Bernstein Cryptography Case Dismissed

notime writes "According to a post to export@list.cr.yp.to, djb's crypto case has been dismissed without deciding the constitutionality of the current regulations since the DOJ said the government would not enforce several portions of the regulations. Bernstein said in a statement that he hopes the government keeps its promise - 'But if they change their mind and start harassing Internet-security researchers, I'll be back.'" EFF has a document archive for this on-again, off-again case against U.S. Government regulation of cryptography exports.

Yes, Karma Whoring

[herrvinny]

Subject: [IP] The Bernstein Cryptography Case Is Dismissed

From: Dave Farber To: ip@v2.listbox.com Date: Wed, 15 Oct 2003 17:41:19 -0400 Delivered-To: dfarber+@ux13.sp.cs.cmu.edu Date: Wed, 15 Oct 2003 17:19:29 -0400 From: "Peter D. Junger" Subject: The Bernstein Cryptography Case Is Dismissed To: Dave Farber

For IP if you consider it suitable.

This inconclusive ending of the Bernstein case is a consequence of the government's policy in cases where there are first amendment challenges to restrictions on the publication of software to claim that they have no intention of enforcing the law as it is written and thus getting the cases dismissed as moot.

The end result is that, though Bernstein had originally won in both the District Court and the 9th Circuit and I lost my later-filed case involving much the same issues---Junger v. Daley---in the federal District Court for the Northern District of Ohio, it is the 6th Circuit Court of Appeal's decision reversing the District Court's decision in Junger v. Daley that is the leading case holding that computer programs are speech that is protected by the First Amendment. In the Bernstein case, when the government amended the regulations forbidding the publication of computer programs, the 9th Circuit Court of Appeals withdrew its earlier opinion in Bernstein's favor and remanded the case to the district court, where the government claimed that they would not enforce the restrictions on cryptography against Dan Bernstein. In my case, on the other hand, the 6th Circuit Court of Appeals reversed the District Court's holding that the First Amendment does protect those who would publish software and then remanded the case to the District Court for further proceedings. At that point, rather than risking our victory in the 6th Circuit, we settled my case, even though the new regulations were---and are---constitutionally questionable.

Although my case is now the leading case holding that publishing software is protected by the First Amendment, I do not believe that we would have had our success without the efforts of Dan Bernstein and his lawyers from the Electronic Freedom Foundation.

------- Forwarded Message

From: "D. J. Bernstein" To: export@list.cr.yp.to Subject: Crypto Case On Indefinite Hold

PRESS RELEASE

Contact: Daniel J. Bernstein, press-20031015@box.cr.yp.to

CRYPTO CASE ON INDEFINITE HOLD

Chicago, 15 October 2003 - The longest-running court case against the government's encryption regulations has come to an end, for now.

The regulations were challenged by Daniel J. Bernstein, a professor of mathematics, statistics, and computer science at the University of Illinois at Chicago. Bernstein filed his lawsuit in February 1995 and won four court decisions against the constitutionality of the government's previous regulations.

In an October 2002 court hearing on the current encryption regulations, Department of Justice attorney Tony Coppolino told the court that the government would not enforce several portions of the regulations.

``I can assure you that the regulatory authority does not want [researchers who are collaborating at conferences] sending us an e-mail every time they change something in an algorithm,'' Coppolino told the court. Coppolino also said that commmercial book publishers and assembly-language publishers did not need to obtain licenses.

As observers predicted after the hearing, Chief Judge Marilyn Hall Patel of the United States District Court for the Northern District of California relied on the government's promises and dismissed Bernstein's case without deciding the constitutionality of the current regulations.

``If and when there is a concrete threat of enforcement against Bernstein for a specific activity, Bernstein may return for judicial resolution of that dispute,'' Patel wrote, after citing Coppolino's ``repeated assurances that Bernstein is not prohibited from engaging in his activities.''

``I hope the government sticks to its promises and leaves me alone,'' Bernstein said in a statement today acknowledging Patel's decision. ``But if they change their mind and start harassing Internet-security researchers, I'll be back.''

case archive has moved

[D.+J.+Bernstein]

The case archive is now http://export.cr.yp.to. That archive has about 200 of the case documents; the old EFF archive has only about 100.

RTFeA

[Nom+du+Keyboard]

Tried to read the article, but it appears encrypted using the Lawyer-iese Obfuscation 2.0. I'm afraid if I decode it they'll prosecute me under the DMCA.

