[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
How might new GAK be enforced?
Now that the shoe is dropping on "Clipper III" (or "Clipper IV"), the
"voluntary, for export, key escrow system," how might it be enforced?
Some possibilities:
1. Make GAK the "easiest and safest" use even within the United States. Do
this by aggressively pursuing, harassing, and prosecuting anyone who lets
non-U.S. persons, even within the United States, have access to
export-controlled software.
(I had not fully appreciated the ramifications of the ITARs for software
distributed _within_ the U.S. until the Bernstein matter unfolded.
Export-controlled software is not supposed to be sold to various classes of
foreign persons, including visitors, students on certain types of visas,
and others. Mostly such rules have been ignored, with large software stores
like CompUSA, Fry's, Egghead, etc., simply selling export-controlled
software to anyone with the money. Their are _stickers_ on some software
items warning against export, but these are ignored in sales. A few
high-profile prosecutions of large resellers could spread FUD wide and far,
triggering a "GAK-only" policy on sales of crypto products. The outcome of
the Bernstein hearing could thus be critical.)
2. Attempt to make illegal the _interoperability_ with non-GAK software.
Or, attempt to make illegal interoperability with a product which would
have been illegal to export.
Thus, if Alice, in the U.S., uses a crypto product to communicate with Bob,
in a foreign country, and it "would have been illegal" for Bob to legally
receive the product, then Alice is presumed to be breaking some law (maybe
"conspircacy"...I'm not a lawyer) by sending messages Bob can read.
This is just vague speculation. But I think the government must be thinking
how they can finesse this point, how they can stop the current "crypto
anarchy" (in a different sense than I use it), where "rogue users" in
foreign countries are unreachable by U.S. law. The easiest way, of course,
is to go after U.S. persons or companies who intercommunicate with these
rogue users.
(Else what's to stop Giant Corporation from using Non-GAKked software
within the U.S., which is perfectly legal (under the "voluntary" system),
but then "happening" to have their foreign branches and customers obtain
"bootleg" versions at their end? All it takes is a single copy to get out,
and be duplicated a zillion times. Voila, interoperability, with the only
"crime" being the first export...which is essentially impossible to stop,
for so many reasons we mention so often. Conclusion: Government must make
this very mode illegal, perhaps by making it a conspiracy to thwart the
export laws....)
Any other ideas on how the government plans to enforce GAK, to make GAK the
overwhelmingly-preferred solution?
--Tim May
We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May | Crypto Anarchy: encryption, digital money,
[email protected] 408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets,
Higher Power: 2^1,257,787-1 | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."