Re: Spam the Sign!
[regarding suggestion that netscape give mit or someone a 128 bit version to place on an ftp server]
This is not an apology for the the ITAR, just my usual lawyerly overcaution:
Suppose A gives B a program that is export controlled, intending for B to allow it to be exported. Has A conspired with B to export the program?
Let's ask the grand jury investigating Phil....
That's a possible problem, I suppose, but wouldn't you be protected if your license agreement with MIT (or whoever) specified redistribution "for domestic use only"? | (Douglas) Hofstadter's Law: Frank Stuart | It always takes longer than you expect, even fstuart@vetmed.auburn.edu | when you take into account Hofstadter's Law.
On Wed, 22 Nov 1995, Frank Stuart wrote:
[regarding suggestion that netscape give mit or someone a 128 bit version to place on an ftp server]
This is not an apology for the the ITAR, just my usual lawyerly overcaution:
Suppose A gives B a program that is export controlled, intending for B to allow it to be exported. Has A conspired with B to export the program?
Let's ask the grand jury investigating Phil....
That's a possible problem, I suppose, but wouldn't you be protected if your license agreement with MIT (or whoever) specified redistribution "for domestic use only"?
"protected"? No. "Helped"? Yes. The government can argue to the jury that the agreement was a sham and you knew it.... A. Michael Froomkin | +1 (305) 284-4285; +1 (305) 284-6506 (fax) Associate Professor of Law | U. Miami School of Law | froomkin@law.miami.edu P.O. Box 248087 | http://www.law.miami.edu/~froomkin Coral Gables, FL 33124 USA | It's warm here.
[regarding suggestion that netscape give mit or someone a 128 bit version to place on an ftp server]
This is not an apology for the the ITAR, just my usual lawyerly overcaution:
Suppose A gives B a program that is export controlled, intending for B to allow it to be exported. Has A conspired with B to export the program?
Let's ask the grand jury investigating Phil....
That's a possible problem, I suppose, but wouldn't you be protected if your license agreement with MIT (or whoever) specified redistribution "for domestic use only"?
"protected"? No. "Helped"? Yes. The government can argue to the jury that the agreement was a sham and you knew it....
(Great, I'm about to argue law with a REAL LAWYER (tm). And they promised me that Cypherpunks wouldn't cause brain damage ... ) OK, suppose A does NOT intend for B to export it, and he does anyway ... Now suppose that instead of giving it to B, he SELLS it to him ... So a pirated copy of the commercial version of Netscape's Navigator shows up in a Hong Kong flea market, and Barksdale goes to jail ... (Members of the jury, Mr. Barksdale MUST have known that one of his millions of paying customers would export that dangerous munition ...) The logical ludicrousness of ITAR shows up fast no matter which angle you look at it from, and yet the people with the <exonized for your protection> to actually challenge it aren't the big companies who stand to gain the most financially, it's a bunch of guys (a lot of whom hang around here sometimes) who are successfully giving away 'export controlled' software, while the people with the resources to really fight this thing sit on the sidelines waiting for Phil Zimmerman or Phil Karn to get them off the hook so they can go and make a lot of money. It seems to me that there's something very wrong with this picture, and while I don't mean this in any way to be taken personally, one of the big things I see as wrong is overcautious lawyers. -- Jeff Simmons jsimmons@goblin.punk.net
Actually, the application of the law tends to be far more reasonable than non-lawyers believe. This is one of the hardest things to get law students to believe. But it is a human process, not a mechancial one. If you sell a product legally in the US, taking reasonable precautions to observe the ITAR and making clear to your customers what their obligations are, you have essentially zero risk. How do I know this? Many, many, many people do exactly that every day, and none have AFAIK even been threatened with prosecution. This is NOT IMHO how the ITAR restricts intra-US trade. The ITAR restrict intra-US trade by inducing people to make only exportable products so that they don't have the trouble of supporting two different versions, doing 2 kinds of paperwork, etc. OTOH, if you hand software to someone to put on an FTP site, nudge, nudge, wink, wink let's hope it doesn't get exported, ha, ha, then you really are guilty of trying to end-run the ITAR, and they feds may give you a hard time, which after all is their job if you are breaking federal law. None of this of course goes to the question of whether the ITAR is good/bad or un/constitutional. A. Michael Froomkin | +1 (305) 284-4285; +1 (305) 284-6506 (fax) Associate Professor of Law | U. Miami School of Law | froomkin@law.miami.edu P.O. Box 248087 | http://www.law.miami.edu/~froomkin Coral Gables, FL 33124 USA | It's warm here.
Actually, the application of the law tends to be far more reasonable than non-lawyers believe. This is one of the hardest things to get law students to believe. But it is a human process, not a mechancial one.
If you sell a product legally in the US, taking reasonable precautions to observe the ITAR and making clear to your customers what their obligations are, you have essentially zero risk. How do I know this? Many, many, many people do exactly that every day, and none have AFAIK even been threatened with prosecution. This is NOT IMHO how the ITAR restricts intra-US trade. The ITAR restrict intra-US trade by inducing people to make only exportable products so that they don't have the trouble of supporting two different versions, doing 2 kinds of paperwork, etc.
OTOH, if you hand software to someone to put on an FTP site, nudge, nudge, wink, wink let's hope it doesn't get exported, ha, ha, then you really are guilty of trying to end-run the ITAR, and they feds may give you a hard time, which after all is their job if you are breaking federal law.
Then suppose you hand software to MIT to put on its export-controlled ftp site (which would seem to follow your requirements to take reasonable precautions to observe the ITAR, etc.) and you don't do the nudge, nudge, wink, wink - BUT you know that it's going to be available on major ftp sites in Europe within a few hours anyway. The intent to export isn't there, but the export occurs anyway. Is it the intent, or the knowledge that's important? Obviously the intent, or the MIT server would be in jail. So I demonstrate lack of intent to export, by following MIT's model when I set up my own 'export controlled' ftp server. Am I safe? Or do I need a note from the NSA or somebody to do this? And if I do need somebody or something's 'permission', and they refuse to give it, aren't they using ITAR to restrict the distribution domestically? Do I have any options in this case other than to give up? Or, to bring it down to a practical question, what's stopping Netscape? How does Netscape setting up an 'export controlled' ftp site based on the MIT version lead to one of their executives going to jail? I have the feeling that we're talking about two different things here - the law as it's practiced in the courtroom and the law as it's practiced on the 'streets'. Obviously, the fact that I feel I'm doing something 'legal' won't help much if the government decides to do a Phil Zimmerman on me. But I would be interested in your comments. -- Jeff Simmons jsimmons@goblin.punk.net
participants (3)
-
Frank Stuart -
Jeff Simmons -
Michael Froomkin