17 July 2000

http://www.whitehouse.gov/library/hot_releases/July_17_2000_1.html

THE WHITE HOUSE

Office of the Press Secretary
(Camp David, Maryland)

_______________________________________________________________

For Immediate Release July 17, 2000

STATEMENT BY THE PRESS SECRETARY

Administration Updates Encryption Export Policy

Today, the Administration is updating its policy for encryption exports to the European Union and other key trading partners, thus assuring continued competitiveness of U.S. industry in international markets.

Under the new policy, U.S. companies can export under license exception (i.e., without a license) any encryption product to any end user in the 15 nations of the European Union as well as Australia, Norway, Czech Republic, Hungary, Poland, Japan, New Zealand and Switzerland. Previous distinctions between government and non-government end users are removed for these countries. Further, U.S. exporters will be permitted to ship their products to these nations immediately after they have submitted a commodity classification request for their product to the Department of Commerce. Exporters no longer have to wait for a completed technical review or incur a 30-day delay to ship their encryption products to customers in these nations.

These updates track with recent regulations adopted by the European Union that ease encryption exports to the same countries. Consistent with the Administration?s January 2000 commitment, U.S. companies can continue to compete effectively in these markets.

The steps announced today continue our policy to serve the full range of national interests: promote electronic commerce, support law enforcement and national security, protect privacy, and maintain U.S. industry leadership in security technologies.

# # #

Date: Mon, 17 Jul 2000 17:43 -0400
From: The White House <Publications-Admin@pub.pub.whitehouse.gov>
To: Public-Distribution@pub.pub.whitehouse.gov
Subject: 2000-07-17 Statement by VP Al Gore on Encryption Export Policy

THE WHITE HOUSE

Office of the Vice President

_______________________________________________________________

For Immediate Release                                      July 17, 2000

STATEMENT BY VICE PRESIDENT AL GORE
ON ADMINISTRATION ACTION TO UPDATE ENCRYPTION
EXPORT POLICY TO THE EUROPEAN UNION

In September, 1998, I announced a series of steps we were taking to update the Administration's encryption policy.  Our work, which grew out of discussions between government and American industry, law enforcement and privacy advocates, was designed to promote electronic commerce will protecting our national interests in law enforcement, privacy and national security.

Today, that mission continues with an important announcement regarding encryption exports to the European Union and other nations. The new policy strips away review requirements and other restrictions that serve to inhibit the ability of American businesses and workers to compete in the global marketplace.  While ensuring our competitiveness, this policy continues to preserve our ability to fight crime, protect individual privacy and enhance the security of our nation.

###

http://www.whitehouse.gov/library/hot_releases/July_17_2000.html

ASSURING SECURITY AND TRUST IN CYBERSPACE

July 17, 2000

White House Chief of Staff John Podesta, in a speech today at the National Press Club, proposed important new measures to assure the security and trust of Americans in cyberspace. His speech emphasized the themes of updating law enforcement authorities for the Internet age, harmonizing the rules that apply to different technologies such as telephones and e-mail, and balancing important values. He proposed legislation that would give law enforcement important new tools to pursue criminals through cyberspace while also boosting citizens? fundamental rights to privacy in the electronic age. Mr. Podesta also announced new rules that will update encryption export controls.

A FRAMEWORK FOR SECURITY AND TRUST IN CYBERSPACE

• Private sector leadership. As emphasized at the White House Cyber Security Summit in February, the private sector, which owns and operates most of the computers that Americans rely upon, has the responsibility to lead in computer and network security.

• Government as a model citizen. The federal government will continue to make itself a model for information security and privacy practices.

• Public-private partnership. The federal government will continue to work in partnership with the private sector to build security and trust in online activities, as set forth in the National Plan for Information Systems Protection issued earlier this year.

• Preserving fundamental values, even as technology changes. These values include protecting public safety, privacy and civil liberties; improving the quality of life for all Americans, such as through the promotion of electronic commerce and elimination of the digital divide; and furthering the educational and free speech potential of the Internet.

UPDATING TELEPHONE-ERA LAWS FOR THE INTERNET AGE

In certain specific instances, laws written for the telephone era will need to be updated for the Internet age. Key provisions of the legislation:

• Modernize outdated telephone-era language. Current law uses outmoded terms such as "phone lines" and hardware "devices." The proposed legislation would apply to other forms of electronic communication and apply equally to hardware and software.

• Harmonize the standards for intercepting electronic, wire, and cable communications. Current law has widely varying rules for when law enforcement can intercept a communication, depending on whether an individual uses e-mail, a phone call, or a cable modem. The proposal would raise the legal standard for intercepting e-mails to the longstanding and strict rules that apply to intercepting telephone calls. For the first time, court orders authorizing interceptions of e-mails could be applied for only after high-level approval and only for serious crimes. Violations of these rules would lead to suppression of evidence in court. At the same time, the rules that apply to the growing use of cable modems would also be harmonized to the telephone standard, while preserving the current, especially strict rules limiting government access to cable television viewing records.

• Create a balanced updating for "trap and trace" orders. "Trap and trace" orders allow law enforcement to identify who is calling or using an electronic means to contact an individual. The proposal would allow law enforcement to respond more effectively to computer attacks by stating that only one such order is needed to trace a call or Internet session back to its source through multiple carriers. (Just as today, such an order could not be used to intercept the contents of communications protected by the wiretap statute.) Tracing would be permitted without prior approval by a court in an emergency, such as when a computer system is actually under attack. On the other hand, to assure that such orders are issued only when appropriate, federal and state judges for the first time would independently review the factual basis for issuing such orders.

• Strengthen the computer hacking law. The Computer Fraud and Abuse Act should be strengthened to take account of the full range of damages caused by computer attacks. Multiple small attacks should also be treated as one large attack. To match the punishment to the crime, mandatory jail time should be eliminated for less serious attacks. Violations of the Act could result in civil or criminal forfeiture.

• Improve sanctions against illegal wiretapping. The proposal would increase penalties for violations of wiretapping laws. Illegally intercepted communications could be used in court, but only to prove the guilt or innocence of a person accused of illegal wiretapping activity.

• Juvenile offenders. For serious computer attacks, federal prosecutors should have jurisdiction over juvenile offenders. In such cases, offenders would still be treated as juveniles.

UPDATING ENCRYPTION EXPORT POLICY

Today, the Administration is updating its policy for encryption exports to the European Union and other key trading partners to assure continued competitiveness of U.S. industry in international markets.

• License exception. Under the new policy, U.S. companies can export under license exception (i.e., without a license) any encryption product to any end user in the 15 nations of the European Union as well as Australia, Norway, Czech Republic, Hungary, Poland, Japan, New Zealand and Switzerland. Previous distinctions between government and non-government end users are removed for these countries. Further, U.S. exporters will be permitted to ship their products to these nations immediately after submitting a commodity classification request to the Department of Commerce, instead of waiting for a completed technical review or incurring a 30-day delay.

# # #