On Thu, Apr 05, 2007 at 11:07:44AM -0500, David Terrell wrote:

> The US changed its crypto export laws nearly a decade ago....

David,

When I was last working on ITAR and EAR issues while in management of a 
defense consortium, our legal team (made up of IP staff from both defense and 
IT companies) was very clear on publicly available information.....  It may not 
apply directly to crypto source code -- I don't know, and I am not a lawyer -- 
but may still apply in other scenarios.

They were quite clear that two separately available documents -- even if
publicly available with no individual defense or national security impact -- 
were combined in such a way that they *might* have such impact, this could
be construed as a "defense teaching."  An example of this might be two
different and unrelated web pages linked together by someone.  That linkage 
may represent such a teaching.  The individual info may be unclassified, but 
the linkage is the critical issue.

Who determines if it represents a teaching?  US Dept. of State, who regulate
ITAR.  They will do so after the fact, of course, unless you pre-clear the
content prior to presentation.  Is there any appeal of a DoS decision?  No.

It makes publishing *any* possibly defense related content internationally very 
difficult. Even attending domestic meetings and conference calls are difficult. 
One must be certain all persons are both US Citizens as well as employed by 
US-owned companies, and keep records and proofs.  This is without security 
clearances, or dealing with any sort of classified information.

Reply via email to