Electronic Frontier Canada:

Statement on Canadian Cryptography Policy

August 14, 1997

Note:
This document was prepared by Jeffrey Shallit and David Jones, in consultation with members of Electronic Frontier Canada. Please send your comments, criticisms, or corrections to djones@efc.ca


Privacy

Cryptography (or encryption/decryption) is a term used to describe a collection of techniques that allow people to store and communicate information in secret. In a vast country like Canada, these techniques are increasingly important because they allow people to communicate and share information over long distances, while still protecting their privacy.

Privacy of communication is explicitly protected by the Universal Declaration of Human Rights (article 12), by the International Covenant on Civil and Political Rights (article 17), and by Canadian law.

Cryptography provides Canadians with tools they can use to exercise their right to privacy.

E-Commerce

Electronic commerce is a broad term used to describe all sorts of computerized communication and record-keeping practices among businesses and other organizations. Online commercial transactions are a good example. Although still in its infancy in Canada, electronic commerce will soon be a major global economic force. Canadian businesses therefore have a significant competitive interest in this field.

There are four factors that are key to facilitating electronic commerce.

1. confidentiality
The confidentiality of all aspects of transactions and records is essential for both businesses and consumers. Electronic commerce requires protection against snoops and eavesdroppers.

2. authentication
The identity of participants and the accuracy of the details of a transaction must be verifiable by those involved in the transaction. Electronic commerce requires protection against counterfeiters and impersonators.

3. integrity
The infrastructure relied upon to conduct electronic commerce must be robust and secure against all kinds of faults that might tend to compromise it, whether intentional or not. These include malicious or intrusive attempts to interfere with records or transactions by eavesdropping or counterfeiting as well as software implementation errors or hardware faults.

4. non-repudiation
Participants must not be able to back out once they have committed to a transaction. Electronic contracts must be enforceable.

Cryptographic techniques satisfy all these needs and are therefore an essential element in the new digital economy.

Strong Encryption

Because of its importance in facilitating both private personal communication and secure electronic commerce, Electronic Frontier Canada supports the widespread use of strong cryptographic techniques.

In this context, "strong" encryption means encryption without any limitation, so that transactions and records cannot, for all practical purposes, be deciphered or counterfeited by unauthorized third parties, including government agencies.

Development and Deployment of Encryption Products and Services

Computer, communication, and information technologies, including encryption products and services, are being developed and refined at a remarkable pace.

Electronic Frontier Canada is of the opinion that the marketplace is an adequate mechanism to identify needs for, and prioritize the development of, cryptographic products and services.

Because innovations and advancements are often hard to anticipate we believe that Canadian government intervention, in the form of regulation of encryption products and services, would very likely do more harm than good.

On the other hand, we would have no objections to the government offering financial incentives to foster or accelerate research and development of certain aspects of encryption technology that are found to be in the public interest.

The Legal Environment

The current Canadian legal environment regarding the production, use, and export of cryptographic products and services is generally perceived as vague or unclear. Whether or not this perception is accurate, the apparently murky legal status of hardware and software systems that implement strong encryption has had a negative impact and limiting effect on the use of strong encryption in Canada. Another factor is that the quality of information provided by different departments or officials varies considerably. The current legal environment certainly does not "facilitate" the deployment of a ubiquitous infrastructure to support interoperable and widespread use of strong encryption.

Legal limitations on cryptography fall into three broad categories:

1. Canadian Export Restrictions
2. International Trade Agreements
3. Contractual Agreements with Foreign companies

This diversity of obligations makes understanding the rules a difficult task, particularly for the average person without legal training [1].

It is widely recognized that interests and priorities established by American law enforcement and national security agencies have had a significant impact, both on U.S. policy, as well as cryptography policies around the world.

As an illustration, several Canadian banks discriminate against a subset of their Canadian customers who do electronic commerce by not providing them with software that uses strong encryption. They do this in order to comply with contractual obligations with American companies that provide strong encryption software. Those companies, in turn, are obligated to include those terms in their contracts in order to comply with American cryptography policy. In this way, American policy has a specific and extra-territorial impact on Canadians and Canadian-owned companies.

