Americans for Computer Privacy
Your privacy is at stake Home, Who we are, For press, Search Home Who we are For press Search
Encryption technology bolsters your privacy


Subcommittee on the Constitution
Federalism and Property Rights
Committee on the Judiciary

United States Senate

Hearings on
"Privacy in the Digital Age:
Encryption and Mandatory Access"

March 17, 1998

Statement of Kathleen M. Sullivan
on behalf of Americans for Computer Privacy



Mr. Chairman and Members of the Subcommittee:

Thank you for the opportunity to testify before you on the constitutional concerns raised by various proposals by the Administration, the Federal Bureau of Investigation, and some members of Congress to restrict the use of data encryption on the internet, in particular by requiring those who make or use encryption technologies to turn over their digital keys to third parties in order to preserve ready access by government to the encrypted information. Whether or not such proposals would, if enacted, be struck down by the United States Supreme Court, the very least that can be said is that they pose serious risks to the liberty and privacy values embodied in the First Amendment's protection of the freedom of speech and press, the Fourth Amendment's protection against unreasonable searches and seizures, and the Fifth Amendment's protection against compelled self-incrimination. These constitutional costs should be factored carefully into consideration of any legislation governing key recovery.

Whatever disagreements might divide participants in this controversy, all can agree upon certain starting points. First, it would seem beyond reasonable dispute that instantaneous global communication over the internet has great benefits to offer both to our commercial marketplace and to our marketplace of ideas, and that the ability of those who use the internet to maintain some degree of privacy in their communications is essential to maximizing those benefits. Various polls have suggested that privacy is a very important issue to users of the internet; for example, a recent Harris poll reported in Business Week found that 78% of users would be more likely to use the internet if its privacy protections were more secure. If the internet is to fulfill its vast potential, then citizens and corporations must be confident that sensitive information that flows over the internet - from the transmission of credit card numbers, medical records and trade secrets to the discussion of views critical of government - will be shielded from unwanted eyes and ears. Privacy with respect to sensitive information and unpopular opinions is as basic an American value in the fast-paced information age of the late twentieth century as it was at the time the Constitution was framed. By enabling secure lines of communication, encryption allows privacy to retain its historical meaning even in an era of changing technology.

Second, all can agree at the same time that the use of robust encryption poses some risks as well as benefits. The use of encryption by criminals or terrorists, for example, may well make it more difficult in particular instances for the government to protect law-abiding citizens, corporations or the government itself against threats to personal, business, or national security. In the absence of mandatory key recovery systems, law enforcement officials can decode encrypted information only if they can obtain voluntary or compelled cooperation from the sender or recipient, seize a key from someone else to whom the sender or recipient has voluntarily or accidentally entrusted it, or deploy superior computing power sufficient to break the code by the mathematical equivalent of brute force. Of course, law enforcement officials retain, even in the digital age, a wide array of traditional methods of surveillance as well as considerable power to search for, seize, or compel production of communications in plaintext. Nonetheless, it is understandable that some law enforcement officials would prefer additional access to encrypted information through the back door of key recovery.

But, third, any such backdoor key access undeniably has formidable costs as well as benefits. There can be little doubt that universal third-party key escrow, if mandated, would reduce the degree of privacy we would all enjoy if we could use strong encryption without turning over keys to outside intermediaries. The creation of a massive, complex system of key escrow intermediaries that are not controlled by users would dramatically multiply the opportunities for information to be transferred into the wrong hands through the mistaken or fraudulent release of keys. It would also lead to the concentration of valuable data in centralized databases that would be far more inviting and vulnerable to targeted attack by criminals than would more decentralized systems of key maintenance. Backdoor decryption would also, by design, compromise privacy in relation to government. No matter how benignly motivated, and even if subject to threshold requirements of judicial approval, government use of key recovery will inevitably be prone to risks of error. By thus compromising the privacy and security that could otherwise be obtained through strong encryption, mandatory key escrow would likely have at least some deterrent effect on the use and growth of internet communication.

