BERNSTEIN FILES FOR PARTIAL SUMMARY JUDGMENT IN CRYPTO CASE Claims Government's Restrictions on Export of Cryptographic Speech Violates First Amendment July 26, 1996 Electronic Frontier Foundation Contacts: Shari Steele, Staff Counsel 301/375-8856, ssteele@eff.org Mike Godwin, Staff Counsel 510/548-3290, mnemonic@eff.org Lori Fena, Executive Director 415/436-9333, lori@eff.org San Francisco, CA -- A University of Illinois at Chicago faculty member who is suing the U.S. Department of State will file a motion Friday that could strengthen his claim that government restrictions on information about cryptography violate the First Amendment's protections for freedom of speech. The full text of the motion for partial summary judgment is also available. Relying on Judge Marilyn Hall Patel's prior ruling that computer source code is speech protected by the First Amendment, mathematician Daniel J. Bernstein will file a motion for partial summary judgment in his suit against the State Department. In his 45-page memorandum in support of his motion, Bernstein sets forth several First Amendment arguments: LEGAL ARGUMENTS * Any legal framework that requires a license for First Amendment protected speech, which may be granted or withheld at the discretion of a government official, is a prior restraint on speech. In order for this framework to be acceptable, the government has the burden of showing that publication will "surely result in direct, immediate, and irreparable damage to our Nation or its people" and that the regulation at issue is necessary to prevent this damage. The government has not met this burden regarding the ITAR legal framework. * Because restrictions on speech about cryptography are content-based, the court must apply a strict scrutiny test in determining whether individuals can be punished for engaging in this speech. A strict scrutiny test requires that a regulation be necessary to serve a compelling state interest and that it is narrowly drawn to achieve that end. The ITAR regulatory scheme has adopted the *most* restrictive approach by prohibiting all speech in the area of cryptography. * The ITAR regulatory framework lacks the necessary procedural safeguards. Grants of administrative discretion must be limited by clear standards, and judicial review must be available. "Quite simply, the ITAR Scheme allows its administrative agencies to make inconsistent, incorrect and sometimes incomprehensible decisions censoring speech, all without the protections of judicial review or oversight." * The ITAR framework is unconstitutionally vague. The government doesn't even seem to know what its regulations include and exclude! Here, the lack of standards has allowed the government to misuse a statute aimed at commercial, military arms sales to limit academic and scientific publication. * The ITAR regulatory scheme is overbroad. In an internal memo written almost 20 years ago, the government's own Office of Legal Counsel concluded that the ITAR s licensing standards "are not sufficiently precise to guard against arbitrary and inconsistent administrative action." The OLC specifically warned that the coverage was so broad it could apply to "communication of unclassified information by a technical lecturer at a university or to the conversation of a United States engineer who meets with foreign friends at home to discuss matters of theoretical interest." This is exactly what is happening here, and it is unconstitutional. CASE BACKGROUND While a graduate student at the University of California at Berkeley, Bernstein completed the development of an encryption equation (an "algorithm") he calls "Snuffle." Bernstein wishes to publish a) the algorithm, (b) a mathematical paper describing and explaining the algorithm, and (c) the "source code" for a computer program that incorporates the algorithm. Bernstein also wishes to discuss these items at mathematical conferences, college classrooms and other open, public meetings. The Arms Export Control Act and the International Traffic in Arms Regulations (the ITAR regulatory scheme) required Bernstein to submit his ideas about cryptography to the government for review, to register as an arms dealer, and to apply for and obtain from the government a license to publish his ideas. Failure to do so would result in severe civil and criminal penalties. Bernstein believes this is a violation of his First Amendment rights and has sued the government. In the first phase of this litigation, the government argued that since Bernstein's ideas were expressed, in part, in source code, they were not protected by the First Amendment. On April 15, 1996, Judge Marilyn Hall Patel in the Northern District of California rejected that argument and held for the first time that computer source code is protected speech for purposes of the First Amendment. Because of its far-reaching implications, the Bernstein case is being watched closely by privacy advocates, the computer industry, the export and cryptography communities, and First Amendment activists. In fact, several members of these communities provided declarations that were submitted in support of Bernstein's motion. ABOUT THE ATTORNEYS Lead counsel on the case is Cindy Cohn of the San Mateo law firm of McGlashan & Sarrail, who is offering her services pro bono. Major additional pro bono legal assistance is being provided by Lee Tien of Berkeley; M. Edward Ross of the San Francisco law firm of Steefel, Levitt & Weiss; and James Wheaton and Elizabeth Pritzker of the First Amendment Project in Oakland. ABOUT THE ELECTRONIC FRONTIER FOUNDATION The Electronic Frontier Foundation (EFF) is a non-profit civil liberties organization working in the public interest to protect privacy, free expression, and access to online resources and information. EFF is a primary sponsor of the Bernstein case. EFF helped to find Bernstein pro bono counsel, is a member of the Bernstein legal team, and helped collect members of the academic community and computer industry to support this case. Full text of the lawsuit and other paperwork filed in the case is available from EFF's online archives: http://www.eff.org/pub/Privacy/ITAR_export/Bernstein_case/ ftp.eff.org, /pub/Privacy/ITAR_export/Bernstein_case/ gopher.eff.org, 1/Privacy/ITAR_export/Bernstein_case