[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Netscape download requirements
Adam Shostack wrote:
>
> First off, I applaud Netscape for making the US version available for
> download. All of my comments here should be taken as questioning the
> why's, not suggesting that the implementation is so onerous Netscape
> shouldn't have done it. Although, you might want to add a link to a
> page decrying the kafka-esque experience; perhaps Matt's 'My life as
> an arms smuggler?'
>
> My question is, under what lawful authority would you release the
> data? The ITARs don't seem to contain anything special, so would you
> hand out lists on a subpeona? Individual names on a subpeona? Lists
> on a warrant?
This is from our US download FAQ at
http://home.netscape.com/eng/US-Current/faq.html
The information users provide when applying to download the 128-bit
encryption software is used ONLY to verify eligibility. The U.S.
government requires Netscape to maintain a log of software downloads
should they deem it necessary under court order, to use this
information
in their investigations of illegal use or misrepresentation of
information.
If law enforcement got a court order to get the entire list, we would
fight it in court as being over broad.
> Incidentally, they seem to be doing a credit check sort of
> verification; I gave a decade old address, and it worked fine. I feel
> free to do this because I'm legally entitled to download strong crypto
> software, and see no need to hand out my unlisted phone number in
> doing so.
We are not doing any type of credit check. We are doing some address
verification using local databases, so these queries don't go into
anyones tracking database.
--Jeff
--
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
[email protected] - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.