FEATURES & COMMENTARY
Washington, D.C. — After years of pressure from the computer industry, the Clinton administration is letting companies export powerful encryption programs to 23 foreign governments.
Starting Thursday, the security products can be sold to members of the European Union, as well as Australia, Japan, New Zealand, Norway, Switzerland, Czech Republic, Poland and Hungary.
Earlier this year, the Commerce Department had approved sales of the products to businesses in those countries. The products can now be sold to their local and national governments as well, and the department’s new rules also streamline the reporting process for U.S. companies and allow more products to be exported.
The changes are the culmination of a long effort by U.S. technology companies to get permission to sell the powerful tools that make e-mail and e-commerce transactions safe from prying eyes. The department proposed the new rules in July.
“The president and the vice president have provided the leadership to create a balanced, market-driven approach for shipping these products overseas,” said William A. Reinsch, the Commerce Department’s undersecretary for export administration.
“This important step recognizes the rapid growth in the commercial encryption sector while protecting national security interests,” he said.
Over the objections of law enforcement and national security agencies, the White House decided late last year to largely reverse its longstanding opposition to liberalizing the rules that U.S. companies must follow to export the most powerful software to scramble digital messages.
The Business Software Alliance, which has worked on the issue for a decade, praised the new rules.
“These rules guarantee the largest access to world markets for U.S. software security products that we’ve ever seen,” said the association’s president, Robert Holleyman. “That is something to be applauded.”
Network Associates, which makes the popular encryption program PGP and other security products, called the change an “improvement” but would have liked to see more slack from the administration.
“I think they could have gone a little bit further in allowing some of (the exports),” said Kelly Blough, NAI’s director of government relations.
“The reporting requirements are still pretty onerous. Every time you have to make a shipment to these countries you still have to report the shipment. This brings us a big backend bureaucratic workload that a lot of other countries don’t have.”
Consumer products that use encryption, such as video devices, mobile phones or computer accessories, can now be shipped overseas without a reporting requirement or technical review.
The rules chiefly affect network security products rather than retail packages tailored for consumers, which can already be exported without strict requirements.
Industry leaders said that the rules will help governments around the world reliably provide online services to their citizens, as well as protecting the overwhelming market share of U.S. software firms.
“The biggest aspect of this is that security products are only now becoming widely deployed around the world. As those networks were being built, our fear had been was that they would be built on non-U.S. platforms,” Holleyman said. “This will guarantee that the platforms are used around the world are most likely to be U.S. security products.”