EAR questions.

Anil Das das at razor.engr.sgi.com
Thu May 1 19:19:32 PDT 1997


[ Didn't get much response when I posted this to cryptography at c2.net.
Hope there will be more response on cypherpunks. ]

	I couldn't find a solid answer to the following questions,
after reading relevent sections of the EAR, and talking to some
people. I am looking for considered opinions, not legal advice.

1) Does a software such as the DESCHALL client or Peter Trei's DESKR
program, in object code form, need a license to be exported? Keep
in mind that even thought there are some cryptographic functions
inside the programs, they cannot be directly used to encrypt data,
nor can they be easily modified (i.e. without reverse engineering)
to make data encryption possible.

2) Does the "printed matter exception" apply only to publications?
Is it legal, under the EAR, for somebody in the US to print out
the source code for an encryption program on paper and send it to
a private party abroad (not a country in the enemies list). Does
it make any difference whether this is done for monetory compensation?
Does it make any difference whether the sender intends to keep the
source code secret between himself and the recipient?

Btw, it looks like the language about scannable encryption source code,
that was in the draft regulations, have been removed.

One more, general question.

3) Is it correct to say that, as long as you are not selling it to
a military organization and the software is intended for civilian
use, the export of encryption software is now controlled exclusively
by the EAR, and not by the ITAR? I ask this because many of the
people who answered "only publications" to question 2) above,
could only quote the ITAR in support of their position.

	Thanks.

--
Anil Das







More information about the cypherpunks-legacy mailing list