May 8, 1997 4:00 PM PDT
Encryption export rules eased
The department also announced that all U.S. exporters of financial transaction software will be able to use the strongest-available encryption in their products. The actions were taken to promote global electronic commerce, according to William Reinsch, commerce undersecretary for export administration.
U.S. firms that export other types of encrypted software must still face a review every six months.
Open Market received a special government license to export 128-bit encryption in its products in February.
"We went through a substantial process with Transact and ended up with a commercial license," said Win Treese, Open Market director of security. "This announcement is an evolution of their policy, and we're very pleased to see it formalized."
Regulations on encryption exports have been aggressively fought by manufacturers that say they stifle the ability of U.S. software companies to compete globally. Today's exception for financial transaction software falls in line with the administration's promotion of a global online marketplace.
Under Clinton administration policies that went into effect in January, encryption firms can export only technology based on 56-bit algorithms. Longer key lengths make encrypted data harder to crack, a feature opposed by law enforcement agencies because it could help criminals using the Net to communicate and store information.
The White House policy also calls for the creation of a key-recovery system within two years of exporting, which enables law enforcers to crack codes. This provision will still apply for financial transaction software exporters.
Bills to further relax crypto export constraints are wending through Congress now. The Security and Freedom through Encryption Act and the Pro-Code bill in the House and Senate, respectively, hope to eliminate the White House's export regulations on strong encryption and let all software used for legal purposes be exported at any key length.