Skip to content

Federal appeals court strikes down encryption policy

Post categories

  1. Prior Restraint
NINTH CIRCUIT--In early May, a split panel of the U.S. Court of Appeals in San Francisco (9th Cir.) held that…

NINTH CIRCUIT–In early May, a split panel of the U.S. Court of Appeals in San Francisco (9th Cir.) held that encryption codes, which make computer messages unreadable without a key, contain expressions of ideas and cannot be suppressed indefinitely by government officials.

The Export Administration Regulations at issue contain specific regulations to control the export of encryption software. The appellate court, in reviewing the regulations, noted that the regulations forbid the export of encryption schemes without a license, and set no timetables or standards for such licensing.

“The challenged regulations allow the government to restrain speech indefinitely with no clear criteria for review,” wrote Judge Betty Fletcher, who was joined by Judge Myron Bright. As a result, Fletcher said that scientists “have been effectively chilled from engaging in valuable scientific expression.”

“Cryptographers use source code to express their scientific ideas in much the same way that mathematicians use equations or economists use graphs,” Fletcher wrote. Unlike other types of machine-read computer code, she said, Bernstein’s source code was “text intended for human understanding, albeit in a specialized language.” Fletcher ultimately found that the challenged regulations operate as an unconstitutional prior restraint. Fletcher stated that any licensing of free expression must restrain speech for no more than a specified brief period, and must allow speedy judicial appeal in which the censor must prove the need for suppression.

Daniel J. Bernstein, a mathematics professor, developed an encryption program called “Snuffle” as an undergraduate at the University of California at Berkeley in 1990. Bernstein wanted to post his encryption formula on the Internet. Two years later, the State Department, which then ran the regulatory program, told him he could not post his code on the Internet without an export license, which he has been unable to get. Bernstein filed suit against the State Department challenging the constitutionality of the regulations. In 1996, U.S. District Judge Marilyn Hall Patel of San Francisco held that the regulations were invalid on their face as a prior restraint on speech.

In December 1996, President Clinton shifted licensing authority for nonmilitary encryption commodities and technologies from the State Department to the Department of Commerce. The Department of Commerce then promulgated regulations under the Export Administration Regulations to govern the export of encryption technology, regulations administered by the Bureau of Export Administration. Bernstein subsequently amended his complaint to add the Department of Commerce as a defendant, advancing the same constitutional objections as he had against the State Department. The district court in 1997, following the rationale of its earlier opinion, found in favor of Bernstein, holding that the new regulations were facially invalid as a prior restraint on speech. The district court enjoined the Commerce Department from future enforcement of the invalidated provisions.

According to The Associated Press, the departments of Justice and Commerce, which reviews encryption licenses, had no comment as to whether the decision would be appealed. (Bernstein v. U.S. Department of Justice)