ITAR, AER, and Encryption Export Archive

Files | Subdirectories | On-Site Links | Off-Site Links

Files in this Archive

John Perry Barlow's July 1992 article "Decrypting the Puzzle Palace," describing how the NSA seeks to dominate cyberspace. A wealth of early background material on FBI and NSA surveillance, political moves to oppose general public possession and use of strong encryption, and erection of export controls against encryption.
Commerce Department modifications to the Export Administration Regulations which transfer "Encryption Items" over from State Department export controls, and which contain provisions for export of "key recovery" software.
Oct. 10 1996 Clinton Administration key "escrow" and crypto export policy statement. White House say it will allow export of 56bit (still very weak) crypto if the keys are "escrowed" in 2 years, and stronger crypto if it is escrowed now. Essentially no serious or meaningful change in the Admin's position.
Sen. Leahy's criticism of the new White House policy statement on "Clipper III".
Statement on cryptographic technology and the Internet, from Internet Architecture Board and Internet Engineering Steering Group of the Internet Society (ISOC). Excerpt: "The IAB and IESG are...disturbed to note that various governments have actual or proposed policies on access to cryptographic technology that either: (a) impose restrictions by implementing export controls; and/or (b) restrict commercial and private users to weak and inadequate mechanisms such as short cryptographic keys; and/or (c) mandate that private decryption keys should be in the hands of the government or of some other third party; and/or (d) prohibit the use of cryptology entirely, or permit it only to specially authorized organizations."
"The Computer Revolution, Encryption & True Threats to National Security"; report condemning Clinton Adminstration encryption export policy and key "escrow" plans, by G.A. Keyworth II and David E. Colton, for the Progress and Freedom Foundation. Co-author Keyworth was US President Ronald Reagan's science advisor.
Jack Brooks' June 1994 Floor statement in the HOR regarding encryption export controls explaining how clipper policy endangers us competitiveness in the global marketplace.
November 1993 section by section analysis of the Maria Cantwell's bill which liberalizes export control for information security programs and products
Cantwell's hr3627 bill amending the Export Administartions Act of 1979
c. May 1994 FAQ regarding export laws and the Cantwell bill. Also includes a sample letter to be sent in support.
Maria Cantwell's November 1993 address before the HOR in support of hr3627
Dr. VintonCerf's April 1993 letter to Timothy Valentine (HOR) suggesting that export restrictions on encryption technologies be lifted.
Feb 1993 remarks by Clinton and Gore to Silicon Graphics employees who expressed their interest in solving the export debate
summary of the july 1993 CPSR statement calling for a complete overhaul in the government's information classification system
File containing December 1, 1993 report (revised January 30, 1994) "Cryptography: Policy and Technology Trends", a report written under contract and supported in part by the US Department of Energy. The report discusses the fight between law enforcement / national security agencies, who would like to keep strict control of over civilian encryption, and industry / individuals / privacy rights advocates, who wish to expand their ability to distribute and use cryptographic products as they please. The report also analyzes the trends in encryption technology, markets, export controls, and legislation. Very good, unbiased approach to the issue.
Joe Abernathy's June 1992 article describing why law enforcement agencies fear the development of strong cryptographic programs.
gzip-compressed PostScript version of cryptusa.paper.
Dept. of Commerce's Bureau of Export Administration issued this cryptography-related survey in early 1995 as part of the research effort for the Clinton Administration's upcoming report on encryption export.
State Dept. creates much-needed "personal use examption" to ITAR crypto export rules. That's right - US citizens no longer have to register as international arms dealers when travelling with laptops containing PGP, Folder Bolt or Word Perfect. (Feb. 1996).
letter from the Digital Privacy and Security Working Group sent to the White House 12/06/93, urging the Administration to lift export controls on DES, RSA and other mass market encryption without requring legislation.
draft report, "A Framework for Global Electronic Commerce" by Sr. White Policy Advisor Ira Magaziner, in which a more moderate view on encryption policy is offered, Internet Taxes are opposed, and Internet content censorship is to be avoided. It is obvious that not everyone within the US Administration agrees with Magaziner.
April 12, 1995 testimony of Shari Steele, Director of Legal Services at EFF, before the Committee to Study National Cryptography Policy of the National Research Council.
This letter from Bill Clements, Director of the Office of Technology and Policy Analysis, Commerce Department, to the BITNET management explains their obligations and their members' obligations under the export laws, regarding exports of technical data and/or software over an international network
