Bussiness
How Fran Rooney helped pave the path to iMessage and online banking
The businessman Fran Rooney, who died in late May, is perhaps best remembered now as a chief executive of the Football Association of Ireland. But those with longer memories or a grasp of Irish tech history will remember him as the ebullient leader of Baltimore Technologies.
It was in that role that I got to know him. He took the helm in 1996 of a virtually unknown Irish company that started small, flared into chutzpah-fuelled global dotcom-era brilliance, then bonfired into oblivion with the dotcom crash. Baltimore’s rise and fall remains one of Ireland’s most extraordinary business stories.
Baltimore did something game-changing, albeit indirectly, in 1998: it supplied the digital signature technology used by then-president Bill Clinton and taoiseach Bertie Ahern to sign an ecommerce agreement at a flag-festooned Dublin ceremony. And therein lies an audacious Baltimore and Fran tech tale.
At the time, the US was concerned (as it still is) over who should be allowed to use so-called “strong” cryptography, algorithms that can scramble text, or the identity linked to a signature, into an unreadable format that can only be read, or verified, by the intended recipients. Strong cryptography is nigh impossible to crack.
[ Former Baltimore Technologies, FAI CEO Fran Rooney has died ]
The US had an export ban on strong cryptography-based products, seeing a security risk in giving outsiders access to such digital lockboxes. But non-US companies like Baltimore could build their own strong cryptography products and sell to the world. In the US, this was causing palpable political and business friction. The restrictions created domestic security vulnerabilities, too, and were a barrier for the development of ecommerce and online services.
I knew enough about encryption to guess: ‘Isn’t that a strong crypto hash?’
In the midst of these tensions, referred to as the crypto wars (as in cryptography, not cryptocurrencies), came the Baltimore digital signing. On one hand, the event was typically brash, self-promotional Baltimore theatre. But it was also truly historic. It was the first time digital signatures would seal an international agreement, and the first time a US president would use the technology. And, it was something altogether more daring.
Baltimore invited me to their offices for a preview, seating me before a PC with an attached smart card device similar to what Ahern and Clinton would use. Behind me stood an officious Fran, and Baltimore’s head of business development, Paddy Holahan. They had me try the technology. I placed a card in the device, a window opened on the PC and a grey blur of typographic characters – a cryptographic ‘hash’ –starting scrolling past. “Now, it’s generating the digital signature,” said Fran cheerfully.
I stared at the screen, not quite believing what I was seeing, but I knew enough about encryption to guess. “Isn’t that a strong crypto hash?” I asked. Fran and Paddy froze and exchanged glances. After a long pause, Fran said, “Uh, let’s go into my office.”
[ Digital history made in Dublin plant ]
In we went, and I sat in a chair across from Fran’s expansive desk. They looked nervous, but came clean. Yes, it was strong crypto. I laughed. “You are going to have the president of the United States sign a document with strong encryption from an Irish company?” I was stunned. It was outrageous. As the crypto wars raged, Clinton would use strong-crypto technology from a non-US company. This was the real story, a globally significant one.
Did Clinton know what he’d be doing? Through an Irish government connection I got the email address of Clinton’s “internet tsar” Ira Magaziner. I asked about the digital signing in a way that made clear I knew this involved strong cryptography. To my surprise, Magaziner casually confirmed the technology would be used.
He took impish pleasure in having slipped Irish-built strong encryption past a US president
On the day, Ahern and Clinton were both a bit awkward with the process, but the signatures worked. And I got a great international story that surpassed the staged diplomacy. I’d agreed not to write on the crypto element until after the document was signed which, for Baltimore, ensured the signing went ahead and, for me, meant I had a far more momentous story describing what had now actually happened, and its significance – a subtle usurpation that made a mockery of the strong crypto ban.
At the time, the signing was a slap in the face for Baltimore’s US competitors, but that only buttressed the Clinton administration’s growing pushback against the powerful federal security agencies – the FBI, CIA and NSA – which opposed citizen and business use of strong cryptography. Magaziner well understood that restrictions were damaging US companies, constraining the growth of ecommerce and putting everyone’s online security at risk. If US companies were furious at the Irish digital signing, that gave the Clinton administration more pressure points for policy change. Sure enough, change soon came, many restrictions were relaxed.
Strong cryptography is now commonplace. If you’ve bought shoes or filed your taxes online, used iMessage or a banking app, you’ve used strong encryption. I’ll forever relish the memory of Fran’s alarmed expression when he realised the strong cryptography cat was out of the bag. But, ever after, he took impish pleasure in having slipped Irish-built strong encryption past a US president, in defiance of the crypto wars and US security agencies. Fair play, Fran. You did us all some service.