Once these initial propositions are established, it becomes clear that the question before this Subcommittee is whether the actual gains to effective law enforcement from mandatory key access justify the considerable costs to constitutionally protected privacy interests that it would entail. Concerns about crime and terrorism will always seem overriding in the abstract. But legislation does not operate in the abstract. If mandatory key access is likely to be highly porous, then criminals will evade its strictures and it will fail to serve the vital but generalized government interests asserted by key access advocates. On the other hand, for ordinary law-abiding citizens, mandatory key access does much that turns traditional constitutional liberties on their head. The method involved in mandatory key escrow - namely, compromising every citizen's liberty and privacy in order to make it easier for government to intercept or capture the unlawful few - is the reverse of our usual procedures under the First, Fourth, and Fifth Amendments. Usually we allow citizens a wide berth for freedom unless and until their exercise of liberty threatens to harm others or the state. Thus, no matter how laudable the generalized law enforcement goals at issue, mandatory key access also involves extremely serious constitutional tradeoffs.

1. Freedom of Speech and Press. The First Amendment provides in relevant part that "Congress shall make no law abridging the freedom of speech, or of the press." Of course, the right to speak is not absolute; government may regulate speech to prevent particularized and imminent harms, such as the stampede that might be caused by the proverbial shout of "Fire!" in a crowded theater, or the violence that might ensue from a speaker's face-to-face provocation of an edgy mob. But the story of free speech protection in the twentieth century consists very largely of the Supreme Court's increasing insistence that entire categories of speech may not be categorically or prophylactically presumed in advance to be dangerous and therefore regulable. Rather, outside of certain narrow areas of unprotected speech such as obscenity, extortion or blackmail, the government is constitutionally required to be put to its proof, case by case, that a particular instance of speech is so likely to be seriously harmful as to justify its regulation. See, e.g., Brandenburg v. Ohio, 395 U.S. 444 (1969).

The Supreme Court likewise has held repeatedly that government may not impose a total ban on an entire medium of expression in which willing speakers and listeners otherwise would engage. For example, government may not ban all leafleting in the public square, all door-to-door solicitation for charitable causes, or all posting of signs on privately owned residences by their owners. As the Court recently noted in a unanimous decision, its "prior decisions have voiced particular concern with laws that foreclose an entire medium of expression" because, even if such laws do not discriminate against particular ideas, they "can suppress too much speech." City of Ladue v. Gilleo, 512 U.S. 43 (1994). First Amendment suspicion is understandably raised by any law that, like a total medium ban, will predictably reduce the quantity of expression in society.

Mandatory key escrow proposals contravene these traditional approaches to free speech because they in effect impose a total ban on a medium of expression - the medium of securely encrypted digital communication - based merely on generalized predictions of dangerousness. Because some unescrowed encrypted communications might amount to a crime or provide evidence of a crime, all unescrowed encrypted communication is forbidden. This reverses the usual presumption that all categories of speech and all media of expression should be permitted unless and until a particular instance of speech is shown to be imminently likely to cause serious harm.

Mandatory key escrow is in considerable tension with another aspect of our First Amendment tradition as well: By compelling the maker and/or the user of encryption products unwillingly to disclose how to decrypt coded information, it arguably violates the right not to speak that has long been read as an unspoken corollary of the right to speak. Government generally may not make us speak against our will, whether by pledging allegiance to a flag, bearing a slogan we find offensive on our automobile license plates, or turning over part of our property to serve as a bulletin board for our critics. Similarly, government generally may not force us to disclose our identity when we engage in otherwise protected expression. The Supreme Court has long held, for example, that civil rights activists and others who risk retaliation for their important but unpopular speech may not be made to sign their pamphlets or disclose their organizational membership lists merely because doing so might make it easier for government to monitor for subversion or fraud. See Talley v. California, 362 U.S. 60 (1960); NAACP v. Alabama, 357 U.S. 449 (1958).

The Court recently reaffirmed this right against compelled disclosure of identity in a decision invalidating, on First Amendment grounds, a criminal ban on unsigned literature in a referendum campaign. In that decision, McIntyre v. Ohio Elections Commission, 115 S. Ct. 1511 (1995), both Justice Stevens and Justice Thomas emphasized that an author's decision to remain anonymous is part of a venerable tradition that stretches back to the nation's founding era: the Federalist Papers themselves were written under the pseudonym "Publius" and countered by anti-Federalist tracts written under such pseudonyms as "Cato," "Brutus," and "the Federal Farmer." To be sure, internet users of encryption technology seek to keep private the content of as well as the signature on their documents. But a generation that included Paul Revere as well as Madison, Hamilton and Jay undoubtedly understood that content ("one if by land, two if by sea") no less than authorship sometimes needs to be encrypted..