Import/Export Restrictions

Electronic Frontier Canada believes that unnecessary or unclear import/export restrictions on strong cryptography will have a significant negative impact on Canadian industries and make them less competitive in the global market.

As an example of the kind of policy-driven, rather than business-driven, decisions that can result, it is worth observing that an American company, Sun Microsystems, was forced to contract out the development of strong cryptographic software to a Russian company in order to be able to sell the software internationally, rather than doing the work domestically for export, which is currently illegal under U.S. law [2]. It would not be in Canada's best interests to adopt similar policies that would lead to distorted business decisions and cause Canadian companies to export jobs.

Even where some limited export restrictions must exist, a comprehensive overview of all relevant rules and procedures must be made understandable to the individuals and small companies where innovative applications of new technologies are often nurtured.

Electronic Frontier Canada recognizes that certain limited export restrictions may be required to satisfy the national interest of Canada. For example, the Canadian government may decide to restrict shipment of all manner of products, including cryptographic products, to countries with which Canada is at war.

We make the observation that restrictions on books, written instructions, or executable software are quite impractical in today's era of fast and efficient worldwide communication networks. Although restrictions on special-purpose cryptographic hardware may be more feasible, it should be recognized that the vast majority of cryptosystems are implemented in software on fast, general-purpose computing hardware. Similarly, it would probably not be practical to prohibit export of cryptographic software based on "intended use".

We recommend that Canadian companies and government departments should exercise caution when importing cryptographic systems from foreign countries that may have an interest in gaining unauthorized access to our transactions and records. Given that such systems are often complex, it is important not to dismiss the possibility of undocumented features that might allow certain third parties to surreptitiously intercept data. In this regard, we recommend that the government consider how to effectively evaluate, rank, and certify different cryptographic goods and services, both domestic and foreign. These certifications would be useful for advising private businesses, and would form the basis for approval of cryptographic products and services for use by Canadian government departments and government contractors.

Licensing Restrictions

Electronic Frontier Canada opposes any licensing restrictions on the use of strong encryption products and services. Canadians should remain free to use whatever manner of communication or record-keeping they choose, including the use of cryptography to protect the privacy of their messages and to ensure the integrity of their data.

We believe that government licensing of cryptographic service providers would not provide any significant benefit in terms of consumer protection or confidence, but would do unnecessary harm to the Canadian economy by prematurely limiting competition and diversity of products and services. It would also raise the possibility of legal prohibitions against the use of "unauthorized" encryption software, while "authorized" software may be based on outdated, weak, or insecure methods that would not adequately satisfy individual privacy needs and business and consumer interests in developing electronic commerce

We recognize that the government may need to identify certain minimum requirements or adherence to recognized industry standards when adopting cryptographic systems for use by government departments as a way to ensure quality, reliability, strength of encryption, etc. We do not view this as a licensing restriction because it would not prevent other individuals or companies from using encryption products and services of their own choosing, to suit the needs of their own situation.

Interception of Communications and Recovery of Records for Law Enforcement and National Security

Key Escrow/Recovery Requirements

Electronic Frontier Canada would be opposed to any law that prevents Canadians from manufacturing, selling, or using any form of encryption within Canada. This includes any law that would prohibit the use of cryptography to aid in the commission of another crime, hinder an investigation, or conceal evidence. We believe such a law would be unnecessary because there are already adequate laws against such aiding, hindering, or concealing. There is no need for specific anti-cryptography provisions.

There has been a tremendous amount of public discourse, especially in the United States, about the concerns that law enforcement officials and national security agencies have expressed about maintaining or expanding their ability to intercept communications and to recover records in certain situations where they deem it is appropriate or necessary.

Widespread opposition, from the public and from industry, have defeated several versions of the American "Clipper Chip" proposal -- a government-imposed encryption standard that would enable law enforcement access to "private" communications.

Although advocates for legal restrictions on the use of cryptography are able to present "scenarios" in which they argue a legitimate need to intercept encrypted communications, the prevalence of such situations is often exaggerated.

Electronic Frontier Canada believes that the privacy rights of 30 million Canadians and the legitimate business interests Canadian companies have in conducting secure electronic commerce should not be set aside because law enforcement officials can imagine an unlikely scenario in which their investigation would be made more difficult.

