Inaccurate study quoting, Re: anti-crypto rhetoric (Ellison,

Dorothy Denning denning at cs.georgetown.edu
Fri, 3 Apr 1998 08:52:30 -0500 

This is the most relevant part of our report regarding the number of
computer forensics cases involving encryption.  We made no estimate
for the number of wiretaps involving encryption.

Regards,
Dorothy
--------------


The FBI's Computer Analysis Response Team (CART) forensics lab reported
that encryption was encountered in 2% of 350 submissions to the
headquarters component in 1994 and 5-6% of 500 submissions (25-30 cases)
in 1996.  This represents a quadrupling of cases from 1994 to 1996,
which averages out to an annual doubling or growth rate of 100%.  A
submission could be anything ranging from a single floppy disk to
several boxes of disks or complete systems.  CART also estimated that
about 5-6% of the 1,500 cases handled in the field involved encryption,
the largest categories being child pornography and computer crime cases.
This corresponds to about 75-90 cases.  It does not include cases
handled by other federal law enforcement agencies, including the Drug
Enforcement Administration (DEA), Treasury (Secret Service, Customs, and
IRS), or state and local law enforcement agencies.  It also excludes
national security cases (foreign intelligence, counter-intelligence, and
defense cases) and cases involving intercepts of encrypted telephone
communications.  In his March 19 testimony before the Senate Committee
on Commerce, Science, and Transportation, FBI Director Louis Freeh
reported that the number of requests for decryption assistance
pertaining to communications interceptions had risen steadily over the
past several years [Freeh 97].

...


There is no central database recording the number of encryption cases
handled nationally or globally, or indeed even the number of computer
forensics cases.  Mark Pollitt, program manager of CART, estimates there
are at least 5,000 computer forensics cases nationally, up to a maximum
of 10,000.  World-wide, he estimates anywhere from 10,000 up to 20,000
cases.  If about 5% of those involve encryption, then the total number
of cases would be 250 to 500 nationally and 500 to 1,000 globally.  Eric
Thompson, president of AccessData Corporation, estimates that the total
number of cases involving encryption is on the order of 1,000 to 5,000.
The rate of 5,000 would be about a quarter to one half of all computer
forensics cases globally.  This is a higher percentage than reported by
CART for the U.S., but it is lower than the near 100% figure attributed
to recent cases in Northern England.  Thompson also estimates that at
least 100-200 are child pornography cases involving just PGP.