It is no answer to such concerns that the proposed third-party key escrow systems, unlike earlier proposals for government key escrow, require disclosure of decryption keys not to the government but rather to private parties chosen by each speaker. The Supreme Court has invalidated, for example, a requirement that charitable solicitors disclose the amount they spend on overhead to the private parties from whom they seek donations. See Riley v. National Federation of the Blind, 487 U.S. 781 (1988). As the Court emphasized in Riley, what matters is not to whom the disclosure is directed, but whether the government has "mandat[ed] speech that a speaker would not otherwise make." Mandatory key escrow by definition does just that.

Nor is it necessarily a sufficient answer to such concerns that mandatory key escrow aims not at the message but at the vehicle by which it is expressed - that is, at the equivalent of the envelope rather than the letter. For the Supreme Court has often admonished that regulation of conduct that facilitates speech triggers the First Amendment no less than regulation of the speech itself. For example, government may not prohibit payment for solicitation of signatures on ballot petitions or the receipt of honoraria for off-duty speeches and articles by government employees, because such regulations decrease incentives to engage in speech even if the speech itself may be engaged in by other means. See Meyer v. Grant, 486 U.S. 414 (1988); United States v. National Treasury Employees Union, 513 U.S. 454 (1995). Similarly, the Court has been just as willing to invalidate a selective tax on paper and ink as to invalidate a selective tax on a newspaper itself. See Minneapolis Star v. Minnesota Commissioner of Revenue, 460 U.S. 575 (1983). Requiring escrowed key encryption - like requiring that letters be mailed in glassine envelopes - would surely discourage speech as effectively as a tax or regulation on the underlying speech itself, and thus call for heightened scrutiny under the First Amendment.

Finally, any provision that conditions the right to make or sell encryption software upon the government's prior approval of that software's key recovery capabilities might raise familiar First Amendment concerns about prior restraint. Assuming that computer code, like scientific or musical notation, free verse or abstract painting, counts as speech as much as does a political tract or the daily news, such preclearance requirements, like any system of speech licensing, creates the danger that the exercise of administrative discretion will tend to give inadequate protection to interests in freedom of speech. See generally Bernstein v. United States, 974 F. Supp. 1288 (N.D. Cal. 1997).

2. Protection from Unreasonable Search and Seizure. The Fourth Amendment protects "the right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures." It also provides that "no Warrants shall issue, but upon probable cause" and "particularly describing" the objects of search or seizure. The reasonableness and warrant requirements help to ensure that, under our system of government, law enforcement officials will not engage in dragnets or general searches, no matter how useful they might be in facilitating occasional access to evidence of crimes. The reason is, of course, that a general search also sweeps in countless other innocent transactions of daily life, thus diminishing the privacy and security enjoyed by law-abiding citizens. As Justice Harlan once wrote, the Fourth Amendment "is designed not to shield Œwrongdoers,' but to secure a measure of privacy and a sense of personal security throughout our society." United States v. White, 401 U.S. 745 (1971) (Harlan, J., dissenting). Mandatory key escrow bears a troubling resemblance to a general search, exacting a significant surrender of privacy and security in the absence of any initial particularized suspicion.

The interests protected by the Fourth Amendment, which extend beyond "persons, houses, papers and effects" to all aspects of our lives in which we have "reasonable expectations of privacy," were not frozen in time in the eighteenth century. Those interests may well alter or expand with the advent of new technologies. In Katz v. United States, 389 U.S. 347 (1967), for example, the Court easily found a twentieth-century telephone call to be the functional equivalent of eighteenth-century "papers," and thus determined that the government's warrantless use of a modern electronic eavesdropping device was just as problematic under the Fourth Amendment as redcoats rummaging through one's drawers. Fourth Amendment protections ought likewise extend by analogy to the internet: Just as one who shuts the door to a phone booth and pays for a phone call may reasonably expect that the content of his phone call will not be intercepted, so one who encrypts the content of a transmission over the internet and carefully secures the key has taken socially reasonable steps to maintain the confidentiality of his communication.

