FITUG e.V.
Förderverein Informationstechnik und Gesellschaft
FITUG e.V.Förderverein Informationstechnik und Gesellschaft |
|
http://cryptome.org/bxa121799.htm
5 January 2000 Source: http://www.steptoe.com/webdoc.nsf/Files/regs/$file/regs.pdf
"Revised Draft of the BXA's Proposed Encryption Regulations," 17 pages. Stewart Baker, with Steptoe and Johnson (document source), is a member of the President's Export Council Subcommittee on Encryption (PECSENC). This is a note on the document from a newletter by Steptoe dated January 5, 2000:
The Bureau of Export Administration (BXA) has released a revised draft of its proposed new encryption regulations to selected industry groups for comment. The new draft incorporates several significant further liberalizations, including changes to the definitions of the terms "retail," "government," and "open cryptographic application programming interfaces (CAPIs)," a relaxation of restrictions on the export of source code, and other revisions to the export reporting requirements and review process. BXA has said that its goal is to release new regulations by January 14, 2000, after incorporating public comments on the attached draft.
[Note: the first page is headed "DRAFT - 12/10/99;" all other pages are headed "DISCUSSION DRAFT II - 12/17/99." No other identification on the document. Type style as in the original.]
This is the revised version of the November 19 discussion draft. The November 19 draft laid out elements of the encryption export regulation which will implement the new policy announced on September 16, 1999. This draft reflects the various comments received on the first draft. There are substantial changes in the sections dealing with source code, retail products, reporting requirements, and the definition of governments and open cryptographic interfaces. There is a new section clarifying the requirements for exports to telecommunications and internet service providers and on screening internet ales to government end-users. Our new goal is publication of the actual regulation by January 14, 2000. Comments are welcome and, as before, should be sent to jlewis@bxa.doc.gov.
[...]
(e) Unrestricted Encryption Source Code
(1) Encryption source code controlled under 5D002 which would be considered publicly available under Section 734.3(b)(3) and which is not subject to an express agreement for the payment of a licensing fee or royalty for further commercial production or sale of any product developed with the source code is released from EI controls and may be exported or re-exported without review under License Exception TSU, provided you have submitted written notification to BXA of the Internet address (e.g. URL) or a copy of the source code by the time of export. Submit the notification to BXA and send a copy to ENC Encryption Request Coordinator (see Section 740.17(g)(5) for mailing addresses).
(2) You may not knowingly export or re-export source code or products developed with this source code to Cuba, Iran, Iraq, Libya, North Korea, Sudan or Syria.
(3) Posting of the source code on the Internet (e.g., FTP or World Wide Web site) where the source code may be downloaded by anyone would not establish "knowledge" as described in subparagraph (2) of this section. In addition, such posting would not trigger "red flags" necessitating the affirmative duty to inquire under the "Know Your Customer" guidance provided in Supplement No. 3 to Part 732.
[...]