Additionally, once a company is able to obtain the necessary approval to export an encryption product from the United States, its problems are not necessarily over. A growing number of countries have adopted import and/or use restrictions on encryption products, and this can mean another set of legal restrictions and licensing requirements that must be addressed.

I. Background and Overview of U.S. Controls on Encryption

Prior to December 30, 1996, the State Department, under the authority of the Arms Export Control Act and the International Traffic in Arms Regulations (ITAR), regulated most encryption exports from the U.S. Pursuant to an Executive Order, however, new regulations were issued at the end of 1996 transferring jurisdiction over commercial encryption products from the State Department to the Commerce Department. 61 Fed. Reg. 68,572 (1996). Thus, the Commerce Department, under the authority of the Export Administration Act and Export Administration Regulations (EAR), now regulates the export of all encryption products except those specifically designed or modified for military use (which remain at State).

In general, the Commerce Department requires a license for each encryption export, though some bulk license procedures exist and certain encryption items can qualify for a license exception after a one-time review. The Commerce Department defines "export" to include: (1) shipping or transmitting items subject to the EAR out of the United States, except by mere travel outside the United States by a person whose personal knowledge includes controlled technology; (2) releasing technology or software subject to the EAR to a foreign national, whether in the United States or abroad; and (3) transferring in the United States any encryption source code or software to any embassy or affiliate of a foreign government. 15 C.F.R. 734.2(b) (1997). Additionally, the regulations prohibit, without a license, providing any technical assistance for a foreign person, whether in the United States or abroad, with the intent to aid in the development of foreign encryption. 15 C.F.R. 744.9 (1997).

In addition to the Commerce Department, other agencies such as the Justice Department, the State Department, and the Defense Department have a say in decisions for commercial encryption exports. The greatest expertise in encryption matters resides in the National Security Agency (NSA), part of the Defense Department, and, in the past, it has been the general practice to defer to the judgment of this agency for encryption export decisions. However, since the jurisdiction transfer, the Federal Bureau of Investigations (FBI), part of the Justice Department, has assumed a major role in licensing decisions. The FBI, thus far, has taken the most conservative positions in export licensing, has not been willing to defer to the NSA, and has become the agency most likely to delay or prevent license approvals.

Under current U.S. export control law, commercial products containing encryption generally cannot be exported without an export license or without qualifying for a license exception after undergoing a one-time review. The Commerce Department regulations include a separate category of controls ("EI") for encryption items. The regulations divide these encryption items into several subcategories and create different licensing schemes for each. 15 C.F.R 742.15(b) (1997).

A. "Recovery" Encryption Products

"Recovery" encryption software and equipment may be released from EI controls and made eligible for a license exception for all non-embargoed destinations. This category includes "key escrow" or "key recovery" products in which the keys or other information required to decrypt a message or stored data are kept by a key recovery agent and are accessible to government officials under proper legal authority. However, in order to take advantage of the license exception for key recovery products, exporters must identify acceptable key recovery agents that will be used, and the requirements for key recovery agents set out in the regulations are quite strict. For example, in addition to requiring that agents implement a number of specific procedures designed to protect the security and confidentiality of keys, the criteria also require that the agent provide to BXA detailed and specific information on the company or entity and on every individual that is directly involved in the escrow of keys or other material.

Foreign escrow agents may be allowed if acceptable to BXA, but the requirements imposed on agents appear likely to make the approval process for foreign agents quite difficult. The regulations allow for self escrow in certain circumstances, but internal key recovery agents will only be approved if BXA is satisfied that the agent will respond to government requests independently of the organization and that there are adequate safeguards to ensure security and confidentiality.

Another major concern connected to these requirements is that the regulations can be read as imposing an obligation on the exporter to monitor approved key recovery agents (presumably including self escrowing customers) and report to BXA any relevant developments. The problems created by a continuing monitoring requirement are obvious. Customers will be hesitant to buy a product that will require that they submit to continual or periodic monitoring by the seller or by BXA, and such monitoring is beyond the ability of most exporters.

