From: John Gilmore <gnu@toad.com>
Date: Thu, 19 Sep 1996 11:11:20 +0800
To: cypherpunks@toad.com
Subject: Bernstein hearing: The Press Release
Message-ID: <199609182103.OAA22863@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


CRYPTO FACE-OFF AT HIGH-NOON

Judge Patel to Decide if Government Restrictions on 
Cryptography Violate the First Amendment

September 18, 1996

                                Electronic Frontier Foundation Contacts:

                                     Shari Steele, Staff Counsel
                                      301/375-8856, ssteele@eff.org

                                     John Gilmore, Founding Board Member
                                      415/221-6524, gnu@toad.com

                                     Cindy Cohn, McGlashan & Sarrail
                                      415/341-2585, cindy@mcglashan.com


San Francisco, CA -- On Friday, September 20, 1996, Judge Marilyn Hall
Patel will hold hearings in a case with far-reaching implications for
personal privacy, U.S. competitiveness, and national security.  Mathematician 
Daniel J. Bernstein, a Research Assistant Professor in the Department of 
Mathematics, Statistics and Computer Science at the University of Illinois at 
Chicago, has sued several Federal agencies on the grounds that the 
agencies' requirement that he obtain a license prior to publishing his 
ideas about cryptography violates his First Amendment right to freedom 
of speech.

Cryptography is the science of secret writing.  It is the technology 
to use for providing privacy or proving authenticity over distances.  
All kinds of communications, from cellular phones to corporate or
government databases, depend on cryptography for protection.  The
security of computers against intruders, the privacy and integrity of
the Internet, ATM machines, satellite and cable TV, and the world
financial networks all depend on cryptographic protection.  In fact, 
the very future of the global Internet, especially as a tool for 
commerce, political organizing and scientific development of new ideas, 
depends upon the availability of strong encryption.

The U.S. government has restricted cryptography since it was useful in 
winning World War II.  However, cellular telephones, satellites, ATM 
machines, and the Internet did not exist in 1945; advances in 
communication and cheap computation have made cryptography useful in 
many new applications.  In addition, strong encryption is already 
available abroad, making laws restricting their export obsolete and 
damaging the ability of U.S. businesses to compete in overseas markets.  
In fact, Congress is currently considering three pieces
of legislation that would all update the export control laws and remove
encryption from its current place on the U.S. Munitions List.

While Washington toils with Pro-CODE and the other introduced bills, this 
hearing will examine the various legal tests that will determine
whether the export laws and regulations (the "ITAR") are
constitutional.  Professor Bernstein argues that they violate
the First Amendment in several different ways:

LEGAL ARGUMENTS

*       Any legal framework that allows a government bureaucrat to 
censor speech before it happens is an unconstitutional prior restraint.  
The government is not allowed to set up such a drastic scheme 
unless they can prove that publication of such information will 
"surely result in direct, immediate, and irreparable damage to our 
Nation or its people" and that the regulation at issue is necessary 
to prevent this damage.  The government must also tightly restrain 
the discretion given to the bureaucrats to ensure that they don't 
misuse this power.  The government has not met this burden 
regarding the ITAR legal framework. 

* 	Because restrictions on speech about cryptography are based on the
content of what is being said, the court must apply a strict scrutiny test
to determine whether individuals can be punished for engaging in this
speech.  This requires that the regulation be necessary to serve a
compelling state interest and that it is narrowly drawn to achieve that
end.  The ITAR regulatory scheme has adopted a too- restrictive approach,
by prohibiting many forms of speech in the area of cryptography. 

*       The ITAR regulatory framework lacks the necessary procedural
safeguards.  Grants of administrative discretion must be limited by clear
standards, and judicial review must be available.  "Quite simply, the ITAR
Scheme allows its administrative agencies to make inconsistent, incorrect
and sometimes incomprehensible decisions censoring speech, all without the
protections of judicial review or oversight." 

