If and when a new cryptography policy emerges, there will be winners and losers among the pool of “players,” a pool that roughly consists of law enforcement agencies, U.S. manufacturers and vendors of encryption products, and the public.
Predictor: Hoffman, Lance
Prediction, in context:In a 1994 research article on cryptography policy, authors Lance Hoffman, Anne Huybrechts, Ali Faraz and Steven Heckler write: ”If and when a new cryptography policy emerges, there will be winners and losers among the pool of ‘players,’ a pool that roughly consists of law enforcement agencies, U.S. manufacturers and vendors of encryption products, and the public. Based on the results of the preceding analysis, four scenarios can be envisioned: ”1. Complete decontrol of cryptography. The use of strong encryption by the public, as well as its export by U.S. manufacturers, could be completely decontrolled by the government at the direct expense of law enforcement and national security. This would please some members of the public, for they would have maintained control over their privacy. U.S. manufacturers of encryption products would also likely benefit from this move. ”2. Domestic decontrol of cryptography with export regulations. Strong encryption could remain decontrolled for use by the general public, but strict regulations would remain on its export. While the public would still be relatively content, U.S. industries would lose sales and potential market share due to exclusion from the lucrative international market for encryption products. The large domestic market, however, would remain open, guaranteeing some revenues for encryption product manufacturers. Law enforcement agencies, on the other hand, would lose in the short term in either of these scenarios, because their electronic surveillance abilities would be diminished. ”3. Voluntary escrowed encryption. Escrow a de facto standard. (This is the Clinton administration’s proposed scenario.) The escrowed encryption standard could become a de facto national standard for voice, fax, and data communications over the public switched telephone network. While other encryption products would be built, they would gain little market acceptance because of demand for interoperability. Thus, law enforcement would be able to listen in on most transmissions. The encryption technology might be exportable to countries that implemented the same or a similar scheme and agreed to cooperate in international investigations. U.S. manufacturers might gain or lose in this scenario; they would gain only if Clipper received widespread acceptance. Law enforcement agencies would gain. ”4. Mandatory escrowed encryption. The government could choose to keep complete control over encryption and enforce a technology similar to the escrowed encryption standard. Law enforcement agencies would come out as winners for having maintained their surveillance capabilities. But a black market for foreign encryption products smuggled into the U.S. would probably be created by members of the public, including criminals, who desire more secrecy. How U.S. companies would react in this scenario depends on whether this government-enforced standard is designed to be exportable or not. If it is unexportable, U.S. companies currently involved in the manufacture and sale of encryption products would be almost completely blocked form the international market and would be restricted to marketing the government-enforced standard domestically. This would result in considerable financial loss for the industry. Some observe that mandatory escrowed encryption can never be exportable, since if it were then products would be used in one country whose keys were escrowed elsewhere (or not at all), and this would not come to the attention of the exporting country’s authorities until they attempted to snoop on someone; they would be reduced to prosecuting that person, if at all, for using a nonescrowed encryption device. If, on the other hand, the standard is an exportable item, and designed with an eye to the requirements of the international market, then U.S. companies would be better off and could maintain a level of international economic competitiveness.”
Biography:Lance Hoffman, a professor at George Washington University, was a security expert and the author of the 1994 National Science Foundation paper “Civilizing Cyberspace: Priority Policy Issues in a National Information Infrastructure” in addition to many other research pieces in the 1990s. He wrote the book “Rogue Programs: Viruses, Worms and Trojan Horses” (Van Nostrand Rheinhold, 1990). (Research Scientist/Illuminator.)
Date of prediction: January 1, 1994
Topic of prediction: Communication
Subtopic: Security/Encryption
Name of publication: Communications of the ACM
Title, headline, chapter name: Cryptography Policy
Quote Type: Direct quote
Page number or URL of document at time of study:
http://web4.infotrac.galegroup.com/itw/infomark/833/751/34311839w4/purl=rc2_EAIM_1_Cryptography+Policy___09/1994______________________________________________________&dyn=sig!2?sw_aep=ncliveec
This data was logged into the Elon/Pew Predictions Database by: Johnson, Kathleen