This category also includes "recoverable" encryption products which are those that allow government access the plaintext of the encrypted data and communications without the need to recover the encryption keys. An example of a "recoverable" encryption product is a cellular telephone that encrypts messages for only the "over-the-air" portion of the transmission, and where the plaintext can be accessed at the switch or at another point where the transmission proceeds unencrypted.

B. Non-Recovery Encryption Products

Certain mass-market non-recovery encryption software that use algorithms with a key length of 40 bits or less may be released, after a one-time review, from normal EI controls and made eligible for mass market treatment (which generally includes free exportability under a license exception and eligibility for all the provisions of the Export Administration Regulations applicable to other software).

56-bit DES or equivalent non-recovery encryption items will be eligible for a license exception for all non-embargoed destinations during a two-year transition period, after an initial review of the item and the submission by the applicant of a satisfactory key recovery plan demonstrating a commitment to develop key recovery products and services. The license exception must be renewed every six months, contingent upon the applicant's adherence to benchmarks set out in the original plan. License exceptions for this category of encryption items will expire after December 31, 1998.

All other encryption items (i.e. non-recovery encryption with a key length greater than 40 or 56 bits -- depending upon whether the exporter has submitted an acceptable key recovery plan) may be eligible for "encryption licensing arrangements." These arrangements are like the distribution arrangements formerly available for encryption items at the State Department. Such arrangements may allow exports and reexports of encryption software and equipment in unlimited quantities to all non-embargoed destinations, but applications must specify the sales territory and classes of end-users. Such arrangements may also impose certain reporting requirements. Encryption items not approved for an encryption licensing arrangement may still be granted individual licenses on a case-by-case basis.

Encryption "technology" (e.g. technical data) may be licensed for export and reexport on a case-by-case basis. Additionally, the EARs require that a Commerce Department license be obtained before a U.S. person may "provide technical assistance (including training) to foreign persons with the intent to aid a foreign person in the development or manufacture outside the United States" of controlled encryption items. A printed book or other printed material containing encryption source code is not subject to the export control regulations. However, the act of providing such printed information to foreign persons could be prohibited by the "technical assistance" provisions of the regulations if the intent is to aid in the foreign development of encryption.

C. Exceptions to EI Controls

EAR controls on commercial encryption items do not apply to cryptographic equipment and software when the cryptographic functions are limited to the following categories: (1) decryption that allows for the execution of copy-protected software; (2) cryptographic functions specifically designed for and restricted to machines for banking of money transactions such as ATMs; (3) cryptographic processing using analog techniques in certain broadcast and fax equipment; (4) certain personalized smart cards; (5) access control through encryption of passwords or PIN codes in devices such as ATMs or point of sale terminals; (6) data authentication or digital signatures; (7) fixed data compression or coding techniques; (8) set top decoders for radio, cable, or satellite broadcasts; and (9) anti-virus software. 15 C.F.R. Part 774, Supp. No. 1, ECCN 5A002 (1997). Other Commerce Department controls may apply to products within these exceptions, however.

When commercial encryption was controlled by the State Department, a "personal use exemption" was implemented which allowed U.S. citizens and permanent residents to take controlled encryption products to most destinations for personal use. The Federal Register notice containing the Commerce Department's encryption regulations states that the Commerce Department license exceptions TMP and BAG effectively replace the State Department's personal use exemption.

License exception BAG applies to an individual's personal effects and "tools of the trade" that are owned by the individual and intended for his or her personal use. This license exception allows exports and reexports to all destinations. Because the BAG license exception requires that the item be owned by the exporter, it would not apply to a business traveler carrying an encryption item owned by his employer. The TMP license exception , however, applies to the "[u]sual and reasonable kinds and quantities of commodities and software for use by the employees of the exporter in a lawful enterprise or undertaking of the exporter." Here, the items must remain under the effective control (but not necessarily actual possession) of the exporter or the exporter's employee, and the provision would not apply to a list of destinations that includes the embargoed countries and the former soviet states. While this list of ineligible destinations is broader than that which applied under State Department jurisdiction, administration officials have indicated that this is merely the result of an oversight and will be corrected.

