This thread highlights the risks of asking -- and answering -- specific legal questions on license discuss. This is particularly true in the esoteric field of export control, although my warning applies generally.
Attorneys should not give specific legal advice in a general forum in which there is no attorney-client relationship (or privilege), and where third parties may come to rely upon that advice for their own unique problems. Non-attorneys cannot give legal advice upon which anyone can rely. This is not intended as a criticism of non-lawyers. In many respects, the comments made by non-lawyers on this list are more cogent than what lawyers say, just as lay people's advice about medical issues can sometimes keep you healthier than doctors do. But you cannot be sure of good advice from such sources, nor can you hold non-lawyers responsible for what they advise. Board members of OSI do not give legal advice because OSI cannot accept the liability that might ensue if their advice was wrong. None of the board members of OSI is an attorney. So please consider what you have read on license-discuss in response to the question about export controls as merely pointers to sources of more reliable information. Consult your own attorney or ask the readers of this list for referrals to good open source attorneys. /Larry Rosen Attorney and executive director, OSI 650-216-1597 [EMAIL PROTECTED] www.rosenlaw.com www.opensource.org > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Friday, March 08, 2002 9:05 AM > To: [EMAIL PROTECTED] > Subject: Re: Off topic question re Export controls > > > There's one more level of complexity in re US Export > compliance which this discussion has overlooked (probably > because of the specific nature of the question). > > IMHO, BXA rules are set up with the assumption that the > software in question is being developed in a proprietary way. > When they refer to "export" they are assuming a controllable > "first ship". What happens when encryption algorithms are > introduced to an Open Source (eg. Public) project codebase > several months before the project meets its final candidate > acceptance criteria? How is that project expected to > pre-notify BXA? And is there a burden of on-going > notification, since the code in question is arguably > continuously available? > > EFF did some work on this question, and advises a one-time > notification and instructions for BXA on how to subscribe to > the appropriate project mail list to facilitate monitoring. > Is this sufficient to avoid non-compliance fines? > > Danese Cooper > -- > license-discuss archive is at http://crynwr.com/cgi-bin/ezmlm-cgi?3 > -- license-discuss archive is at http://crynwr.com/cgi-bin/ezmlm-cgi?3