To be sure, we do not maintain reasonable expectations of privacy in those aspects of our lives that we voluntarily reveal to potential uninvited onlookers. For example, the Supreme Court has held that the Fourth Amendment does not constrain government searches of open fields that would be visible to hunters passing by and airplane pilots flying overhead, or of garbage bags placed on the curbside where their contents would be readily accessible to scavengers and the trash collector. See Oliver v. United States, 466 U.S. 170 (1984); California v. Greenwood, 486 U.S. 35 (1988). But the Court has never held that the government is presumptively entitled to access to anything more than we choose voluntarily to reveal, or risk revealing, to the world at large. We are not normally expected to grant easements of access to the government to areas of our lives that we have generally shielded from meaningful public view.

Mandatory key escrow inverts these usual presumptions by requiring that citizens take affirmative steps to facilitate government surveillance. Imagine if government, for similar reasons, required us to live in glass houses, conduct all our conversations loudly and exclusively in English, carry all our personal belongings in clear plastic bags, or keep all of our possessions in unlocked cabinets or drawers. Most Americans would no doubt be deeply troubled by such laws. Government may not bootstrap its way out of Fourth Amendment constraints simply by outlawing methods for preserving privacy that would otherwise be considered reasonable within the broad contours of our customs and traditions.

Or suppose that government, under laws more closely analogous to mandatory digital key escrow, ordered that copies of all personal papers be deposited in safe deposit boxes in private banks, or that a duplicate of every set of house keys be kept with an insurance agent, in order to facilitate ready later access by law enforcement officials. Such methods, much like the regular conduct of general searches, would seriously compromise the individual privacy and security that we all enjoy, not just that enjoyed by would-be criminals.

It makes little difference that one is compelled to turn over one's keys, as an initial matter, to private parties rather than to the government. The compromise to individual security and privacy remains much the same. Nor is it plausible to suppose that no government search or seizure really occurs until government approaches a key escrow agent for the key - at which point there will be a warrant, a court order or at least enough particularized suspicion to make the government's action reasonable. Any particularized suspicion that might be thought to justify key recovery at a later time cannot cure the problems caused by the generality of the initial sweep.

Imagine, for example, that government required that we all install surveillance cameras inside our homes - while promising to turn them on only upon particularized suspicion. Or suppose that government were to require that we wear computerized jewelry that could be programmed by government to monitor our movements - but only if government comes to suspect that we are about to do something illegal. And suppose further that government turned on the cameras or activated the silent beeper without any specific notice to us akin to the ancient common-law requirement of knock-and-announce. In such settings, government's promise that it would activate its enhanced capacity to invade our privacy only if it accurately suspected us of some wrongdoing would hardly be enough to assure us that it would never make a mistake or single us out for some other less relevant reason. It is the very purpose of the Fourth Amendment to shift the risk of such error to the government.

Finally, proponents of mandatory key recovery might argue that it presents no greater Fourth Amendment problems than does the requirement that digital telephones be configured to allow the government to wiretap conversations. This analogy is inapt. Telephone users necessarily surrender some control of their communications to telephone companies, who in turn can be, and historically have been, forced to surrender access to the government; by contrast, the internet makes possible unmediated communication between speaker and listener in which the users at all times can maintain exclusive control of the decryption keys. Mandatory key recovery thus would force internet users to make a copy of a key they never would have lost control of in its absence. Moreover, telephone interception applies to ephemeral communications, while mandatory key recovery gives government potential access to a much broader realm of stored data.

3. Privilege against Self-Incrimination. The Fifth Amendment provides, among other things, that no person "shall be compelled in any criminal case to be a witness against himself." This privilege against self-incrimination helps prevent government from plundering the defendant's own mind for assistance in convicting him of a crime. But to trigger the protection of this clause, a communication must simultaneously be testimonial, incriminating and governmentally compelled.

The contours of the privilege as it applies to compelled surrender of encryption keys are controversial, but one thing is clear: Mandatory key escrow would operate to defeat any Fifth Amendment protection that might otherwise attach by disaggregating the elements of any defense. In the absence of third-party escrow, government would have to try to compel individual keyholders to divulge or hand over their keys. Forced recitation of a key from memory, like forced recitation of a combination to a safe, is arguably testimonial, as well as incriminating and compelled. Compulsory surrender of a recorded version of a key might likewise trigger the privilege, at least if the act of production of the key were itself communicative, for example authenticating a document or attesting to the defendant's connection to the message that key enables the government to decrypt.

