signatory or authentication mechanisms -- misleadingly called "digital signatures" (which is completely unrelated to digitized signatures).

There are well-proven software techniques for detecting data corruption -- accidental or intentional -- and for authenticating authorship, but most have not yet obtained legal acceptance, and their public deployment is growing rapidly in spite of federal opposition (see below).

Online voter reg applications would be a perfect application for such modernization.

And (dare I even mention this where incumbents can see it?), the same techniques for distributing and accepting voter registrations online could be used for ballot petitions in those states that permit direct citizen ballot initiatives.

AUTHENTICATING ONLINE DOCUMENTS

Some states are moving rapidly to accept digital signatures, at least on government documents. For instance, California -- under AB 1577 (Bowen), enacted late last year -- has mandated that, "In any written communication with a public entity ... in which a signature is required or used, any party to the communication may affix a signature by use of a digital signature that ... conforms to regulations adopted by the Secretary of State ... no later than January 1, 1997."

Similarly, the U.S. Postal Service, various financial institutions and several online services have announced comparable plans and services, now in various stages of development and deployment.

DATA SECURITY -- AND ITS PROHIBITION

AB 1577 explicitly requires that, "The use of a digital signature shall have the same force and effect as the use of a manual signature if and only if it embodies all of the following attributes:

(1) It is unique to the person using it.

(2) It is capable of verification.

(3) It is under the sole control of the person using it.

(4) It is linked to data in such a manner that if the data are changed, the digital signature is invalidated."

Well-understood, well-proven software for accomplishing those much-needed personal and corporate goals -- authenticating authorship and fully protecting information against tampering and unauthorized access -- is available for free, worldwide, over the Internet, and for wee-fee by mail order. Its techniques, called "public key," were published in open technical literature about 15 years ago, patented only in the United States where tax funds paid for its development.

The only reason its deployment and pervasive use on the notoriously insecure public computer nets has been slow is because the Clinton administration and FBI zealously and blindly oppose fully secure citizen and business communications, even using world-published techniques and their globally available free implementations.

Jim Warren has served on the California Secretary of State's Electronic Filings Advisory Panel, received John Dvorak's Lifetime Achievement Award, the Northern California Society of Professional Journalists' James Madison Freedom of Information Award, the Hugh M. Hefner First Amendment Award, and the Electronic Frontier Foundation Pioneer Award in its first year. He founded the Computers, Freedom & Privacy conferences and InfoWorld magazine. He lives near Woodside, Calif. E-mail: jwarren@well.com

*