This letter from BITNET's lawyers explains a few more issues that were not clearly addressed in the above OTPA letter.
General License GTDA regulations, including FAQ This document contains the licensing regulations for General Technical Data exportable to All destinations (GTDA). It is followed by a question-and-answer guide written by the Commerce Department to help explain their often confusing regulations. [This is the Commerce Dept. equivalent of the State Dept.'s ITAR regulations. Crypto material that State does not categorize as ITAR-subject "defense articles" is in Commerce GTDA [and other] jurisdiction.
Feb 1994 letter from industry representatives to Lee Hamilton and others in the HOR expressing strong support for hr3627
Dr Martha Harris' feb 1994 statement announcing measures arising from the Administration's decision to reform export control procedures involving encryption.
"Omnibus Export Administration Act" (as of 1995). Status: Passed by the House. Amended Sept. 1996 in Senate with an anti-encryption measure (which is expected to be gutted before passage, if passage happens at all).
Clinton Administration amendment to HR361, Sept. 1996. Amendment seeks to preclude *all* judicial review of crypto export, and to move jurisidiction over crypto export from State to Commerce Dept., in an attempt to evade accountability under 3 federal constitutional lawsuits against the ITAR and AECA crypto export restrictions.
Letter of EFF co-founder John Gilmore to Rep. Nancy Pelosi (D-CA) of the Intelligence Committee, seeking her action to stop the Adminstration's anti-crypto amendment to HR361.
proof that activism works! c.Feb 1994 example of how letter writing campaigns can effect the actions of representatives.
No Description
excerpt from hr3627/3937 dealing with its effects on other acts
June 1994 report accompanying hr3627 from Rep. Glickman in the Select Committee on Intelligence recommending passage of hr3627/3937 with noted amendments
Letter from Rep. Goodlatte (and over 20 other Representatives) to Clinton Administration urging relaxation of crypto export controls and abandonment of Clipper III "key escrow" proposals. Also includes Goodlatte press release regarding the letter.
Brief EFF statement on the House letter to Clinton demanding abandonment of "key escrow" and urging relaxation of export controls. (Also includes a copy of the letter).
October 1993 notes from the House hearing on cryptography and export controls.
June 1992 article describing CPSR conference in which current export regulations were severley criticized
July 1993 official amendments to the Arms Export Control Act
the cover letter and instruction booklet you receive when you write/fax for information on Defense Trade Registration. July 1993
Peter Lewis column on "Clipper II" key escrow and Clinton Administration crypto export policy. Good backgrounder if you're new to the issue.
Attorney Lee Tien's kit for making Commodity Jurisdiction Requests for cryptographic items (you file such a request to, if you are lucky, move jurisdiction over your crypto product from the State Dept. with it's harsh ITAR regulations, to the Commerce Dept. with its more lax GTDA regs.)
articles which appeared in a special government affairs section on cryptography in the April 1994 issue of the Software Publishers Association (SPA) news dealing with the foreign availability of crytography
Letter from State Dept.'s Office of Defense Trade Controls (controled by the National Security Agency) denying Phil Karn approval to export software that supports Triple-DES encryption. Interesting especially for 3 reasons: The export has nothing to do with public distribution, but was requested to provide security for the foreign, but US-staffed and owned, branch of a US company; such export denial was threatened if the X9 Committee which establishes banking security standards settled on 3DES instead of Clipper - NSA is making good on its threats; and the 3DES export denial portion of the form response appears to be a standard part of the form now (in other words, NSA/DoS may be routinely denying all 3DES exports.)
June 1992 NSA answers to many questions posed to them by Joe Abernathy about cryptography
lance rose's november 1993 article about Zimmermann, PGP and how PGP works, bidzos' attempt to suppress distribution of pgp, ViaCrypt, RSAREF, DES and the rest
Stephan Walker's (TIS) October 1993 testimony before the subcommittee on economic policy, trade and environment regarding the negative impact that US export control regulations on cryptography are having on the information system software industry.
Michael Johnson's 1994 in depth FAQ-like discussion of data encryption software and technical data controls in the US
November 1993 GAO report on communications privacy and the federal policy and actions surroundng the issue. specifically, it addresses whether federal policies negatively affect US corporations' ability to protect themselves against economic espionage.
Phillip (PGP) Zimmermann's Oct. 1993 testimony before the subcommittee on economic policy, trade and the environmnet discussing the need to change US export control policy for cryptographic software.

