[plug] Any legal restrictions on cryptography use / importation in Aus?

Tue Mar 26 19:38:33 WST 2002

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

My understanding of the US laws is that it used to be a felony (i.e serious 
offence) to export "weapons grade" encryption (i.e anything more than 56 
bits). I undestand that the law has now changed so that it is now legal to 
export encryption to approved countries (including Australia and New Zealand) 
as long as it doesn't involve exporting it to banned countries (such as Cuba 
and Iraq).

As far as I am aware encryption is not illegal to use anywhere. Good 
encryption is necessary for Internet banking. The non-US Debian mirrors are 
available inside Australia so you'll certainly have no trouble getting hold 
of encryption software (at least if you're using Debian). I doubt that they 
would be available if they were in any way questionably legal.

Anthony

On Tuesday 26 March 2002 10:51, Sol wrote:
> There are laws in the US that make the import or export of certain 
> cryptographic software (notably software that the US NSA, FBI & CIA 
> don't have the ability or privilege to crack). That's why in the Debian 
> software mirror tree there is a "non-US" section which includes things 
> like pgp and ssh. I believe though, that it's not actually illegal for a 
> US citizen to use this software inside the US - ironically.  There was a 
> seminal case in the US when the Govt on behalf of the FBI tried to 
> outlaw PGP and failed - mostly. But the details of this are sketchy in 
> my mind now.
> 
> "Continuing the assault, both the Bush and Clinto adminstrations waged 
> an all-out war against the rights of  computer users to engage in 
> private and secure communications. Starting in 1991, both 
> administrations flaoted proposals for use of "Clipper" encrypted 
> personal communications/President Clinton also backed the Communications 
> Decency Act (CDA), which made it a crime to transcit sexually explicity 
> information to minors - and, as a result, might have required Internet 
> providers to deploy far-reaching monitoring and censorship systems. When 
> a court in Philedelphia found the CDA unconstitutional, the Clinto 
> administration appealed the decision all the way to the Supreme Court  - 
> and lost.
>     "Finally, the US government's restrictions on the export of 
> encryption technology have effectively restrained the widespread use of 
> this technology for personal privacy protection within the United States."
> 
> from "Database Nation" by Simson Garfinkel, O'Reilly & Associates, 2000
> 
> There's more in this book about efforts to curb such things as 
> encryption, but if you're that interested you can buy the book (or 
> borrow it from a library). Garfinkel has also written a book called 
> "PGP: Pretty Good Privacy". I dare say that you'd find plenty more info 
> about the court cases in the US on the PGP site.
> 
> Whilst I would hardly consider the Australian Govt "liberal" on such 
> matters, their staggering ignorance of information technology issues in 
> general has meant that they haven't thought up laws to curb it citizens 
> from engaging in electronic communication in private. Or so I believe.
> 
> Sol
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8oF25hwVaoilFPn0RAvVJAJ9MUI83Y3OOOl+x4MgKiYS2FWMSwwCfaclq
y06IOHrzx23bBFndGlHY+NU=
=BUwl
-----END PGP SIGNATURE-----