But the Fifth Amendment privilege could be bypassed altogether if government could compel production of a key by a third-party escrow agent rather than from the user of the key. The user's surrender of the key at the outset is compulsory, but not at that time either testimonial or incriminating. The user's creation and encryption of any particular message is voluntary, not compelled. And even if a key enabling decryption of a particular message is incriminating to the user, its compulsion from the third-party escrow agent does not amount to testimony by the user. In short, the Fifth Amendment privilege might sometimes protect the papers of a defendant from compulsory production by the defendant, but not from compulsory production by a third party, and at a minimum, the same logic would appear to apply to decryption keys.

Mandatory key recovery thus helps to work an end run around the protections of the Fifth Amendment privilege against self-incrimination. Normally it is up to individuals to decide whether to increase the risk that their documents - or, in this context, their decryption keys - will ultimately be surrendered to the government by transferring those documents to third parties. Mandatory key recovery takes away that choice.

4. The problem of futility. Even clear infringements of fundamental constitutional rights can sometimes be justified if they are sure to serve compelling government interests. Prevention of crime, terrorism and threats to national security are undoubtedly compelling interests. But it is very far from certain that domestic encryption controls ­ even in tandem with existing or future export controls ­ will be genuinely effective in preventing such dangers. For the skilled user, strong encryption will inevitably be available for import from foreign sources. And the availability of strong encryption from foreign sources can be expected to increase further to the extent that domestic encryption controls drives software design talent overseas. Furthermore, high-tech criminal activity can be expected to cultivate its own encryption expertise, and those who are undeterred by the general criminal law are unlikely to comply with third-party key escrow requirements. While standardization of key recovery-based encryption products thus may enable detection and deterrence of criminals at the lower end of the expertise scale, mandatory key recovery is far less likely to do the same for the most sophisticated and dangerous criminals or terrorists. The lower the expected utility of a particular technique of law enforcement, the less justifiable its adverse impact on our general sense of privacy and security.

5. Unconstitutional conditions. The constitutional concerns raised above would not evaporate if government sought to achieve key escrow through use of its spending power, rather than through direct regulation. The Supreme Court has long held that there are limits to how much regulatory leverage government can obtain through its market participation. Across a range of constitutional areas, the Court has held that government's power to dictate the terms on which its own resources may be used may not be used to dictate the terms on which its contracting partners or grantees may use their own resources. For example, a grant of a public broadcasting subsidy does not entitle government to bar all editorializing by the recipient, even if such speech is supported by private funds. Nor may government dictate to a public employee what income he may derive from speech activities he undertakes in his spare time. Similarly, the government may impose key recovery requirements on computer products and internet services that it purchases for its own (presumably non-classified) use. But that does not necessarily entitle it to impose such requirements on its suppliers in their dealings with private customers.

To the extent that network externalities require those who do large amounts of internet business with the government to standardize their products for both public sector and private sector markets, there is a real danger that government procurement conditions will operate in fact as regulatory conditions extending far beyond the scope of a government contract. The significant temptation for overreaching in such a setting calls for the exercise of considerable governmental self-restraint.

Conclusion. Privacy is a basic and traditional constitutional value served in overlapping ways by the First Amendment's protection of anonymous speech; by the Fourth Amendment's protection of our persons, houses, papers and effects and their modern equivalents; and by the Fifth Amendment's protection of knowledge we commit to memory and decline to divulge to anyone else. Mandatory key access would undermine all three protections. It would reverse the usual constitutional presumption that we are free until we pose a threat of material harm, presuming instead that all securely encrypted internet communications are potentially appropriate targets for government access. Such an inversion of our constitutional order might be justified if mandatory key escrow really could keep criminals and terrorists at bay. But a complex non-user-controlled key access system is likely to be both easily evaded by high-tech criminals and increasingly vulnerable to their predations at the expense of ordinary citizens. Under such circumstances, mandatory key access should be rejected.


webmaster@computerprivacy.org  |  © 1998 - 2003 Americans for Computer Privacy  |  Site Credits  |  Privacy Policy

powered by Photofunia