R. A. Hettinga on Mon, 24 Sep 2001 18:42:41 +0200 (CEST)


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Nettime-bold] Phil wasn't crying about PGP...



--- begin forwarded text


Status:  U
Date: Mon, 24 Sep 2001 17:32:55 +0100
From: Somebody
To: rah@shipwright.com
Subject: [sandfort@mindspring.com: No Regrets About Developing PGP]
User-Agent: Mutt/1.2.2i

----- Forwarded message from Sandy Sandfort <sandfort@mindspring.com> -----

From: "Sandy Sandfort" <sandfort@mindspring.com>
To: "Cypherpunks" <cypherpunks@lne.com>
Old-Subject: No Regrets About Developing PGP
Date: Mon, 24 Sep 2001 07:59:50 -0700
Subject:  No Regrets About Developing PGP
X-Algebra: <A HREF=http://www.algebra.com>Algebra</A>
Sender: owner-cypherpunks@Algebra.COM
Precedence: bulk
X-Mailing-List: cypherpunks@algebra.com
X-List-Admin: ichudov@algebra.com
X-Loop: cypherpunks@algebra.com


C'punks,

Phil Zimmermann asked me to post this.  He would like it freely
disseminated, so feel free to post it wherever you wish.


 S a n d y

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

No Regrets About Developing PGP

The Friday September 21st Washington Post carried an article by
Ariana Cha that I feel misrepresents my views on the role of PGP
encryption software in the September 11th terrorist attacks.  She
interviewed me on Monday September 17th, and we talked about how I
felt about the possibility that the terrorists might have used PGP in
planning their attack.  The article states that as the inventor of
PGP, I was "overwhelmed with feelings of guilt".  I never implied
that in the interview, and specifically went out of my way to
emphasize to her that that was not the case, and made her repeat back
to me this point so that she would not get it wrong in the article.
This misrepresentation is serious, because it implies that
under the duress of terrorism I have changed my principles on the
importance of cryptography for protecting privacy and civil liberties
in the information age.

Because of the political sensitivity of how my views were to be
expressed, Ms. Cha read to me most of the article by phone before she
submitted it to her editors, and the article had no such statement or
implication when she read it to me.  The article that appeared in the
Post was significantly shorter than the original, and had the
abovementioned crucial change in wording.  I can only speculate that
her editors must have taken some inappropriate liberties in
abbreviating my feelings to such an inaccurate soundbite.

In the interview six days after the attack, we talked about the fact
that I had cried over the heartbreaking tragedy, as everyone else
did.  But the tears were not because of guilt over the fact that I
developed PGP, they were over the human tragedy of it all.  I also
told her about some hate mail I received that blamed me for
developing a technology that could be used by terrorists.  I told her
that I felt bad about the possibility of terrorists using PGP, but
that I also felt that this was outweighed by the fact that PGP was a
tool for human rights around the world, which was my original intent
in developing it ten years ago.  It appears that this nuance of
reasoning was lost on someone at the Washington Post.  I imagine this
may be caused by this newspaper's staff being stretched to their
limits last week.

In these emotional times, we in the crypto community find ourselves
having to defend our technology from well-intentioned but misguided
efforts by politicians to impose new regulations on the use of strong
cryptography.  I do not want to give ammunition to these efforts by
appearing to cave in on my principles.  I think the article correctly
showed that I'm not an ideologue when faced with a tragedy of this
magnitude.  Did I re-examine my principles in the wake of this
tragedy?  Of course I did.  But the outcome of this re-examination
was the same as it was during the years of public debate, that strong
cryptography does more good for a democratic society than harm, even
if it can be used by terrorists.  Read my lips: I have no regrets
about developing PGP.

The question of whether strong cryptography should be restricted by
the government was debated all through the 1990's.  This debate had
the participation of the White House, the NSA, the FBI, the courts,
the Congress, the computer industry, civilian academia, and the
press.  This debate fully took into account the question of
terrorists using strong crypto, and in fact, that was one of the core
issues of the debate.  Nonetheless, society's collective decision
(over the FBI's objections) was that on the whole, we would be better
off with strong crypto, unencumbered with government back doors.  The
export controls were lifted and no domestic controls were imposed.  I
feel this was a good decision, because we took the time and had such
broad expert participation.  Under the present emotional pressure, if
we make a rash decision to reverse such a careful decision, it will
only lead to terrible mistakes that will not only hurt our democracy,
but will also increase the vulnerability of our national information
infrastructure.

PGP users should rest assured that I would still not acquiesce to any
back doors in PGP.

It is noteworthy that I had only received a single piece of hate mail
on this subject.  Because of all the press interviews I was dealing
with, I did not have time to quietly compose a carefully worded reply
to the hate mail, so I did not send a reply at all.  After the
article
appeared, I received hundreds of supportive emails, flooding in at
two
or three per minute on the day of the article.

I have always enjoyed good relations with the press over the past
decade, especially with the Washington Post.  I'm sure they will get
it right next time.

The article in question appears at
http://www.washingtonpost.com/wp-dyn/articles/A1234-2001Sep20.html


 -Philip Zimmermann
 24 September 2001
 (This letter may be widely circulated)

-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.3

iQA/AwUBO69F2sdGNjmy13leEQIn+QCg2DjDeyibtRe61tUSplSAobdzAqEAoOMF
ir3lRc4c1D/0Mmmv/JtP/E73
=HmRO
-----END PGP SIGNATURE-----


----- End forwarded message -----

--- end forwarded text


-- 
-----------------
R. A. Hettinga <mailto: rah@ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'


_______________________________________________
Nettime-bold mailing list
Nettime-bold@nettime.org
http://www.nettime.org/cgi-bin/mailman/listinfo/nettime-bold