Page images
[blocks in formation]

or in any event such harm is counterbalanced by other considerations; (c) and the work in the private sector is very unlikely to lead to the breaking of NSA codes.

At the group's first meeting, Mr. Schwartz had suggested that to make any useful progress the group should accept the proposition that under some circumstances national security might be imperilled. Because of security restrictions, this proposition has to be taken on faith, Nevertheless, it is possible to accept it provisionally. At the end of the first meeting it was agreed that we needed a precise articulation of the problem we propose to address. Toward this end, Mr. Schwartz and Mr.Peyman agreed to prepare the papers which were sent to members in l'ay (attached to file copy of these minutes).

Mr. Heyran then suggested that if the group is to begin work on a process that might be set up to satisfy NSA's and the academic community's requirements, we might best start from the presumption put forward by Mr. Schwartz, and proceed to define as specifically as possible what a set of processes wou! apply to (and what they would not apply to), the processes themselves, and the triburals responsible for them. To start the discussion, he asked for examples of the kinds of "devices", "technology," and "information" referred to in the various acts and statutes referred to earlier.

For a time the discussion ranged widely as the group sought to define and describe the relationships between devices and algorithms, cryptologic devices and other devices covered by the various acts, and the criteria (protection of privacy, health, the environment, and property, in addition to preserving national security) that which might trigger governmental contro? measures. The ciscussion seemed to underline the absence of agreement even among federal agencies about what is or should be covered by the statutes in the field of crytology. Nevertheless, the discussion clearly indicated that the core of the question before us was whether some form of prior restraint on publication of research results and other information relating to cryptology is necessary, feasible, and desirable.

The chairman brought the discussion back to the question of the group's approach and called for a vote on the following proposition: That the group proceed on the basis that we will consider a system of prior restraint concerning publication of articles and other materials related to cryptography, reserving

[blocks in formation]

until the cetails of such a system are elaborater, any fina! decisions on whether such a system would be desirable. The vote was 7-1 in favor.

Following the vote, the discussion turned to details of ho' the group would proceed. The following measures were decided :

1. A subcommittee wou'd be established to prepare a draft of procedures that might be suggested for governmental use should prior restraint be necessary.

The craft would cover
cefinitions: what is covered
process: voluntary, coerced, combinations
feedback to author/journal in the event of an

adverse decision
appellate processes and burden of proof
judicial review? If so, how coes it work?

2. A secord subcommittee will be established to prepare a statemert about the nature of cryptology suitable for readers of the group's final report who are not at presert conversant with the subject.

3. The subcommittees will convene during the summer and the next meeting of the full group, to be he! MONDAY & TUESDAY, OCTOBER 6 & 7, IN THE BAY AREA

4. Three Fall meetings of the full group are now being planned and additional funding will be sought for them.

Note: Subsequent to the meeting, it was agreed that Mr. Heymar and Mr. Baum woud serve as co-chairmen of the group; that Mr. Heyran will chair the October 6-7 meeting; and that he will be in touch directly with group members to serve or the summer subcommittees.

potmi 5/30/80


Membership list
Munitions control Newsletter No. 80 2/80

(for those not at meeting)
Papers prepared by Schwartz & Peyman for

neeting of 5/29 (file copies only)


Washington, D.C. 20520


NO. 80



Concern has been voiced that ITAR provisions relating to the export of technical data as applied to cryptologic equipment can be so broadly interpreted as to restrict scientific exchanges of basic mathematical and engineering research data. The Office of Munitions Control wishes to clarify the application of the technical data provisions of Section 121.01, Category XVIII, of the ITAR as applied to equipment found in Categories XI (c) and XIII (b) of the Munitions List.

Cryptologic technical data for which a license is required under Section 121.01, Category XVIII, is interpreted by this office with respect to information relating to Munitions List items in Categories XI (C) and XIII(b) to include only such information as is designed or intended to be used, or which reasonably could be expected to be given direct application, in the design, production, manufacture, repair, overhaul, processing, engineering, development, operation, maintenance or reconstruction of items in such categories. This interpretation includes, in addition to engineering and design data, information designed or reasonably expected to be used to make such equipment more effective, such as encoding or enciphering techniques and systems, and communications or signal security techniques and guidelines, as well as other cryptographic and cryptanalytic methods and procedures. It does not include general mathematical, engineering or statistical information, not purporting to have or reasonably expected to be given direct application to equipment in such categories. It does not include basic theoretical research data. It does, however, include algorithms and other procedures purporting to have advanced cryptologic application.


The public is reminded that professional and academic presentations and informal discussions, as well as demonstrations of equipment, constituting disclosure of cryptologic technical data to foreign nationals, are prohibited without the prior approval of this office. Approval is not required for publication of data within the United States as described in Section 125.11(a) (1). Footnote 3 to section 125.11 does not establish a prepublication review requirement.

The interpretation set forth in this newsletter should exclude from the licensing provisions of the ITAR most basic scientific data and other theoretical research information, except for information intended or reasonably expected to have a direct cryptologic application. Because of concerns expressed to this office that licensing procedures for proposed disclosures of cryptologic technical data contained in professional and academic papers and oral presentations could cause burdensome delays in exchanges with foreign scientists, this office will expedite consideration as to the application of ITAR to such disclosures. If requested, we will, on an expedited basis provide an opinion as to whether any proposed disclosure, for other than commercial purposes, of information relevant to cryptology, would require licensing under the ITAR.

[ocr errors][merged small]
[merged small][merged small][merged small][ocr errors][merged small]



[blocks in formation]

Enclosed is a statement of NSA's concerns relating to public cryptography which I agreed at the last meeting to circulate. I apologize for the delay in preparing this Statement. Also enclosed is a copy of an 11 January 1979 speech to AFCEA given by VADM B. R. Inman, Director, NSA, which supplies some further insight into our thinking on this subject.

I welcome your views and comments on these papers.

[ocr errors]

2 Encls:


« PreviousContinue »