be satisfied. Decisions should be made in the open. The interests of the participating agencies should be clear. Agencies should be accountable for their actions and recommendations. Black boxes and government oversight are not compatible. There is an even greater obligation to promote open decisions where technical and scientific issues are at stake. Innovation depends on openness. The scientific method depends on the ability of researchers to "kick the tires" and "test drive" the product. And, then, even if it is a fairly good design, additional testing encourages the development of new features, improved performance and reduced cost. Government secrecy is incompatible which such a development process. Many of these principles are incorporated into the Computer Security Act and the Freedom of Information Act. The current government policy on the development of unclassified technical standards, as set out in the Computer Security Act, is a very good policy. It emphasizes public applications, stresses open review, and ensures public accountability. It is not the policy that is flawed. It is the Clipper proposal. To accept the Clipper proposal would be to endorse a process that ran contrary to the law, that discourages innovation, and that undermines openness. 2. LEGAL AND CONSTITUTIONAL ISSUES There are several legal and constitutional issues raised by the government's key escrow proposal. The premise of the Clipper key escrow arrangement is that the government must have the ability to intercept electronic communications, regardless of the economic or societal costs. The FBI's Digital Telephony proposal, and the earlier Senate bill 266, was based on the same assumption. There are a number of arguments made in defense of this position: that privacy rights and law enforcement needs must be balanced, or that the government will be unable to conduct criminal investigations without this capability. Regardless of how one views these various claims, there is one point about the law that should be made very clear: currently there is no legal basis -- in statute, the Constitution or anywhere else -- that supports the premise which underlies the Clipper proposal. As the law currently stands, surveillance is not a design goal. General Motors would have a stronger legal basis for building cars that could not go faster than 65 miles per hour than AT&T does in marketing a commercial telephone that has a built-in wiretap capability. In law there is simply nothing about the use of a telephone that is inherently illegal or suspect. The federal wiretap statute says only that communication service providers must assist law enforcement in the execution of a lawful warrant. It does not say that anyone is obligated to design systems to facilitate future wire surveillance. That distinction is the difference between countries that restrict wire surveillance to narrow circumstances defined in law and those that treat all users of the telephone network as potential criminals. U.S. law takes the first approach. Countries such as the former East Germany took the second approach. The use of the phone system by citizens was considered inherently suspect and for that reason more than 10,000 people were employed by the East German government to listen in on telephone calls. It is precisely because the wiretap statute does not contain the obligation to incorporate surveillance capability -- the design premise of the Clipper proposal -- that the Federal Bureau of Investigation introduced the Digital Telephony legislation. But that legislation has not moved forward on Capitol Hill and the law has remained unchanged. The Clipper proposal attempts to accomplish through the standard-setting and procurement process what the Congress has been unwilling to do through the legislative process. On legal grounds, adopting the Clipper would be a mistake. There is an important policy goal underlying the wiretap law. The Fourth Amendment and the federal wiretap statute do not so much balance competing interests as they erect barriers against government excess and define the proper scope of criminal investigation. The purpose of the federal wiretap law is to restrict the government, it is not to coerce the public. Therefore, if the government endorses the Clipper proposal, it will undermine the basic philosophy of the federal wiretap law and the fundamental values embodied in the Constitution. It will establish a technical mechanism for signal interception based on a premise that has no legal foundation. I am not speaking rhetorically about "Big Brother." My point is simply that the assumption underlying the Clipper proposal is more compatible with the practice of telephone surveillance in the former East Germany than it is with the narrowly limited circumstances that wire surveillance has been allowed in the United States. There are a number of other legal issues that have not been adequately considered by the proponents of the key escrow arrangement that the Advisory Board should examine. First, not all lawful wiretaps follow a normal warrant process. It is critical that the proponents of Clipper make very clear how emergency wiretaps will be conducted before the proposal goes forward. Second, there may be civil liability issues for the escrow agents if there is abuse or compromise of the keys. Escrow agents may be liable for any harm that results. Third, there is a Fifth Amendment dimension to the proposed escrow key arrangement if a network user is compelled to disclose his or her key to the government in order to access a communications network. Each one of these issues should be examined. There is also one legislative change that we would like the Advisory Board to consider. During our FOIA litigation, the NSA cited a 1951 law to withhold certain documents that were critical to understand the development of the Digital Signature Standard. The law, passed grants the government the right restrict the disclosure of any classified information pertaining to cryptography. While the government may properly withhold classified information in FOIA cases, the practical impact of this particular provision is to provide another means to insulate cryptographic policy from public review. Given the importance of public review of cryptography policy, the requirement of the Computer Security Act, and the Advisory Board's own commitment to an open, public process, we ask the Advisory Board to recommend to the President and to the Congress that section 798 be repealed or substantially revised to reflect current circumstances. This is the one area of national cryptography policy where we believe a change is necessary. 3. INDIVIDUAL PRIVACY Communications privacy remains a critical test for network development. Networks that do not provide a high degree of privacy are clearly less useful to network users. Given the choice between a cryptography product without a key escrow and one with a key escrow, it would be difficult to find a user who would prefer the key escrow requirement. If this proposal does go forward, it will not be because network users or commercial service providers favored it. Many governments are now facing questions about restrictions on cryptography similar to the question now being raised in this country. It is clear that governments may choose to favor the interests of consumers and businesses over law enforcement. Less than a month ago, the government of Australia over-rode the objections of law enforcement and intelligence agencies and allowed the Australian telephone companies to go forward with new digital mobile phone networks, GSM, using the A5 robust algorithm. Other countries will soon face similar decisions. We hope that they will follow a similar path To briefly summarize, the problem here is not the existing law on computer security or policies on cryptography and wire surveillance. The Computer Security Act stresses public standards, open review, and commercial applications. The federal wiretap statute is one of the best privacy laws in the world. With the exception of one provision in the criminal code left over from the Cold War, our current cryptography policy is very good. It reflects many of the values -- individual liberty, openness, government accountability -- that are crucial for democratic societies to function. The problem is the Clipper proposal. It is an end-run around policies intended to restrict government surveillance and to ensure agency accountability. It is an effort to put in place a technical configuration that is at odds with the federal wiretap law and the protection of individual privacy. It is for these reasons that we ask the Advisory Board to recommend to the Secretary of Commerce, the White House, and the Congress that the current Clipper proposal not go forward. I thank you for the opportunity to speak with you about these issues. I wish to invite the members of the Advisory Committee to the third annual CPSR Privacy and Cryptography conference that will be held Monday, June 7 in Washington, DC at the Carnegie Endowment for International Peace. That meeting will provide an opportunity for further discussion about cryptography policy. ATTACHMENTS "TWG Issue Number: NIST - May 5, 1989," document obtained by CPSR as a result of litigation under the Freedom of Information Act. "U.S. as Big Brother of Computer Age," The New York Times, May 6, 1993, at D1. "Keeping Fewer Secrets," Issues in Science and Technology, vol. IX, no. 1 (Fall 1992) "The Only Locksmith in Town," The Index on Censorship (January 1990) [The republication of these articles for the non-commercial purpose of informing the government about public policy is protected by section 107 of the Copyright Act of 1976] =============================================== ------------------------------ End of Computer Privacy Digest V2 #048 ******************************