[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Is it legal for commercial companies to use PGP?



At 10:30 PM 7/19/95 -0400, tim werner wrote:
>>From [email protected]  Tue Jul 18 02:51:50 1995
>>Selling software containing the code is pretty clearly commercial.
>>Non-commercial messages from your personal non-business machine are
>>clearly non-commercial.  Providing a service of encrypting and decrypting
>>messages for people for money sounds like it's _very_ probably commercial.
>>Encrypting and decrypting messages to/from your business that deal with money
>>are a very gray area.
>
>Maybe "commercial company" is the wrong expression.  All I meant was
>that my company is not non-profit, or a university, or a government
>organization.  It is an engineering firm.  What I have in mind is
>nothing to do with a commercial use of encryption per se. 

That's what I thought you meant.



>1) I have some email pen-pals that I would like to be able to use PGP to

That would be fine to use PGP 2.6.2 for; there's realky no question.

>2) It's entirely likely that people within the company may wish to get
>   into the habit of transmitting company data in encrypted form.  This
>   is not a question of incorporating the encryption technology into a
>   product, or even into the sale of a product -- it's just a question
>   of keeping intra-company information transfers private.
>The first is the one I'm really concerned with.  The second would be
>sort of a natural extension that, if legal, would be nice.  I can't
>imagine that these uses are subject to the ViaCrypt license, but I need
>some reassurance/ammunition in order to be a little more open about
>getting it installed on the machines in my department.

The ViaCrypt license only matters if you're using ViaCrypt.
The question of whether you can use PGP 2.6.2 for these is something
you _do_ need to read the RSAREF license about, and maybe ask
Jim Bidzos <[email protected]> or a company lawyer-type about;
encrypted mail within the company is probably ok, encrypted mail sending
credit card numbers to pay for stuff is more questionable.
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, [email protected]