Central Intelligence Agency

Washington D.C. 20505

Mr. Charles R. Smith
7707 Whirlaway Drive
Midlothian, Virginia 23112

Reference: F97-1241

Dear Mr. Smith:

This is to acknowledge receipt of your 17 May 1997 letter requesting records under the provisions of the Freedom of Information Act (FOIA). Specifically, you have requested the following:

"Legislation, proposed legislation, plans, documents, notes or meetings on 'mandating' government solutions in reference to encryption policy, efforts to nationalize using covert actions or other means to obtain control of domestic encryption. [You want us to] specify date, time, and persons involved in any discovery."

For identification purposes we have assigned your request the number referenced above.

With respect to your overall request, please be aware, the mission of the Central Intelligence Agency is primarily concerned with foreign intelligence -- not domestic -- matters. Section 103 (d) (1) of the National Security Act, as amended, specifically provides that "the Agency shall have no police, subpoena, law-enforcement powers, or internal security functions." Executive order 12333, which regulates the conduct of intelligence activities in the United States and elsewhere, provides that the responsibility for domestic intelligence collection is generally within the province of the Federal Bureau of Investigation (FBI). A very limited exception to the Order is provided which permits other agencies within the intelligence community to collect significant foreign intelligence and counterintelligence, provided that no such effort shall be undertaken for the purpose of acquiring information about the domestic activities of United States entities. Based on the above, we must decline to process your request.

For your information, the CIA is not authorized to release records originated by other Government agencies even if we were to located any. Therefore, should you wish to contact the FBI the following address is provided:

Mr. J. Kevin O'Brien, Chief
Freedom of Information-Privacy Acts Section
Federal Bureau of Investigation
J. Edgar Hoover Building, Room 6296
935 Pennsylvania Avenue, N.W.
Washington, D.C. 20535-0001

We regret we were unable to assist you.


Lee S. Strickland
Information and Privacy Coordinator


7707 Whirlaway Drive
Midlothian, VA 23112

JUNE 30, 1997


Dear Mr. Strickland:

Pursuant to the Freedom of Information Act, 5 USC 552(a)(6), and to the regulations of the Central Intelligence Agency, CDR (citation to departmental regulations, obtainable from committee print index), I hereby appeal your REFUSAL to process the SOFTWAR FOIA request of May 17, 1997 (Ref. F97-1241). I have included a copy of your refusal letter to which I quote:

"With respect to your overall request. Please be aware the mission of the Central Intelligence Agency is primarily concerned with foreign intelligence - - not domestic - - matters... Section 103 (d) (1) of the National Security Act, as amended, specifically provides that 'the Agency shall have no police, subpoena, law enforcement powers, or internal security functions'... Based on the above, we must DECLINE to process your request."

With all due respect to the agency and its primary function, there is already an over-abundance of evidence that the CIA has participated in the domestic "Clipper" project and domestic encryption policy. I cite the following samples from our files which I have also included:

1. Copies of two letters (FEB 9 AND FEB 19, 1993)from the Director of the FBI on "Clipper" written in 1993 addressed to George Tenet when he was at the National Security Counsel. Mr. Tenet is at the present time the "acting" Director of the CIA.

2 A copy of a 1990 letter from the Director of the FBI in reference to "Clipper" which was cc'd to the Director of the CIA William H. Webster. This letter specifically calls on all the cc'd parties to attend a joint meeting on the subject.

3. A copy of a memo written by the US Department of Justice in 1991 which outlines steps to meet specific objectives in reference to "Clipper" legislation. Step E.3 states "Obtain White House approval including (DCI and NSC)". Obviously, "DCI" means "Director Central Intelligence".

4. A copy of a 1993 memo from the Department of Justice which references meetings and exchanges of correspondence on legislation intended to mandate the government solution in reference to domestic encryption. This memo was distributed to a redacted (name blacked out) employee of the CIA. This memo also solicits feedback from the members specifically on "Clipper" legislation and legal matters. It states "As requested at our organizational meeting, I'd appreciate any comments". Direct evidence that the CIA was invited and did indeed attend a party on domestic encryption policy.

I find it difficult to believe that a US Government agency copied on so much material at the highest levels would not generate even a single note, comment, nor document on the subject. I also find it impossible to believe that a member of the CIA would not take notes, or create any documents after attending a meeting in which the subject was to "Assess the relative practicality of voluntary versus mandatory uses of this (key escrow) approach".

