12-24-96. Communications Daily: New encryption export rules probably won't be issued until early next week New encryption export rules probably won't be issued until early next week, just day or 2 before they go into effect on Jan. 1, govt. officials said Mon. Administration is revising rules after taking informal comments from industry. Greg Simon, chief domestic policy staffer for Vice President Gore, said section of rules requiring detailed business plans from encryption companies is likely to be changed, move that "has been in the works for a long time." Other industry observers said there's increased pressure for Administration to change its encryption strategy because export controls were ruled unconstitutional last week. Harris Miller, pres. of Information Technology Assn. of America (ITAA), wrote Dec. 22 to President Clinton asking for changes in draft rules Administration issued earlier this month, objecting also to business plan requirement. Meanwhile, Organization for Economic Cooperation & Development (OECD) released set of guidelines for encryption policy that concluded development of encryption methods should be market-driven. Group of ad hoc experts has met several times this year to create international guidelines for encryption. Draft -- which won't be released in full form until March -- says countries may allow law enforcement officers to access encrypted data (wiretapping) but recommendations don't "encourage" it, OECD official said. He said other principles in draft include that: (1) Encryption should be trustworthy. (2) User should have choice of methods. (3) Standards should be developed nationally and internationally. (4) Protection of privacy and password data should be assured. (5) Liability should be stated clearly. (6) International cooperation should be continued. Draft is expected to become formal OECD guideline in spring, it said. Industry observers said U.S. govt. at first said it would work with private industry on encryption rules acceptable to all, but then tried through drafting sessions to increase emphasis on govt. positions. [For the OECD draft, Euro crypto and commentary see: http://www.quintessenz.at/Netzteil/OECD/index.html http://www.ozemail.com.au/~firstpr/crypto/ http://www.modeemi.cs.tut.fi/~avs/eu-crypto.html http://www.eff.org/~declan/global/japan/rotenberg.reply.102896 Thanks to Robin Whittle for the URLs.] ---------- 12-26-96. Nikkei English News: OECD to back police authority to decode e-money transactions Paris -- The Organization for Economic Cooperation and Development will not object to member nations giving their police the right to decipher codes used in electronic money transactions. The organization of industrial countries has mapped out an eight-point guideline on standardizing coding technology, crucial to the safe and widespread use of e-money. It has called on members to cooperate in the process. The OECD also warned that e-money is open to crime risks. The guideline, to be announced by spring, also urges members to adopt domestic laws supporting code standardization. Nevertheless, heavy debate is expected over the question of decoding rights for police, because of privacy issues. The U.S. has already decided to allow authorities to read e-money codes from January, and is expected to call on Japan and other countries to follow suit to help prevent international crimes. ----------