[808] in cryptography@c2.net mail archive
Re: RSA sues PGP?
daemon@ATHENA.MIT.EDU (Huge Cajones Remailer)
Mon May 12 14:52:25 1997
Date: Mon, 12 May 1997 11:35:33 -0700
To: cryptography@c2.net
From: nobody@huge.cajones.com (Huge Cajones Remailer)
RSA SUES PRETTY GOOD PRIVACY OVER ROYALTIES
By Davud L. Wilson
Mercury News Staff Writer
Pretty Good Privacy Inc. -- the maker of the most widely used technology
to protect the privacy of e-mail -- was sued Wednesday for allegedly
violating the agreement that allows some of its once-free software to be
sold at a profit.
RSA Data Security Inc., the company that developed some of PGP's
underlying `encryption'' technology, maintains that Pretty Good Privacy
Inc. owes it royalties dating back to 1996. Before then, PGP founder
Philip Zimmerman almost exclusively gave the controversial software
away, becoming famous -- or infamous -- in the process.
The suit is the latest example of the bad blood that exists between the
companies. Legal disputes in the encryption field are common and have
contributed to retarding the development of the Internet into a place
where business transactions are common.
While still students at the Massachusetts Institute of Technology in
1977, RSA's three founders created a fundamental software algorithm -- a
series of steps that tells the computer how to perform a task -- used in
encryption. Encryption lets people encode their information so that
others can't understand it; the encrypted stuff looks like gibberish.
The RSA technology is based on what is known as ``public key
encryption,'' an unusual technique that lets people who will never see
each other reliably exchange the keys that unlock the encrypted data,
without compromising security.
Some form of public key encryption is the only type of encryption that
will work in environments like the Internet, where people do such things
as exchange e-mail with others that they'll never meet.
In 1991, Zimmerman released a program called PGP, for Pretty Good
Privacy, a public key encryption program that he gave away. Zimmerman got
into trouble with federal authorities when they noticed that the program
was being delivered all over the world via the Internet, providing
powerful encryption that intelligence agencies and law enforcement
officials say could shield criminals and terrorists from detection and
prosecution.
The Justice Department dropped its investigation of Zimmerman last year,
apparently because the government could not prove that Zimmerman himself
had made the program available to foreign nationals, a violation of U.S.
regulations.
Zimmerman's troubles weren't over. RSA officials were livid over the
product, which they claimed was based on their algorithms, but there was
little incentive for them to sue since Zimmerman was not selling the
program.
But Zimmerman incorporated Pretty Good Privacy Inc. last year and began
selling commercial versions of PGP and related products, while still also
distributing some free software. At first, through an extraordinarily
complicated series of licensing agreements and mergers, he was able to
distribute encryption products without fear of litigation from RSA.
With the lawsuit, however, those agreements may be up for grabs. The
licensing dispute centers on a partnership formed by RSA and a company
called Cylink Corp. The partnership, Public Key Partners, was dissolved
in 1996, after litigation between the two. But the partnership issued
licenses to a large number of companies to use the technology, including
Lemcom, which was acquired by Pretty Good Privacy last year.
RSA claims that Pretty Good Privacy is violating the Lemcom licensing
agreements. Jim Busselle, a partner with the Palo Alto law firm of
Tomlinson Zisko Morosoli & Maser LLP, said, ``There are very definite,
discrete limits on the scope of the license, and they have gone beyond
them. And we have terminated the license.''
However, Robert B. Fougner, general counsel for Cylink, says that's not
true. ``We are surprised and disappointed that RSA did not consult with
us before filing,'' he said. ``We have an interest in the license as
well, and as far as Cylink is concerned, the license is still valid.''
Fougner and Busselle also disagree on whether a clause in the license
granting arbitration over any disagreement is still valid. Pretty Good
Privacy's general counsel, Robert H. Kohn, agrees with Fougner, who says
it is, and says ``We're going to ask the court to enforce the arbitration
clause, and we're confident that the dispute will be resolved in our
favor. As for the claim that we haven't been paying royalties, we have
never missed a royalty payment and we have the canceled checks to prove
it.''
Some observers, who agreed to comment on condition of anonymity,
suggested that RSA is simply trying to renegotiate a better royalty rate.
Others said this may just be an issue of bad blood. ``The RSA guys have
always felt that Zimmerman stole their stuff, got famous, and is now
getting rich. Part of this is them trying to settle an old score.''
Published Thursday, May 8, 1997, in the San Jose Mercury News
