Rich Salz <rsalz@osf.org> writes:
I sure hope some tells David Harris that his program is now export controlled. From my reading of his message, it seemed like he thinks he "beat the system" because he didn't include actual crypto code.
Even if he were in the US, I would hope that no one told him that. One of the elements of the offense of violating the arms export control act is that the violation be willful. The exporter has to violate a known legal duty not to export the item. One of the reasons for this is simply that the ITAR list is long and technical and average individuals cannot be expected to know all its details. This is mentioned in the Lizarraga case, at approximately 541 F2d 828: "Two features of 22 USC 1934 strongly indicate that Congress used the term 'willful' to require a showing of specific intent. First, the statute prohibits exportation of items listed by administrative regulation, not by the statute itself. Second, upon referring to the pertinent regulation, 22 CFR part 121, we find that the regulation contains an exhaustive list of items including amphibious vehicles, pressure-breathing suits, aerial cameras, 'privacy devices,' and concealment equipment (including paints). Unlike those substances which are known generally to be controlled by government regulation, such as heroin or like drugs, these items might be exported or imported innocently. Under such circumstances, it appears likely that Congress would have wanted to require a voluntary, intentional violation of a known legal duty not to export such items before predicating criminal liability." So in this case I think widespread publicity about the ITARs can be considered harmful. All those helpful people going around warning others that they are exporting software are actually removing a defense against charges of export. Hal