Path: gmd.de!newsserver.jvnc.net!darwin.sura.net!howland.reston.ans.net! usc!yeshua.marcam.com!news.kei.com!eff!nuntius From: Shari Steele <sst...@eff.org> Newsgroups: misc.legal Subject: crypto witchhunt? Date: 17 Sep 1993 18:54:51 GMT Organization: Electronic Frontier Foundation Lines: 79 Distribution: world Message-ID: <27d15r$350@kragar.eff.org> NNTP-Posting-Host: sarah.eff.org X-UserAgent: Nuntius v1.1 To the 'net community: EFF is very concerned about the Customs Department-initiated grand jury investigation into encryption export violations. Two U.S. companies have been subpoenaed to produce documents related to the "international distribution" of commercial products utilizing PGP and RSA source code. Neither of these companies are engaged in the international distribution of any illegal materials. EFF is working with the concerned parties and is trying to find out the scope of the grand jury investigation. Unfortunately for us in this case, grand jury investigations are secret, so learning the scope is proving to be quite difficult. What we do know is this: Austin Code Works, a software publisher in Austin, Texas (heavy sigh), has been planning to publish a code document written by Grady Ward called Moby Crypto. Grady describes Moby Crypto as simply containing descriptive source code, not executable object code, describing many cryptographic routines that are freely available around the world. Most of this material has been released in print form already. The important distinction seems to be that Moby Crypto will be released in machine-readable format. Austin Code Works has told Customs Agents that it does not intend to release Moby Crypto outside of the U.S., yet the company has been subpoenaed to release all documents related to this product. (Incidently, if Moby Crypto contains no executable code, it should be exportable under ITAR, just as textbooks containing such materials are exportable.) ViaCrypt, a Phoenix, Arizona,-based (heavy sigh again -- man, does this ring familiar) software producer that has a license to sell software products that use the RSA algorithm, was issued a similar subpoena. ViaCrypt has recently contracted with Phil Zimmermann, creator of the PGP encryption code, to sell a commercial version of PGP. ViaCrypt only distributes its products containing the RSA algorithm within the United States, since RSA is not exportable under ITAR. EFF has been in touch with Phil Zimmermann and his attorney, Grady Ward, and the owner of Austin Code Works. We have advised everyone that there is nothing to hide and that they should abide by the subpoenas and produce the documents requested. We will not know what the appropriate response should be until the grand jury makes its determinations. In the meantime, we want everyone to know that EFF is committed to ensuring that the right to use and publish whatever encryption method an individual chooses to use is protected. Jerry Berman, EFF's Executive Director, issued the following internal message this morning: >I've assured Phil that he is not alone, and I have talked with his attorney. >If Phil is charged with export control violations based on making PGP >available in the US on a non-commercial basis and it happens to get >published or copied overseas, First Amendment issues indeed may be joined. >As of now, ViaCrypt has done no "exporting" and does not intend to. I have >the subpoena. Indeed, EFF has copies of both subpoenas. We will continue to keep you informed of what's going on as we learn the facts. EFF is deeply concerned, and we want Phil and everyone else involved to know that they are not alone. As soon as it becomes clear what specifically is being investigated, EFF will respond. Shari *********************************************************************** ****** Shari Steele Director of Legal Services Electronic Frontier Foundation 1001 G Street, NW Suite 950 East Washington, DC 20001 202/347-5400 (voice), 202/393-5509 (fax) sst...@eff.org