Easy access to strong cryptography, it is sometimes argued, puts our nation at risk from terrorists and organized criminals. The national security argument is particularly weak, since international terrorists will necessarily have access to the global marketplace, where strong cryptography is easily available. The crime argument is also weak, since only a minuscule fraction of criminal cases require use of wiretap warrants that could potentially be defeated by cryptography. Our view is that there is a far greater risk to individuals, businesses, and the government if we are unable to effectively prevent criminals from gaining unauthorized access to our records and communications.

One simplistic approach in which law enforcement officials could gain to communications or records would be if the encryption methods were legally required to be weak or trivial. This approach is not at all practical, since if police can defeat the encryption then so can criminals intercept private communication of innocent individuals or businesses.

Another approach that has received considerable attention, especially in the United States, is "key escrow", in which the keys needed to gain access to encrypted communications or records are deposited with a third party. It is common for advocates of "key escrow" to argue that an impartial judicial procedure would be followed to allow law enforcement officials to gain access to these keys only when there is sufficient justification. A related approach, known as "key recovery" refers to a broader collection of techniques for providing access to plain text.

It is our view that mandatory key escrow/recovery schemes introduce new sources of insecurity and vulnerability. Furthermore, the world's leading cryptographers recently concluded that the kinds of key recovery systems being considered are likely impossible to implement [3].

Electronic Frontier Canada is strongly opposed to mandatory "key escrow" and "key recovery" and views them as being comparable to the government demanding that every Canadian be required to deposit copies of keys to their residence at the local court house, in order to facilitate police entry, should suspicion of a criminal act arise.

We recognize that individuals or companies may voluntarily choose to deposit some of their encryption keys with a trusted third party in certain occasions. A person may choose to entrust their lawyer with certain encryption keys as a safeguard, if they think they might possibly lose or forget them. A company may require employees to encrypt business correspondence and records using encryption keys known to the company or a trusted third party, so that when employees leave the company, there will be no interruption of business or loss of data.

In cases where existing law imposes reporting or disclosure requirements, we recommend that the fact that records are encrypted should not be used as an excuse to escape from those obligations. For example, corporations are obligated to comply with various auditing and reporting requirements. In order to comply, corporations may choose to adopt internal "key recovery" in order to avoid being found negligent in their record-keeping.

As another example, government departments are obligated to comply with various kinds of access to information requests. Because of the importance of maintaining continued access to historical records, it may be in the public interest to require government departments to adopt "key escrow" or "key recovery" paradigms.

Where an individual, business, or government agency has relied upon anyone, including a trusted third party, to keep encryption keys confidential, there may be a need for legal penalties to discourage the unauthorized disclosure or use of those keys.

Finally, when considering the possibility of mandatory and "universal" key recovery, it is important to consider how cryptography is used in practice. It is common to use several kinds of keys, each having distinct purposes and distinct lifetimes. Session keys, for example, are meant to be created, used, and discarded very quickly. Although individuals and businesses may sometimes have a need to recover keys needed to access data that is in storage, they never have a need to recover the session keys that are used to encrypt their ongoing communications, such as cellular telephone calls.

Where session keys are used to protect electronic commerce that is conducted "offline", as is the case with some stored value cards, it may be entirely impractical to store or recover those keys. The same is true about many kinds of Internet commerce that have been proposed: the feasibility of "microbuck" or "millicent" payments relies upon a very lean mechanism to conduct commercial transactions. Mandatory key recovery could effectively eliminate entire segments of the digital economy.


References

[1]
A summary of Canada's export controls on cryptographics software.
Marc Plumb, May 21, 1995.
URL = http://www.efc.ca/pages/doc/crypto-export.html

[2]
"Sun is seeking sales abroad of latest encryption software"
New York Times, May 20 1997, p.C5

[3]
The risks of key recovery, key escrow, and trusted third-party encryption.
Abelson, Anderson, Bellovin, Benaloh, Blaze, Diffie, Gilmore, Neuman, Rivest, Schiller, Schneier, "Final Report", May 27, 1997
URL = http://www.crypto.com/key_study/


[ EFC ]