«Table of Contents I. INTRO DU CTIO N II. THE CLIPPER SCHEME: AN EFFORT TO MAINTAIN THE INTEGRITY OF ELECTRONIC SURVEILLANCE A. The Current Proposal: ...»
CHOPPY WATERS IN THE SURVEILLANCE DATA
STREAM: THE CLIPPER SCHEME AND THE
MARK I. KOFFSKY f
Table of Contents
I. INTRO DU CTIO N
II. THE CLIPPER SCHEME: AN EFFORT TO MAINTAIN THE
INTEGRITY OF ELECTRONIC SURVEILLANCE
A. The Current Proposal: "Optional Clipper".
B. A Hypothetical Extension: "Mandatory Clipper"............. 136
I. THE PARTICULARITY CLAUSE: LIMITING THE SCOPEOF AN ELECTRONIC SURVEILLANCE
A. Particularity Clause Requirements For A Valid Electronic Surveillance
B. An Example: Particularity Clause Analysis of Title II.......... 139
IV. THE PARTICULARITY CLAUSE AS APPLIED TOMANDATORY CLIPPER
A. The Katz Analysis: Evaluating the Conduct of the Surveying Offi cers
B. The Berger Analysis: Evaluating the Mechanism That Enables the Surveillance
V. CON CLU SION
I. INTRODUCTION The scene is a local police precinct. After obtaining proper authorization, the police establish a wiretap vital to their ongoing investigation of a suspected drug kingpin. The call is placed, the police listen intently, but they only hear garbled noise-the suspect is using a telephone equipped with encryption technology. Upon realizing that the sophisticated encryption scheme cannot be broken by even the most advanced computers, the police abandon their efforts. Their inability to © 1994 Mark I. Koffsky.
t J.D. Candidate 1995, Columbia University School of Law; B.S. Electrical Engineering 1992, Columbia University School of Engineering; B.A. Physics 1992, Yeshiva University.
HIGH TECHNOLOGY LAW JOURNAL132 Vol. 9:1 decipher the encryption scheme has severely obstructed their ongoing investigation.
As these incidents grow in number, the Federal Government and law enforcement agencies become increasingly concerned with the obstruction imposed by encryption, both of voice and data. Any desire to remedy this problem, however, is tempered by the recognition that data encryption telephones are used primarily by businesses and citizens seeking to prevent others from listening to their conversations.' To accommodate law enforcement goals without compromising legitimate encryption needs, the Federal Government is considering using a mandatory Clipper scheme. A mandatory Clipper scheme would prohibit the use of all forms of private data encryption technology in telephones and require that those wishing to use data encryption devices use only authorized equipment. The authorized equipment would provide secure telephone conversations to thwart private eavesdroppers while enabling law enforcement officers to decrypt intercepted conversations using special computer keys. As a safeguard, law enforcement officials could only acquire the computer keys after first obtaining legal authorization for the electronic surveillance.
This Comment argues that a mandatory Clipper scheme violates the Fourth Amendment requirement that searches be conducted with sufficient particularly.2 Part II describes the current conflict between the proliferation of data encryption technology and electronic surveillance efforts by law enforcement officials, and postulates a Federal Government sponsored mandatory Clipper scheme as a solution. Part III presents the two-part evaluation currently used by the judiciary to evaluate the
propriety of an electronic surveillance under the Particularity Clause:
examining first the ordinance enabling the surveillance, and second the conduct of the officers executing the surveillance. Part IV argues that although the officers executing a surveillance under a mandatory Clipper scheme can act within the dictates of the Particularity Clause, courts should find that a mandatory Clipper scheme, on its face, violates the Particularity Clause.
1. Keeping voice and data lines secure from industrial espionage costs large corporations and small businesses billions of dollars per year. See Stephen M. Williams, Companies Compile Dossiers on Rivals, THE HARTFoRD COURANT, June 7, 1993, at 1.
2. The Fourth Amendment to the Constitution of the United States provides:
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularlydescribing the place to be searched, and the persons or things to be seized.
U.S. CoNST. amend. IV (emphasis added)[emphasized portion hereinafter the Particularity Clause].
