Interesting People mailing list archives
More on the risks of teaching ...
From: Peter D. Junger <junger () samsara law cwru edu>
Date: Fri, 04 Jun 93 11:15:18 EDT
I have received a large number of personal responses to my article on the risks of teaching about computers and the law (RISKS-14.65) as well as the responses that appeared in RISKS-14.67. (I am afraid that I lost some of the personal responses, so if you haven't received a reply, please send me another copy of your message.) These have been most interesting and helpful and, for the most part, supportive. I would, however, like to correct some misapprehensions that appear in the response by Jerry Leichter entitled "Re: Peter D. Junger's risks of teaching..." (RISKS-14.67). Mr Leichter writes: While more sophisticated in his writing, what Mr. Junger is really doing is simply repeating an argument we've seen many, many times on the net: 1. Anyone can write cryptographic software, so where is the secrecy? 2. The regulations as written forbid export of such things as - a favorite example that Mr. Junger surely did not re-invent independently - Captain Midnight Decoder rings. But my trouble is that _I_ (not anyone, not anyone else, but just dear old _moi-je_) wrote an encryption program that does not contain anything secret or original and yet the ITAR regulations require me to get a license before I _talk_ about this program with my students, if any of them should happen to be foreign, without first obtaining a license from the State Department, a license, which if it is granted, I could not expect to get before the semester is over. So I am not making the very sensible argument that Mr. Leichter pooh-pools as old hat. (I have no recollection of having ever seen any reference to my old--or any other--Captain Midnight Decoder (which I don't recall was a ring--wasn't it sort of a flat disk with a knob in the center?) during the last several decades, but if Mr. Leichter is sure I did not "reinvent" this example, I won't argue that point with him.) Though I think it is sort of silly to require me to get a license to export my program, since I don't want to export it--I just want to talk about it and publish it and post it on my FTP server, all within the United States--that is not my problem. Once again, what I am concerned with is the requirement that I get a license to talk (or publish) information about my program within the United States, a requirement that is blatantly unconstitutional. Thus Mr. Leichter's example of requiring a license for the exportation of an encryption _chip_ has nothing to do with my problem. (I must admit, however, that I cannot conceive of a case where the export of an encryption chip, that was not developed by or on behalf of the government, could be a serious threat to our national security.) His other example does, however, have some bearing on my problem, if only because it illustrates how unclear, how far from being present, how farfetched, is the danger of allowing information about cryptography to get into the hands of the foreigners, for this example is: "conjectural software, 500 man-years in the making after a large research investment, for breaking cryptosystems used by the US for communicating with its embassies abroad". (Who would spend all that time and money to accomplish such a goal, whether those who did it (were it done) would be deterred by export regulations, and whether a program of such complexity could ever work are exercises that are left to the reader.) Even though we are basically talking about different issues, however, the desire of Mr. Leichter to regulate the export of devices does ultimately collide with the Constitutional right of free speech that is my concern. As he puts the problem: Mr. Junger teaches law. Perhaps he'll take up the challenge of suggesting regulatory wording that covers "significant" cryptographic "equipment" - along the way, perhaps, coming up with a distinction that can be made in some useful way among "equipment", "software", and "specifications". The trouble with this challenge--besides the fact that I have no interest in drafting such regulations--is that the constitution forbids the regulation of speech and that "specifications" fall squarely within the category of speech. What is really interesting is that "software" seems to be both "equipment", which is unprotected, and speech, which is constitutionally protected. (That's why I find computers and the law an interesting subject.) The problem that I face is not how to draft unconstitutional regulations but how to challenge them. The fact that the regulations are not enforced makes it difficult to get their constitutionality before the courts. And the fact is that the regulatory scheme is not enforced by the bureaucrats, despite Mr. Leichter's claim that that is their job; instead, as one who responded to me privately put it, they rely on "FUD (Fear, Uncertainty and Doubt) to dissuade people from using and distributing effective cryptographic software." Peter D. Junger Case Western Reserve University Law School, Cleveland, OH Internet: JUNGER () SAMSARA LAW CWRU Edu -- Bitnet: -- Bitnet: JUNGER@CWRU ------------------------------
Current thread:
- More on the risks of teaching ... Peter D . Junger (Jun 04)