Excerpt from the L.A. TIMES
"DEMANDING THE ABILITY TO SNOOP"
By ROBERT LEE HOTZ,
TIMES SCIENCE WRITER

Someone Is Listening...

When Charles and Diana discovered millions of people were reveling in their most intimate telephone calls, the world's most public couple had to face the facts of private life in the electronic age.

In a world of cellular phones, computer networks, electronic mail and interactive TV, the walls might as well have ears.

With the explosion of such devices, more people and companies -- from banks to department stores -- seem to have more access to more information that someone wants to keep private. In response, computer users are devising their own electronic codes to protect such secrets as corporate records, personal mail or automated teller transactions.

Historically, the biggest ears have belonged to the federal government, which has used surveillance techniques designed to track down criminals and security risks to keep electronic tabs on subjects ranging from civil rights leaders to citizens making overseas calls.

But, today, federal officials are afraid that advanced technology, which for almost 50 years has allowed them to conduct surveillance on a global scale, is about to make such monitoring impossible.

Now, federal intelligence and law enforcement agencies are insisting on their right to eavesdrop.

The government is proposing a standardized coding, or encryption, system that would eliminate eavesdropping by anyone except the one holder of the code's key -- the government itself.

To ensure that federal agents and police can continue to wiretap communications, the National Institute of Standards and Technology (NIST) is introducing a national electronic code. It will cover all telephone systems and computer transmissions, with a built-in back door that police can unlock with a court order and an electronic key.

White House and FBI officials insist they have no way to force any company to adopt the new technology. They will not outlaw other forms of coding, they said.

But experts say a series of regulatory actions involving Congress, the State Department, the U.S. attorney general, export licensing restrictions and the purchasing power of the federal government will effectively force people to use the code.

The government's plan has triggered an outcry among computer users, civil rights groups and others. The American Civil Liberties Union and groups of computer professionals say the plan raises major constitutional questions. Federal laws are designed to limit the government's ability to wiretap, not guarantee it, they say.

"Where does the U.S. government get the right to understand everything that is transmitted?" asked Michel Kabay, director of education for the National Computer Security Assn. in Carlisle, Pa.

Not so many years ago, powerful encryption techniques were the monopoly of military and intelligence agencies. Over time, computer experts and corporate cryptographers created codes to protect their private communications. Some of these scramble electronic signals so thoroughly that even the supercomputers of the National Security Agency cannot decipher them. One of the best codes, called Pretty Good Privacy, is free and can be downloaded from computer network libraries around the world -- yet it still contains safeguards that protect its secrets from prying eyes.

Combined with advances in fiber optics and digital communications, these codes enable people to send electronic mail, computer files and faxes the government cannot read, and to make phone calls even the most sophisticated wiretapper cannot understand.

As new technologies converge to form the roadbed of a national information superhighway, the government faces the prospect of millions of people around the world communicating in the absolute privacy of the most secure codes science can devise.

At the same time, hundreds of phone companies channel calls through new digital switches into long-distance fiber-optic cables where, translated into light-speed laser pulses, they may elude interception more easily. Dozens of other companies are organizing global wireless digital networks to send phone calls, faxes and computer files over the airwaves to people no matter where they are or how often they move.

Given all this, NIST officials say the new code, called Skipjack, is the government's attempt to strike a balance between personal privacy and public safety.

They say it will protect people from illicit eavesdropping, while allowing an authorized government agent to unlock any scrambled call or encrypted computer message. It could be incorporated into virtually every computer modem, cellular phone and telecommunications system manufactured in the United States.

Designed by the National Security Agency, which conducts most of the country's communications surveillance, the code is one facet of an ambitious government blueprint for the new information age.

But critics say the code is just one of several steps by federal law enforcement groups and intelligence agencies to vastly expand their ability to monitor all telecommunications and to access computer databases.

Federal officials acknowledge that they are even considering the idea that foreign governments should be given the keys to unlock long-distance calls, faxes and computer transmissions from the United States. An international agency, supervised by the United Nations or Interpol, might be asked to hold in trust the keys to electronic codes, said Clint Brooks, a senior NSA technical adviser.

