Expand All Collapse All Extent 26 folders, approximately 1,206 pages Summary This collection consists of records related to United States encryption and cryptography policy. Specifically, it was for records related to an encryption software program called Pretty Good Privacy (PGP) and the author of that program Philip Zimmermann. Presidential Review Directive 27 (PRD-27) Advanced Telecommunications and Encryption (April 16, 1993) announced the creation of an Interagency Working Group (IWG) to assess the issue for the government. The development of administration policy was complex, and a number of executive offices were involved. The Department of Commerce and the Department of State were concerned with export control requirements. The intelligence and law enforcement communities with counterterrorism and anti-crime concerns. Administration policies focused initially on hardware solutions such as Clipper chips. Ultimately, in consultation with industry partners, the administration took a position favoring software solutions such as key recovery, digital encryption standards (DES), DES stacks, Secure Socket Layers (SSL), Key Management Infrastructures (KMI), and a host of similar systems. Scope and Content Note The materials in FOIA 2020-0544-F are a select body of documents responsive to the topic of the FOIA. Researchers should consult the archivist about related material. This request was for records related to United States encryption and cryptography policy. Specifically, it was for records related to an encryption software program called Pretty Good Privacy (PGP) and the author of that program Philip Zimmermann. Previous administrations dealt with encryption and cryptography as a security and intelligence issue. The Clinton administration found itself in a moment when technological advancements required addressing the issue as a commercial and privacy issue as well as one of security and intelligence. Presidential Review Directive 27 (PRD-27) Advanced Telecommunications and Encryption (April 16, 1993) announced the creation of an Interagency Working Group (IWG) to assess the issue for the government. The development of administration policy was complex, and a number of executive offices were involved. The Department of Commerce and the Department of State were concerned with export control requirements and intelligence and law enforcement communities with counterterrorism and anticrime concerns. Administration policies focused initially on hardware solutions such as Clipper chips. Ultimately, in consultation with industry partners, the administration took a position favoring software solutions such as key recovery, digital encryption standards (DES), DES stacks, Secure Socket Layers (SSL), Key Management Infrastructures (KMI), and a host of similar systems. Philip Zimmermann is the creator of Pretty Good Privacy (PGP) encryption software, which was designed to encrypt emails, files, drives, and for use as a way to authenticate data transfers. It was released in 1991 to the public through a File Transfer Protocol (FTP) to a small group of people in an anti-nuclear weapons activist group. That release led to an investigation of supposed Arms Export Control violations. There are no records in this collection related to that investigation. In 1996, Zimmermann started PGP Incorporated which was purchased in 1997 by Network Associates, Inc. This collection contains email and cable regarding internet privacy rights, encrypting sensitive information communicated via the internet, and the legality of exporting encryption software such as PGP. Record Type Textual System of Arrangement Records that are responsive to this FOIA request were found in these collection areas—Clinton Presidential Records: Automated Records Management System [Email], and Clinton Presidential Records: NSC Cable, Email, and Records Management System. Access Collection is open to all researchers. Access to Clinton Presidential Records is governed by the Presidential Records Act (PRA) (44 U.S.C. Chapter 22, as amended) and the Freedom of Information Act (FOIA) (5 U.S.C. 552, as amended) and therefore records may be restricted in whole or in part in accordance with legal exemptions. Copyright Documents in this collection that were prepared by officials of the United States government as part of their official duties are in the public domain. Researchers are advised to consult the copyright law of the United States (17 U.S.C. Chapter 1) which governs the making of photocopies or other reproductions of copyrighted material. Provenance Official records of William Jefferson Clinton’s presidency are housed at the Clinton Presidential Library and administered by the National Archives and Records Administration (NARA) under the provisions of the Presidential Records Act (PRA). Processed by Staff Archivist, 2023. Previously restricted materials are added as they are released. Last Modified Date 2023-07-12 Container List The following is a list of documents and folders processed in response to FOIA 2020-0544-F (Seg 2): Box 1 Clinton Presidential Records: Automated Records Management System [Email] NSC [OA/ID 1200000] [Cryptography and PGP] [10/08/1997-07/19/2000] [Encryption and PGP] [08/29/1997-01/24/2000] [02/02/2000] [05/26/2000-10/20/2000] [Network Associates] [03/18/1999-07/25/2000] [Phil Zimmermann] [12/02/1999-04/17/2000] [11/07/2000] Clinton Presidential Records: NSC Cable, Email, and Records Management System NSC Cable Jan 1995-Dec 1996 [OA/ID 510000] [Cryptography and PGP] [04/12/1995-10/16/1996] Jan 1997-Dec 1998 [OA/ID 520000] [Cryptography and PGP] [02/19/1997-03/20/1998] Jan 1999-Dec 2000 [OA/ID 530000] [Cryptography and PGP] [06/14/2000] Clinton Presidential Records: NSC Cable, Email, and Records Management System (continued) Jan 2001 [Cryptography and PGP] [01/05/2001] Jan 1993-Dec 1994 [OA/ID 505000] [Encryption and PGP] [07/23/1993-06/21/1994] Jan 1995-Dec 1996 [OA/ID 510000] [Encryption and PGP] [03/07/1995-12/26/1996] Jan 1997-Dec 1998 [OA/ID 520000] [Encryption and PGP] [02/04/1997-07/02/1997] Box 2 [08/06/1997-12/22/1998] Jan 1999-Dec 2000 [OA/ID 530000] [Encryption and PGP] [01/30/1999-02/29/2000] [03/14/2000-12/20/2000] Jan 2001 [Encryption and PGP] [01/05/2001-01/18/2001] NSC Emails Exchange-Non-Record (Mar 97-Jan 01) [OA/ID 630000] [Cryptography and PGP] [12/02/1999-03/03/2000] MSMail-Record (Sept 94-Sept 97) [OA/ID 590000] [Encryption and PGP] [09/18/1995-12/04/1995] MSMail-Non-Record (Sept 94-Sept 97) [OA/ID 605000] [Encryption and PGP] [02/06/1995] [02/07/1995] Exchange-Record (Sept 97-Jan 01) [OA/ID 620000] [Encryption and PGP] [11/12/1997-04/23/1998] Exchange-Non-Record (Mar 97-Jan 01) [OA/ID 630000] [Encryption and PGP] [03/20/1998-12/23/1999] Exchange-Record (Sept 97-Jan 01) [OA/ID 620000] [Encryption and Pretty Good Privacy] [04/15/1998] Exchange-Non-Record (Mar 97-Jan 01) [OA/ID 630000] [Encryption and Pretty Good Privacy] [03/09/1999]