II. Encryption Exports to Financial Industry and Other Preferred End-Users

While commercial encryption was under the jurisdiction of the State Department, the government demonstrated a willingness to allow the export of encryption products that would normally be controlled (e.g. non-recovery 56-bit DES) to certain end users. For example, U.S. companies have been allowed to export strong encryption products to the foreign subsidiaries of those companies in order to protect their internal corporate communications. Similarly, foreign banks and financial institutions have been allowed to receive such items provided their use is limited to protecting the security of financial transactions. A specific exemption existed for equipment that was specially designed and limited for use in certain banking or money transactions (e.g. automatic teller machines, point of sale terminals, and equipment for encrypting interbank transactions).

The Commerce Department's Export Administration Regulations (EAR) continue the narrow exemptions for specially designed equipment for banking and money transactions (except for equipment for encrypting interbank transactions -- an apparent inadvertent omission of language that will be corrected with the next version of the regulations). The regulations do not, however, clearly recognize or provide for the more general preferential treatment for specific end-users.

The Vice President's statement of October 1, 1996 announcing the jurisdiction transfer stated that exports for certain financial uses would continue to receive special treatment. Additionally, this past May, the Commerce Department announced that it would allow the export of unlimited strength encryption products used by financial institutions to secure electronic transactions. The May announcement also stated that new regulations will be published to allow for the export of encryption products specifically designed to support financial transactions. Since that announcement, however, the Commerce Department has encountered difficulties in defining what is a "financial institution" for the purposes of its encryption export policies. So far, the only thing that all the agencies involved have agreed upon is banks.

Thus, instead of trying to rush these regulations, the Commerce Department has decided to invite individual companies to apply for export licenses for products used by financial institutions. This way, the Commerce Department and other agencies could look at real-world examples of the companies that might wish to take advantage of the policy for financial institutions. Approval has already been given for strong encryption products to be used by banks, and further approvals are likely. The key to obtaining such an approval is being able to show that the financial institution in question is sufficiently like a bank in terms of its record keeping and reporting obligations so that law enforcement will feel confident in its ability to obtain transaction records pursuant to a subpoena or other lawful authority.

III. The Distribution of Controlled Encryption Over the Internet

Distribution of controlled encryption over the Internet may result in an illegal export of encryption software. For instance, the government threatened to indict Philip Zimmerman on criminal charges when his powerful encryption program, "Pretty Good Privacy", was posted on the Internet. In another case, the government has told Dr. Daniel Bernstein that he could not post cryptographic software to an on-line discussion group without an export license.

The Commerce Department's Export Administration Regulations (EAR) state that an export occurs if a company posts encryption software on the Internet without adequate safeguards to prevent its export. Adequate precautions under the EAR include an access control system (either automated or human-run) that "checks the address of every system requesting or receiving a transfer and verifies that such systems are located within the United States." The system must also provide a notice that the software is export controlled, and the party seeking to receive the software must acknowledge that he or she understands that it is export controlled.

Alternatively, precautions differing from those set out in the regulations, but which are nevertheless adequate to prevent unauthorized transfers of encryption software outside the U.S. can be approved by the Commerce Department.

IV. Current Legislative Proposals

Because of the widespread dissatisfaction within the private sector with the Administration's encryption policy, as reflected in the new regulations, many have turned to Congress in the hope of obtaining legislative relief. The 1997 congressional session has seen a great deal of activity related to encryption. Three encryption bills have attracted a great deal of attention and have made substantial progress. The first two -- the "Security and Freedom through Encryption" (SAFE) Act and the "Promotion of Commerce On-Line in the Digital Era" (Pro-CODE) Act -- would eliminate many of the export restrictions on encryption products. The third -- the "Secure Public Networks Act" -- contains much more modest export liberalizations and includes several provisions designed to encourage the use of key recovery products.

