Euro-move to key-escrow encryption

1995-09-23

Introduction from moderator:

You've all heard of PGP, and most of you know that the many
governments are trying in one way or another (the Clipper standard in
the U.S.) to undermine it and substitute a form of encryption that the
government can crack.

The battle escalated on September 18 when a group called the Council
of Europe, with representatives from 34 countries, proposed outlawing
any form of encryption in which governments do not hold keys.

I have to thank Jerome Thorel for this information, as well as for the
following posting that fills in some details.  I realize that a lot is
left unclear, such as who has authority to approve and actually put
the Council of Europe's proposal into law.  More information would be
appreciated.

Andy

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

Sender: •••@••.••• (Jerome Thorel)

(This report was first posted on security-related newsgroups.)

Here's some key points of the interview I had a few days ago with an
official of the telecom security unit of the EU Commission (DG-13) in
Brussels

-The European Commission will soon make a proposal concerning the use of
encryption, in order to propose an infrastructure for secure communications
that would satisfy national  industries and governments.

-This infrastructure "will probably" consist of  "Trust Centres" for
encryption key management. "A kind of  'electronic notary service'", he said.

- The EU Commission "has no plans to interfere with national encryption
laws ...  because EU members can keep their sovereignty over "national
security" concerns". "These trust centers agencies would only apply at the
national and not the european level", the official stressed on. "The
requirement would almost certainly be for national licensing [of encryption
products]".

Deadline?
-"You could say that it is hoped to submit the proposal to the Council (of
ministers -- possibly telecoms) this autumn."

I've just had hot confirmations from a senior official in the French
government. In fact, the Commission is working closely with members states
to find a solution for this "notary" alternative (this is a so-called
SOGIS, Senior officers group for information security, that is meeting
regularly, composed of members' states experts and chaired by the
Commission).

The French official said that the UK and France were the most concerned by
this "State security" concerns, while Germany would like to see Brussels
working as this "trust center" for eventual pan-european key-escrow
standard. "We don't want a US-key escrow system with a trust center (for
key management) in Brussels", says the official in Paris.

We could say that these guidelines are matching the US ones, since these
key management and trust centers would be managed by private as well as
public interests. The same idea lies behind the new "key-escrow" system the
NIST is trying to negociate (Clipper Chip II would "satisfy government and
be acceptable to business and private users").

Looks like the Clipper syndrom has fiercely contaminated Euro circles.
Wiretaped-citizens of the world, unite!

(Some follow-up)

The Council of Europe's 34 ambassadors (representatives) approved, in the
name of their government, recommendations about legal wiretaps procedures
and the use of encryption technologies. The Council statement was prepared
by its Crime Problems division. And the approval came on September 11th.

Encryption permits to have email and document transfert secure through
computer networks, but could be "a break to law enforcement", Peter Csonka,
the Council's head of Crime Problems division told Nature.

Csonka said the statement voted in Strasbourg was a whole legal approach
towards information technology -- from digital signatures to wiretap
procedures. "The fact is, that today a hacker can encrypt a stolen document
and the police is in distress (désemparé, or crippled)."

Jerome Thorel
--------------------------------------
Journaliste / Free-lance reporter               Avec l'aide du
Carte de presse / ID Presscard: 72052     Conservatoire National
76 r Ph. de Girard F-75018 Paris                des Arts et Metiers
tel  331-40358010, fax-40370853            <http://web.cnam.fr>


 ~=-=-=-=-=-=-=-=~=-=-=-=-=-=-=-=-=~-~=-=-=-=-=-=-=-=~=-=-=-=-=-=-=-=-=~
 Posted by --  Andrew Oram  --  •••@••.••• --  Cambridge, Mass., USA
                 Moderator:  CYBER-RIGHTS (CPSR)

    World Wide Web:
        http://jasper.ora.com/andyo/cyber-rights/cyber-rights.html
        http://www.cs.virginia.edu/~hwh6k/public/cyber-rights.html
    FTP:
        ftp://jasper.ora.com/pub/andyo/cyber-rights

You are encouraged to forward and cross-post messages and online materials,
pursuant to any contained copyright & redistribution restrictions.
 ~=-=-=-=-=-=-=-=~=-=-=-=-=-=-=-=-=~-~=-=-=-=-=-=-=-=~=-=-=-=-=-=-=-=-=~