[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Japan tightens crypto export restrictions, from The Netly News
The Netly News
http://www.netlynews.com/
October 29, 1996
The Japan Factor
By Declan McCullagh ([email protected])
In a move designed to stem the global availability of products
that use strong encryption technology, Japan last month succumbed to
U.S. pressure and dramatically tightened its export restrictions, The
Netly News has learned.
The restrictions amount to a stranglehold. Officials from Japan's
Ministry of International Trade and Industry (MITI) characterize the
shift as a very small change, but the new rules require businesses to
seek prior government approval for any overseas crypto-order that
totals more than 50,000 yen, or about $450. The previous limit was 10
million yen, around $91,000.
"We made a very small change of the licensing exception of limited
value," says Jun Takashina, the deputy director of the Security Export
Control Division at MITI. Takashina denied that the U.S. pressured
Japan. "It's our decision. We didn't have any pressure from the United
States."
Japan says its regulations are designed to codify the "Wassenaar
Arrangement" on export controls for armaments and advanced technology,
which was crafted over a two-year period to replace the Cold War-era
COCOM treaty and was signed in July by over 30 countries. "In the
Wassenaar Arrangement, we have consensus to cooperate -- not
coordinate, but cooperate," Takashina said. "In this sense we
influence each other. We cooperate in our regulations to achieve the
same purpose." In implementing the agreement, Japan relaxed controls
on many products -- and, tellingly, only tightened the regulation of
encryption. However, other countries that signed the agreement have
not done the same.
Japan's move follows a hot summer of even hotter debate on Capitol
Hill, where Justice Department officials claimed that criminals use
PGP to scramble files and software company executives testified that
current regs cost U.S. industry millions.
Boosting the political temperature further was RSA Data Security's
announcement in June that NTT and RSA's Japanese affiliate were ready
to ship a triple-DES chip more secure than anything U.S. manufacturers
are permitted to sell overseas. Privacy advocates quickly heralded it
as exposing the fatal flaws in the Clinton administration's
regulations. Phil Zimmermann, inventor of PGP, told me at the time
that "the Japanese took over the American television manufacturing
industry" and are poised to take over this one unless Congress
approves the Pro-CODE bill.
This widely-publicized announcement almost certainly prompted
Japan's new crypto-muzzling decision. The company's president, Jim
Bidzos, says that Tokyo has started to "look a little closer" at its
encryption policies. "With all the press about NTT chips and whatnot
in Japan, the U.S. government is going to try to stem the flow." (One
White House scheme designed to do just that is the
soon-to-be-announced creation of an ambassador-level position whose
sole job will be to marshal international support for U.S. crypto
policy.)
Stewart Baker, former NSA general counsel, calls Japan's move a
sign that the country's leaders are awakening to -- and are sensitive
to -- the U.S. government's position. "This is a signal that they did
not want to be at the center of the policy debate over export controls
if they could avoid it," he says.
"As [the policy] gets covered in the New York Times on the front
page, the Japanese government focuses more attention.... This is a
reflection of concern that that kind of story is not good for Japan,"
says Baker, who recently wrote about Japan's stance on encryption in
Wired.
The key question, though, is how strictly will Japan enforce the
new regulations? The Wassenaar Arrangement is designed to keep arms
and technology out of the hands of rogue countries, but companies in
Silicon Valley already are complaining that Japanese shipments of
data-scrambling hardware are being delayed. And the fine print of the
new Japanese regs seems to require the end user's name and address --
which is impossible for U.S. distributors to provide.
I think Marc Rotenberg, director of the Electronic Privacy
Information Center and international crypto-watcher, has it right.
Today he said to me that U.S. crypto isn't our biggest export in this
area; instead, it's U.S. crypto policy. I agree -- and I say that's
where we need more government intervention. Any government employee or
erstwhile crypto-czar who wants to export a dumb crypto policy should
be required to say why it should be allowed to infect other countries.
I'm sure Japan won't mind.
-- By Declan McCullagh ([email protected])
with reporting by K. N. Cukier ([email protected])
Wassenaar Arrangement:
http://www.dfat.gov.au/dfat/dept/isd/peace_and_disarmament/pd_4_96/pd10.html
RSA announces NTT chip:
http://www.eff.org/pub/Publications/Declan_McCullagh/cwd.got.away.0696.article
U.S. to create crypto-ambassador:
http://www.netizen.com/netizen/96/43/index3a.html
Stewart Baker on Japan's crypto-politics:
http://www.hotwired.com/wired/4.09/es.crypto.html
Marc Rotenberg on OECD crypto-politics:
http://www2.eff.org/~declan/global/japan/rotenberg.reply.102896
###