1996-07-12 - Re: Can the inevitability of Software privacy be used to defeat the ITAR?
Header Data
From: jim bell <jimbell@pacifier.com>
To: Paul Elliott <cypherpunks@toad.com (cypherpunks mailing list)
Message Hash: fe801fdc817b6f9cda111f414604d1fbb9f9fe738bbdab0d4aa1a672004952e9
Message ID: <199607111740.KAA19755@mail.pacifier.com>
Reply To: N/A
UTC Datetime: 1996-07-12 03:02:04 UTC
Raw Date: Fri, 12 Jul 1996 11:02:04 +0800
Raw message
From: jim bell <jimbell@pacifier.com>
Date: Fri, 12 Jul 1996 11:02:04 +0800
To: Paul Elliott <cypherpunks@toad.com (cypherpunks mailing list)
Subject: Re: Can the inevitability of Software privacy be used to defeat the ITAR?
Message-ID: <199607111740.KAA19755@mail.pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain
At 04:06 AM 7/11/96 +0000, Paul Elliott wrote:
>What is to prevent a U.S company to licence a foreign company
>to sublicence and distribute a Crypto product abroad, if that
>foreign company obtains that product on the pirate market?
>
>I am not a lawyer, but I look at the definition of "export"
>on page 612 of Applied Cryptography and nothing seems to
>obviously apply.
>
>The scenario I imagine is this: U.S. company produces a crypto
>product. To be generally useful, the product supports all languages.
>(Those CDROMs really do hold a lot of data.)
>After all, Americans do need to do business with foreigners.
>The company licences and distributes the product in the U.S.
>taking special care not to distribute the product to any foreign persons.
>When inevitability, the product appears in the pirate market outside
>the U.S., the company makes a contract with a foreign company
>allowing it to distribute it and sublicence it. The foreign company
>can get their copy from the pirate market, being authorized to get
>the copy by the U.S. company. When this deal is cut copies
>have already been exported and are already being sold by the
>pirates, against the will of the U.S. company.
I raised this type of idea on CP, twice, and didn't hear a peep about it!
(As recently as a couple of days ago.) It doesn't entirely eliminate the
illegality; it merely transfers that illegality to an unknown and thus
unprosecutable person. But yes, it appears that nothing would prevent this
technique from working very well.
Any attempted prosecution would fare even less well than the example of
Zimmermann and PGP 1.0: There would be no illusion that an encryption
product sold in hundreds of stores nationwide could be kept within the
borders of the US, so the domestic manufacturer is safe. The foreign
distributor isn't violating any of his own country's laws, and probably not
arguably any of the US. Both companies could enthusiastically invite the
USG to prosecute whoever actually exported the software, laughing all the
way to the bank.
Jim Bell
jimbell@pacifier.com
Thread
Return to July 1996
Return to “jim bell <jimbell@pacifier.com>”
1996-07-12 (Fri, 12 Jul 1996 11:02:04 +0800) - Re: Can the inevitability of Software privacy be used to defeat the ITAR? - jim bell <jimbell@pacifier.com>