April 27, 2006 4:00 AM PDT

VoIP products could face export crackdown

WASHINGTON--After spending the last decade denouncing Cold War-era laws against overseas shipments of data-scrambling encryption products, technology firms thought they were off the hook when President Clinton finally eased the rules in 1999.

Well, not quite. The White House's decision seven years ago merely relaxed encryption rules in a few areas--and thousands of pages of export regulations remain on the law books today.

Now some of these obscure export regulations are troubling companies that manufacture or support voice over Internet Protocol (VoIP) products capable of draping a theoretically impenetrable cloak of encryption around every conversation.

During a meeting convened by the U.S. Commerce Department on Wednesday, industry members of a federal technical committee expressed concern that export regulations never intended to cover VoIP may complicate selling enterprise-grade network gear abroad.

At issue is an awkwardly worded definition buried deep in section 740 of the export control regulations. It restricts the export of products that can support "concurrent encrypted data tunnels or channels exceeding 250" connections at once.

Michael Angelo, a committee member who works for network management firm NetIQ, said 250 conversations is an unreasonably low threshold given the capacity of modern networking gear. It's "a very small number," he said.

As large corporations switch to VoIP to trim costs, manufacturers have begun to offer products that can handle thousands of simultaneous users. Cisco Systems' Unified CallManager, for instance, is software that works with the company's hardware products to handle up to 30,000 individual users per server cluster.

One open question is whether the federal government's definition of "concurrent encrypted data tunnels" would apply to software products like Cisco's CallManager as well as hardware. Erik Oliver, a Commerce committee member from chipmaker Rambus, said he thought the regulations were meant to apply to routers and switches, not to CallManager.

Any changes to the rules would be up to Commerce Secretary Carlos Gutierrez. Neither the Commerce Department nor Cisco responded to requests for comment on Wednesday.

Unintended targets
"This appears to be a situation where the technology is overtaking the regulatory structure in ways that were not anticipated by the people who wrote the regulations," said Cindy Cohn, legal director of the Electronic Frontier Foundation in San Francisco.

Cohn, who litigated an encryption export case against the federal government before joining EFF, said this has been a problem with such regulations for a long time. "They attempt to create specific upper limits on how much encryption you can have, in this case how many channels you can have," she said.

CONTINUED: Export controls' troubled past…
Page 1 | 2

See more CNET content tagged:
regulation, Cisco CallManager, networking gear, Cisco Systems Inc., VoIP

2 comments

Join the conversation!
Add your comment
This has to be some low attack by the Ma Bel Companies
Does goverment need that much control,

Well i just need to thank the cold war and tell them to get off. This is becomming rediculous finding a 10 year old law to prevent the distribution of equipment thus putting a major tack in the road for VoIP adoption. Maybe they will outlaw SSH.

- Mike

Damn Politicians
Posted by mxrss (35 comments )
Reply Link Flag
10 year old law
<a class="jive-link-external" href="http://www.analogstereo.com/vacuum/miele_s4_compact_vacuum.htm" target="_newWindow">http://www.analogstereo.com/vacuum/miele_s4_compact_vacuum.htm</a>
Posted by Ipod Apple (152 comments )
Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.