Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Encryption Security Your Rights Online

ACLU/EFF/EPIC Release on Crypto Regs. 3

Posted by michael from the license-to-speak dept.
The ACLU, EPIC and EFF have issued a joint news release about the new crypto regulations, describing the many flaws that still exist: licensing to speak, arbitrary restrictions, etc. I've seen at least one coherent argument that the new rules will prevent GPL'd (but not BSD licensed) code from being redistributed as well. Read below for more information about how the civil liberties groups view the new rules.

FOR IMMEDIATE RELEASE
Thursday, January 13, 2000

Civil Liberties Groups Say New Encryption Export
Regulations Still Have Serious Constitutional Deficiencies

Washington, DC -- Leading Internet civil liberties groups said today that new encryption export regulations released by the U.S. Commerce Department fall short of the Clinton Administration's promise to deregulate the privacy-enhancing technology. The American Civil Liberties Union (ACLU), Electronic Frontier Foundation (EFF) and Electronic Privacy Information Center (EPIC) will continue to press their Constitutional cases. These court cases seek to eliminate U.S. government regulations that make Internet encryption software and technology more cumbersome to publish or send than the same items when published in other media.

While the Administration has taken a step in the right direction with itslatest revisions, the fundamental constitutional defects of the encryption export regime have not been remedied. Specifically:

  • The new regulations, like the old ones, impose special requirements on Internet speech, contrary to the Supreme Court's 1997 ruling in Reno v. ACLU. The regulations require that the government be notified of any electronic "export" of publicly available encryption source code, and prohibit electronic "export" to certain countries. Yet people may freely send the same information anywhere on paper.
  • The export regulations are still a completely discretionary licensing scheme. They continue to require licenses for a large amount of communication protected by the First Amendment, including transmitting source code that is not "publicly available," source code that is "restricted," source code forming an "open cryptographic interface," and various forms of object code.
  • While the new regulations appear to permit free posting of encryption source code to Internet discussion lists, such posting may be illegal if the poster has 'reason to know' that it will be read by a person in one of the seven regulated countries (such as Cuba).
  • The new regulations still ban providing information on how to create or use some encryption technology as prohibited "technical assistance." Software publishers can be fined or imprisoned for helping people to use their code. These same limitations do not apply to non-encryption source code.

The U.S. export control laws on encryption have been the source of much legal wrangling for the past several years. Encryption is a method for scrambling data in order to make electronic communications more secure.

As more computer users employ encryption to protect the privacy of their e-messages and documents, the U.S. government has until now demanded guaranteed easy access to the content of Internet communications.

In a well-publicized court case, mathematician Daniel J. Bernstein has challenged the export control laws on encryption on First Amendment grounds. Professor Bernstein claims that his right to publish his own encryption software and share his research results with others over the Internet is being unconstitutionally restricted by the government's controls. Bernstein won his case at the trial level, and won an appeal in the Ninth Circuit Court of Appeals. The government asked that the appeal be reconsidered in light of the new regulations, and a larger "en banc" panel of Ninth Circuit judges will reconsider the case this spring.

A similar case challenging the Constitutionality of the export rules was brought by the ACLU of Ohio on behalf of Ohio law professor Peter Junger, who wished to publish an electronic version of an encryption program he wrote. The case is pending in the Sixth Circuit Federal Court of Appeals.

Barry Steinhardt, Associate Director for the ACLU, said, "The rules are a step forward, but they are still too complex and leave too many questions unanswered. Now that the Administration has tacitly admitted that it can't and shouldn't control the use of encryption, it should have announced a simple deregulation, rather than regulatory maze."

"These First Amendment problems need to be fixed before we can support the government here," commented EFF attorney Shari Steele. "The government has made some concessions, but they are not enough to make the regulations constitutional. EFF will continue to support Professor Bernstein as he presses on with his litigation."

According to EPIC General Counsel David Sobel, "The revised rules will make it easier for commercial firms to export and sell encryption products. While that is a positive development, the government will still retain significant control over this technology, to the detriment of efforts to create a truly secure Internet. It's time to remove the bureaucratic requirements and permit the free exchange of encryption."

The American Civil Liberties Union (http://www.aclu.org) is the nation's largest and oldest civil liberties organization. In its defense of the principles of the Bill of Rights, it advocates for both free speech and privacy rights.

The Electronic Frontier Foundation (http://www.eff.org) is a leading global nonprofit organization linking technical architectures with legal frameworks to support the rights of individuals in an open society. Founded in 1990, EFF actively encourages and challenges industry and government to support free expression, privacy, and openness in the information society. EFF maintains one of the most-linked-to Web sites in the world.

The Electronic Privacy Information Center (http://www.epic.org) is a non-profit research and advocacy organization based in Washington, DC. It was established in 1994 to focus public attention on emerging civil liberties issues and to protect privacy, the First Amendment, and constitutional values in emerging communications media.

A copy of the latest encryption regulations can be found at:

http://www.epic.org/crypto/export_controls/regs_1_00.html

For more information about the Bernstein case, check out

http://www.eff.org/bernstein/

Press Contacts:

David Sobel, General Counsel, EPIC
sobel@epic.org +1 202 544 9240M

Barry Steinhardt, Associate Director, ACLU
barrys@aclu.org +1 212 549 2508

Cindy Cohn, Prof. Bernstein's attorney
cindy@mcglashan.com +1 650 341 2585

Shari Steele, Dir. of Legal Services, EFF
ssteele@eff.org +1 301 283 2773
This discussion has been archived. No new comments can be posted.

ACLU/EFF/EPIC Release on Crypto Regs. More

ACLU/EFF/EPIC Release on Crypto Regs.

Comments Filter:

  • The slashdot fortune is very appropriate... (Score:3)

    by A nonymous Coward ( 7548 ) on Thursday January 13, 2000 @11:25AM (#1375676)
    A great many people think they are thinking when they are merely rearranging their prejudices. -- William James

    In this case, perhaps better rephrased as

    A great many people think the powers-that-be are seeing the light when they are merely rearranging their prejudices. -- William James

    --

  • ...and so is this comment (Score:1)

    by Anonymous Coward
    "...[Silicon] Valley is only going to be satisfied when the director of the N.S.A. crawls across the Bay Bridge to apologize for controls." --Stewart Baker (former N.S.A. gereral counsel), quoted in today's New York Times
    I'll only be satisfied if all those Echelon spooks are crawling along with him.

Slashdot Top Deals

For large values of one, one equals two, for small values of two.

Close