DEPARTMENT OF JUSTICE

STATEMENT OF

JO ANN HARRIS
ASSISTANT ATTORNEY GENERAL
CRIMINAL DIVISION

BEFORE THE
SUBCOMMITTEE ON TECHNOLOGY AND THE LAW
COMMITTEE ON THE JUDICIARY
UNITED STATES SENATE

CONCERNING

KEY ESCROW ENCRYPTION PROGRAM

PRESENTED ON

MAY 3, 1994

Mr. Chairman, members of the Subcommittee, I am pleased to be able to 
appear before you today to talk about a matter vital both to the 
protection of privacy and to the preservation of public safety.

As this Subcommittee understands quite well, many groups engaged in the 
most serious and violent criminal conduct -- including drug traffickers, 
organized crime groups, and major street gangs -- rely on electronic 
communications to conduct their illicit activities. Without the 
continued ability to conduct lawfully authorized wiretaps, law 
enforcement at the Federal, State, and local level will be seriously 
hampered in its ability to protect society from the depredations of 
these criminals.

Even though it is used sparingly, electronic surveillance has been 
crucial to effective law enforcement. Evidence from electronic 
surveillance has resulted in the convictions of more than 22,000 felons 
over the past decade. Indeed, without wiretaps, some extremely 
significant criminal activity could not be detected or properly 
investigated -- much less successfully prosecuted. Wiretaps are not a 
routine investigative technique and are only used when other techniques 
have proven, or are likely to be, unsuccessful -- often because those 
other techniques pose too great a risk to police or cooperating 
individuals. Wiretaps permit law enforcement authorities to penetrate 
closely controlled, but highly sophisticated enterprises that might 
otherwise engage in wholesale criminal activity with impunity. Society 
cannot afford to lose the protection wiretaps afford it.

At the same time, technology is making it increasingly possible for 
individuals and private enterprise to protect the confidentiality of 
personal and proprietary information through the use of encryption -- 
the electronic "scrambling" of communications. The market now offers 
high-quality voice encryption in an affordable, portable, easy-to-use 
form. We anticipate that many legitimate users will acquire these and 
similar devices to protect their confidential information; we worry, 
however, that such devices will also be used by criminal organizations 
to shield their illegal enterprises.

As you know, Mr. Chairman, last year the Clinton Administration sought 
to address both these important issues by announcing the availability of 
key-escrow encryption (sometimes referred to as the "Clipper Chip"). 
Key-escrow encryption has two fundamental features. First, it uses an 
extremely strong algorithm, one 16 million times stronger than the Data 
Encryption Standard -- DES -- and so strong that law enforcement can 
only decrypt it with a key that is unique to each individual key escrow 
encryption chip. Second, to assure the public of the privacy afforded by 
key-escrow encryption, that unique key is split into two components that 
are held by two independent entities serving as escrow agents. Those two 
entities may release key components only to government agencies when 
needed for lawfully authorized interceptions.

As the Administration has made clear on a number of occasions, the key-
escrow encryption initiative is a voluntary one; we have absolutely no 
intention of mandating private use of a particular kind of cryptography, 
nor of criminalizing the private use of certain kinds of cryptography. 
We are confident, however, of the quality and strength of key-escrow 
encryption as embodied in this chip, and we believe it will become 
increasingly attractive to the private sector as an excellent, easy-to-
use method of protecting sensitive personal and business information.

The Clinton Administration has been farsighted in seeing the advent of 
high-quality, user-friendly encryption products and the implications of 
such products. It has also been prepared to act early, when markets are 
still developing and when both consumers and manufacturers are seeking 
strong, reliable cryptography for use in mass-market products.

We believe, therefore, Mr. Chairman, that, as one major equipment 
manufacturer has already done, others will respond to their customers' 
needs for extremely strong encryption by marketing key escrow-equipped 
products. And as that occurs, we look for a gravitation of the market to 
key-escrow encryption, based on both a need for interoperability and a 
recognition of its inherent quality. Even many of those who may desire 
encryption to mask illicit activities will choose key-escrow encryption 
because of its availability, its ease of use, and its interoperability 
with equipment used by legitimate enterprises.