A. Security and Freedom through Encryption (SAFE) Act

The SAFE bill (H.R. 695), introduced by Representative Bob Goodlatte (R-VA), is designed to ensure that Americans have the freedom to use any type of encryption to secure data, and it prohibits any government mandated key escrow systems. However, the bill imposes additional criminal penalties for using encryption to commit or conceal a crime.

In regards to encryption exports, the bill would allow for free exportability of all mass market or public domain encryption software, as well as all hardware that merely incorporates such software, regardless of algorithm or key length used.

The SAFE bill would also reduce existing controls on encryption software and hardware that does not meet the mass-market definition, though the legislation is somewhat ambiguous on this point. Specifically, the bill requires that any product approved for export to foreign banks (i.e. including 56-bit DES) would be exportable for all nonmilitary end uses unless the Commerce Department finds substantial evidence that the encryption would be diverted to a military or terrorist end use or re-exported contrary to U.S. law.

Finally, the SAFE bill would permit the export of any encryption hardware products with security strengths comparable to those commercially available from foreign suppliers.

B. Promotion of Commerce On-Line in the Digital Era (Pro-CODE) Act

The Pro-CODE bill (S. 377, 105th Congress), introduced by Senator Conrad Burns (R-MT), would prohibit the Commerce Department from issuing encryption standards applicable to entities other than the federal government, or from using export control authority to influence standards used by the private sector.

Like the SAFE bill, the Pro-CODE bill guarantees free choice of encryption within the U.S. The legislation would prohibit the federal or any state government from regulating the sale of encryption products within the United States. The Pro-CODE legislation also expressly prohibits the federal or any state government from mandating key escrow in the private sector.

The Pro-CODE bill contains export liberalizations similar to those contained in the SAFE bill. Mass market software, defined as software that is generally available to the public, as well as any computer hardware that incorporates this software, would be freely exportable. Any other software or hardware would be exportable if the product is approved for export to foreign banks, unless Commerce finds substantial evidence that the encryption would be diverted to a military or terrorist end use or re-exported contrary to U.S. law. However, unlike the SAFE bill, the Pro-CODE bill does not have a general foreign availability provision for hardware.

The current version of the Pro-CODE bill also contains two significant provisions that were not included in last year's version (S.1726, 104th Congress). The bill would establish an "Information Security Board" made up of representatives from the federal agencies involved in the formation of information security policy. The Board is designed to foster communication between industry and the government and to keep national security and law enforcement agencies informed about emerging technologies. The Board, however, would not be subject to the Federal Advisory Committee Act (FACA) which requires, among other things, open meetings. This has raised some concerns among privacy advocates.

The other new provision of the current version is a reporting requirement for exporters of encryption products. The bill would require exporters to report, within 30 days after the export, "such information regarding a program's or product's encryption capabilities as would be required for an individual license to export that program or product." The bill does not state, however, whether the reporting of additional information such as quantity, destination, etc. could also be required.

C. The Secure Public Networks Act

The "Secure Public Networks Act" (S.909), introduced by Senators John McCain (R-AZ) and Bob Kerrey (D-NE), is quite broad, including many provisions from a draft Administration bill that was informally circulated, as well as some provisions from the Pro-CODE and SAFE bills. In addition to addressing export control issues, the bill establishes a regulatory framework for key recovery agents and certificate authorities. But the bill states that it will be lawful for any person in the U.S. to use any encryption regardless of algorithm or key length, and the government is prohibited from requiring the third party escrow of keys used for the encryption of communications between private parties within the U.S.

The bill contains some modest export liberalizations. Encryption products up to 56 bits, and key recovery products (without regard to algorithm or key length), will be exportable under a license exception, following a one-time review. Other encryption products (i.e. non-recovery products greater than 56 bits) can qualify for individual licenses. Factors to be considered include whether the product is a generally available mass market product, and whether the product or products of similar strength are available in the country to which the product would be exported. A board of industry and government representatives would be established to which an export applicant could apply for a waiver based on information of current or imminent foreign availability.

