234 lines
12 KiB
Markdown
234 lines
12 KiB
Markdown
---
|
||
created_at: '2015-11-17T16:11:01.000Z'
|
||
title: Why I Wrote PGP (1999)
|
||
url: https://www.philzimmermann.com/EN/essays/WhyIWrotePGP.html
|
||
author: pdkl95
|
||
points: 149
|
||
story_text:
|
||
comment_text:
|
||
num_comments: 47
|
||
story_id:
|
||
story_title:
|
||
story_url:
|
||
parent_id:
|
||
created_at_i: 1447776661
|
||
_tags:
|
||
- story
|
||
- author_pdkl95
|
||
- story_10581971
|
||
objectID: '10581971'
|
||
year: 1999
|
||
|
||
---
|
||
![](../../images/pixel.gif) ![Picture of
|
||
Phil](../../images/photos/prz.jpg)
|
||
|
||
## Why I Wrote PGP
|
||
|
||
*Part of the Original 1991 PGP User's Guide (updated in 1999)
|
||
*
|
||
|
||
*"Whatever you do will be insignificant, but it is very important that
|
||
you do it." -Mahatma Gandhi*
|
||
|
||
It's personal. It's private. And it's no one's business but yours. You
|
||
may be planning a political campaign, discussing your taxes, or having a
|
||
secret romance. Or you may be communicating with a political dissident
|
||
in a repressive country. Whatever it is, you don't want your private
|
||
electronic mail (email) or confidential documents read by anyone else.
|
||
There's nothing wrong with asserting your privacy. Privacy is as
|
||
apple-pie as the Constitution.
|
||
|
||
The right to privacy is spread implicitly throughout the Bill of Rights.
|
||
But when the United States Constitution was framed, the Founding Fathers
|
||
saw no need to explicitly spell out the right to a private conversation.
|
||
That would have been silly. Two hundred years ago, all conversations
|
||
were private. If someone else was within earshot, you could just go out
|
||
behind the barn and have your conversation there. No one could listen in
|
||
without your knowledge. The right to a private conversation was a
|
||
natural right, not just in a philosophical sense, but in a
|
||
law-of-physics sense, given the technology of the time.
|
||
|
||
But with the coming of the information age, starting with the invention
|
||
of the telephone, all that has changed. Now most of our conversations
|
||
are conducted electronically. This allows our most intimate
|
||
conversations to be exposed without our knowledge. Cellular phone calls
|
||
may be monitored by anyone with a radio. Electronic mail, sent across
|
||
the Internet, is no more secure than cellular phone calls. Email is
|
||
rapidly replacing postal mail, becoming the norm for everyone, not the
|
||
novelty it was in the past.
|
||
|
||
Until recently, if the government wanted to violate the privacy of
|
||
ordinary citizens, they had to expend a certain amount of expense and
|
||
labor to intercept and steam open and read paper mail. Or they had to
|
||
listen to and possibly transcribe spoken telephone conversation, at
|
||
least before automatic voice recognition technology became available.
|
||
This kind of labor-intensive monitoring was not practical on a large
|
||
scale. It was only done in important cases when it seemed worthwhile.
|
||
This is like catching one fish at a time, with a hook and line. Today,
|
||
email can be routinely and automatically scanned for interesting
|
||
keywords, on a vast scale, without detection. This is like driftnet
|
||
fishing. And exponential growth in computer power is making the same
|
||
thing possible with voice traffic.
|
||
|
||
Perhaps you think your email is legitimate enough that encryption is
|
||
unwarranted. If you really are a law-abiding citizen with nothing to
|
||
hide, then why don't you always send your paper mail on postcards? Why
|
||
not submit to drug testing on demand? Why require a warrant for police
|
||
searches of your house? Are you trying to hide something? If you hide
|
||
your mail inside envelopes, does that mean you must be a subversive or a
|
||
drug dealer, or maybe a paranoid nut? Do law-abiding citizens have any
|
||
need to encrypt their email?
