July 26, 1996 Electronic Frontier Foundation

Shari Steele, Staff Counsel
301/375-8856, ssteele@eff.org

Mike Godwin, Staff Counsel
510/548-3290, mnemonic@eff.org

Lori Fena, Executive Director
415/436-9333, lori@eff.org

San Francisco, CA -- A University of Illinois at Chicago faculty member
who is suing the U.S. Department of State will file a motion Friday that
could strengthen his claim that government restrictions on information
about cryptography violate the First Amendment's protections for freedom
of speech. The full text of the motion for partial summary judgment is
also available.

Relying on Judge Marilyn Hall Patel's prior ruling that computer source
code is speech protected by the First Amendment, mathematician Daniel J.
Bernstein will file a motion for partial summary judgment in his suit
against the State Department.

In his 45-page memorandum in support of his motion, Bernstein sets forth
several First Amendment arguments:


* Any legal framework that requires a license for First Amendment
protected speech, which may be granted or withheld at the discretion of a
government official, is a prior restraint on speech. In order for this
framework to be acceptable, the government has the burden of showing that
publication will "surely result in direct, immediate, and irreparable
damage to our Nation or its people" and that the regulation at issue is
necessary to prevent this damage. The government has not met this burden
regarding the ITAR legal framework.

* Because restrictions on speech about cryptography are
content-based, the court must apply a strict scrutiny test in determining
whether individuals can be punished for engaging in this speech. A strict
scrutiny test requires that a regulation be necessary to serve a
compelling state interest and that it is narrowly drawn to achieve that
end. The ITAR regulatory scheme has adopted the *most* restrictive
approach by prohibiting all speech in the area of cryptography.

* The ITAR regulatory framework lacks the necessary procedural
safeguards. Grants of administrative discretion must be limited by clear
standards, and judicial review must be available. "Quite simply, the ITAR
Scheme allows its administrative agencies to make inconsistent, incorrect
and sometimes incomprehensible decisions censoring speech, all without the
protections of judicial review or oversight."

* The ITAR framework is unconstitutionally vague. The government
doesn't even seem to know what its regulations include and exclude! Here,
the lack of standards has allowed the government to misuse a statute aimed
at commercial, military arms sales to limit academic and scientific

* The ITAR regulatory scheme is overbroad. In an internal memo
written almost 20 years ago, the government's own Office of Legal Counsel
concluded that the ITAR s licensing standards "are not sufficiently
precise to guard against arbitrary and inconsistent administrative
action." The OLC specifically warned that the coverage was so broad it
could apply to "communication of unclassified information by a technical
lecturer at a university or to the conversation of a United States
engineer who meets with foreign friends at home to discuss matters of
theoretical interest." This is exactly what is happening here, and it is


While a graduate student at the University of California at Berkeley,
Bernstein completed the development of an encryption equation (an
"algorithm") he calls "Snuffle." Bernstein wishes to publish a) the
algorithm, (b) a mathematical paper describing and explaining the
algorithm, and (c) the "source code" for a computer program that
incorporates the algorithm. Bernstein also wishes to discuss these items
at mathematical conferences, college classrooms and other open, public
meetings. The Arms Export Control Act and the International Traffic in
Arms Regulations (the ITAR regulatory scheme) required Bernstein to submit
his ideas about cryptography to the government for review, to register as
an arms dealer, and to apply for and obtain from the government a license
to publish his ideas. Failure to do so would result in severe civil and
criminal penalties. Bernstein believes this is a violation of his First
Amendment rights and has sued the government.

In the first phase of this litigation, the government argued that since
Bernstein's ideas were expressed, in part, in source code, they were not
protected by the First Amendment. On April 15, 1996, Judge Marilyn Hall
Patel in the Northern District of California rejected that argument and
held for the first time that computer source code is protected speech for
purposes of the First Amendment.

Because of its far-reaching implications, the Bernstein case is being
watched closely by privacy advocates, the computer industry, the export
and cryptography communities, and First Amendment activists. In fact,
several members of these communities provided declarations that were
submitted in support of Bernstein's motion.