Expedited review procedures would be established for exports involving banks, financial institutions, health care providers, and subsidiaries of U.S. companies. The Commerce Secretary could prohibit any export if he or she, in consultation with other agencies, finds that the encryption product would be used against the national security, diverted to military, terrorist, or criminal use, or re-exported without authorization. The draft bill does not address issues of technical data or technical assistance. Presumably, this would leave the Commerce Department free to continue its current treatment in these areas.

The bill provides for the "voluntary" registration of key recovery agents and certificate authorities, but the bill encourages registration by providing liability benefits for registered entities. Once registered, a certificate authority is prohibited from issuing a public key certificate to a person unless that person (1) stores key recovery information with a registered key recovery agent or (2) makes other arrangements that ensure lawful and confidential access to this information.

A key recovery agent, whether registered or not, must disclose recovery information to a government entity where that entity has a subpoena which is based upon either (1) some independent lawful authority to obtain the underlying encrypted data (i.e. a warrant or court order, a subpoena, a certification under the Foreign Intelligence Surveillance Act, or other lawful authority), or (2) a request from a foreign government that the governmental entity is authorized to execute. The key recovery agent is required to keep confidential all requests for such information.

It is difficult to predict what will happen with any of these legislative proposals. There is fair amount of vocal support for the SAFE and Pro-CODE bills in Congress, but there is little evidence that either has enough support to ensure passage, and each would likely draw a presidential veto. Although the "Secure Public Networks Act" was introduced as a compromise, there appears to be little enthusiasm for it among the backers of SAFE and Pro-CODE. For the near future, at least, the Commerce Department regulations will likely remain as the principle manifestation of the U.S. government's policy on encryption.

V. International Developments

Governments have taken different policy approaches in their efforts to contain the threat they see posed by encryption. Mechanisms for controlling encryption can be placed into three general categories: import controls, export controls, and use controls. The summaries that follow of encryption policy in France, UK, Russia, and China explore these forms of control.

Other governments have left encryption largely unregulated, either because they view encryption as an important tool for protecting personal privacy or because domestic use of encryption has not become widespread and the government has not had cause to focus on the need for controls. Encryption has also emerged as the object of industrial policy. In a departure from Western governments' efforts to stifle private sector encryption developments, Japan has embarked on an initiative to finance encryption research and development. This nascent policy, which could run counter to the efforts of other governments seeking to contain the spread of strong encryption, is described below.

An additional factor that has influenced national encryption policies is the Wassenaar Arrangement. The Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-Use Goods and Technologies is an international regime designed to promote communication and cooperation in controlling the transfer of arms and dual-use goods. The arrangement seeks export controls on arms, arms-related materials, and dual-use goods, including cryptography. The agreement requires participating countries to control cryptography on a statutory or regulatory basis, which may include "forms of licensing" or "the ability to monitor transfers of these items." Still, exports will occur according to the policies and discretion of the participating country. Additionally, while the agreement excludes from these controls mass-market or public domain software, some participating countries, such as the U.S., may choose to control such software.

There are signs that many governments are beginning to believe that international coordination on encryption policy is necessary to prevent widespread international deployment of strong encryption. The U.S. government spearheaded the Organization for Economic Cooperation and Development (OECD) talks on the development of cryptography guidelines. As a result of these talks, an ad hoc group of experts on cryptography completed in March 1997 a Recommendation Concerning Guidelines for Cryptography Policy. See http://www.oecd.org/dsti/iccp/crypto_e.html. The Recommendation sets out eight principles that should be followed by member nations in establishing their own cryptography policies. These principles include: users should have a right to chose any cryptographic method, subject to applicable law; the development of cryptographic methods should be market driven; the fundamental rights of individuals to privacy should be respected by national policies; and national policies may allow lawful access to plaintext, or cryptographic keys, of encrypted data, but these policies must respect the other principles contained in the guidelines to the greatest extent possible.

