1996-07-19 - Re: Borders are transparent

Header Data

From: David Sternlight <david@sternlight.com>
To: cypherpunks@toad.com
Message Hash: fe5e2190f039d5c40f0496e08af1af187bd33d92db2c35247a6a0b9afb48549e
Message ID: <v03007602ae14fa401e3f@[192.187.162.15]>
Reply To: <ae13cb6c140210047abf@[205.199.118.202]>
UTC Datetime: 1996-07-19 16:08:32 UTC
Raw Date: Sat, 20 Jul 1996 00:08:32 +0800

Raw message

From: David Sternlight <david@sternlight.com>
Date: Sat, 20 Jul 1996 00:08:32 +0800
To: cypherpunks@toad.com
Subject: Re: Borders *are* transparent
In-Reply-To: <ae13cb6c140210047abf@[205.199.118.202]>
Message-ID: <v03007602ae14fa401e3f@[192.187.162.15]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:24 AM -0700 7/18/96, Timothy C. May wrote:

>This is a terribly important point: if a citizen of Foobaria succeeds in
>connecting to the Netscape site--perhaps by experimenting with various
>combinations of domain names and submitted address/zipcode
>combinations--and Netscape sends him the file, he has not committed a crime
>in his own country. (Unless they have their own laws....)

Incorrect. Netscape Navigator is as much commercial software as Microsoft
Word, It is NOT freeware and if he pirates it without permission he's at
least in violation of copyright which almost every country is a signatory
to. Where I come from we call that "theft". Your ethics may vary in
California.

>
>Likewise, much "export-controlled" software is freely purchasable without
>any form of identification or proof of citizenship/residency in any of
>thousands of U.S. software stores.

True, but you have to agree to the licensing warning on the box (and let's
not do the tired shrink-wrap licensing argument again, please--it's on the
outside of the box).

> (I don't know if the copies of Netscape
>Navigator on the shelves in U.S. stores are now the "U.S." version,

Yes.

> as
>opposed to be a somwhat-crippled version, but I sure do know that a *lot*
>of nominally-export-controlled software _is_ freely purchasable.)

That no more gives you the legal right to violate ITAR after purchasing, or
violate the license terms, than buying fertilizer gives you the legal right
to make bombs in violation of the AT&F code. (No wise-guy complaints about
how software isn't a bomb--though some I've bought clearly is :-). It's an
analogy about principles, not function.)

>
>Much of this software goes out of the country in luggage. In my various
>flights out of the U.S. over the years, never have my bags been so much as
>glanced at, except presumably for bombs with sniffers, scanners, etc.
>Further, I have mailed optical disks out of the country--a single one of
>these can store a whole lot of stuff.

I didn't say you couldn't do it. In fact I said the opposite--that I had no
doubt it would leak. My point was that it wouldn't become mass-market
software overseas because the leakers would be violating ITAR or copyright,
or licensing and thus couldn't get away with selling or giving away the
result at scale overseas. As Jeff pointed out, getting a licensed copy of
Navigator does NOT include redistribution rights (unless you buy a site
license directly from them--and they won't sell a site license for the US
version for overseas use in violation of ITAR). In this respect it is
significantly different from PGP or RSAREF. for which there ARE at least
some redistribution rights under the license.

>On a trip to France and Monaco last year, I deliberately carried several
>optical cartridges and couple of DATs, all crammed with  software, PGP,
>RSADSI's MailSafe, Mathematica, etc. To make a point, and as props for my
>talk on crypto anarchy. Certainly there was no checking on the way out at
>SFO, and no checking whatsoever at Charles de Gaulle in Paris.

"Nyaah, nyaah, you can't catch me" doesn't mean that if they do they won't
prosecute. Your waving around that stuff in France is not only juvenile,
but also may put you in violation of French crypto law. That you can get
away with 80 in a 55 mile zone until the cops see you doesn't mean 80 is
legal nor that everyone else can do it with impunity.

>
>(On my return trip, the bored inspector in San Francisco asked what my
>purpose in being overseas has been. Had I said "tourism" I would've been
>waved through. Instead, for interest, I said "Meeting with Russian
>cryptographers in Monte Carlo," just to see what would happen. He asked me
>what "cryptographers" are or do... "They make secret codes." He then waved
>me through. Sigh.)

There's no law against meeting, and customs inspectors aren't expected to
launch interrogations to see what you told them if you're not on some watch
list. Like many laws, this one might be used if something egregious
happens. If the Russian got caught later with US Netscape by French
authorities, and it came to the attention of US authorities that he said
"Tim May gave it to me", THEN you might expect to "assist the police with
their enquiries".

>
>None of this is surprising, of course. Borders _are_ transparent. There are
>so _many_ degrees of freedom for getting stuff across borders. The hope
>that a bunch of *bits* can be stopped in ludicrous.

Again you make the long-discredited straw man argument that the purpose of
ITAR is to hermetically seal. It is not. It is to keep legitimate US mass
market purveyors from selling strong crypto overseas, and to provide a
means to punish those who are caught violating it.

I'm sure there are lots of tax cheaters. That doesn't mean the IRS code
should be abolished (though I'd like to see massive simplification for
other reasons). I'm sure there are still thieves. That doesn't mean we
should make theft legal. I'm sure there are still those who cannot read.
That doesn't mean teaching reading is useless or silly or should be stopped.

>
>_This_ is why I expect the Netscape beta to arrive overseas pretty soon.

Nobody disputes that. It won't be readily available though, except for
those who have no compunctions about software piracy.

David







Thread