Subdirectories in This Archive

Directory of information on encryption export policy in 2000, including new BXA regs, stemming from changes announced in mid-1999.
Directory of information on encryption export policy in 1999, including the government's take on the "new" liberalization iniative and the text of the proposed "Cyberspace Electronic Security Act".
Directory of info on encryption export policy and legislation in 1998.
Documents from the EFF & Bernstein v. US Dept. of State lawsuit, in which we challenge the constitutionality of the ITAR crypto export restrictions. This case is similar to the Karn case.
Crypto, Pro-CODE, ECPA-2 & SAFE (`96-7) Crypto Legislation)
A June 1996 article entitled THE COMPUTER REVOLUTION, ENCRYPTION AND TRUE THREATS TO NATIONAL SECURITY by G. A. Keyworth, II, and David E. Colton, Esq. along with the footnotes.
directory of info on the [un]constitutionality of the ITAR export restrictions on cryptography, obtained via the Freedom of Information Act, incl. admissions from govt. lawyers that ITAR is unconstitutional.
directory of documents from the "Applied Cryptography" book + disk export case (book by Schneier, disk by Karn). The obtuseness of the Executive branch is truly stunning in this one. Very similar to the Bernstein case.
directory of docs from the Kerberos security program (stripped version) export case, put forward by Cygnus in an attempt to get export permission for this "barebones" version of Kerberos. This case revolves around "technical data" rather than "cryptographic" export restrictions.

Related On-Site Resources

Junger v. Dept of State
PETER D. JUNGER v. DEPARTMENT OF STATE, OFFICE OF DEFENSE TRADE CONTROLS, & NATIONAL SECURITY AGENCY case. Junger claims the ITAR and AECA export restrictions on encryption (particularly the absurdly broad definition of 'export', which includes "disclosing" to foreigners, unconstitutionally restricts Jungers First Amendment rights to teach a class in which cryptography is detailed, if a foreign student is present.
Key Escrow archive
The US Administration's "Clipper 2" effort - commercial key escrow (the "stick" for which is export controls on encryption).
Phil Zimmermann / PGP case
Grand jury investigation against Phil Zimmermann and others allegedly associated with distributing "Pretty Good Privacy", an encryption program, via the Internet.
Bibliography on ITAR and First Amendment issues
June 1993 letter from Lee Tien to Clyde Bryant with a list of law review articles to help in Bryant's review of ITAR.
House hearings about the ITAR and the First Amendment
Transcript of hearings before a subcommittee of the House Comittee on Government Operations. It is especially interesting for the two items it includes in the report; one memo shows that the Office of Legal Counsel concluded that ITAR was unconstitutional, and some testimony indicates that the State Department and the President may have ignored possibly binding legal advice from the OLC. Feb-Aug 1980
1996 & 1997 ECPA SAFE ProCODE bills
Directory of info on encryption legislation introduced in 1996 and 1997, including the Encrypted Communications Privacy Act (EPCA2), Promotion of Commerce Online with Digital Encryption Act (ProCODE), and Security and Freedom through Encryuption Act (SAFE). All of these bills were introduced to ease export restriction on encryption software. However, as of Sept. 1997, all were derailed, either being killed outright, or replaced with their Orwellian opposites designed to increase export controls, introduce import controls, and force mandatory key surrender.

Links to Related Off-Site Resources

EFF Boardmember John Gilmore's Crypto Export WWW Pages
Electronic Privacy Info. Center's Encryption Policy pages
CDT's Crypto Pages
The Computer Revolution, Encryption & True Threats to National Security
(HTML version of) report condemning Clinton Adminstration encryption export policy and key "escrow" plans, by G.A. Keyworth II and David E. Colton, for the Progress and Freedom Foundation. Co-author Keyworth was US President Ronald Reagan's science advisor.