Mr. Chairman, let me speak about the key-escrow system in a bit more 
detail, beginning with the selection of the two entities that are 
serving as key escrow agents. In selecting escrow agents, we looked for 
a number of important qualifications. Among other things, the candidates 
needed to:
- Be experienced in handling sensitive materials;
- Be familiar with communications and computer issues;
- Be able to respond quickly, and around the clock, when government 
agencies need to have encryption keys issued to them; and
- Be generally regarded by the public as both reliable and effective.

Especially to get the system up and running, we believed it made sense 
to look to agencies of the Executive branch. In light of that 
consideration and the criteria I have just mentioned, the Commerce 
Department's National Institute of Standards and Technology (NIST) and 
the Treasury Department's Automated Systems Division appeared to be the 
two best candidates; and they have been so designated.

NIST, as you are well aware, has long experience in matters relating to 
protection of sensitive, unclassified information and, indeed, has been 
pivotal in the development of the key escrow encryption initiative. 
Treasury's Automated Systems Division -- which is not part of any of the 
Treasury law enforcement agencies -- is a 24-hour a day operation that 
is well experienced in handling matters of the utmost sensitivity.

As you know, on February 4, 1994, the Administration made a number of 
announcements regarding encryption policy generally, and key-escrow 
encryption specifically. Among those announcements were the designation 
of the escrow agents and the publication of the procedures under which 
the escrow agents would be permitted to release key components
-- to Federal law enforcement authorities for use in wiretaps under 
Title III of the Omnibus Crime Control and Safe Streets Act of 1968, as 
amended (Title III); to State or local law enforcement authorities for 
use in wiretaps under state statutes; and
-- to Federal agencies for use in wiretaps under the Foreign 
Intelligence Surveillance Act (FISA).

Let me describe for you the kinds of circumstances under which escrowed 
key components will be made available to government agencies when needed 
in conjunction with lawfully authorized wiretaps.

Mr. Chairman, as this Subcommittee well understands, Federal laws 
clearly lay out the circumstances in which wiretaps may be conducted, 
consistent with the Constitution. Wiretaps not lawfully authorized are 
criminal offenses -- offenses that we take very seriously. Moreover, as 
the Subcommittee is aware, Federal law enforcement agencies may conduct 
wiretaps only for the most serious kinds of offenses and do so only 
after an extremely careful internal review of the need for, and the 
propriety of, a wiretap. That review process requires not only careful 
screening within the particular investigative agency -- at both the 
local and headquarters level -- but a thorough evaluation by a 
supervising prosecutor, usually an Assistant U.S. Attorney in the 
district in which the wiretap will be conducted. At each of those 
levels, there is a close review of the proposal to ensure that there is 
probable cause for the wiretap, that the case justifies use of this 
important technique, and that alternative techniques are not 
satisfactory. Finally, no Federal Title III application may proceed 
without approval at a senior level within the Department of Justice. I 
would also note that no FISA application may proceed without the 
approval of the Attorney General.

And, Mr. Chairman, that leads to the most important point which is that, 
whether for criminal or foreign intelligence purposes, the statutes 
require court authorization for wiretaps, even in the extremely rare 
cases in which they have begun under an emergency authorization. In a 
criminal case, the Government must show probable cause to believe that 
the telephone targeted is being used in furtherance of a specific 
serious Federal criminal offense. In a FISA case, the Government must 
show probable cause to believe that the target of the surveillance is a 
foreign power or an agent of a foreign power and that the facility or 
place, such as the telephone, is being used by a foreign power or agent 
of a foreign power.