The likely purpose of the OECD talks on encryption policy was to raise the consciousness of other governments about the problem of uncontrolled encryption. At the same time, the talks also were intended to demonstrate to the private sector, especially in the U.S., that other countries were likely to have the same concerns as the FBI about criminal use of encryption, so that defeating U.S. export controls would not open the door to a vast market for unescrowed encryption, but could instead spark new and perhaps inconsistent national government regulation of encryption in countries where encryption previously was not regulated.

While it would be hard to say that the US came away from the talks with a mandate for the encryption policy it favored, US policymakers were understandably pleased with the talks as an educational device. By the talks' conclusion, more nations had cryptography policies, and these policies seemed more likely to be consistent with the concerns originally raised by the US, than was the case when the talks began.

A. France

France is a member of the Wassenaar Arrangement and has export controls on encryption products. A license is required for each encryption export from France, but the exact criteria used are not published.

Unlike the U.S., France also controls the domestic use of encryption products. French encryption controls are based on a December 1990 decree and are administered by the Service Central de la Sécurité des Systèmes d'Information (SCSSI), an office reporting to the Prime Minister through the Secrétariat Général de la Défense Nationale (SGDN). (This organization reflects a general French view that technology and industrial policy are critical elements of national defense).

French controls on the use of encryption differentiate between two categories of products that incorporate information security functions. A company wishing to distribute or use a product containing authentication, digital signature, or access control security features must submit a "declaration" to the SCSSI. Because the use of such products is routinely approved, the declaration requirement as a practical matter functions as a registration requirement. A prior "authorization" from the government is required only if a product contains data, file, or text encryption features.

Article 12 of France's telecommunications law essentially requires trusted-third-party (TTP) encryption for products used within France. Under this emerging standard, licenses may be granted for the import/use of unescrowed encryption up to 40 bits. Encryption products exceeding 40 bits will normally be authorized only if they support TTP encryption. What this means for U.S. and other companies is that even if U.S. export approval can be obtained for an encryption product, the company may not be able to sell or use that product in France unless it meets the French government's requirements and an authorization is obtained.

B. United Kingdom

The UK is a Wassenaar member and has export controls that are similar to the United states. However, the UK does not control mass-market or public domain software. Additionally, one UK official has stated that the UK does not have the legal authority to control the export of "intangible" software (i.e. software distributed via the Internet). For encryption products that are controlled, an exporter must obtain a license from the Department of Trade and Industry ("DTI"). The DTI has indicated that it may seek to simplify the export controls applicable to encryption products which allow the use of licensed trusted third parties ("TTPs").

The DTI released in March 1997 a public consultation paper outlining its proposed framework for legislation on TTPs. See http://www.dti.gov.uk/pubs/. The paper, entitled "Licensing of Trusted Third Parties for the Provision of Encryption Services," affirms that cryptography is "vital," "essential," and "[o]ne of the most effective tools" for protecting the integrity and confidentiality of information and for promoting electronic commerce. Nonetheless, DTI also considers it essential that security, intelligence, and law enforcement agencies have the ability to legally intercept communications and legally access stored data through the disclosure of escrowed keys.

Specifically, the proposal would require entities offering or providing encryption services to obtain licenses from the UK (initially DTI) before providing such services -- even if the TTP will solely provide public key certification services. These licensing requirements would apply to any organizations "offering or providing encryption services to the public in the UK, including those providing or advertising such services from outside the UK." Intra-company TTPs (i.e., "organizations supplying encryption services to their own employees or those within their own Group of companies") or similar "closed user groups" would not need a license.

The proposed legislation would provide that a TTP may release private encryption keys under two conditions (1) pursuant to contractual arrangements between two parties, i.e., to decrypt a former employee's files, and (2) when the Secretary of State issues a warrant requiring a TTP to disclose private encryption keys (used for confidentiality). DTI emphasized that the government does not intend to access private keys used solely for integrity functions.

