ZDNet: Story: Why we must stop the plot to ban encryption
There's a bumper sticker I often see that reads: "Play an accordion, go to jail. It's the law." It's a joke, of course. No such law exists. But the bumper sticker makes me think of U.S. Attorney General John Ashcroft's current effort to create a "use encryption, go to jail" law. Only I'm not laughing.

Encryption is one of the pillars of Internet security. Along with antivirus software and firewalls, the ability to encode data is essential for anyone who wants to keep information private. Without encryption, identity and intellectual property theft would occur far more often than they do today.

Yet, in an apparent effort to prevent U.S. citizens from keeping secrets from the government, the attorney general is pushing to include anti-encryption laws in a new round of homeland security legislation.

THIS IS NOT the first--nor, I expect, the last--time that the U.S. government has sought to regulate the use of encryption. But I believe we must oppose any attempts--backdoor or otherwise--to restrict or ban its use. Encryption is a basic element of our right to online privacy and, as such, must be protected.

This new piece of legislation--the Domestic Security Enhancement Act of 2003 (also known as Patriot Act II)--has not yet been made officially available to the public. But you can get a copy of the confidential document from the Center for Public Integrity. A hard copy obtained by Bill Moyers for PBS television indicated that the draft had already been sent to House Speaker Dennis Hastert and Vice President Dick Cheney for comment, although no members of Congress have been briefed on its contents.

Many of the proposed laws in the new act do not involve the Internet or high tech. For example, it calls for establishing a DNA database of "known terrorists," denying the release of detainees' names or alleged crimes (which is currently guaranteed in the Freedom of Information Act), and the automatic expatriation of U.S. citizens who join terrorist organizations.

But one section, titled "Use of encryption to conceal criminal activity," does relate to technology. It makes the use of encryption to conceal a federal crime or an attempted federal crime an offense punishable by five to ten years in prison (in addition to the sentence imposed for the crime itself). I imagine they're thinking about high-profile terrorism-related crimes, not your garden-variety copyright violators.

Of course, it's possible the draft report itself is a red herring. Who knows whether this proposed legislation will actually include the encryption restrictions when--and if--it is made public. Here's what I hope: News of this anti-encryption law will spread, and, before long, we'll see "Use encryption, go to jail" bumper stickers. Such an effort would certainly boost encryption's use and acceptance in the mainstream population, and secure the Internet at the same time. Maybe that's what Mr. Ashcroft intended all along. You think?

http://www.securityfocus.com/news/2296
http://www.publicintegrity.org/dtaweb/report.asp?ReportID=502&L1=10&L2=10&L3=0&L4=0&L5=0
http://www.zdnet.com/anchordesk/stories/story/0,10738,2911336,00.html