LATEST US ACT-Bits anyhow
Donald Ramsbottom
donald at ramsbottom.co.uk
Mon, 02 Aug 1999 18:51:21 +0100
here are some tit-bits from the latest in Encryption acts before congress,
this is from HR2616- Encryption for the National Interst Act go to
http://jya.com/crypto.htm- + Encryption for the National Interest Act
August 2, 1999 for the full text.
SEC. 2. STATEMENT OF POLICY.
It is the policy of the United States to protect public computer
networks through the use of strong encryption technology, to promote
the export of encryption products developed and manufactured in the
United States, and to preserve public safety and national security.
(2) The goal of any encryption legislation should be to
enhance and promote the global market strength of United States
encryption manufacturers, while guaranteeing that national
security and public safety obligations of the Government can
still be accomplished.
(3) It is essential to the national security interests of
the United States that United States encryption products
dominate the global market.
(4) Widespread use of unregulated encryption products poses
a significant threat to the national security interests of the
United States.
(5) Data network service provider.--The term ``data network
service provider'' means a person offering any service to the
general public that provides the users thereof with the ability
to transmit or receive data, including communications.
(6) Decryption.--The term ``decryption'' means the
retransformation or unscrambling of encrypted data, including
communications, to its readable plaintext version. To
``decrypt'' data, including communications, is to perform
decryption.
(7) Decryption information.--The term ``decryption
information'' means information or technology that enables one
to readily retransform or unscramble encrypted data from its
unreadable and incomprehensible format to its readable
plaintext version.
(8) Electronic storage.--The term ``electronic storage''
has the meaning given that term in section 2510(17) of title
18, United States Code.
(9) Encryption.--The term ``encryption'' means the
transformation or scrambling of data, including communications,
from plaintext to an unreadable or incomprehensible format,
regardless of the technique utilized for such transformation or
scrambling and irrespective of the medium in which such data,
including communications, occur or can be found, for the
purposes of protecting the content of such data, including
communications. To ``encrypt'' data, including communications,
is to perform encryption.
(15) Plaintext.--The term ``plaintext'' means the readable
or comprehensible format of that data, including
communications, which has been encrypted.
``(c) Probable Cause Not Constituted by Use of Encryption.--The use
of encryption by itself shall not establish probable cause to believe
that a crime is being or has been committed.
``Sec. 2802. Privacy protection
Sec. 2802. Privacy protection
``(a) In General.--It shall be unlawful for any person to
intentionally--
``(1) obtain or use decryption information without lawful
authority for the purpose of decrypting data, including
communications;
``(2) exceed lawful authority in decrypting data, including
communications;
``(3) break the encryption code of another person without
lawful authority for the purpose of violating the privacy or
security of that person or depriving that person of any
property rights;
``(4) impersonate another person for the purpose of
obtaining decryption information of that person without lawful
authority;
``(5) facilitate or assist in the encryption of data,
including communications, knowing that such data, including
communications, are to be used in furtherance of a crime; or
``(6) disclose decryption information in violation of a
provision of this chapter.
SEC. 305. ENCRYPTION LICENSES REQUIRED.
(a) United States Products Exceeding Certain Bit Length.--Except as
permitted under section 303, in the case of all encryption products
with an encryption strength exceeding the maximum level eligible for a
license exception under section 302, which are designed or manufactured
within the United States, the President may grant a license for export
of such encryption products, under the following conditions:
(1) There shall not be any requirement, as a basis for an
export license, that a product contains a method of--
(A) gaining timely access to plaintext; or
(B) gaining timely access to decryption
information.
(2) The export license applicant shall submit--
(A) the product for technical review;
(B) a certification, under oath, identifying--
(i) the intended end use of the product;
and
(ii) the expected end user or class of end
users of the product;
(C) proof that its distribution chain partners have
contractually agreed to abide by all laws and
regulations of the United States concerning the export
and reexport of encryption products designed or
manufactured within the United States; and
(D) the names and addresses of its distribution
chain partners.
Just how many more b ills can they put before congress on this subject?
There is lots more , but the above points are some which have come up on
this list recently regarding our own bill.
Donald Ramsbottom LL.B, BA (Hons).
RAMSBOTTOM & Co. Solicitors
Internet Law & Global Cryptology Law Specialists