Re: LYNX-DEV SSL, Lynx & US Law

[Robert Bonomi]

+ From: Philip Webb <address@hidden>
+ Subject: LYNX-DEV SSL, Lynx & US Law
+ To: address@hidden
+ Date: Mon, 9 Dec 1996 02:31:48 -0500 (EST)
+ 
+   Mr Richardson said 961208 re Canadian laws restriction export of 
encryption: 
+ >   Well, there is one. Not as strong as ITAR, but nevertheless it
+ > exists. We are a signatory to COCOM (which was a UN agreement and
+ > agency to keep control of crypto. COCOM is dead due to lack of US
+ > payment of UN fees).
+ -- so COCOM is a red herring.

FALSE TO FACT.  The U.N. _agency_ is moribund -- this does *not* invalidate
any national legislation enacted in support of the aims of that agency.  Nor
does it render impossible prosecution under those statutes.

+ >   Additionally, NAFTA has some provisions as well. (Hidden)
+ -- what? if they're hidden, no-one is likely to be prosecuted & has a defense.

No they don't.  "ignorance of the law is no excuse" holds in Canada, as well
as the U.S.

+ >   Canadian companies have been charged in the past when they
+ > redirected shipments from the US to Canadian destinations to non-Canadians.
+ -- who? when? exporting what? to whom? charged in which country?
+    if it was missile parts to iraq, that's not covered by the same law,
+    not in canada anyway.
+ > However, see http://insight.mcmaster.ca/org/efc/pages/doc/crypto-export.html
+ -- i just read all 37 pp of it & STRONGLY RECOMMEND all of it to any 
lynx-dever
+    who thinks there's a problem exporting an encrypt-enabled lynx from canada,
+    as far as canadian law is concerned: its writer deserves a lot of thanks.
+ -- to summarise: there are only 2 countries -- iraq & libya --
+    which are subject to total restriction on exports of any kind;
+    there is a sort of caveat about re-exporting any goods from the us,
+    but it's weak & hardly enforced; there's a catch-all exemption called
+    General Export Permit # 12 which would allow export of any form
+    of encryption; the writer gives a detailed account of his experiences
+    applying to export encryption material from canada to the uk,
+    which confirms that in practice there's no legal barrier.

If what you report is a _true_ representation of the state of affairs, then, 
it is *illegal* to ship encryption _from_ the U.S., to Canada, under United 
States statute.

+ 
+ Mr Bonomi said 961208 "Canada has a PRECISELY similar law on its books"

And, I will repeat the parts you chose not to quote.
  "... albeit much *less* agressively enforced with regard to crypto.
   Which is -not- to say that they _could_not_ make trouble, if they
   decided to."

The risk is probably small, but it _is_ "non-zero".  And the 'down-side'
of that risk is _substantial_.

+ -- see previous
+ 
+ Mr Virden said 961208 "Some European countries make it illegal to use
+   any kind of encryption"
+ -- which countries? serbia? belarus?

Russia forbids -any- use.  (the new Russia passed this, it is -not- a 
hold-over from the U.S.S.R. days)

France forbids -any- use without a license, which they will not grant,
unless the algorithm *AND* KEYS are on file with them.

The U.K. has a very repressive act _proposed_ 

Austrialia also has floated a "trial balloon" that was bad news in this
area.

I believe Malaysia requires government approval to use crypto.

India also has significant restrictions.

+ 
+ -- the replies so far, together with the mcmaster pages url'd above,
+    simply confirm my point that ONCE an encrypt-enabled lynx has reached
+    canada there is NO FURTHER problem IN PRACTICE making it available

Which neither makes it "legal", "right", or "moral" to do so.
If your definition of 'right' is "I can get away with it, with impunity",
nothing further need be said.

+    to the rest of the World (except Libya & Iraq, who aren't on the Net).
+    of course, it MIGHT be a problem for people in the us who sent it here,
+    but that hasn't been the focus of the discussion on lynx-dev.
+ 
+ -- about 10 years ago a Canadian got involved in some real-estate deal
+    which went sour; a Florida judge issued a warrant for his arrest
+    & he skipped bail & fled to Ontario; a couple of american bounty-hunters
+    crossed the border, drugged him & kidnapped him back to Florida,
+    where he was locked up in jail.  Big Diplomatic Fuss, fuelled
+    by Canadian media.  eventually the bounter hunters were extradited
+    & jailed by a Canadian court for kidnapping & the wanted man was released
+    & charges against him dropped.
+ 
+ -- lynx is public-domain software; its development is an international effort;

I hope your other 'facts' are better founded than the above statement.  LYNX
is *NOT* public domain.  It is _copyrighted_ by the University of Kansas.
Do -not- overlook that fact.

+    us law stops at us borders.  i still think it's paranoia
+    & replies so far confirm my view.

It is good to see that you have the 'courage of your convictions'.
Of course, should later events prove you wrong, you could *also* go down.
something like "Aiding and abetting", or "soliciting the commission of a crime".

I would -strongly- advise *anyone* who contemplates setting this to get the
professional advice of a legal _expert_ in this field.
;
; To UNSUBSCRIBE:  Send a mail message to address@hidden
;                  with "unsubscribe lynx-dev" (without the
;                  quotation marks) on a line by itself.
;