Office of the Historian

45. Minutes of a Special Coordination Committee Subcommittee Meeting1

Washington, December 7, 1977, 9:30–11:30 a.m.

SUBJECT

  • PD/NSC–24: Telecommunications Protection Policy2

PARTICIPANTS

  • White House

    • Frank Press (Chairman)
    • Wayne Kay
    • Ben Huberman
    • John Marcum
    • Rick Neustadt

  • State

    • Harold Saunders
    • Alfred Giovetti

  • Treasury

    • Richard Davis
    • Harold Paterson

  • Defense/NCS

    • Lt. Gen. Lee Paschall
    • Col. Preston Hix
    • Don Lacer

  • FCC

    • Walter Hinchman

  • GSA

    • Frank Carr
    • Warren Burton

  • OMB

    • James Oliver

  • Justice

    • John Harmon
    • Newall Squyers

  • Commerce

    • Jordan Baruch
    • Henry Geller
    • John Richardson

  • Transportation

    • Richard Alfultis
    • James Williams

  • Energy

    • John LaBarre
    • Charles Brashears

  • NSC

    • Sam Hoskinson

  • CIA

    • [2 names not declassified]

  • NSA

    • Adm. Bobby Inman
    • Howard Rosenbloom

Dr. Frank Press, The President’s Science Advisor and Chairman of the Special Subcommittee on Telecommunications Protection convened the initial subcommittee meeting on this date. The purpose of the meeting was to discuss implementation of Presidential Directive, PD–24.

The Chairman summarized the Soviet activities and the sequence of events leading to PRM–223 and PD–24. The essential elements of PD–24 were outlined and he reported that the Senate and House [Page 202] Intelligence Committees had been briefed on the President’s initiatives contained in PD–24.

The Chairman noted the following:

An annual report is to be submitted by the subcommittee to the National Security Council through the SCC. The due date for this initial report to the SCC is December 14, 1978. Subcommittee members, and the Executive Agents in particular, shall be called upon to assist in the reports preparation.
That two Executive Agents have been designated: the Secretary of Defense for COMSEC to protect government-derived classified information and government-derived unclassified information which relates to national security. The Secretary of Commerce for communications protection for government-derived unclassified information (excluding that relating to national security) and for dealing with the commercial and private sector to enhance their communications protection and privacy. The subcommittee shall resolve areas of departmental overlap, should they occur, on a case-by-case basis.
That Colonel Wayne Kay is the Subcommittee Executive Secretary and White House staff coordinator for PD–24.

SUMMARY OF CONCLUSIONS

Numbering herein refers to applicable paragraphs in the PD.

—2.b. Unclassified information transmitted by and between government agencies and contractors that would be useful to an adversary should be protected.

Tasking: The nature and extent of this type information needs to be defined. The Executive Agents will investigate this area jointly, distinguish between that related to national security and that which is not and advise the subcommittee of their findings.

—2.c. Non-governmental information that would be useful to an adversary shall be identified and the private sector informed of the problem and encouraged to take appropriate protective measures.

Tasking: The Department of Commerce shall take steps to identify this type information, prepare a briefing for the private sector, review the briefing with the subcommittee prior to presentation to the private sector and review with the subcommittee their program to satisfy this requirement. The DOD shall assist as requested.

—2.d. While the private conversations of U.S. citizens do not appear to be the targets for foreign intercept activity at this time, this judgment should be kept under close and continuous review and the American people informed of any change in this conclusion. As a precautionary measure; the responsible Agencies should work with the FCC and the common carriers to adopt system capabilities which protect the privacy of individual communications and to carry out changes in regulatory policy and draft legislation that may be required.

[Page 203]

Tasking: The Departments of Justice, Commerce and Defense shall work with the FCC in carrying out this function. The NSA is to provide technical assistance as necessary.

—2.d. [6 lines not declassified]

Tasking: [3 lines not declassified]

—3.a. The private sector telecommunications carriers should be briefed on the nature of the threat and appropriate government R&D information shall be made available so as to help and encourage them to devise adequate protection strategies. A similar program shall be pursued for government contractors and other most likely affected industries, corporations and private sector entities.

Tasking: The Executive Agents shall, as in 2.c. above, prepare a program for briefing the private sector and appropriate government contractors. They are further enjoined to work with the DOJ and FCC as necessary. The briefings are to be reviewed and cleared by the subcommittee.