THE CLIPPER SCHEME AND THE PARTICULARITY CLAUSE
THE CLIPPER SCHEME: AN EFFORT TO MAINTAINII.
THE INTEGRITY OF ELECTRONIC SURVEILLANCEThe Current Proposal: "Optional Clipper" A.
In use for millennia for military 3 and civilian purposes, data encryption is the process by which a message is sent in cryptic form to a recipient who, in turn, decodes the message with a "key." These keys can be as diverse as a letter substitution table or a computer program. Julius Caesar used a code where each letter was replaced by the third later letter in the Latin alphabet.4 In a perfect encryption scheme, no one other than the intended recipient of a message can decode, and therefore understand, the contents of the message.
Currently, consumers can purchase, from private parties, special telephones equipped with data encryption technology so advanced that eavesdroppers cannot understand conversations spoken on these telephones.6 The same encryption technology, however, can be used to
3. Encryption technology has often been associated with the military. Even today, the U.S. Munitions List is the repository for encryption regulation. See 22 C.F.R. § 121.1(b)(1) (1992).
4. See James L. Massey, Contemporary Cryptology: An Introduction, in CONTEMPORARY CRYPTOLOGY 3, 6 (Gustavus J. Simmons ed., 1992). "COLUMBIA" in Caesar's code would 178-79 See also Ernst L. Leiss, become "FROXPELD". PRINCIPLES OF DATA SECURITY (1982)(discussing the mathematical theory behind the dual key algorithm, one of the most secure encryption schemes available).
5. See John Eckhouse, New Phones Keep Trade Secrets Safe, S.F. CHRON., July 9, 1993, at El.
6. The RSA public key algorithm is one of the best-known data encryption systems. It would take a computer that performs 1 trillion operations per second approximately 1000 years to break a standard RSA encryption. See James Nechvatal, Public Key Cryptography, in CONTEMPORARY CRYPTOLOGY 177,207-08 (Gustavus J.Simmons ed., 1992).
The possibility that an encryption scheme can be so effective that it cannot be decrypted at all can be better understood by analyzing properties of one-way mathematical functions. In general, a mathematical function takes a parameter, x, and
yields a result, y. For example the cube function can be expressed as:
y=x The inverse of the function takes the result, y, and yields the parameter x. The inverse
of the above equation, the cube root function, is:
Functions that are easier to compute in their normal form than in their inverse form are known as one-way functions. The cube function is such a function because it is easier to compute the cube of 3 than the cube root of 27.
To illustrate by hypothetical, S wants to send R a message using the cube code. The message is the number 12.1 (assume the message is in numerical form). S encrypts the message by using the cube function producing the number 1771.561 and sends that number to R. Assume further that the message is intercepted by Z and Z knows that the encryption was accomplished via the cube function. Z will need to expend more effort to decrypt the message using the inverse of the cube function (i.e. the cube root function) than S did in encrypting the message. Obviously, Z will be able to decrypt the message by 134 HIGH TECHNOLOGY LAW JOURNAL Vol. 9:1 shield criminals from Government surveillance since law enforcement officials engaged in authorized electronic surveillance cannot understand encrypted conversations.7 The recent increase in electronic surveillance by Government officials only exacerbates this problem.8 To resolve this quandary, the Clinton administration introduced the Clipper Chip initiative on April 16, 1993. The briefing by the White House proposing the Clipper initiative included the following: "While encryption technology can help Americans protect business secrets and unauthorized release of personal information, it also can be used by terrorists, drug dealers, and other criminals." 9 The Clipper initiative envisions the use of a government manufactured computer chip to encrypt telephone signals.' 0 The resulting encryption would be highly effective because the chip's encryption algorithm is more secure than any data encryption technology currently available," thereby providing effective protection from private using a calculator or a cube root table. If S were to use a more complicated one-way mathematical function, Z would have more difficulty in decrypting the message even if Z knows the function. Effective encryption techniques take advantage of this fact. See Bob Metclafe, One-way Functions are the Key to Security, INFOWORLD, Sept. 27, 1993, at 65.