*       The ITAR framework is unconstitutionally vague.  The government
doesn't even seem to know what its regulations include and exclude!  Here, 
they told Professor Bernstein that he could not publish his academic paper 
for over three years, only changing their collective mind and withdrawing 
that decision after being sued.  The lack of standards has allowed the 
government to misuse a statute aimed at commercial, military arms sales 
to limit academic and scientific publication. 

*       The ITAR regulatory scheme is overbroad.  In an internal memo
written almost 20 years ago, the government's own Office of Legal Counsel
concluded that the ITAR's licensing standards "are not sufficiently
precise to guard against arbitrary and inconsistent administrative
action."  The OLC specifically warned that the coverage was so broad it
could apply to "communication of unclassified information by a technical
lecturer at a university or to the conversation of a United States
engineer who meets with foreign friends at home to discuss matters of
theoretical interest."  This is exactly what is happening here, and it is
unconstitutional. 


Judge Patel will hear arguments from attorneys for Bernstein and the
government concerning their respective motions for summary judgment.  The
hearing on Friday is scheduled for 12:00 noon at the United States
District Court for the Northern District of California, San Francisco
Headquarters, at 450 Golden Gate Avenue.  The hearing is open to the press
and to the public. 


CASE BACKGROUND


Bernstein completed the development of an "encryption algorithm" (a recipe 
or set of instructions) he calls "Snuffle."  In order to contribute Snuffle 
to the marketplace of scientific ideas, and to allow other scientists to 
evaluate and test his ideas, Bernstein wishes to publish (a) a paper in 
English describing and explaining the algorithm, (b) the "source code" for 
a computer program that uses the algorithm (this source code more 
precisely describes and implements the idea), and (c) instructions for how 
a person could use the source code and a computer to encrypt communications.  
He wishes to publish them in print journals as well as on the Internet. 
Bernstein also wishes to discuss these items at mathematical conferences, in
college classrooms, on the Internet, and in other open, public meetings.  In 
fact, he would like to use Snuffle as part of his course material for a 
cryptography class he will be teaching next spring.

The Arms Export Control Act and the International Traffic in Arms 
Regulations (the ITAR regulatory scheme) required Bernstein to submit 
his ideas about cryptography to the government for review, to register 
as an arms dealer, and to apply for and obtain from the government a 
license to publish his ideas.  Failure to do so would result in severe 
civil and criminal penalties.  Bernstein believes this is a violation 
of his First Amendment rights and has sued the government.

In the first phase of this litigation, the government argued that
since Bernstein's ideas were expressed, in part, in computer language
(source code), they were not protected by the First Amendment.  On
April 15, 1996, Judge Patel rejected that argument and held for the
first time that computer source code is protected speech for purposes
of the First Amendment.

Because of its far-reaching implications, the Bernstein case is being
watched closely by privacy advocates, the computer industry, the export
and cryptography communities, and First Amendment activists.  In fact,
several members of these communities provided declarations that were
submitted in support of Bernstein's motion. 


ABOUT THE ATTORNEYS

Lead counsel on the case is Cindy Cohn of the San Mateo law firm of
McGlashan & Sarrail, who is offering her services pro bono.  Major
additional pro bono legal assistance is being provided by Lee Tien of
Berkeley; M. Edward Ross of the San Francisco law firm of Steefel, Levitt
& Weiss; James Wheaton and Elizabeth Pritzker of the First Amendment
Project in Oakland; and Robert Corn-Revere of the Washington, DC, law
firm of Hogan & Hartson.


ABOUT THE ELECTRONIC FRONTIER FOUNDATION

The Electronic Frontier Foundation (EFF) is a non-profit civil liberties
organization working in the public interest to protect privacy, free
expression, and access to online resources and information.  EFF is a
primary sponsor of the Bernstein case.  EFF helped to find Bernstein pro
bono counsel, is a member of the Bernstein legal team, and helped collect
members of the academic community and computer industry to support this
case. 

Full text of the lawsuit and other paperwork filed in the case is
available from EFF's online archives at

        http://www.eff.org/pub/EFF/Policy/Crypto/ITAR_export/Bernstein_case/