[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Can the inevitability of Software privacy be used to defeat the ITAR?
At 04:06 AM 7/11/96 +0000, Paul Elliott wrote:
>What is to prevent a U.S company to licence a foreign company
>to sublicence and distribute a Crypto product abroad, if that
>foreign company obtains that product on the pirate market?
>
>I am not a lawyer, but I look at the definition of "export"
>on page 612 of Applied Cryptography and nothing seems to
>obviously apply.
>
>The scenario I imagine is this: U.S. company produces a crypto
>product. To be generally useful, the product supports all languages.
>(Those CDROMs really do hold a lot of data.)
>After all, Americans do need to do business with foreigners.
>The company licences and distributes the product in the U.S.
>taking special care not to distribute the product to any foreign persons.
>When inevitability, the product appears in the pirate market outside
>the U.S., the company makes a contract with a foreign company
>allowing it to distribute it and sublicence it. The foreign company
>can get their copy from the pirate market, being authorized to get
>the copy by the U.S. company. When this deal is cut copies
>have already been exported and are already being sold by the
>pirates, against the will of the U.S. company.
I raised this type of idea on CP, twice, and didn't hear a peep about it!
(As recently as a couple of days ago.) It doesn't entirely eliminate the
illegality; it merely transfers that illegality to an unknown and thus
unprosecutable person. But yes, it appears that nothing would prevent this
technique from working very well.
Any attempted prosecution would fare even less well than the example of
Zimmermann and PGP 1.0: There would be no illusion that an encryption
product sold in hundreds of stores nationwide could be kept within the
borders of the US, so the domestic manufacturer is safe. The foreign
distributor isn't violating any of his own country's laws, and probably not
arguably any of the US. Both companies could enthusiastically invite the
USG to prosecute whoever actually exported the software, laughing all the
way to the bank.
Jim Bell
[email protected]