Have you heard what the US Department of Justice's policy on encryption is? The Administration is against it, unless there is a "recovery system" (backdoor).

[I'm sure they must realize that people can hold secrets in their minds too.]

Many large ISPs have been accomodating the US Government by running monitoring software on their customers data, and making it available to various authorities. So, how many encryption software authoring companies are likewise providing law enforcement with backdoors into encrypted data (private property)?

Certainly law enforcement will keep their cooperation a secret, allowing the software sales to continue. Now there's a *real* opportunity for the Federal Trade Commission to act against consumer fraud (but don't hold your breath).

Furthermore, it is not any secret that there is much corruption in law enforcement. So, how safe is the encryption "recovery system" information with them?

The following is a direct quote from the US Department of Justice policy:

"The Administration's policy is to promote the development and use of strong encryption which enhances the privacy of communications and stored data while preserving law enforcement's ability to gain access to evidence as part of a legally authorized search or surveillance. We are willing to look at any options that advance these goals, as well as protecting national security, securing electronic commerce and preserving U.S. competitiveness. The Administration has identified one method to achieve the necessary balance -- the use of encryption products that incorporate recovery systems. With such products, law enforcement agents can, pursuant to lawful process, obtain recovered "plaintext." The Administration is open to other approaches."


If you didn't get enough from that quote, you can find more at CyberCrime.gov.

What are your thoughts?

cimotaflow