Zimmerman joins UK think tank

Phil Zimmerman, the creator of the first email encryption program to find mass appeal, will bring his experience to the Foundation for Information Policy Research

One of the founding fathers of modern cryptography, Phil Zimmermann -- who created PGP (Pretty Good Privacy) and thus introduced a generation of computer users to email encryption -- has joined the advisory council of the Foundation for Information Policy Research.

Zimmermann was at the forefront of the battle to give ordinary Internet users access to email encryption in the 1990s. When he released the first version of PGP in 1991, Zimmermann faced a three-year FBI investigation. Encryption was still viewed as a threat to the US government's intelligence operations and classified military munitions.

By creating PGP and distributing it on the Internet, Zimmermann also helped widen the use of public key cryptography, developed by Whitfield Diffie and Martin Helman, which allows computer users to communicate in privacy without having to first physically exchange keys. Public key cryptography forms the basis of secure financial transactions over the Internet. Since then, Zimmermann has worked to develop an open standard for secure Internet email communications, dubbed OpenPGP.

Zimmerman is known for his opposition to increased surveillance, and his work on cryptography has seen him hailed by some organisations as a civil-rights champion. In a statement, the FIPR said Zimmerman will bring "invaluable experience and contacts" to the FIPR.

Ian Brown, the director of FIPR, said, "Phil's PGP software and his battle with the US government was my and many others' introduction to the whole field of technology policy, so I am delighted that he has agreed to join FIPR's Advisory Council." Brown added that with cryptography policy issues becoming ever more complex, "Phil's experience and insights will be invaluable in helping us identify and analyse the problems that new technology brings in its wake." He noted that technologies such as Microsoft's Palladium in particular are creating "fresh tensions between privacy and corporate interests."

Phil Zimmermann, who is American, said that efforts to preserve civil liberties are as important in Europe as in the US. "I think our own government in the US found it harder to hang on to the crypto export controls after we made progress in the French and British domestic policies. Now we face tougher challenges, and we must face them together."

Since its inception in May 1998, the FIPR has played a fundamental role in changing several laws in the UK. When the Regulation of Investigatory Powers Act 2000 was passing through parliament, the Foundation successfully promoted amendments that prevented the surveillance of Web browsing without a warrant, ensured that those who lose keys or forget passwords would be presumed innocent, removed corporate criminal liability for inability to decrypt ("key escrow by intimidation"), raised the authorisation level for access to passwords and decryption keys to that of Chief Constable, transferred open-ended costs of deploying "black boxes" from ISPs to the Home Office and provided the interception commissioner with a right to a technical audit trail for oversight


Who's watching you? Get the latest on spy networks such as Echelon and Carnivore, as well as privacy issues for companies and individuals alike, at ZDNet UK's Privacy News Section.

Have your say instantly, and see what others have said. Go to the ZDNet news forum.

Let the editors know what you think in the Mailroom.