[geekcrypt] US Export Regulations WAS Re: Re: Introducing Peter Trei

  • From: Karen Palen <karenpalensl@xxxxxxxxx>
  • To: geekcrypt@xxxxxxxxxxxxx
  • Date: Thu, 05 Jun 2014 19:55:44 -0700

I am a Registered Patent Agent in the US, but I really do not think this is a Patent/IP question, but rather an ITAR question!

I am not qualified to make this determination, although I do have some firsthand experience in the area.

We ran into this during a standards making project (EDIF) and it did take several months to get things straightened out.

The problem with ITAR is that the law is very broadly written and the default is that you are covered by the list. To make things even more exciting, the list itself is classified!

I know that there are a great many treaties which require many countries to treat things "as if they were" under US law!

This would seem to be a "burning issue" that will require some funding to resolve. :-(

The problem is that we don't just need someone's research, but an actual formal "legal opinion" which would then at least shield us from criminal prosecution! We could still be told to simply stop, however.

A "formal legal opinion" which can be relied upon however takes a lot of careful research and exposes the lawyer to some massive liability if they screw up - typically this is 50-60% of the billing for this kind of opinion.

This is one reason we need to have a headquarters (foundation or ???) in a place like Switzerland or Canada.

Somehow I doubt if this is going to be the only "legal show stopper" too. :-(

It also argues the need for funding ASAP.


On 06/05/2014 06:06 PM, Niklas Lemcke - 林樂寬 wrote:
2. Export regulations. US EAR regulations require entities exporting
cryptography - even free public domain source code - to register with BXA
and report exports. This may require setting up a foundation or something,
to create a legal nexus.
How do export regulations from the US apply, if--say--the code is being
published outside the US, by non-US individuals? We had thought about
moving away from GitHub because it is hosted in the US. I know a couple
of (patent) lawyers, but only one with potential experience in US law.
And that one is expensive. :P


Hypocrite: (noun) Republican who collects Social Security or Medicare!

Other related posts: