"A provider of communications services cannot be held liable for the consequences of encrypted communications that pass though its system."
Far too simple. Suppose the provider is a BBS operator who *knows* what their users are passing through the system? Suppose the provider has keys to the encrypted communications? Suppose those keys are only to be used under duress (e.g. under a court order)? Suppose the provider is a parent and the user is their teenage daughter? Suppose the encryption is easily breakable? The principle you are looking for is that if the service provider has no *control* over the content, then they should have no *liability* for it either. The courts are gradually making that happen. But control relates directly to the specific facts of the particular case -- not whether encryption is in use. The case law on liability for content is gradually being made. So far, no particularly horrible precedents have been set (I don't think there are precedents yet in the arrest-the-record-store-owner-for-rap- records-the-cops-don't-like issue). In a good decision, Compuserve was let off the hook for a message sent by someone who Compuserve even paid to moderate a corner of their service -- because Compuserve didn't control the content of that corner. I realize that this group has a tendency toward extremism, but let's temper that with a bit of wisdom, too. John