From: iagoldbe@calum.csclub.uwaterloo.ca (Ian Goldberg)
Date: Sat, 25 Nov 1995 02:28:44 +0800
To: cypherpunks@toad.com
Subject: Re: real life problems with ITAR (was Spam the Sign!)
In-Reply-To: <604.9511240945@exe.dcs.exeter.ac.uk>
Message-ID: <4952bt$595@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <604.9511240945@exe.dcs.exeter.ac.uk>,  <aba@atlas.ex.ac.uk> wrote:
>Something that is puzzling me is how DigiCash is doing.  Their
>software I think is ITAR regulated (or would be if it were shipped
>from a US ftp site).  OK, so they get around it by shipping their
>software from Digicash, Bv, Netherlands.
>
>But, somewhere on their pages it mentions that: "Digicash, Bv is a
>wholly owned subsidiary of Digicash" (which *is* based in the US).
>
>Does that make them a counter example who is currently getting away
>with it?  Just to complicate things further David Chaum is a US
>citizen, right?  Maybe he himself is ok because he doesn't write the
>code himself, the digicash development team does.  Is Digicash (US)
>hiring (collectively) Digicash, Bv if it is a wholly owned subsidiary,
>in US legal terms?

<IANAL>
Even if DigiCash gave a <exon> about ITAR and the NSA, ecash probably
wouldn't be covered anyway, because the ITAR has a specific exception
for encrypting financial data (that's so you can use your credit and bank
cards overseas).
</IANAL>

   - Ian "What's with this day-after-thanksgiving, anyway...?"