BKELPRPA.RVW 971114 "The Electronic Privacy Papers", Bruce Schneier/David Banisar, 1997, 0-471-12297-1 %A Bruce Schneier schneier@counterpane.com %A David Banisar %C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8 %D 1997 %G 0-471-12297-1 %I Wiley %O 416-236-4433 fax: 416-236-4448 lwhiting@jwiley.com %P 747 %T "The Electronic Privacy Papers" In recent years various legislators, government offices, and authorities in the United States have sponsored, proposed, or promoted a truly bewildering variety of laws and regulations dealing with message content, interception, encryption, and other aspects of electronic communications. Even insiders seem to find the convoluted activity byzantine: to the outsider it appears positively bizarre. Bills are proposed, amended, and withdrawn, only to reappear under different guises in other laws. Secret technologies are guaranteed to be secure, but are found to be easily fooled by unsophisticated equipment. Proposals stated to be vital to the national interest turn out to be either technically infeasible or commercially undesirable. Schneier and Banisar have provided a guide through the governmental maze, and in a most unusual fashion. These really are the electronic privacy papers. Instead of presenting the normal, and almost automatically biased, account based on their own understanding, this book gives the reader the actual source material: the papers themselves. Acts, bills, reports, reviews, correspondence, speeches, articles, and even propaganda have all been collected and organized. All that could be collected, that is. Much of the material was only obtained as a result of lawsuits under the Freedom of Information Act. Even then the texts were obviously heavily censored and given up only reluctantly: one significant inclusion is a facsimile of an FBI report on problems encountered during wiretaps. Everything except the record number and type of investigation has been completely excised. The authors do provide introductions to, and overviews of, the various topics. They also begin each collection of documents with a description of the various papers and background context. In addition, the very complex topic of cryptography; involving standards, competing technologies, classification, key escrow, and export controls; has a detailed chapter providing an outline explanation of the entire game. Two parts, on wiretapping and digital telephony, deal with interception of communications. Cryptography gets the lion's share of space in the book: parts four through seven have chapters covering the basic technology, control, early and background government policies, the Clipper proposal, Clipper history, public response to Clipper, export controls, efforts to relax export controls, banning cryptography, and software key escrow. Based as it is on obtainable documents, this book cannot be exhaustive. Certain activities have probably been well hidden. Also, given the nature of the material, the book is not technically detailed, although it is technically informed. Not that any lack of technical content makes the book easier to read: anyone who complains about technical documentation has obviously never had to deal with government memoranda.) In spite of what it cannot be, however, the book is a fascinating and valuable reference for the government watcher, security specialist, interested layman, and privacy policy analyst alike. copyright Robert M. Slade, 1997 BKELPRPA.RVW 971114