|
||
|
||
What if everyone believed that law-abiding citizens should use postcards
|
||
for their mail? If a nonconformist tried to assert his privacy by using
|
||
an envelope for his mail, it would draw suspicion. Perhaps the
|
||
authorities would open his mail to see what he's hiding. Fortunately, we
|
||
don't live in that kind of world, because everyone protects most of
|
||
their mail with envelopes. So no one draws suspicion by asserting their
|
||
privacy with an envelope. There's safety in numbers. Analogously, it
|
||
would be nice if everyone routinely used encryption for all their email,
|
||
innocent or not, so that no one drew suspicion by asserting their email
|
||
privacy with encryption. Think of it as a form of solidarity.
|
||
|
||
Senate Bill 266, a 1991 omnibus anticrime bill, had an unsettling
|
||
measure buried in it. If this non-binding resolution had become real
|
||
law, it would have forced manufacturers of secure communications
|
||
equipment to insert special "trap doors" in their products, so that the
|
||
government could read anyone's encrypted messages. It reads, "It is the
|
||
sense of Congress that providers of electronic communications services
|
||
and manufacturers of electronic communications service equipment shall
|
||
ensure that communications systems permit the government to obtain the
|
||
plain text contents of voice, data, and other communications when
|
||
appropriately authorized by law." It was this bill that led me to
|
||
publish PGP electronically for free that year, shortly before the
|
||
measure was defeated after vigorous protest by civil libertarians and
|
||
industry groups.
|
||
|
||
The 1994 Communications Assistance for Law Enforcement Act (CALEA)
|
||
mandated that phone companies install remote wiretapping ports into
|
||
their central office digital switches, creating a new technology
|
||
infrastructure for "point-and-click" wiretapping, so that federal agents
|
||
no longer have to go out and attach alligator clips to phone lines. Now
|
||
they will be able to sit in their headquarters in Washington and listen
|
||
in on your phone calls. Of course, the law still requires a court order
|
||
for a wiretap. But while technology infrastructures can persist for
|
||
generations, laws and policies can change overnight. Once a
|
||
communications infrastructure optimized for surveillance becomes
|
||
entrenched, a shift in political conditions may lead to abuse of this
|
||
new-found power. Political conditions may shift with the election of a
|
||
new government, or perhaps more abruptly from the bombing of a federal
|
||
building.
|
||
|
||
A year after the CALEA passed, the FBI disclosed plans to require the
|
||
phone companies to build into their infrastructure the capacity to
|
||
simultaneously wiretap 1 percent of all phone calls in all major U.S.
|
||
cities. This would represent more than a thousandfold increase over
|
||
previous levels in the number of phones that could be wiretapped. In
|
||
previous years, there were only about a thousand court-ordered wiretaps
|
||
in the United States per year, at the federal, state, and local levels
|
||
combined. It's hard to see how the government could even employ enough
|
||
judges to sign enough wiretap orders to wiretap 1 percent of all our
|
||
phone calls, much less hire enough federal agents to sit and listen to
|
||
all that traffic in real time. The only plausible way of processing that
|
||
amount of traffic is a massive Orwellian application of automated voice
|
||
recognition technology to sift through it all, searching for interesting
|
||
keywords or searching for a particular speaker's voice. If the
|
||
government doesn't find the target in the first 1 percent sample, the
|
||
wiretaps can be shifted over to a different 1 percent until the target
|
||
is found, or until everyone's phone line has been checked for subversive
|
||
traffic. The FBI said they need this capacity to plan for the future.
|
||
This plan sparked such outrage that it was defeated in Congress. But the
|
||
mere fact that the FBI even asked for these broad powers is revealing of
|
||
their agenda.
|
||
|
||
Advances in technology will not permit the maintenance of the status
|
||
quo, as far as privacy is concerned. The status quo is unstable. If we
|
||
do nothing, new technologies will give the government new automatic
|
||
surveillance capabilities that Stalin could never have dreamed of. The
|
||
only way to hold the line on privacy in the information age is strong
|
||
cryptography.
|
||
|
||
You don't have to distrust the government to want to use cryptography.
|
||
Your business can be wiretapped by business rivals, organized crime, or
|
||
foreign governments. Several foreign governments, for example, admit to
|
||
using their signals intelligence against companies from other countries
|
||
to give their own corporations a competitive edge. Ironically, the
|
||
United States government's restrictions on cryptography in the 1990's
|
||
have weakened U.S. corporate defenses against foreign intelligence and
|
||
organized crime.