Re:RTFeA

[Just+Some+Guy]

Think that's bad? Try setting up qmail for a few mailing lists sometime. :)

Unenforced Laws

[murphyslawyer]

the DOJ said the government would not enforce several portions of the regulations.

Is it just me, or does anyone else wish that the government was forced to enforce its own laws, instead of picking and choosing when and where to do so? There are a truly ridiculous number of laws on the books that are rarely enforced, until the prosecutors feel they have a "good" case to drop the hammer on some poor schmuck.

The public doesn't care about laws that aren't enforced, so most people break the law every day blissfully unaware. It would seem that laws that nobody cares about need to be done away with, instead of criminalizing large portions of the population.

I just hope the feds never try to housebreak a puppy.

Re:Unenforced Laws

[aridhol]

Ah, yes. Dumb, unenforced laws. Always good for a laugh.

Re:Unenforced Laws

[Tackhead]

> Is it just me, or does anyone else wish that the government was forced to enforce its own laws, instead of picking and choosing when and where to do so? There are a truly ridiculous number of laws on the books that are rarely enforced, until the prosecutors feel they have a "good" case to drop the hammer on some poor schmuck.
>
> The public doesn't care about laws that aren't enforced, so most people break the law every day blissfully unaware. It would seem that laws that nobody cares about need to be done away with, instead of criminalizing large portions of the population.

"Did you really think that we want those laws to be observed?" said Dr. Ferris. "We want them broken. You'd better get it straight that it's not a bunch of boy scouts you're up against - then you'll know that this is not the age for beautiful gestures. We're after power and we mean it. You fellows were pikers, but we know the real trick, and you'd better get wise to it. There's no way to rule innocent men. The only power any government has is the power to crack down on criminals. Well, when there aren't enough criminals, one makes them. One declares so many things to be a crime that it becomes impossible for men to live without breaking laws. Who wants a nation of law-abiding citizens' What's there in that for anyone? But just pass the kind of laws that can neither be observed nor enforced nor objectively interpreted - and you create a nation of law-breakers - and then you cash in on guilt. Now that's the system, Mr. Rearden, that's the game, and once you understand it, you'll be much easier to deal with."

- Ayn Rand, Atlas Shrugged, 1957.

Enforcement is not an option. There are so many laws on the books that the system would collapse under the weight of its own bureaucracy if even a tenth of them were enforced.

Repeal is not an option. Dropping the laws would be nothing short of suicidal in terms of maintaining control over a fundamentally lawless population.

The only solution that makes sense is the present one. Your freedom comes with responsibility. Use it wisely.

Thank You to the EFF

[johny_qst]

I just want to say thanks for the tireless efforts of the EFF in this case. In so many instances they are the only real force to bring intelligent discussion to the judicial system about technology and it's uses. If you don't yet contribute to the EFF coffers, perhaps this should convince you!

Re:Most confusing article ever!

[pegr__]

He doesn't care about exporting... He cares about being able to freely discuss crypto concepts with his peers and students. Some of those peers and students may just happen to be overseas. Even if not, he was threatened with enforcement actions for having his thoughts/ideas available on an unrestricted web site available to the Internet at large. This is a free speech issue. (Words are NOT munitions. Programs are written words. Programs are not munitions.)

link to pdf of ruling on court site

[Hobart]

http://www.cand.uscourts.gov/cand/judges.nsf/768f3 ad651edbe0d88256d480060b72e/271f391e02f25e9588256d 7100678221?OpenDocument

[snipped from the end]

Therefore, although Bernstein has demonstrated a concrete plan, he has not been subject to a specific threat of enforcement and cannot point to a history of enforcement that supports his claim of injury.

As in Thomas, the threat of prosecution is "theoretically possible" but "not reasonable or imminent." Id.

Even if Bernstein's injury were constitutionally sufficient for standing, prudential concerns of ripeness would counsel against accepting jurisdiction. "[T]o prevent courts, through avoidance of premature adjudication, from entangling themselves in abstract disagreements," courts must consider "the fitness of the issues for judicial decision" and "the hardship to the parties of withholding court consideration." Abbott Laboratories v. Gardner, 387 U.S. 136, 148, 149 (1967).

Without a determination from BIS that a specific activity is prohibited by the EAR, there is no factual context for this court to resolve the constitutional challenges against the regulations. Moreover, defendants' repeated assurances that Bernstein is not prohibited from engaging in his activities weigh strongly against any hardship to Bernstein. If and when there is a concrete threat of enforcement against Bernstein for a specific activity, Bernstein may return for judicial resolution of that dispute.