7. James E. Kallstrom, the FBI's chief of investigation technology, commenting on the optional Clipper scheme, stated: "We feel we need these tools to do our job." John Mintz & John Schwartz, Chipping Away at Privacy?,WASH. POST, May 30, 1993, at H1. Kallstrom feared the consequences that might result if Clipper is not implemented. "I don't have a lot of dead bodies laying around here or dead children from an airplane explosion that we haven't been able to solve-yet." Id.
8. Each year, the Director of the Administrative Office of the United States Courts transmits a report to Congress summarizing the use of electronic surveillance by law enforcement officials in the past year. See 18 U.S.C. § 2519(3) (1988). 738 applications submitted for the authorization of electronic surveillance were approved in 1988. This represented a 10% increase over the approvals in 1987. See THE STATISTICAL ANALYSIS AND
REPORTS DIVISION, ADMINISTRATIVE OFFICE OF THE U.S. COURTS, REPORT ON APPLICATIONS
FOR ORDERS AUTHORIZING OR APPROVING THE INTERCEPTION OF WIRE, ORAL OR ELECTRONICCOMMUNICATIONS (WIRETAP REPORT) FOR THE PERIOD JANUARY 1, 1988 TO DECEMBER31, 1988 2 (1989).
9. Dee Dee Myers, Statement at The White House, April 16, 1993. Development of the Clipper initiative actually began during the Bush administration. The National Security Agency and the National Institute of Standards and Technology started development on Clipper in 1989. See Richard Lipkin, Making the Calls in a New Era of Communication, INSIGHT, Jul. 12, 1993, at 6.
10. The Federal Government has designated Mykotronx, a company located in Torrance, California, to manufacture the Clipper chips. See Dee Dee Myers, Statement at The White House, April 16, 1993 and attachments thereto.
11. Clipper employs the Skipjack algorithm which uses an 80-bit key, more powerful than the 56-bit key used by the popular Data Encryption Standard (DES) developed by IBM in 1976. See Dorothy E. Denning, Cryptography, Clipper,and Capstone (Draft of May 11, 1993), in THE THIRD CPSR CRYPTOGRAPHY AND PRIVACY CONFERENCE SOURCE BOOK (David Banisar & Marc Rotenberg eds. 1993), at 3-5. Skipjack is a classified algorithm developed by the National Security Agency. The secret nature of the Skipjack algorithm caused particular concern in the private sector because of the possibility that the National Security Agency had left a "trap door" in the Clipper chip. If present, the trap door would allow
THE CLIPPER SCHEME AND THE PARTICULARITY CLAUSEcitizens eavesdropping on each other. Thus, Clipper would protect legitimate business encryption needs while allowing access for authorized law enforcement officials.' To insure that law enforcement officials will not abuse the Clipper initiative, the initiative requires that the computer key for each Clipper chip be split in half and housed in repositories maintained by two separate government agencies. 13 Before obtaining these half-keys, law enforcement officials must obtain proper authorization for an electronic surveillance. After obtaining proper authorization and encountering a Clipper encrypted message, law enforcement officials obtain the Clipper chip's unique serial number from the intercepted transmission. The law enforcement officials then present this serial number and a copy of the electronic surveillance authorization to both escrow agencies, each of which would release its half of the decryption key for that chip.' 4 The officials can then combine the two half-keys into a whole key, allowing decryption of the intercepted conversation.'5 summary decryption of conversations without the need to obtain the necessary decryption keys from the repository agencies via a court authorization.
To ally these fears, the Federal Government invited five computer scientists to examine the classified algorithm in the summer of 1993. Although the scientists were forbidden to discuss their specific findings, they claimed no trap door exists in Clipper. See Robert L.
Holtz, Computer Code's Security Worries Privacy Watchdogs, L.A. TIMES, Oct. 4, 1993, at Al.
12. The Clipper initiative proposal contains the following: "This new technology will help companies protect proprietary information, protect the privacy of personal phone conversations and prevent unauthorized release of data transmitted electronically. At the same time this technology preserves the ability of federal, state and local law enforcement agencies to intercept lawfully the phone conversations of criminals." Dee Dee Myers, Statement at The White House, April 16, 1993 and attachments thereto.
This statement reflects the Federal Government's desire to convince the public that it is striking the correct balance between the legitimate needs of law enforcement and the desires of private citizens to maintain the privacy of conversations.