14 April 1999
Source: http://www.senate.gov/~mccain/encryp3.htm

NANCY IVES (202)224-7130
PIA PIALORSI (202)224-2670


WASHINGTON, D.C. -- Senator John McCain (R-AZ), Chairman of the Committee on Commerce, Science, and Transportation, today introduced legislation to encourage electronic commerce by facilitating the accessibility and export of encryption technology. The PROTECT Act's purpose is to promote electronic commerce that is in keeping with our national security.

"This bill protects our national security and law enforcement interests while maintaining the United States leadership role in information technology. We must update our laws to reflect the realities of the information age," McCain said. "The PROTECT Act would establish a credible procedure for making encryption export decisions, while providing a national security backstop to make certain that advanced encryption products do not fall into the wrong hands."

Senator Conrad Burns (R-MT) and McCain have been working to reach a compromise on this issue for many months. Burns is a co-sponsor along with Senators Ron Wyden (D-OR), Spencer Abraham (R-MI), John Kerry (D-MA), and Patrick Leahy (D-VT).

The bill would do the following:

Direct the National Institute of Standards and Technology (NIST) to complete the establishment of an advanced encryption standard by January 1, 2002.

Allow for immediate exportation of encryption of key lengths of up to 64 bits.

Permit the exportation of non-defense encryption (above 64 bits) to responsible entities and governments of North Atlantic Treaty Organization (NATO), Association of Southeast Asian Nations (ASEAN), and Organization for Economic Cooperation and Development (OECD).

Allow for liberalization of export controls for encryption by creating an Encryption Export Advisory Board to review applications for exemption of encryption of over 64 bits and give recommendations to the Secretary of Commerce. The board would be made up of 12 members: the Under Secretary of Commerce for Export Administration, seven individuals appointed by the President (one from the National Security Agency, one from the Central Intelligence Agency, one from the Office of the President, and four representatives from the private sector who have experience in information technology), four representatives appointed by Congress (one by the Majority Leader of the Senate, one by the Minority Leader of the Senate, one by the Speaker of the House, and one by the Minority Leader of the House).

Give the Secretary of Commerce 15 days to respond to recommendations. If he rejects a recommended exemption, his decision is subject to judicial review.

Reaffirm presidential authority to veto a recommended exemption for national security purposes, and to establish terrorist and embargo controls.

Authorize increased funding to law enforcement and national security agencies to upgrade facilities and intelligence.

Give the Secretary of Commerce the authority to prohibit the exportation of particular encryption products to an individual or organization in a foreign country identified by the Secretary.

# # #