library Email this page members only
about uscib global network what's new
    Search      
Home Policy Advocacy: USCIB Committees and Working Groups Dispute Resolution: USCIB and ICC Arbitration Calendar of Events: USCIB and Partner Events Trade Services: USCIB Services to Facilitate U.S. Exports/Imports ATA Carnet: USCIB's Duty-Free and Tax-Free Temporary Exports/Imports
USCIB

Positions & Statements
contact us
membership info
membership info

Positions & Statements

 

USCIB Comments to USG on Revised Regulations on Crypto Exports

 

 

February 26, 1999

 

Ms. Nancy Crowe

Regulatory Policy Division

Bureau of Export Administration

Department of Commerce

14th Street and Pennsylvania Avenue, N.W.

Room 2705

Washington, D.C. 20230

 

Via Facsimile: 2 Pages

 

Dear Ms. Crowe:

 

The U.S. Council for International Business appreciates the opportunity to comment on the Interim Rule.  The USCIB is encouraged by the trend toward a more liberal policy for the export of encryption technologies that includes relief for encryption products that use symmetric algorithms up to and including 56-bits; products that use asymmetric algorithms up to and including 1024-bits, and certain sectors for encryption products of any key length. The access to robust cryptography to protect business information or ensure the privacy of information that relates to a business’ customers is essential to the continued growth of electronic commerce and its resulting benefits to society and the global economy. 

 

As expressed in previous submissions, USCIB members believe that the marketplace should define the types and strengths of encryption technologies that users access; business and end-users should be able to choose the cryptographic systems and products that best suit their needs.  Business also recognizes the concerns of law enforcement and national security.  However, such concerns must be assessed according to the reality of the marketplace.  A balanced export regime should, at a minimum, permit the export of mass-market encryption products of any key lengths so as not to disadvantage U.S. business.  The interim rule, though a step forward, does not meet this objective.

 

Moreover, the interim rules still include onerous reporting requirements.  USCIB members are unclear as to the utility of such requirements and have questions as to its use, namely who will have access to the reports, what is the review process and how will confidential business information be protected.  Any reporting requirement should be narrowly tailored to achieve its stated objective, e.g. protect the citizenry from criminal conduct.  Overly burdensome requirements could in fact decrease the level of security because it may impair the ability of businesses to implement sufficiently robust encryption technologies to secure information, leaving the infrastructure and the information transmitted over it vulnerable to attack.

 

The sectoral relief for bank/financial, health and medical, and online merchants is also a positive step toward.  The USCIB is a cross-sectoral organization and our members from other sectors also must be able adequately protect their information and the information that they have on their customers as they deem appropriate.  Therefore, the USCIB believes that the relief offered to the particular sectors should become the general policy of the U.S. Government, applied to all business sectors. 

 

The recent revision of the Wassenaar Arrangement that calls on member states to lift all export restrictions and reporting requirements for 56-bits and below mass market encryption and imposing controls on exports of 64-bits and above encryption technologies is an important factor in this debate.  The USCIB understands that the Bureau of Export Administration intends to revise the U.S. regulations this spring to insure that they are consistent with the Wassenaar Arrangement.  At a minimum, such a revision is essential in order to attempt to level the playing field for U.S. companies to the extent possible.  USCIB members though, question the ability of the Wassenaar Arrangement to truly level the playing field.  First, the Wassenaar Arrangement is an accord among 33 countries (Israel and India and other countries with significant software industries are not members), non-member states will not be bound by the terms of the Arrangement and may very likely attempt to gain a competitive advantage for their companies by not imposing export controls on 64-bit and above encryption products.  Second, the Wassenaar Arrangement provides member states great discretion in granting licenses.  Consequently, a member state may adopt a liberal licensing policy that may not in effect restrict the export of 64-bit and above encryption products.  The U.S. Government should evaluate the licensing policies of other member states when defining a U.S. policy so as to in fact level the playing field.  In short, the USCIB believes that the best approach to insure that the U.S. information technology industry remains a global leader is to adopt an encryption policy that is market-driven; the Wassenaar Arrangement and other similar international efforts will not be effective in restricting access to strong encryption.  

 

In conclusion, the USCIB commends the Department of Commerce on the progress it has made in adopting a more liberal export regime.  We would like to reiterate that our members believe that in order to be successful the U.S. encryption export policy should be voluntary, technology neutral and market-driven.   Any other policy is unsustainable in the global networked economy, will disadvantage U.S. business, will jeopardize the privacy of consumers and business secrets of U.S. industry.

 

Again, thank you for the opportunity to comment on the Interim Rule.  We look forward to continuing our dialogue with you on this important issue.

 

Sincerely,

 

Edward J. Regan

Chairman, Information Policy Committee

 

 

 

 

 

 




ALL RIGHTS RESERVED 2013 | PRIVACY POLICY STATEMENT | CONTACT US