When we talk about access to escrowed components, therefore, we are 
talking about the ability of government agencies -- Federal, State, or 
local -- to decrypt communications when they are already lawfully 
authorized to intercept those communications as part of a wiretap. We 
are not talking about any change in the protection of the privacy of 
telecommunications. Nor are we talking about any additional 
authorization from the courts. The applicable statutes already permit 
government agencies that are authorized to conduct wiretaps to acquire 
the content of the intercepted communications and, if necessary, to 
translate or decode the communications as part of that process.

Let us assume, then, that government agents -- DEA, for the sake of 
argument -- are conducting a court-ordered wiretap and encounter 
unintelligible communications they think may be key escrow encryption. 
What do they do? First, they can run the communications -- live or on 
tape -- through a so-called decrypt processor. The decrypt processor -- 
a specially programmed and equipped personal computer -- can tell the 
agents whether key escrow encryption is being used and, if so, the 
unique ID number of the particular chip. This last point is critical, of 
course, because each chip has its own truly unique key; without knowing 
the ID number of the chip, the law enforcement agency cannot determine 
which key components to request.

Armed, however, with that information, they can submit a key component 
request to the two escrow agents, NIST and Treasury. In that request, 
they'll be required, among other things, to: identify themselves and the 
agency they're with;
-- certify that they're conducting a lawful wiretap; specify the source 
of the wiretap authority and its termination date; and
--provide the chip ID number. To provide greater reassurance, the 
certification by the DEA agents must be followed by a communication from 
a Federal government attorney associated with the matter, confirming 
that a wiretap has been lawfully authorized.

When the escrow agents receive a properly submitted request, they 
transmit their respective key components to the requesting agency; the 
components are combined within the decrypt processor which, only then, 
is able to decrypt communications using the particular chip. At the end 
of the authorized wiretap period, the decrypt processor's ability to 
decrypt communications using that particular chip will likewise 
terminate, and the escrow agents are to be so informed.

Those, in skeletal form, are the procedures for release of key 
components to Federal law enforcement agencies for criminal wiretaps. 
Similar procedures will apply to the release of key components for use 
in wiretaps authorized under State statutes. The most notable difference 
is that, for release to State or local law enforcement agencies, the 
request must come from the principal prosecuting attorney of the State 
or political subdivision involved -- normally, the State Attorney 
General or the District Attorney of the particular county. Finally, in 
the case of wiretaps under FISA, the request will be made by a Federal 
agency and will be subject to follow-up confirmation by the Department's 
Office of Intelligence Policy and Review.

The Administration recognizes that public confidence in this system is 
of paramount concern. The persons at NIST and Treasury who are 
responsible for the maintenance and, when appropriate, the release of 
key components are extremely serious about ensuring that they release 
key components only under proper circumstances. Meticulous procedures 
for the programming of the chips, and for the storage and handling of 
the keys, are being developed and refined. Even for tests of the system 
-- decrypting communications over government-owned devices -- there will 
be a full simulation of the request and release process.

The transactions of the escrow agents will be logged and recorded 
electronically, permitting subsequent review and audit. In addition, the 
Department of Justice will be responsible for ascertaining that the 
requesting agencies fully comply with the procedures at the various 
stages of the process. We will also reflect, in the respective reports 
to the Congress regarding wiretaps under Title III and FISA, those 
wiretaps in which key escrow encryption was encountered and for which 
key components were released to a government agency.

Mr. Chairman, we have worked to develop procedures that strike the right 
balance between the rigorous protection of the privacy of communications 
and the need, in critical moments, to be able to decrypt such 
communications in order to protect lives and preserve the public safety. 
Through a combination of procedural requirements, technical safeguards, 
and audit capabilities, we believe that these procedures will assure the 
integrity of the key-escrow encryption system without frustrating

10

the ability of government agencies to understand encrypted 
communications in the course of lawful wiretaps.

I have appreciated the opportunity to discuss with you this very 
important issue, and I shall be happy to try to answer any questions the 
Subcommittee may have.