ASSURING SECURITY AND TRUST IN CYBERSPACE
July 17, 2000
White House Chief of Staff John Podesta, in a speech today at the
National Press Club,
proposed important new measures to assure the security and trust of
Americans in cyberspace. His speech emphasized the themes of updating law
enforcement authorities for the Internet age, harmonizing the rules that
apply to different technologies such as telephones and e-mail, and
balancing important values. He proposed legislation that would give law
enforcement important new tools to pursue criminals through cyberspace
while also boosting citizens? fundamental rights to privacy in the
electronic age. Mr. Podesta also announced new rules that will update
encryption export controls.
A FRAMEWORK FOR SECURITY AND TRUST IN CYBERSPACE
* Private sector leadership. As emphasized at the White House Cyber
Security Summit in February, the private sector, which owns and operates
most of the computers that Americans rely upon, has the responsibility to
lead in computer and network security.
* Government as a model citizen. The federal government will continue
to make itself a model for information security and privacy practices.
* Public-private partnership. The federal government will continue
to work in partnership with the private sector to build security and trust
in online activities, as set forth in the National Plan for Information
Systems Protection issued earlier this year.
* Preserving fundamental values, even as technology changes. These
values include protecting public safety, privacy and civil liberties;
improving the quality of life for all Americans, such as through the
promotion of electronic commerce and elimination of the digital divide; and
furthering the educational and free speech potential of the Internet.
UPDATING TELEPHONE-ERA LAWS FOR THE INTERNET AGE
In certain specific instances, laws written for the telephone era will
need to be updated for the Internet age. Key provisions of the legislation:
* Modernize outdated telephone-era language. Current law uses
outmoded terms such as "phone lines" and hardware "devices." The proposed
legislation would apply to other forms of electronic communication and
apply equally to hardware and software.
* Harmonize the standards for intercepting electronic, wire, and cable
communications. Current law has widely varying rules for when law
enforcement can intercept a communication, depending on whether an
individual uses e-mail, a phone call, or a cable modem. The proposal would
raise the legal standard for intercepting e-mails to the longstanding and
strict rules that apply to intercepting telephone calls. For the first
time, court orders authorizing interceptions of e-mails could be applied
for only after high-level approval and only for serious crimes. Violations
of these rules would lead to suppression of evidence in court. At the same
time, the rules that apply to the growing use of cable modems would also be
harmonized to the telephone standard, while preserving the current,
especially strict rules limiting government access to cable television
viewing records.
* Create a balanced updating for "trap and trace" orders. "Trap and
trace" orders allow law enforcement to identify who is calling or using an
electronic means to contact an individual. The proposal would allow law
enforcement to respond more effectively to computer attacks by stating that
only one such order is needed to trace a call or Internet session back to
its source through multiple carriers. (Just as today, such an order could
not be used to intercept the contents of communications protected by the
wiretap statute.) Tracing would be permitted without prior approval by a
court in an emergency, such as when a computer system is actually under
attack. On the other hand, to assure that such orders are issued only when
appropriate, federal and state judges for the first time would
independently review the factual basis for issuing such orders.
* Strengthen the computer hacking law. The Computer Fraud and Abuse
Act should be strengthened to take account of the full range of damages
caused by computer attacks. Multiple small attacks should also be treated
as one large attack. To match the punishment to the crime, mandatory jail
time should be eliminated for less serious attacks. Violations of the Act
could result in civil or criminal forfeiture.
* Improve sanctions against illegal wiretapping. The proposal would
increase penalties for violations of wiretapping laws. Illegally
intercepted communications could be used in court, but only to prove the
guilt or innocence of a person accused of illegal wiretapping activity.
* Juvenile offenders. For serious computer attacks, federal
prosecutors should have jurisdiction over juvenile offenders. In such
cases, offenders would still be treated as juveniles.
UPDATING ENCRYPTION EXPORT POLICY
Today, the Administration is updating its policy for encryption exports to
the European Union and other key trading partners to assure continued
competitiveness of U.S. industry in international markets.
*License exception. Under the new policy, U.S. companies can export
under license exception (i.e., without a license) any encryption product to
any end user in the 15 nations of the European Union as well as Australia,
Norway, Czech Republic, Hungary, Poland, Japan, New Zealand and
Switzerland. Previous distinctions between government and non-government
end users are removed for these countries. Further, U.S. exporters will be
permitted to ship their products to these nations immediately after
submitting a commodity classification request to the Department of
Commerce, instead of waiting for a completed technical review or incurring
a 30-day delay.
# # #
President and First Lady | Vice President and Mrs. Gore
Record of Progress | The Briefing Room
Gateway to Government | Contacting the White House | White House for Kids
White House History | White House Tours | Help
Privacy Statement