Cryptography law

Cryptography is the practice and study of encrypting information, or in other words, securing information from unauthorized access. There are many different cryptography laws in different nations. Some countries prohibit export of cryptography software and/or encryption algorithms or cryptoanalysis methods. In some countries a license is required to use encryption software, and a few countries ban citizens from encrypting their internet communication. Some countries require decryption keys to be recoverable in case of a police investigation.

Overview

Issues regarding cryptography law fall into four categories:[1]

  • Export control, which is the restriction on export of cryptography methods within a country to other countries or commercial entities. There are international export control agreements, the main one being the Wassenaar Arrangement. The Wassenaar Arrangement was created after the dissolution of COCOM (Coordinating committee for Multilateral Export Controls), which in 1989 "decontrolled password and authentication-only cryptography."[2]
  • Import controls, which is the restriction on using certain types of cryptography within a country.
  • Patent issues, which deal with the use of cryptography tools that are patented.
  • Search and seizure issues, on whether and under what circumstances, a person can be compelled to decrypt data files or reveal an encryption key.

Cryptography law in different countries

France

As of 2011 and since 2004, the law for trust in the digital economy (LCEN) mostly liberalized the use of cryptography.[3]

  • As long as cryptography is only used for authentication and integrity purposes, it can be freely used. The cryptographic key or the nationality of the entities involved in the transaction do not matter. Typical e-business websites fall under this liberalized regime.
  • Exportation and importation of cryptographic tools to or from foreign countries must be either declared (when the other country is a member of the European Union) or requires an explicit authorization (for countries outside the EU).

United States

In the United States, the International Traffic in Arms Regulation restricts the export of cryptography.

gollark: Look, it says "yet" right there.
gollark: Yes, that is why I said yet.
gollark: It's a shame, really.
gollark: I'm not saying that, just that we can't yet set up test societies and do randomized controlled trials.
gollark: > I would agree that knowledge passed down from generations is good, but with one major condition. [...]Science doesn't "prove" things and social things are VERY HARD to test.

See also

References

  1. Kumar, Pankaj. "Cryptography with Java". Pearson. Retrieved 12 February 2013.
  2. Koops, Bert-Jaap (November 1996). "A survey of cryptography laws and regulations". Computer Law & Security Report. 6. 12: 349–355. (access restricted to current University of Toronto)
  3. "Legifrance.gouv.fr - Loi pour la confiance dans l'économie numérique (LCEN)". Retrieved June 14, 2011.


This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.