The Skipjack furor pits the White House, the FBI and some of the government's most secret agencies against privacy advocates, cipher experts, business executives and ragtag computer-zoids who say codes the government cannot break are the only way to protect the public from the expanding reach of electronic surveillance.

On the computer networks that link millions of users and self-styled Cypherpunks -- a group of encryption specialists -- the federal proposal has stirred fears of an electronic Big Brother and the potential abuse of power.

"It really is Orwellian when a scheme for surveillance is described as a proposal for privacy," said Marc Rotenberg, Washington director of Computer Professionals for Social Responsibility.

Encryption is the art of concealing information in the open by hiding it in a code. It is older than the alphabet, which is itself a code that almost everyone knows how to read.

Today, electronic codes conceal trade secrets, protect sensitive business calls and shelter personal computer mail. They also scramble pay-per-view cable television programs and protect electronic credit card transactions.

Everyone who uses an automated teller machine is entrusting financial secrets to an electronic code that scrambles transmissions between the automated teller and the bank's main computer miles away. One inter-bank network moves $1 trillion and 1 million messages around the world every day, swaddled in the protective cocoon of its code.

Nowhere has the demand for privacy grown so urgent as on the international confederation of computer systems known as the Internet. There, in a proving ground for the etiquette of electronic communication, millions of people in dozens of countries are adopting codes to protect their official business, swap gossip and exchange personal notes elbow-to-elbow in the same crowded electronic bazaar.

"People have been defending their own privacy for centuries with whispers, darkness, envelopes, closed doors, secret handshakes and couriers," said Eric Hughes, moderator of the Cypherpunks, an Internet group that specializes in encryption. "We are defending privacy with cryptography, with anonymous mail-forwarding systems, with digital signatures and with electronic money."

And it's working. The technology is leaving law enforcement behind.

Federal officials who defend the Skipjack plan say they are worried about too much privacy in the wrong hands.

"Are we going to let technology repeal this country's wiretap laws?" asked James K. Kallstrom, FBI chief of investigative technology. Under U.S. law, any wiretap not sanctioned by a court order is a felony.

Federal law enforcement agencies and intelligence groups were galvanized last fall when AT&T introduced the first inexpensive mass-market device to scramble phone calls. The scrambler contains a computer chip that generates an electronic code unique to each conversation.

FBI officials paled at what they said was the prospect of racketeers, drug dealers or terrorists being able to find sophisticated phone scramblers to code and decode calls at the nearest phone store.

National security analysts and Defense Department officials say U.S. intelligence agencies find the new generation of computer encryption techniques especially unsettling. It promises to make obsolete a multibillion-dollar investment in secret surveillance facilities and spy satellites.

"We would have the same concerns internationally that law enforcement would have domestically about uncontrolled encryption," said Stewart A. Baker, NSA general counsel.

NSA officials are reluctant to discuss their surveillance operations, but they said they would not want terrorists or anyone else "targeting the United States" to be able to communicate in the secrecy provided by unbreakable modern codes.

The Clinton Administration is expected to advise telecommunications and computer companies this fall to adopt the Skipjack code as a new national encryption standard used by the government, the world's largest computer user, and anyone who does business with it.

The government also will be spending billions in the next 10 years to promote a public network of telecommunications systems and computer networks called the National Information Infrastructure. Any firm that wants to join will have to adopt the Skipjack code.

Skipjack is being offered to the public embedded in a tamper-proof, $26 computer circuit called the Clipper Chip. It is produced by Mykotronx Inc., a computer company in Torrance. To make it easier for agents to single out the proper conversation in a stream of signals, every Clipper Chip has its own electronic identity and broadcasts it in every message it scrambles.

Federal agents conducting a court-authorized wiretap can identify the code electronically and then formally request the special keys that allow an outsider to decipher what the chip has scrambled.

Federal officials say they expect companies to incorporate the chip into consumer phone scramblers, cellular phones and "secure" computer modems. Within a few years, FBI officials say, they expect the Skipjack code to be part of almost every encryption device available to the average consumer.

Many companies say they are leery of adopting the sophisticated electronic code, even though it could protect them from foreign intelligence agencies and competitors seeking their trade secrets. But AT&T, which has a long history of cooperating with the government on communications surveillance, has already agreed to recall the company's consumer scramblers and refit them this fall with the new chip.

