Too Many Secrets

By Douglas Rushkoff. Published in The New York Times Syndicate/Guardian of London on 1 December 1996

There are secrets, and there are secrets about secrets. Meta-secrets.

For example, it was recently revealed that members of the United States and British intelligence communities knew about Nazi concentration camp atrocities long before they released this information to legislators and the public. This withholding of information delayed the development of global anti-Nazi sentiment, and kept the holocaust from becoming a top priority. We simply pretended not to know about the death camps.

But the reason why this information was withheld for so long is fascinating and telling. The allies only learned about Nazi executions of Jews because the British had cracked the encryption code that the Germans were using to transmit their radio messages. Had they made their findings about Nazi death camps public, the allies would have also revealed their ability to decipher the Nazi code. The Germans would have rushed to develop a new code and the British would have lost their intelligence edge.

Such meta-secrets are almost always the product of governments in conflict. They are a symptom of war, not peace. While governments will tend to keep secrets about secrets, people and businesses generally don’t - and this is the dynamic truly at the core of today’s debate about encryption.

This week, the United States is proposing a new set of policies for encryption programs. Essentially, they allow for the international distribution of top-quality encryption programs made in the United States, as long as the United States government maintains a means of accessing the mathematical password for any phone or computer message using the program.

The proposal is futile, of course. No one hoping to maintain true secrecy will buy the US programs - at least not through official channels. Instead, businesses and individuals wishing to evade US government snoops will simply buy other software using the same standards of encryption, or secure illegal copies of the US programs. It is virtually impossible to keep the encryption technology a secret.

Most businesses using the Internet for cash transactions see no reason for the meta-secret. In fact, they would prefer access to encryption technology that is un-decipherable, even by the U.S. government. The last government effort at an encryption policy - the Clipper Chip - was cracked by hackers before it was even released. Why should Visa or Mastercard put themselves and their dollars in the hands of government-salaried techies and their low-grade solutions?

So that terrorists and drug dealers won’t use top-quality encryption software to evade detection by government agencies, argues the United States. We must keep our methods of keeping secrets secret, lest we make ourselves vulnerable to attack. The advancement of encryption technology, in the light of national security, is equivalent to the development of any weapons technology: the side with the best weapons wins the war.

The current stalemate between business and government interests exposes the central rift between proponents of a global information and commerce network and its detractors. Those who hope to maintain the security of nation states naturally resist the dissolution of boundaries, fearing that the advantages of absolutely secured transactions and communications are far outweighed by the associated loss of an intelligence edge.

The real question is whether the Internet’s enhancement of relationships between individuals and businesses will in itself lessen hostility between competing governments. Right now, the United States doesn’t appear to think so.

But ultimately, Washington has little choice. While keeping secrets online has become relatively easy, keeping these methods of encryption a secret is impossible. By preventing domestic software companies from distributing foolproof encryption software, all the US can hope to accomplish is to cripple American software companies, and send business to Europe and Asia.

The new reality of secure communications over national boundaries must be interpreted as a peacetime benefit, not an opportunity for renewed hostility and paranoia. The US government will lose its competitive edge, but US businesses will stand a chance of maintaining theirs. And all in the name of global communication.

Besides, if United States intelligence agencies ever were to develop a method of deciphering today’s state of the art encryption software - and there’s no reason to think they eventually won’t - history shows us they would most likely keep this ability a secret, anyway.