H.R.695 - Security and Freedom Through Encryption (SAFE) Act105th Congress (1997-1998)
Summary: H.R.695 — 105th Congress (1997-1998)
Reported to House amended, Part V (09/29/1997)
Security and Freedom Through Encryption (SAFE) Act - Establishes in the Department of Justice (DOJ) a National Electronic Technologies (NET) Center to: (1) serve as a center for Federal, State, and local law enforcement authorities for information and assistance regarding decryption and other access requirements and for industry and Government entities to exchange information and methodology regarding information security techniques and technologies; (2) examine encryption techniques and methods to facilitate the ability of law enforcement to gain efficient access to plaintext of communications and electronic information; (3) develop efficient methods and improve the efficiency of existing methods of accessing such plaintext; (4) investigate techniques and technologies to facilitate access to communications and electronic information; and (5) obtain information regarding the most current hardware, software, telecommunications, and other capabilities to understand how to access information transmitted across networks.
Requires State and local law enforcement authorities to have access to services provided by the Center to the same extent as their Federal counterparts. Sets forth provisions regarding other Federal agency and private industry assistance.
Establishes the Advisory Board of the Strategic NET Center for Excellence in Information Security.
Requires the Attorney General to develop and publish in the Federal Register a plan for establishing the Center.
Permits (with exceptions) any person within any State: (1) and any U.S. person in a foreign country, to use any encryption, regardless of encryption algorithm, key length, or implementation technique or medium; and (2) to sell any such encryption in interstate commerce.
Prohibits any Federal or State law or regulation from: (1) conditioning the issuance of certificates of authentication or certificates of authority for any encryption product upon any escrowing or other sharing of private encryption keys, whether with private agents or Government entities; or (2) establishing a licensing, labeling, or other regulatory scheme for any encryption product that requires key escrow as a condition of licensing or regulatory approval.
Prohibits any person in lawful possession of a key to encrypted communications or information from being required by Federal or State law to relinquish to another person control of that key, with an exception for access for law enforcement purposes.
Sets penalties for encrypting incriminating communications or information relating to a Federal felony with intent to avoid detection by law enforcement agencies or prosecution.
Specifies that no person shall be subject to civil or criminal liability for providing access to the plaintext of encrypted communications or electronic information to any law enforcement official or authorized Government entity, pursuant to judicial process.
Directs the National Telecommunications and Information Administration to study and report to the Congress and the President on: (1) the effect that establishment of a mandatory system for recovery of encryption keys for communications and information would have on electronic commerce, data security, privacy in interstate commerce, and law enforcement authorities and activities; and (2) other possible methods for providing access to encrypted communications and information to further law enforcement activities.
(Sec. 3) Amends the Export Administration Act of 1979 to grant the Secretary of Commerce exclusive authority to control exports of all hardware, software, and technology for information security (including encryption), except that which is specifically designed or modified for military use.
Prohibits requiring any validated license (with limited exceptions) for the export or reexport of any: (1) software, including encryption software, that is generally available and designed for installation by the purchaser, or that is in the public domain for which copyright or other protection is not available, or that is generally accessible to the public in any form; or (2) computing device solely because it incorporates or employs such software.
Directs the Secretary to authorize the export or reexport of: (1) software with encryption capabilities for nonmilitary end-uses in any country to which exports of software of similar capability are permitted for use by financial institutions not controlled by U.S. persons, unless there is substantial evidence that such software will be diverted to or modified for military or terrorist end use or reexported without required authorization; and (2) computer hardware with encryption capabilities if a product offering comparable security is commercially available outside the United States from a foreign supplier without effective restrictions.
(Sec. 4) Directs the Secretary to: (1) identify any domestic and foreign impediments to trade in encryption products and services and import restrictions imposed by foreign nations that constitute unfair trade barriers to providers of encryption products or services; (2) report to the Congress; (3) prescribe regulations to reduce the impediments; and (4) report to the President regarding any such impediments the reduction of which could require international negotiations.
Requires the President to negotiate with other countries for international agreements on the promotion of encryption products and services, and achieving mutual recognition of countries' export controls, to preserve national security, safeguard privacy, and prevent commercial espionage. Authorizes the President to consider a country's refusal to negotiate when considering U.S. participation in any cooperation or assistance program with that country. Directs the President to report to the Congress regarding the status of international cryptography efforts by December 31, 2000.
(Sec. 5) Directs the Attorney General to compile and maintain classified data on the instances in which encryption has interfered with, impeded, or obstructed the ability of DOJ to enforce criminal laws.