Finally, the UK government anticipates that additional legislation may be required to allow appropriate authorities to obtain private encryption keys other than those held by licensed TTPs. This paragraph has provoked speculation that the UK will seek to regulate encryption products or to impose use restrictions. However, John Walker, part of DTI's Information Security Policy Group, recently responded that users will remain free to use or import any form of encryption in the UK, and the UK paper emphasized that users would "remain at liberty to choose whether to make use of TTPs, or to make other arrangements for their encryption requirements."

Since this proposal allows UK citizens to use the services of a foreign TTP, it states that it must establish international arrangements (for law enforcement purposes) to allow for the exchange of keys. The UK has indicated that this arrangement should be based on dual legality, i.e., where the access criteria are satisfied in both countries.

C. Russia

Russia is not an OECD member and has not participated in the OECD talks on encryption, but is a member of the Wassenaar Arrangement. Russia controls the export, import, use, sale, and development of encryption pursuant to an Edict of Russian President Yeltsin "On Measures to Observe the Law in Development, Production, Sale and Use of Encryption Devices and on Provision of Services in Encrypting Information" dated April 3, 1995 (the "Edict"). The Edict bans the development, import, sale, and use of unlicensed encryption devices and directs the Federal Counterintelligence Service and other enforcement agencies to ensure compliance and to prosecute violators.

In order to export or import encryption products under the Russian controls, a person must have a license from the Ministry of Foreign Economic Relations. The Ministry of Foreign Economic Relations will only grant licenses after consulting with the Federal Agency of Government Telecommunications and Information ("FAPSI") attached to the Office of the Russian Federation President. FAPSI is roughly the equivalent of the United States' NSA, and it conducts its activities in coordination with the Russian enforcement agencies, including Ministry of Defense, Ministry of Communications, Ministry of Foreign Affairs, RF General Directorate of Security, and other key government services.

In order to develop, produce, sell, or use encryption products, those products must also be licensed by FAPSI. The Edict also requires that all government entities only use cryptography and encryption products that are certified by FAPSI. There are, however, many indications that these requirements are not strictly enforced.

At least one article written by a prominent Russian mathematician and published in the influential Russian newspaper "Izvestia" on April 20, 1995 harshly criticized the Edict as overbroad, granting unlimited discretion to the secret police and ignorant customs officers, violating civil rights, creating obstacles for international cooperation in the field of exchange and processing of information, and making meaningless the recently adopted intellectual property laws. The article expresses the existing concern that the new statutes seek to revive and legitimize the tested KGB methods in controlling the Russian society.

D. China

In the People's Republic of China, a company wishing to import or export encryption products must first obtain a license. License applications can be reviewed either by the Ministry of Foreign Trade or the province's foreign trade bureau. The Ministry of Foreign Trade maintains the List of Prohibited and Restricted Imports and Exports. This list, enacted in 1987, indicates that China restricts the import and export of voice-encoding devices. Anecdotal evidence from U.S. multinationals indicates that approval for use of encryption products inside China is not necessarily easy to obtain. Some companies have waited a year or more to receive approval for the import or use of encryption products.

China is perhaps one of the least likely major powers to join in an international consensus on encryption policy. China is not part of the Wassenaar pact, is not an OECD member, and has not sent representatives to major international meetings on encryption. Moreover, given that China is the frequent target of sanctions as a result of its arms proliferation and human rights practices, it is questionable whether China would cooperate with other nations on the sensitive issue of encryption.

E. Japan

Japan's encryption policymaking is in its early stages and is not entirely transparent to outsiders. But there are strong signs that encryption is seen as a key technology for strengthening Japan's role in developing the Global Information Infrastructure. The author's selective sampling of informed Japanese opinion on cryptography suggests a determination to treat cryptography as a national Japanese economic priority.

In the United States and Europe, encryption policy is formed by a mix of interests. Advocates of business, national security agencies, and more recently the police -- all play a large role in the policy debate. This policy triumvirate is difficult to see in Japan. For a variety of reasons, commercial interests are predominant in Japanese government thinking about encryption. It is often said that Japan is an island nation that has not had to defend itself for fifty years and so has not had to confront the national security concerns associated with encryption. Additionally, Japanese police face severe political and constitutional constraints on wiretapping, so the prospect of losing this criminal investigative tool seems not to be as troubling to the Japanese government as to the United States and many European nations.

