[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Legal Deffinition of Encryption?



Barry A. Dobyns wrote:
> Dale Thorn wrote:
> > Peter Hendrickson wrote:
> > > At 2:17 PM 11/9/1996, Mark M. wrote:
> > > >On Sat, 9 Nov 1996, Benjamin Grosman wrote:
> > > >> I have absolutely no idea: this is a very interesting problem. Not for just
> > > >> compression and encryption differention legally, but also, well, ANY other
> > > >> data form. If one defines a new format for saving data (i.e a new image
> > > >> format), and then exports this technology from the USA, is this exportation
> > > >> of munitions due to it's unknown qualities? Or what?

> > > > I can't define encryption, but I know it when I see it.

> > > They way it will be forbidden is by outlawing the execution of the
> > > algorithms.  The algorithms (the secure ones anyway) are well defined
> > > as is executing them.  The legal system has dealt with greater
> > > ambiguities than this.
> > > An analogy to the drug laws might be useful.  We don't outlaw all drugs
> > > that cause you to have weird visions and to act strangely.  That would
> > > be hard to define and would cover a number of legal drugs.
> > > Instead, the specific chemicals are forbidden as they are discovered.

> > I can see how the chemical/drug thing works, and I can see how they can
> > easily control Public Key (PGP) encryption, but if you are suggesting
> > that they can effectively eradicate private key encryption, that would
> > seem to be an impossibility.

> I don't think that an alert legisator will have any problems writing
> laws that cover whatever uses of cryptography they want to outlaw.
> (Finding an alert legislator might be more of a problem...)
> Consider this:  outlawing an algorithm is very similar to protecting
> it's use as intellectual property - which is what the Patent system
> in the US and most other countries is designed to do.  The description
> of "illegal" algorithms could be lifted directly from patents (both
> current AND expired, or if you're sufficiently paranoid, even from
> "refused" or ungranted applications) which apply to cryptography.

Do you assume that all useful algorithms are patented or copyrighted?
Would you further assume that executable encryption programs would have
to be resident on some particular media long enough (say, 30 seconds to
a few minutes) that agents who have just broken the door in will be able
to preserve either the source code or the executable code and take it
with them as evidence?

> Imagine the creation of a branch of your favorite Government, let's call
> it "Big Brother," whose job is to monitor patent applications worldwide
> for new crypto techniques solely for the purpose of branding them contraband.
> Not so different from some of the work the US FDA does.

I know that the FDA cracks down on what it terms "dangerous substances"
and "practicing (something or other) without an appropriate license",
but the folks it crashes in on are generally distributing herbs, vitamins,
and other goodies which wind up inside of people's bodies, so there is
a measure of legitimacy to their protections, if not to their methods.
Protecting people from ideas and algorithms which go into their minds is
feasible only when the ideas are complex enough and require sufficient
physical manipulations (designing and building a fusion bomb, for example)
as to make the implementor of such things quite noticeable.

> Note that the market lock that PKP/RSA has on public key encryption in
> the US is based on exactly this sort of algorithm protection, and if
> it's good enough to reign in unbridled capitolism, it'll be good enough
> for the Justice Department to litigate on.  In effect, since PKP holds
> all the patents on public key in the US, nobody else can use these
> techniques without paying PKP or their licencees.  Outlawing just those
> techniques which are embodied in the PKP patents would be sufficient to
> outlaw all public key encryption.

So the only possible Public Key encryption has all been designed and
patented, and there's no other algorithms that can be brought forth,
let's say, by someone who doesn't want a patent, but merely wants to
put the idea out into the public domain?

> Note that issues like "is the patent valid" usually hinge on whether the
> authors of the patent were indeed the originators of the idea.  In the
> case of outlawing the algorithms, it doesn't matter if the patent author
> was the originator or not, or even if the patent is valid, still current,
> or was intercepted when it was applied for and diverted to "Big Brother"
> instead of being granted.

I suppose if some angel were to float out a new Public-key algorithm onto
the Net, then there would automatically be an anti-angel (from the NSA?)
who would show that it was in fact patented, and had to be withdrawn?
My guess is, if they tried this too many times through legal channels,
in spite of all manner of legislation, there would be a backlash of
sufficient proportion to render their efforts less than useful.