Hot on the Web
Lost in Cyberspace
Online San Diego
Feature Articles
Book Reviews and Reading Diary
Music Reviews
Favorite quotates
Contact Me

Hot on the Web

Encryption war flares anew

This column originally ran in ComputorEdge on May 2, 2003
(Issue 2118, Web Quest for Knowledge)

When the federal government eased up on encryption rules a few years back – after turning computer encryption pioneer Phil Zimmerman into a folk hero – most of us in the online community assumed the war was over.

And while there is no move to re-criminalize the distribution of encryption software – the dispute at the heart of the feds' pursuit of Zimmermann – the use of such software is being targeted in the wake of 9/11.

To be specific, law-enforcement agencies are seeking legislation that would add enhanced penalties for using encryption software in the commission of a crime.

Adding additional penalties for how a crime is committed isn't unheard of – using a gun in the commission of a crime typically brings additional penalties. So can committing a crime while under the influence of illegal drugs, or even alcohol.

But what has civil libertarians concerned is why encryption should be targeted.

What is it?

Encryption software is any program that scrambles or encodes a data file so that its contents can't be read unless you have the key to unlock it.

Software to do this dates to the years just after World War II, when computers were called on to take over for earlier mechanical encryption devices like Nazi Germany's Enigma machine.

But until Zimmermann wrote his Pretty Good Privacy program 12 years ago, encryption software was the domain of the government. When PGP began being distributed not only for DOS and Windows machines, but Macs, Unix and even Ataris and Amigas, the government grew concerned that it would be nearly impossible to break encryption chains created on low-cost personal computers.

This led prosecutors and cops at all levels to publicly worry about counterfeiters and drug dealers, child pornographers and terrorists communicating via e-mail in messages protected by digital encryption.

Using federal export law, the feds harassed Zimmermann because he had made a shareware version of PGP available on dial-up bulletin board systems (BBSs) and the Internet – where folks from other countries could download and use it.

But under intense public pressure and a string of legal setbacks, federal prosecutors finally backed off Zimmermann and eventually dropped all charges. Today, PGP is sold by a company sharing its name (

What lies ahead?

The current proposals worry civil libertarians because they wonder – with some justification – why the use of encryption software should carry extra penalties.

Given the rise in home broadband Internet connectivity and the increased exposure to hacking that brings, many of us encrypt our sensitive personal files.

If you make a mistake on your taxes, should you face new charges because you encrypted your tax files? Will the act of encrypting them bump you from the status of innocent tax error to tax felon?

And what about the encryption software behind every online transaction? What if you neglect to pay state sales tax – will the proposed regulations now turn you into a federal criminal?

It may turn out that this is all a bunch of needless worrying. But the government's record on technology issues is decidedly mixed – while it was the Department of Defense that gave us the Internet, it was also the federal government that hounded Zimmermann all those years.

Mea culpa

Don, a reader who didn't give a last name, wrote in about a recent story I did in ComputorEdge about choosing an instant messenger: "You mention that Yahoo has a web-based client (for their instant messenger); I have been unsuccessful finding this client on their site. Would you please send me the link."

Sure would, Don – if it existed. Not sure if I simply blew that one or Yahoo changed it, but there is no web-based IM client that I can find.

Sorry about that.