In the fall of 1995, however, the Ministry of Justice began seeking legislation authorizing law enforcement wiretapping and bugging of criminal suspects. While the Japanese government does not appear to have tied this initiative to encryption, they have pointed to the internationalization of crime and to the practices of European and U.S. authorities in carrying out wiretapping. The status of this effort is difficult to discern.

Unlike the U.S. and Europe, encryption policy in Japan apparently is not dominated by the military intelligence and law enforcement agencies. Rather two powerful agencies, the Ministry for International Trade and Investment (MITI) and the Ministry of Posts and Telecommunications (MPT) are driving this area of policy. Recently, however, the National Police Agency and the Ministry of Justice have become more involved with encryption policy.

The MPT has sponsored several study group reports relevant to Japanese cryptographic policy. Each report treats cryptography as a central enabling technology for digital commerce.

The Ministry of International Trade and Industry (MITI) has its own computer technology initiative. It funds the Information-Technology Promotion Agency (IPA). The IPA and MITI, like MPT, have concluded that cryptographic technology is important for Japan's competitiveness as the Internet grows in importance and as electronic commerce increases. The IPA intends to spend more than $300 million on research and development to evaluate cryptography for electric commerce. MITI is spurring as much Japanese industry and academic work as possible on cryptography.

Japan's export control policy requires prior government approval from MITI for any overseas sale of encryption for more than 50,000 yen (approximately $450). Recently there was some controversy over whether Japan tightened its export laws due to U.S. pressure. A Senior MITI official apparently has explained that Japan's export control policy was tightened, as a result of Wassenaar, to require recordkeeping for sales above 50,000 yen (instead of the previous 1 million yen). There do not appear to be any key length limits or other substantive limitations or criteria associated with this new policy, and it remains to be seen whether this is merely a recordkeeping measure or whether it will result in actual restrictions on the ability of Japanese firms to export encryption products.

There are no Japanese import or use restrictions on encryption. Thus, unlike countries such as France and China, Japan does not impose any significant legal barriers to U.S. and other companies wishing to sell or use encryption products within it borders. Thus, Japan is potentially an important market for producers of encryption products. Additionally, U.S. and other companies can easily use encryption to protect communications with Japanese companies with which they are doing business; and companies with offices in Japan also can use encryption to protect internal corporate communications.

It is difficult to predict in which direction Japanese encryption policy will move in the long run. Japan in a member of the Wassenaar Arrangement and the OECD. During the recent OECD talks on encryption, Japan was initially represented only by MITI and MPT, and these representatives openly questioned the workability of encryption controls. By the end of the discussions, however, the Japanese delegation included representatives of the Japanese police; and the delegation became much more low-key. It remains to be seen whether this and other recent events are the result of a rethinking of Japanese encryption policy, or are simply a tactical decision to keep a lower profile while pressing ahead with the promotion of encryption as an economic priority.

Conclusion

There have been dramatic developments in encryption policy in the last year -- both in the United States and around the world. Many of these developments have created confusion and uncertainty among those U.S. companies that use, produce, or sell encryption products. One of the few things that is certain at this point is that policies will continue to develop and change in the coming year.

The U.S. will continue to shape its policies, especially in regard to exports to certain end users such as financial institutions and subsidiaries of large U.S. corporations. It is also likely that we will continue to see proposals to regulate certification authorities, key recovery agents, and other aspects of a public key infrastructure. Internationally, many countries will continue the process developing and implementing encryption policies, and more countries will join the ranks of those that are addressing this issue. The intense policy debates that have surrounded the regulation (and attempted regulation) of cryptography not only will continue for the foreseeable future, they are likely to occur in an increasing number of fora around the world. Navigating these changing and complex policies will continue to pose a serious challenge for U.S. companies.