Clippings On Clipper

Back in the 90's, there was a proposal from the U.S. government to allow encryption and surveillance to co-exist. It was called "Clipper." And it worked like this: the government got some cryptography experts to create an encryption system on a microchip. Any company that wanted to make any sort of encrypted communications equipment could use this chip in their computers, phones, whatever. But the catch is that each chip would have a unique code that could be used to decrypt communications using that chip. An independent organization would keep a big list of all the chips and their respective codes. When law-enforcement needed to eavesdrop on someone's communications, they'd get a warrant, and present it to the code keeping organization, who would then hand over the code to that person's chip.

Techies of the time howled in protest. The basic idea of allowing warrant-based spying wasn't so bad, but there were a lot of flaws:

• We have to use this government-approved encryption, and just hope that it doesn't turn out to be flawed later.
• We have to trust that this private organization will hold everyone's codes securely.
• We have to hope that the government doesn't change the terms later, say by deciding they don't really need a warrant.

But more than anything, it just seemed presumptuous that the law had a right to listen in on us (even to a liberal like myself.) With no one in tech willing to go along, the idea died.

That incident comes mind because we essentially ended up with Clipper anyway, since backdoors got built-in to all our encryption products. Only we didn't even get the warrant protection. To me, that's the most disappointing aspect to all this: the debate on Clipper didn't matter.

But what we should have done was have a wider discussion on encryption and surveillance back then, rather than a small talk in the tech sector.  Even now that the issue has been pushed on us, we as a society are only slowly realizing that we have to confront these questions.