[3751] in cryptography@c2.net mail archive
Re: Export of PGP Illegal in Denmark. Threatened w. jail (fwd)
daemon@ATHENA.MIT.EDU (Peter Gutmann)
Tue Dec 8 14:04:14 1998
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: cryptography@c2.net
Reply-To: pgut001@cs.auckland.ac.nz
Date: Tue, 8 Dec 1998 23:23:55 (NZDT)
>This is a true story. Denmark now - along with the whole EU - has assimilated
>US-crypto laws. I just had a phone conversation with the danish ministry of
>commerce, the export control division. The kind lady I spoke to threatened me
>with fines or jail for up to two years.
>
>For having PGP for free download on my homepage!
Before people overreact to this, I would recommend taking a bit of time to see
what the real story is. When I first contacted our Ministry of Foreign
Affairs and Trade over crypto exports, they had absolutely no idea what they
were doing, and just made up the rules as they went along. I don't know if
they even knew what it was they were trying to regulate (there was a comment a
year or two back from someone in Germany that some politician there seemed to
be addressing the use of WWII-era electromechanical cipher machines).
It took between six months and a year of probing and questioning before MFAT's
requirements started to make any sense (for example they'd require the use of
nonexistant algorithms and technology, or set mutually exclusive conditions
for export), and even now they're still making up the rules as they go along.
If Denmark never had any real controls before then I can see that some
government bureaucrat would react to an inquiry over exporting PGP in the same
way as a query about exporting nerve gas.
To put it another way, never ascribe to malice what is adequately explained by
stupidity.
Peter.
