Press release from the Ministry of Economy
http://www.bmwi.de/presse/1998/1208prm2.html, my translation:

       Export control for encryption technology loosened

       No "key recovery" for cryptographic products

At their plenary meeting on December 2nd and 3rd 1998 the 33 treaty
states of the Wassenaar Arrangement have decided to revise the export
control for encryption technologies (cryptographic products). Export
control has been loosened, and the embodiment of crypto restrictions
has been hindered. Thus there will be no export ban for encryption
products in the future.

The previously comprehensive control characterized by a large number
of sectoral exceptions has been replaced by a positively formulated
list text. In future all kinds of products - hardware and software are
treated in the same way - are only subject to export control starting
at a key length of 56 bits. Mass market products that fulfill certain
requirements are subject to export control only up from a key length
of 64 bits. For the present the restriction to 64 bits is valid for
two years, it must then be renewed unanimously or it will be
cancelled. In addition, methods such as digital signatures and
authentication as well as certain product groups such as wireless
phones and pay TV devices are completely exempted from export
control. The regulation concerning freely available products (public
domain) has remained unchanged.

Certain states that had initially demanded special treatment for "key
recovery" products have not have been unsuccessful. Thus the export of
encryption technology will remain possible without depositing keys
with government agencies.

----------------------------------------------------------------------
>From an AP news report, my translation [The Green Party is part of the
new German government, but the Ministry of Economy is led by the
Social Democrats]:

Green Party member of parliament Hans-Christian Ströbele critisized
that the government gave in to US pressure for stronger control on
encryption. The agreement would affect the obvious need of computer
users to protect their business and private communication from
unauthorized access. Also the business opportunities of German
producers of powerful encryption software would be reduced in a
serious way. Thus when implementing the agreement in national law,
negative effects must be limited as much as possible.

Reply via email to