|
||
|
||
The government knows what a pivotal role cryptography is destined to
|
||
play in the power relationship with its people. In April 1993, the
|
||
Clinton administration unveiled a bold new encryption policy initiative,
|
||
which had been under development at the National Security Agency (NSA)
|
||
since the start of the Bush administration. The centerpiece of this
|
||
initiative was a government-built encryption device, called the Clipper
|
||
chip, containing a new classified NSA encryption algorithm. The
|
||
government tried to encourage private industry to design it into all
|
||
their secure communication products, such as secure phones, secure
|
||
faxes, and so on. AT\&T put Clipper into its secure voice products. The
|
||
catch: At the time of manufacture, each Clipper chip is loaded with its
|
||
own unique key, and the government gets to keep a copy, placed in
|
||
escrow. Not to worry, though–the government promises that they will use
|
||
these keys to read your traffic only "when duly authorized by law." Of
|
||
course, to make Clipper completely effective, the next logical step
|
||
would be to outlaw other forms of cryptography.
|
||
|
||
The government initially claimed that using Clipper would be voluntary,
|
||
that no one would be forced to use it instead of other types of
|
||
cryptography. But the public reaction against the Clipper chip was
|
||
strong, stronger than the government anticipated. The computer industry
|
||
monolithically proclaimed its opposition to using Clipper. FBI director
|
||
Louis Freeh responded to a question in a press conference in 1994 by
|
||
saying that if Clipper failed to gain public support, and FBI wiretaps
|
||
were shut out by non-government-controlled cryptography, his office
|
||
would have no choice but to seek legislative relief. Later, in the
|
||
aftermath of the Oklahoma City tragedy, Mr. Freeh testified before the
|
||
Senate Judiciary Committee that public availability of strong
|
||
cryptography must be curtailed by the government (although no one had
|
||
suggested that cryptography was used by the bombers).
|
||
|
||
The government has a track record that does not inspire confidence that
|
||
they will never abuse our civil liberties. The FBI's COINTELPRO program
|
||
targeted groups that opposed government policies. They spied on the
|
||
antiwar movement and the civil rights movement. They wiretapped the
|
||
phone of Martin Luther King. Nixon had his enemies list. Then there was
|
||
the Watergate mess. More recently, Congress has either attempted to or
|
||
succeeded in passing laws curtailing our civil liberties on the
|
||
Internet. Some elements of the Clinton White House collected
|
||
confidential FBI files on Republican civil servants, conceivably for
|
||
political exploitation. And some overzealous prosecutors have shown a
|
||
willingness to go to the ends of the Earth in pursuit of exposing sexual
|
||
indiscretions of political enemies. At no time in the past century has
|
||
public distrust of the government been so broadly distributed across the
|
||
political spectrum, as it is today.
|
||
|
||
Throughout the 1990s, I figured that if we want to resist this
|
||
unsettling trend in the government to outlaw cryptography, one measure
|
||
we can apply is to use cryptography as much as we can now while it's
|
||
still legal. When use of strong cryptography becomes popular, it's
|
||
harder for the government to criminalize it. Therefore, using PGP is
|
||
good for preserving democracy. If privacy is outlawed, only outlaws will
|
||
have privacy.
|
||
|
||
It appears that the deployment of PGP must have worked, along with years
|
||
of steady public outcry and industry pressure to relax the export
|
||
controls. In the closing months of 1999, the Clinton administration
|
||
announced a radical shift in export policy for crypto technology. They
|
||
essentially threw out the whole export control regime. Now, we are
|
||
finally able to export strong cryptography, with no upper limits on
|
||
strength. It has been a long struggle, but we have finally won, at least
|
||
on the export control front in the US. Now we must continue our efforts
|
||
to deploy strong crypto, to blunt the effects increasing surveillance
|
||
efforts on the Internet by various governments. And we still need to
|
||
entrench our right to use it domestically over the objections of the
|
||
FBI.
|
||
|
||
PGP empowers people to take their privacy into their own hands. There
|
||
has been a growing social need for it. That's why I wrote it.
|
||
|
||
**Philip R. Zimmermann**
|
||
Boulder, Colorado
|
||
June 1991 (updated 1999)
|