Even without Skipjack and the Clipper Chip, advanced computers and electronic databases already have expanded government's ability to track and monitor citizens.

Searches of phone records, computer credit files and other databases are at an all-time high, and court-authorized wiretaps -- which listened in on 1.7 million phone conversations last year -- monitor twice as many conversations as a decade ago, federal records show.

The General Accounting Office says that federal agencies maintain more than 900 databanks containing billions of personal records about U.S. citizens.

This type of easy access to electronic information is addictive, critics contend.

Since the FBI set up its computerized National Criminal Information Center in 1967, for example, information requests have grown from 2 million a year to about 438 million last year, and the criminal justice database itself now encompasses 24 million files.

The FBI records system, like computer files at the Internal Revenue Service, is "routinely" used for unauthorized purposes by some federal, state and local law enforcement agencies, the General Accounting Office said.

GAO auditors found that some police agencies have used the FBI system to investigate political opponents. Others have sold FBI information to companies and private investigators. In Arizona, a former law enforcement official used it to track down his estranged girlfriend and kill her, the auditors reported.

What the government can't find in its own files, it can obtain from any one of hundreds of marketing firms that specialize in compiling electronic dossiers on citizens. The FBI is seeking authority from Congress to obtain those records without consulting a judge or notifying the individual involved, which is required now.

Information America, for example, offers data on the location and profiles of more than 111 million Americans, 80 million households and 61 million telephone numbers. Another firm specializes in gay men and lesbians.

A third, a service for doctors called Patient Select, singles out millions of people with nervous stomachs.

Computer experts say encryption can draw a curtain across such electronic windows into private life.

In fact, the FBI is planning to encrypt its criminal justice computer files.

"Recent years have seen technological developments that diminish the privacy available to the individual," said Whitfield Diffie, a pioneering computer scientist who helped invent modern cryptography. "Cameras watch us in the stores, X-ray machines search us at the airport, magnetometers look to see that we are not stealing from the merchants, and databases record our actions and transactions.

"Cryptography," he said, "is perhaps alone in its promise to give us more privacy rather than less."

NEXT: Inside the company that makes the secret chip.

Scrambling for Privacy

As more people and companies adopt codes to protect their telephone calls, faxes and computer files, the federal government has proposed a national encryption standard that will allow people to protect their privacy while ensuring that law enforcement agents can still wiretap telecommunications. Here is how it would work:

1. When someone using a Skipjack-equipped secure phone calls another secure phone, chips inside the phone generate a unique electronic code to scramble the conservation.
2. The chip also broadcasts a unique identifying serial number.
3. If a law enforcement agent wants to listen in, he first must obtain a court order and the get the chip's serial number from the signal.
4. The agent obtains takes that number to the Treasury Department and the National Institute of Standards and Technology, which keep the government's digital keys to the chip.
5. The keys are combined to unscramble the conversation. When legal authorization for the wiretap expires, the keys are destroyed.

• Two 80-digit random strings of zeros and ones are selected.
• They are factored together to form the chip's unique key the key is then split in half.
• Each half is paired with the serial number of the chip to form two keys.
• One is kept by the Treasury Department and the other by the National Institute of Standards and Technology.

Sources: U.S. National Security Agency, Mykotronx Inc.

Someone Is Listening

To eavesdrop on a telephone conversation, law enforcement agents must obtain a court order, but they can use other devices, such as so-called pen registers, that record incoming or outgoing telephone numbers without actually listening to the calls.

WIRETAP COURT ORDERS

From 1985 through 1991, court-ordered wiretaps resulted in 7,324 convictions and nearly $300 million in fines. A single court order can involve many telephones. This data includes federal and state orders, but does not include many national security wiretaps. 1985: 784 1986: 754 1987: 673 1988: 738 1989: 763 1990: 872 1991: 856 1992: 919 *

MONITORING PHONE ACTIVITY

Pen registers are devices that record only the outgoing numbers dialed on a telephone under surveillance. Below are the number of pen registers in use, by year. 1987: 1,682 1988: 1,978 1989: 2,384 1990: 2,353 1991: 2,445 1992: 3,145 Sources: Administrative Office of the U.S. Courts, U.S. Justice Department, House Judiciary Committee