If, as you assert, the information we requested is outside the primary function and charter of the CIA then there is evidence that the agency has exceeded its authority. I submit that a FOIA search and perhaps a Congressional investigation to discover the truth is now necessary.

Please reply within the 20 days as specified under the Freedom of Information Act, 5 USC 552(a)(6). If the request is denied, please specify the section of the Freedom of Information Act which is being relied on as a legal basis for the denial.

Thank you,

Charles R. Smith

Senator Shelby
Senator Lott
Senator Robb
Senator Warner


Honorable Dick Cheney

The FBI must retain its capability to engage in court-authorized wiretaps in criminal, counterterrorism and foreign counterintelligence investigations. As stated before, I believe the securing of computers and their related telecommunications and the widespread availability of this technology will also have significant ramifications for the Intelligence Community's positive intelligence collection capabilities overseas.

For the above reasons, I believe it is very important for the Executive Branch of the Government to have a clear and enlightened policy in regard to implementation of the Computer Security Act. To this end, I am recommending that the recipients of this letter meet at the earliest possible time so that a policy can be formulated for eventual submission to the National Security Council.

I have asked Assistant Director W. Douglas Gow of our Intelligence Division, telephone number (202) 324-4880, to coordinate the meeting and would appreciate it if a member fo your staff would contact Assistant Director Gow so that a mutually agreeable date and time could be selected.

Sincerely yours,

William S. Sessions

1 - The Attorney General

1 - Honorable Robert A. Mosbacher, Sr.
Secretary of Commerce
Washington, D.C. 20230

1 - Honorable William H. Webster
Director of Central Intelligence
Central Intelligence Agency
Washington, D.C. 20505

1 - Vice Admiral William O. Studeman
National Security Agency
Central Security Service
Fort George G. Meade, Maryland 20755-6000

Director CIA Approval Needed

U.S. Department of Justice

Office of the Deputy Attorney General

Washington, D.C. 20530

September 2, 1991


Kier Boyd, FBI (202-324-5351)
John Grimes, DOD (703-697-4542)
Don Pilling, NSC (202-395-6923)
Michael Rubin, DOC (202-377-5394)
Rick Surrey, NSA (301-688-6705)

FROM: Dan Levin DL

SUBJECT: Meeting Notes and Cover Memo

Attached please find: (i) my updated notes from our meetings which includes as attachments the list of pros and cons for the various options and a risk assessment; and (ii) a draft cover memo.

Please give me a call by COB Thursday, September 5, 1991, with any comments. As to the meeting notes, in several places I have indicated that consensus or agreement was not unanimous. Please let me know if any of you disagree with the consensus position--if no one disagree, I will remove the qualifier. Please provide me by Thursday with any material you would like included in the package sent to the NSC. Finally, please let me know of any issues which you think should be resolved before the package is transmitted to the NSC.


I. Objective

To obtain approval of a strategy and legislation which will enable law enforcement real-time access to communications, whether encrypted or not, when authorized by Title III of the Omnibus Crime Control and Safe Streets Act of 1968 and Title 50, the Foreign Intelligence Surveillance Act of 1978

FBI objectives ? NIST objectives ?

II. Steps to Meet Objective

A. Develop policy framework options

1. Identify stakeholders and determine how to minimize adverse impact

2. Determine penalties for violation of rules

3. Estimate costs for implementing strategy
to USGovernemt
to non USGovernment

4. Risk assessments for NSA/DOD and NIST

5. Other?

B. Determine preferable option

C. Develop decision/ briefing documentation

D. Draft legislation

E. Obtain Executive Branch endorsement/guidance

1. Seek Departmental approvals
OMB approval?

2. Merge approvals; resolve differences

3. Obtain 'White House' approval (including DCI and NSC)






Comes now Plaintiff, Charles R. Smith and hereby files a complaint for compliance with the Freedom of Information Act ("FOIA"), 5 U.S.C., 552, as amended, Charles R. Smith respectfully alleges as follows:

1. This is an action brought under FOIA to order the production of documents and records of the Central Intelligence Agency ("CIA").

