bal writes:
It's much worse than this. Look at the definition of "predicate act":
`(b) For purposes of this section, each act of distributing software is considered a separate predicate act. Each instance in which nonexportable software is accessed by a foreign government, an agent of a foreign government, a foreign national, or an agent of a foreign national, shall be considered as a separate predicate act.
Now, since the bill also makes 1030A violations "racketeering activities", all you need are two predicate acts and RICO comes into play.
In the subsection that explicitly mentions crypto, it says that it's unlawful to put (non-GAK) crypto on an open net, "regardless of whether such software has been designated non-exportable". If the phrase "nonexportable" means the same thing in the context of this subsection, then provision (b) would only seem to apply RICO to stuff that already falls under ITAR. For whatever it covers, this provision conveniently makes you liable for the actions of others. I could see quid pro quo between governments coming into play here. They can get practically anyone connected with a foreign country to click a button on a Web browser, download PGP half a dozen times, and then hit you with 7 counts of racketeering. Hey, they could run a net searcher daemon that automatically snags a heap of copies of anything it finds that looks like a non-GAK crypto app. [...]
Get a copy of this bill from:
ftp://ftp.loc.gov/pub/thomas/c104/s974.is.FTP
and read it.
--bal
-Futplex <futplex@pseudonym.com>