The new rules follow on the September announcement from U.S. Vice President Al Gore that the government intended to modify its encryption-export rules by allowing for more liberal export of products containing the 56-bit Data Encryption Standard, and by expanding exemptions to the rules to include insurance companies and corporations involved in electronic commerce.

But for the industry group Americans for Computer Privacy (ACP), the rule revisions fall short -- particularly when compared with the Wassenaar agreement that 33 countries signed earlier this month and which for restrictions on the export of "mass market" encryption software using keys greater than 64 bits.

"Regrettably, the Administration's draft regulations impose greater restrictions on American companies than those called for under the (Wassenaar) arrangement," ACP said in a printed statement.

Announced yesterday by the Commerce Department, the new encryption regulations are part of the Clinton Administration's initiatives to make government more efficient and to enhance the global competitiveness of U.S. businesses, the Commerce Department said. The regulation amendments end the need for licenses for strong encryption products in several industry sectors, after a one-time review by the Commerce Department.

Restrictions on selling strong encryption products to subsidiaries of U.S. corporations are virtually eliminated, the Commerce Department said, and there will also be favorable licensing treatment to strategic partners of U.S. companies. Also, there is no longer any need to obtain licenses for most encryption commodities and software up to 56-bits or equivalent strength.

Other changes include:

• The allowed export of some applications tailored to online transactions;

• New allowances for U.S. encryption manufacturers to share their source code with their own foreign subsidiaries (while requiring that any resulting new products remain subject to U.S. regulation ) and streamlining reporting requirements for U.S. firms so that compliance is less burdensome;

• the encouragement of the use of recoverable encryption by removing the requirement to name and approve key recovery agents for exports of key recovery products from regulations;

• the definition of a new class of "recoverable" encryption products which can now be exported under Export Licensing Arrangements to foreign commercial firms for internal company proprietary use;

U.S. encryption firms will be better able to compete with encryption manufacturers around the world because of the changes, according to a statement fromCommerce Under Secretary for Export Administration, William A. Reinsch.

ACP disagrees, however.

"It appears that the government has incorporated many of our initial recommendations into this updated export policy, including: significant export relief for encryption products that use symmetric algorithms up to and including 56 bits; products that use asymmetric algorithms up to and including 1,024 bits; and relief for various sectors of the business community," ACP said. "However, the Administration has yet to allow U.S. encryption manufacturers a level playing field in the global marketplace."

To become consistent with the Wassenaar Arrangement, the U.S. needs to eliminate all controls on encryption software and hardware -- including hardware components that use algorithms up to 64-bits, ACP said.

"ACP believes that it is simply unworkable -- and ultimately counterproductive -- to attempt to limit the export of high-technology products that are inherently uncontrollable," ACP added.

ACP is a coalition of more than 100 companies and 40 associations representing financial services, manufacturing, telecommunications, high-tech and transportation, as well as law enforcement, civil-liberty, pro-family and taxpayer groups.