REMARKS:

It was noted by the Director, NSA that thus far, 11 carriers and 17 defense contractors had been given a classified briefing. He also pointed out that the DOD Joint Logistics Commanders were presently working on proposals to be submitted to the Joint Chiefs concerning the threat and providing options to be used by Defense contractors to protect information, both classified and unclassified relating to National Security. It was not determined who would pay for implementing protection measures—an open issue which may require a policy decision.

It was also noted that while high level executives within the telecommunications companies had been briefed, it was obvious the working levels therein had not been, as evidenced by the number of requests being submitted to GSA for specialized carrier contracts for services. Further, it was the consensus of the subcommittee that classification, in large part, stifled open and honest dialogue with the commercial sector.

Did knowledge of the threat cause the commercial sector to suffer by reduced use of the phone or by modifying their information handling techniques?

Are the companies therefore put at a disadvantage in economic competition? Similarly, what will the impact be on a government agency if significantly altered information handling techniques were imposed.

Tasking: The OSTP/NSC will assess downgrade and/or declassification aspects.

Department of Commerce (covered in part under 2.c.) in conjunction with Defense prepare and submit to the subcommittee a position paper and strategy for transfer of R&D information to telecommunications carriers. Department of Defense shall also present their prepared [Page 204] briefing (for carriers and defense contractors) for review and submit their program of on-going activities.

—3.d. A permanent interagency group under the chairmanship of the Department of State shall be established consisting of representatives of the Executive Office of the President, the Director of Central Intelligence, the Department of Defense, National Security Agency and the Department of Justice/Federal Bureau of Investigation to review and if necessary to deny real estate acquisition through lease or purchase by the USSR and other Communist countries that present a serious potential threat to U.S. telecommunications security.

Tasking: The Department of State representative was requested to insure that relevant actions of this group were made known to the subcommittee as necessary.

—3.e. [6 lines not declassified]

Tasking: [2 lines not declassified]

—3.f. Subject to continuous review of available technology and reassessment of the foreign intercept threat the following immediate technical actions shall be undertaken:

The government shall conduct a multi-faceted R&D program covering both system and user oriented protection approaches funded at about $15 million per year.

Tasking: Of utmost concern is to avoid Executive Agent R&D duplication. It was acknowledged that R&D would be pursued within each agents sphere of responsibility. The Chairman stressed that the government R&D programs pull together, therefore, the DOD (NSA) as lead agent with full Commerce support, shall submit an R&D program package to the subcommittee for review. Furthermore, R&D dollars are to be highlighted for the President in future budgetary requests.

—Phase I and II of the DUCKPINS cable program shall be completed as soon as possible and no later than in 1978. This program shall be funded at a level of about $4 million per year.

Tasking: It is recognized that the DUCKPINS cable program is a continuing program without a cut-off date even after full implementation. The Manager, NCS shall be prepared to provide program status at least quarterly.

—Executive Secure Voice Network (ESVN) systems shall be installed when appropriate high priority requirements can be validated.

Tasking: The Manager, NCS shall continue collection and analysis of government-wide requirements for ESVN. NSA shall continue to assist. The Committee will review and validate fully justified requirements.

—4.f. The Subcommittee should choose a future implementation strategy based on cost-benefit analysis, legal considerations and [Page 205] regulatory policy. As an initial action, the head of departments and agencies, as designated by the Subcommittee, shall assess the need for protection of unclassified information transmitted under their suspices and report their conclusions to the Subcommittee within 60 days. The Subcommittee shall then set appropriate standards for protection.

Tasking: The Department of Commerce will develop and submit for subcommittee review a technique to assess department/agency information. It will include but not be limited to:

Kinds of information which may need protection.
How the data is transmitted.
Origination and distribution points.
System nodes.
If protection is necessary, what kind of protection and estimated cost.
Is the cost of protection higher than the loss of data if it were compromised.

The GSA will keep the subcommittee informed on its on-going bulk encryption study for satellites.

The CIA should be prepared, if called upon, to provide a reassessment of known Soviet intentions.

The NSA shall review its past activities in these areas and provide the subcommittee a summary thereof.

