| Data security |
| Encryption |
| Regulation |
| Data backup |
| Data recovery |
By way of introduction let's cite a declaration made by Nathan Arnold about the Canadian crypto law, and excerpted from CNet News Briefs [ Monday, April 20, 1998 Copyright © 1998 by Rogers Multi-Media and CNET, Inc]: "Government regulation of encryption software will stifle a burgeoning Canadian software industry, limit personal freedom, and be impossible to enforce, a group of cryptography experts told the federal government today."
Nevertheless, some governments enforced a cryptology regulation.
The content below isn't exhaustive. Other regulations from countries such as Russia, China, Hong-Kong could be cited here.
US encryption Export control regulation
Most of us use browser technology produced in the US and know about the US
export regulation targeting encryption technology and prohibiting export to certain
countries, in particular when the encryption key is higher than 128 bit.
To learn
more about it, see the chapter 9/10 of the Cryptography FAQ
http://www.faqs.org/faqs/cryptography-faq/part09/
__________.____Top
The French law
The French law defines as a "cryptology service" any service aiming at transforming intelligible information or signals in signals that are unintelligible for third parties, using a secret key, or the contrary, using means, hardware or software. (Article 28 - I - Alinea 1 de la loi 90-1170 du 29 décembre 1990 modifiée.)
Caution, in France and in some other countries, in particular China, the regulation restrict encryption: in France, the use of cryptography implies most of the time a declaration. In short:
- Encryption key not higher than 128 Bit - Use and importation free, under condition[1] - provision needs to be declared.
- Encryption key higher than 128 Bit, managed by an agreed third party free - provision and importation need to be declared.
- Encryption key higher than 128 Bit - Use allowed, under condition[2] - Provision and importation need to be declared.
- [1] Either, the provider or the importer has already made a declaration ; or, the encryption is exclusively for personal use.
- [2] Hardware or software have already received a provision authorization for general use.
To know more about it http://www.ssi.gouv.fr/fr/reglementation/regl.html#crypto.
__________.____Top
UK's export control Act
- Electronic communication Act 2000 states various rules for
- Cryptography service providers
- 1. Register of approved providers.
- 2. Arrangements for the grant of approvals.
- 3. Delegation of approval functions.
- 4. Restrictions on disclosure of information.
- 5. Regulations under Part I.
- 6. Provision of cryptography support services.
- Facilitation of electronic commerce, data storage, etc.
- 7. Electronic signatures and related certificates.
- 8. Power to modify legislation.
- 9. Section 8 orders.
- 10. Modifications in relation to Welsh matters
- http://www.opsi.gov.uk/acts/acts2000/20000007.htm
See also "Sun sets on UK encryption regulation powers" an article signed by out-law.com and published in 2005 by TheRegister.co.uk under the copyright © Pinsent Masons 2000 - 2005 http://www.theregister.co.uk/
__________.____Top
Canadian Encryption policy
For a review of the Canadian encryption policy, see
http://e-com.ic.gc.ca/epic/site/ecic-ceac.nsf/en/gv00366e.html.
We excerpt the following explanation from the note 14 of this document:
"Canada's export control guidelines were adopted as a national regime consistent with our international obligations as specified by COCOM (the Coordinating Committee for Multilateral Strategic Export Controls) of which Canada had been a member since 1950. COCOM was originally intended to preserve Western technological superiority by reducing the flow of military, dual-use and nuclear technologies from Western industrial nations to the Soviet bloc and other Communist countries. COCOM was abolished on March 31, 1994, and has been replaced by a modified agreement. Named after the town of Wassenaar, outside The Hague, where five rounds of negotiations took place between 1993 and 1995, the Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-use Goods and Technologies is intended to provide a framework for addressing the new security threats of the post-Cold War world."
__________.____Top
To search our web sites use the box
below
To search an exact phrase, put it into double
quotes.
Need to search the Web? Use the Google box below
Or see our search page.
__________.____Top