The U.S. government so far is limiting the export of strong encryption for national security reasons, a rule opposed by U.S. IT companies which they say puts them at a competitive disadvantage.

The initiative is being led by networking giant Cisco Systems, Inc., and has support from Ascend Communications, Inc., Bay Networks, Inc., 3Com Corp., Hewlett-Packard Co., Intel Corp., Microsoft Corp., Netscape Communications Corp., Network Associates, Inc., Novell, Inc., RedCreek Communications, Inc., Secure Computing Corp. and Sun Microsystems, Inc.

Ten of the 13 companies that announced the initiative have applied -- or will apply by the end of the week -- to the U.S. Department of Commerce for licenses to export strong encryption products using the so-called "operator action" technology.

The operator-action alternative to key recovery, uses what is called a "private doorbell" to enable law enforcement agencies to gain access to encrypted information provided the agencies obtain a court order.

Key-recovery encryption requires users to provide "keys" to encrypted data to law enforcement agencies, which then can unlock the coded data if the need arises. Key recovery is under heavy fire from privacy rights activists and also has impeded exportation of U.S. encryption products to some countries that object to the use of keys.

Under the "private doorbell" method, data transmitted over a network is encrypted at routers through which the data is passing and remains private until law enforcement agencies serve the network operator with a warrant or court order to unlock the information. The network administrator would then capture data sent by the targets of the court order and make it available in unscrambled format. The electronic wiretap only applies to data being passed through routers now and not to information that was previously sent.

The group's proposal aims to give law enforcement agencies the means for placing a digital wiretap on information being passed through routers -- the Internet's equivalent to the post office -- in the same way that these agencies today are able to place a wiretap on telephone conversations, spokespersons for the group said.

The initiative is built on existing laws, said Dan Scheinman, vice president of legal and government affairs at router maker Cisco.

Compared to the much debated key-escrow or key-recovery schemes, operator action, if accepted by the U.S. government as a workable solution, could be implemented faster as it requires less technology.

"This solution eliminates the need to build a key recovery infrastructure," said Doug McGowan, director of Hewlett-Packard Co.'s VerSecure products.

However, being a network layer solution, the operator-action proposal does not provide for encryption at the desktop level or for the encryption of data stored on servers, desktop or mobile computers.

"This represents our best thinking in terms of the networking problem," Cisco's Scheinman said. "Our customers are screaming for encryption in routers. They want to build it into networks, and if we don't have a policy for supporting it, we can't sell our products which means some one else will sell them instead of us."

As far as encryption of stored data is concerned, the IT industry -- which on the whole favors relief from current export restrictions on strong encryption -- still needs to develop creative alternatives which address the concerns of both privacy rights advocates and the government.

"This is not a complete solution, but one step into the right direction," said Kelly Blough, vice president of government affairs at Network Associates.

Compared to key recovery or key escrow approaches to strong encryption, the operator-action method could be built into existing products in a "matter of months, as opposed to years," Cisco's Scheinman said.

A 1996 executive order from U.S. President Bill Clinton established guidelines for the exportation of key management infrastructure encryption products, which was followed by an amendment from the U.S. Commerce Department's Bureau of Export Administration. The amendment covered key-escrow or key-recovery products. Since then, debate over exportation of encryption products has focused on key management technologies. But a white paper on the issue published by Cisco today notes that a less widely known aspect of the U.S. Commerce Department's rule allows that "other recoverable encryption products" may be licensed for exportation.

The IT companies contend that operator-action technologies, which allow a network operator to provide information to law enforcement agencies that present warrants or court orders, fit that bill. While the alternative isn't perfect, it goes a long way toward appeasing both those who operate electronic commerce sites and consumers who want to be certain their private information is encrypted as it travels over data networks, according to the companies involved in the operator-action initiative.

Law enforcement agencies, notably the National Security Administration (NSA) and the FBI, have pushed for strong regulation on U.S. exports of encryption products and for technologies that enable law enforcement agencies to access encrypted data. They argue that terrorists and other miscreants will use encryption to avoid detection, plotting crimes via Internet communications. Moreover, strong encryption is needed to keep criminals from accessing private information such as credit card numbers traveling over data networks during e-commerce transactions, according to law enforcement agencies.

Initial reaction from some government agencies and policy makers has been positive, Cisco's Scheinman said.

"The reaction of the FBI has been very positive and they think it is a very workable solution," Scheinman said. He added that the NSA remains less convinced since it believes that operator-action would make its tasks more difficult.

The NSA and FBI could not immediately be reached for comment.