Compliance with the Bill appears to be voluntary. However, encryption users are virtually forced into adopting key recovery.

1. Whoever wants to participate in a secure information infrastructure

has to use key recovery system.

a. Certificates of encryption will be needed in order to participate in future electronic commerce. Thus, most users would want to use CAs to obtain their certificates. They will therefore, under the Bill, be required to participate in key recovery, whether they like it or not.

b. The Bill requires key recovery for all secure networks built with any federal funds --including the Internet II project and most university networks.

2. The Bill provides strong incentives for participating in key recovery.

a. The Bill contains important privacy protections from abuse by government agencies, but only for users of key recovery. Individuals and companies which choose NOT to use key recovery would not be similarly protected from law enforcement abuse.

b. The Bill set a 56-bit key length limit on exports of any non- key-recovery encryption product. Over 15 months ago a panel of cryptographers found that 56-bit encryption products were not secure enough for many applications, and recommended at least 75-bit to 90-bit encryption in the near future.

3. Constitutional Issue

Access to sensitive decryption information without notice evades a crucial safeguard provided by the Fourth Amendment. Notice is a key element of the Fourth Amendment. The Supreme Court has held that the main mechanism making subpoenas permissible is the fact that a subpoena recipient has notice and therefore can obtain prior judicial review before having to comply.

4. Access to Decryption Information Upon Mere Subpoena Is Risky

a. Subpoenas are issued without judicial approval. Some law enforcement agencies such as the Internal Revenue Service (IRS) can issue subpoenas without the approval of a prosecutor. Furthermore, a broad range of agencies, and administrative organizations, state and local law enforcement agencies also have subpoena power.

b. Since no judicial approval is required for subpoenas, the access process is prone to mistake or abuse.

c. The Bill also requires that keys by disclosed to foreign governments, with no defined standards, upon the request of the U.S. government.

5. Cost and Risks

a. The key recovery system introduces a new risk of unauthorized access of encrypted data. It removes the security guarantee that exists in a non-recoverable system, in which the key is the only means of decryption. Furthermore, it requires storing encryption users' keys in databases which are high-value targets for criminals.

b. Experience has shown that secure cryptographic systems are deceptively hard to design and build properly and accurately, even for non-recoverable systems. Adding key recovery makes it much more difficult to assure that such systems work as designed. Any flaw in any component can prove to be fatal for the entire system.

c. Key recovery as envisioned in the Bill will be extremely costly to deploy and operate. The key recovery system envisioned by the Bill is likely to affect thousands of encryption products, tens of thousands of law enforcement agencies, millions of users, as well as tens of millions or more of public-private key pairs.