Bernstein presented a concrete case or controversy when he first challenged the State Department's classification of his Snuffle computer program as a munition, and then again when control over the program was transferred to the Department of Commerce. Since then, the regulations governing export of encryption items have changed substantially. Bernstein no longer contends that he is prohibited from exporting Snuffle, but instead alleges a laundry list of activities that may or may not violate the EAR.

In the process, this action has devolved into the world of hypotheticals, and like Thomas, is a "case in search of a controversy." Thomas, 220 F.3d at 1137.

CONCLUSION

For the foregoing reasons, Bernstein has failed to put forth specific facts demonstrating that he has standing to bring this action. The court therefore GRANTS defendants' motion for summary judgment and DENIES plaintiff's motion for summary judgment.

Free Speech and DeCss

[Junior+Samples]

---Junger v. Daley---in the federal District Court for the Northern District of Ohio, it is the 6th Circuit Court of Appeal's decision reversing the District Court's decision in Junger v. Daley that is the leading case holding that computer programs are speech that is protected by the First Amendment. In the Bernstein case, when the government amended the regulations forbidding the publication of computer programs, the 9th Circuit Court of Appeals withdrew its earlier opinion in Bernstein's favor and remanded the case to the district court, where the government claimed that they would not enforce the restrictions on cryptography against Dan Bernstein.

So, Did I get this right? -- Dan Bernstein's encryption software is free speech and protected by the First Amendment, but DeCss decryption software is not.

I know that the politicians that make these laws are the best that money can buy, nevertheless, I'm still confused with all of this. Help me understand.

Re:Free Speech and DeCss

[D.+J.+Bernstein]

The crucial question in most First Amendment cases is whether the government's regulation is based on content. A law usually survives First Amendment scrutiny if the burdens that it imposes on communication don't depend on the content of the communication.

DMCA targets instructions with certain effects---i.e., instructions with certain content. Unfortunately, EFF failed to emphasize this crucial point in their briefs. The Second Circuit started from the (ludicrous) idea that DMCA wasn't based on content, and easily concluded that DMCA was constitutional.

This issue didn't matter for my case because ITAR was a ``prior restraint'' law. As an extreme example, imagine a law that says ``Before publishing any book, you must send the book to the mayor for approval.'' The law is, on its face, content-neutral, but it gives the mayor power to make decisions based on content, so it's unconstitutional. This is an issue of procedures: basically, the only government officials permitted to evaluate content on a case-by-case basis are judges.

The only way the government could have escaped from this was by pushing the (ludicrous) idea that publishing instructions isn't an example of communication. They tried, and failed.

it's still a major victory

[cnb]

despite what people think how eccentric djb is this is still a major win for someone who actually stood up for what he believed in rather then people who say what they believe about the the SCO case or the RIAA or MPAA.

DJB is accepting donations here for his case and for his open source writing.

Numerous people and businesses have benefited his work and he deserves every contribution he receives.

Why do we have laws like this in the first place?

[t_allardyce]

Why is it that in america its absolutely fine for people to own high-power rapid fire chain guns, but not afew lines of code? Lets say for example (ignoring the fact that encryption is free speech anyway) that theres a war and everyone needs to "bear arms", wouldn't encryption count as a weapon to allow people to communicate without the enemy hearing? so whats the problem? Just because its newer technology shouldnt make a difference. If the bill of rights was written when bows and arrows were a common weapon would guns be illigal because they are much more hi-tech? If they were then people would be saying "hey thats not fair, when we have to bear arms we'll have bows and arrows and the enemy will have guns!"!

And another thing while im at it. If hacking (basically doing anything you like with a computer) was protected under the first amendment (im not saying it would be good or bad, just speculating). Eg. if it was decided that "anything involving bits on a computer was just information and thus speech" then what would happen? companies would go mad from hackers and beef up their security - probably employing allot more hackers to help them. (thats more jobs).

Why is accessing a remote computer without permission an offence? if that machine is connected to a network that you have legal physical access to then isnt it up to them to secure it? Unless your sending 25,000 volts down a line (which should be physical damage), digital breaking and entering is not the same as physical breaking and entering. Every door has a bigger hammer that can knock it down, every bolt has a sharper cutter that can slice it. However a properly secured system should be able to take any pattern of 1's and 0's and be able to survive until it gets that "correct" sequence (which can be too long to brute force), unlike a door which just cant be secured like that.

Ok, this is slightly off topic, im just trying to understand why we have laws regarding what you can do with 1's and 0's