1997-09-25 - Re: Exports and criminalizing crypto

Header Data

From: Tim May <tcmay@got.net>
To: cypherpunks@cyberpass.net
Message Hash: 33573ee167113839b5a3354f6d9559a67a58804f13368dc3c62aa5a80c16a1ab
Message ID: <v03102800b05081976c9d@[]>
Reply To: <19970925193213.21630.qmail@hotmail.com>
UTC Datetime: 1997-09-25 21:44:32 UTC
Raw Date: Fri, 26 Sep 1997 05:44:32 +0800

Raw message

From: Tim May <tcmay@got.net>
Date: Fri, 26 Sep 1997 05:44:32 +0800
To: cypherpunks@cyberpass.net
Subject: Re: Exports and criminalizing crypto
In-Reply-To: <19970925193213.21630.qmail@hotmail.com>
Message-ID: <v03102800b05081976c9d@[]>
MIME-Version: 1.0
Content-Type: text/plain

At 12:32 PM -0700 9/25/97, J. Random Hotmail User wrote:

>Without the export restrictions we would see much more crypto sold
>and used inside the US.  I'll bet there are lots of cypherpunks who
>are holding off releasing crypto tools because of these laws.  Look
>at the guy who said he had to go to Canada to release his crypto.
>And he had to stop thinking about it when he was in the US.  This
>is crazy.

Yes, it's crazy, but SAFE doesn't fix this in any meaningful way.

We can ask Ian Goldberg, the guy you refer to, if the enactment of SAFE
would cause him to develop software in the U.S. Remember, SAFE does not
give carte blanche to crypto exports. Rather, it speaks of whether or not
similar products already can be found elsewhere (thus indicating export
review will happen, with all that that implies) and it further gives
authority to deny exports if "substantial evidence" exists that the product
is or could be used by the Bad Guys for Evil Puposes. (Cf. the full text of
H.R. 695 at http://www.cdt.org/crypto/legis_105/SAFE/hr695_text.html, and
remember that amendments are being added to it.)

This latter authority to block exports suggests NSA/State vetting of all
exports. Meaning, things really haven't changed.

All it would take is a letter stating that there is "substantial evidence"
that Ian's product may be "diverted" for use by those the U.S. doesn't

Well, duh, we're where we are today on exports.

So, will Ian, or C2Net, or others, launch software development here and
just sort of hope that when the time comes to apply for an export license
that the conditions above are met? First, that the BXA/NSA/etc. rules that
similar products are already available. Second, that the product will not
be used by Hamas, a group the U.S. calls a terrorist group, or the Cali
Cartel, or the Irish Republican Army, or the armies of Iraq? Think about
it, given that Hamas is already using PGP 5.0 to fight the Zionist
occupiers in Palestine.

Would PGP 5.0 receive an export license? Even under SAFE?

Would a product designed to implement Chaumian untraceable cash, a la some
of the work on Lucre and the like, receive export approval? Even under SAFE?

>Yes, it is stupid to have a law that using crypto makes a crime worse.
>But this is not that bad compared to some laws.  It won't affect most
>people.  With the export restrictions gone, the green light will be
>given to make crypto available everywhere.  Every data transmission
>will be encrypted, and people will be protected.

J. Random Hotmail User, you'd better learn to read the text of the bills
you so blithely think are OK.

--Tim May

The Feds have shown their hand: they want a ban on domestic cryptography
Timothy C. May              | Crypto Anarchy: encryption, digital money,
ComSec 3DES:   408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Higher Power: 2^1398269     | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."