2. This court has jurisdiction over this action pursuant to 5 U.S.C. sec 552 (a) (4) (B).

3. Plaintiff Charles R. Smith is the owner of a Virginia based information security company whose principle place of business is 7707 Whirlaway Drive, Midlothian, Virginia. Plaintiff, the requester of the withheld documents, develops information security products and is dedicated to protecting the lives, property and privacy of all citizens. In pursuit of those principles, Plaintiff is empowered to take legal and other corrective actions that will serve the public interest.

4. Defendant Central Intelligence Agency ("CIA") is an agency of the United States, established by statue and charged with the responsibility of international (non-domestic) intelligence and espionage activities. It's principle place of business is located (CIA Headquarters) in Langley, Virginia. The CIA offices responsible for the purposes of legal, FOIA and public affairs are located inside the District of Columbia. The Defendant agency has possession of the documents and records to which Plaintiff seeks access.

5. Plaintiff filed with the Defendant CIA on May 17, 1997 via mail a FOIA request in the form of a letter to the FOIA/Public Affairs officer, requesting access to records within the agency under FOIA (please see Exhibit 1). Access was requested to all information on legislation, proposed legislation, plans documents, notes or meetings on mandatory government solutions in reference to encryption policy, efforts to nationalize using covert actions or other means to obtain control of domestic encryption. Plaintiff also sought additional information related to any discoveries made under the FOIA request such as the date, time and persons involved.

6. By letter dated Jun 19, 1997, the CIA, through Lee S. Strickland, Information and Privacy Coordinator, refused to process the FOIA request (please see Exhibit 2). The reason for the refusal, according to Mr. Strickland, was based on Section 103 (d) (1) of the National Security Act, as amended, specifically provides "the Agency (CIA) shall have no police, subpoena, law enforcement powers or internal security functions." The CIA contends that they are not empowered by law to be involved in "domestic" operations and therefore has declined to service Plaintiff's FOIA request.

7. Plaintiff filed with the Defendant CIA on June 30, 1997 via mail a FOIA appeal to the CIA refusal to process the May 17, 1997 FOIA request (please see Exhibit 3 with enclosures). The Plaintiff, based the appeal on specific evidence obtained by FOIA against the Department of Justice that the CIA participated in meetings with the Department of Justice in 1993 which were strictly concerned with "domestic" legislation to mandate the government solution in reference to encryption policy. In addition, the Plaintiff gave the CIA 20 days to respond to the appeal as per the compliance provisions under the Freedom of Information Act ("FOIA"), 5 U.S.C., 552.

8. As of August 1, 1997, 32 days after the appeal request and 12 days in excess of the required response period, the CIA has NOT responded to the Plaintiff's appeal. The CIA failure to comply with this time limit means the Plaintiff shall be deemed to have exhausted its administrative remedies with respect to this request, pursuant to 5 U.S.C., 552(a) (6) (C).

9. Plaintiff has a right of access to the documents and records requested, pursuant to 5 U.S.C., 552 (a)(3), and Defendant has no legal basis for refusing to disclose these documents and records to Plaintiff.

WHEREFORE, Plaintiff prays that this Court:

(1) Declare that Defendant's refusal to disclose records requested by Plaintiff is unlawful;

(2) Order Defendant to make the requested records available to the Plaintiff,

(3) Award Plaintiff its costs and reasonable attorneys' fees in this action and

(4) Grant such other and further relief as the Court may deem just and proper.

Respectfully submitted,

Charles R. Smith
7707 Whirlaway Dr.
Midlothian, VA 23112

August 1, 1997

WASHINGTON, D.C. 20510-6475

JULY 22, 1997

Mr. Charles R. Smith
7707 Whirlaway Drive
Midlothian, Virginia 23112
Dear Mr. Smith

I have asked the FBI to respond to your questions on domestic computer security and related encryption policy. The FBI is very familiar with the Administration's policy, and will respond to your request for information. Mr. Tenet's role as the Director of Central Intelligence and his previous position on the National Security Council staff, do not automatically imply that the Central Intelligence Agency has a critical role in developing or implementing the US policy for domestic computer security.

I appreciate your interest and concern in these matters. I firmly believe the privacy of U.S. citizens must be diligently protected in accordance with the Fourth Amendment. The Foreign Intelligence Surveillance Act 1978 and Executive Order 12333 are designed to help enforce those protections. The Senate Select Committee on Intelligence takes very seriously its oversight role to ensure the Intelligence Community adheres to laws which protect the privacy of U.S. citizens. I take these responsibilities very seriously.

Thank you for your interest and concern,


Richard C. Shelby