Concerning the magnitude of the threat, or changes thereto, the Department of Justice (FBI) shall be the lead agent in keeping the subcommittee informed.

—5. NSDM’s 266, 296, 338 and 346 and the 1968 NSC Communications Security Directive are hereby rescinded.4

REMARKS:

By rescinding the 1968 NSC Communications Security Directive, the United States Communications Security Board or USCSB is abolished. The policies promulgated by that board shall remain in effect until such time as the subcommittee Executive Secretary, in consultation with Defense, reviews that policy and makes recommendations concerning their disposition.

The Chairman tabled a final issue; not one contained in PD–24 but directly related to the overall subject of telecommunications protection policy and is therefore an area that may well need policy attention. The following is a summary of the presentation given by Howard Rosenbloom and deals with “public cryptography, signals intelligence and academic freedom.”

[Page 206]

The needs of the public for privacy and protection have been recognized and publicized. This has created a market for security devices to protect:

Banking (Electronic Fund Transfer)
Personnel Data
Medical History
Data Communications
Voice Communications

This field is called public cryptography.

The Government, to protect National Security matters, has developed and employed devices that protect a similar range of information. The methods employed for protection are highly classified because they reveal our capability to retrieve intelligence from foreign communications. Once the methods are revealed, the foreign target can thwart our intelligence gathering.

Recent academic/industrial work, stimulated by the public market, has produced a well-publicized concept for an “unbreakable” cipher system which could economically cater for the public need. The National Bureau of Standards, with classified help from the National Security Agency, has produced an “encryption” standard which is proposed for public use.

The NBS system, because of classified input, is invulnerable to mathematical attack. The public work, however, is vulnerable to attack using classified methods. The academic/industrial community is unaware of this because of classification and is unwilling to accept the restriction on academic freedom that dealing with classified information represents. The public has been suspicious of the NBS standard because the classified methods employed to test and strengthen it have not been revealed because of impact on signals intelligence and National Security.

Further, the academic community is concerned that the Government plans to inhibit their cryptologic research. They have become aware of ITAR (International Traffic in Arms Regulation), a regulation that inhibits export of munitions and cryptography. The U.S. controls export of cryptography to prevent the spread of good protection to those foreign targets that now yield valuable signals intelligence. The academic community wants clarification of the portions of ITAR which seem to inhibit international publication of cryptographic research and appears to infringe their academic freedom.

The following issues may need policy determination:

Academic world needs immediate clarification of ITAR and how it affects their academic freedom.
Government needs to clarify the relation of public cryptography to classified cryptography.
Government needs to balance the impact on National Security of the needs for public cryptography and academic freedom.

RELATED QUESTIONS:

How “good” should public cryptography be?
In view of export problem
In view of domestic surveillance needs
How can academic freedom be provided and minimize damage to National Security?
How will ITAR interpretation apply?
Is new legislation needed?
How should the Government interface with Academe/Industry in public cryptography? Should the Government support unclassified research? How can the classified work interface with the unclassified work?
How should DOD and DOC employ classified tools for public cryptography? Should DOD “go it alone”?
How does the U.S. Government deal with the U.K. for public cryptography? Should there be separate contact from both DOD and DOC?
What public statements should be made? By whom? When?

The Chairman stressed the need for a mechanism to respond to academia.

Tasking: The Department of Justice is to evaluate the applicability of ITAR and its relationship to research, publications or presentations about public cryptography by the academic community; regardless of whether the foregoing be verbal or in the form of papers and whether the research is supported by private or government funds.

The Department of Commerce as lead agent, working with the NSA shall propose a position paper outlining a national policy for government use. This position paper is due to the working group comprised of OSTP, Commerce, NSA and Justice by January 20, 1978. The lead agent is enjoined to contact the National Science Foundation and Department of State who may be asked to contribute in their respective areas (State for the U.K. coordination effort). The President’s Science Advisor shall be responsible for all public coordination.

The Director, OMB and Manager, NCS shall attend all future meetings.

The next subcommittee meeting is tentatively scheduled for the week of January 23–27, 1978.

  1. Source: Carter Library, National Security Affairs, Staff Material, Defense/Security, Welch, Box 210, Command, Control, Communications. Top Secret. The meeting took place in the White House Situation Room.
  2. See Document 40.
  3. See Document 8.
  4. See footnote 3, Document 40.