[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Crypto Witchhunt?



To the 'net community:
EFF is very concerned about the Customs Department-initiated grand jury
investigation into encryption export violations.  Two U.S. companies have
been subpoenaed to produce documents related to the "international
distribution" of commercial products utilizing PGP and RSA source code. 
Neither of these companies are engaged in the international distribution of
any illegal materials.  EFF is working with the concerned parties and is
trying to find out the scope of the grand jury investigation. 
Unfortunately for us in this case, grand jury investigations are secret, so
learning the scope is proving to be quite difficult.

What we do know is this:

Austin Code Works, a software publisher in Austin, Texas (heavy sigh), has
been planning to publish a code document written by Grady Ward called Moby
Crypto.  Grady describes Moby Crypto as simply containing descriptive
source code, not executable object code, describing many cryptographic
routines that are freely available around the world.  Most of this material
has been released in print form already.  The important distinction seems
to be that Moby Crypto will be released in machine-readable format.  Austin
Code Works has told Customs Agents that it does not intend to release Moby
Crypto outside of the U.S., yet the company has been subpoenaed to release
all documents related to this product.  (Incidently, if Moby Crypto
contains no executable code, it should be exportable under ITAR, just as
textbooks containing such materials are exportable.)

ViaCrypt, a Phoenix, Arizona,-based (heavy sigh again -- man, does this
ring familiar) software producer that has a license to sell software
products that use the RSA algorithm, was issued a similar subpoena. 
ViaCrypt has recently contracted with Phil Zimmermann, creator of the PGP
encryption code, to sell a commercial version of PGP.  ViaCrypt only
distributes its products containing the RSA algorithm within the United
States, since RSA is not exportable under ITAR.

EFF has been in touch with Phil Zimmermann and his attorney, Grady Ward,
and the owner of Austin Code Works.  We have advised everyone that there is
nothing to hide and that they should abide by the subpoenas and produce the
documents requested.  We will not know what the appropriate response should
be until the grand jury makes its determinations.  In the meantime, we want
everyone to know that EFF is committed to ensuring that the right to use
and publish whatever encryption method an individual chooses to use is
protected.  Jerry Berman, EFF's Executive Director, issued the following
internal message this morning:

>I've assured Phil that he is not alone, and I have talked with his attorney.
>If Phil is charged with export control violations based on making PGP
>available in the US on a non-commercial basis and it happens to get
>published or copied overseas, First Amendment issues indeed may be joined.
>As of now, ViaCrypt has done no "exporting" and does not intend to. I have
>the subpoena.

Indeed, EFF has copies of both subpoenas.  We will continue to keep you
informed of what's going on as we learn the facts.  EFF is deeply
concerned, and we want Phil and everyone else involved to know that they
are not alone.  As soon as it becomes clear what specifically is being
investigated, EFF will respond.
Shari
******************************************************************************

Shari Steele
Director of Legal Services
Electronic Frontier Foundation
1001 G Street, NW
Suite 950 East
Washington, DC  20001
202/347-5400 (voice), 202/393-5509 (fax)
[email protected]