Encryption's Bounty

Victory in Bernstein

By Jonathan Wallace jw@bway.net

A federal appeals court has confirmed that source code is a form of expression protected by the First Amendment. The case, Bernstein v. Department of Justice, involved a challenge to the federal regulations restricting the export of software which includes strong encryption.

Plaintiff Daniel J. Bernstein is a professor of computer science at the University of Illinois, Chicago. As a doctoral student some years ago, he developed an encryption method which he called Snuffle--"a zero-delay private-key stream encryptor based upon a one-way hash function". He then sought guidance from the State Department on whether he could distribute information about Snuffle internationally. The government replied that Snuffle was a "munition" under the International Traffic in Arms regulations ("ITAR"). This meant that an export license would be required (and impossible to obtain) if Bernstein wished to send source code or even a paper explaining Snuffle to a conference overseas.

Why is our government so fearful of its citizens exporting crypto? The Ninth Circuit Court of Appeals quotes a "high ranking State Department official":

Policies concerning the export control of cryptographic products are based on the fact that the proliferation of such products will make it easier for foreign intelligence targets to deny the United States Government access to information vital to national security interests.

In other words, the use of strong crypto by intelligence targets makes spying harder.

Government regulations even banned the posting of cryptographic information on the Internet because it could then be downloaded from anywhere. If you post source code on a server here in the United States and a citizen of France downloads it, an illegal export has occurred.

Over the years, U.S. government crypto policy has had the unintended consequence of making our software companies less competitive, while entirely failing to limit the availability of strong encryption overseas. For some years U.S. companies were not allowed to export products that used stronger than 64-bit keys. Since consumers of business communication products (for example, Lotus Notes) wanted a stronger encryption feature, they increasingly turned to competing products from France and elsewhere. Ultimately, U.S. companies hit on the work-around of developing their own encryption products overseas, then importing them into the United States--an approach that was perfectly legal and highlighted the senselessness of the U.S. export regulations.

The court held that the export licensing requirements for encryption source code were an unconstitutional prior restraint under the First Amendment.

Anyone who has closely studied the process by which courts adjudicate constitutional matters knows that cases are won by means of persuading judges to place new matters in old pigeonholes. The innovative lawyers in the Bernstein case persuaded the court hold that computer source code is First Amendment speech. Once this was established, the rest of the case fell into place very easily. Bernstein had been required to seek a federal licence to speak. "Pre-publication licensing schemes" have a long and disfavored history in this country.

Why is source code speech? "The distinguishing feature of source code," said the court, "is that it is meant to be read and understood by humans and that it can be used to express an idea or a method." It found that source code is a particularly appropriate way of describing cryptographic ideas, better than plain English or straightforward mathematical notation: "By utilizing source code, a cryptographer can express algorithmic ideas with precision and methodological rigor that is otherwise difficult to achieve." An advantage of source is that it facilitates peer review; the code can be compiled and tested by others. Although not required for First Amendment protection, the court noted that Snuffle "was also intended, in part, as political expression." Bernstein was deliberately challenging ITAR by creating code which utilized a one-way hash function--an approach he believed was not restricted by the existing regulations.

The government did not deny that source code is a form of human expression, but claimed that the regulations were aimed only at the functional ability of source code to direct a computer after being compiled into object code. The court rejected this: "The government's argument, distilled to its essence, suggests that even one drop of 'direct functionality' overwhelms any constitutional protections that expression might otherwise enjoy. This cannot be so."

Bernstein won his battle the moment he convinced the court that source code is speech. In a string of cases beginning with Near v. Minnesota in 1917, and continuing through more recent disputes involving the Pentagon Papers and Progressive magazine's attempt to publish nuclear information, federal courts have usually fended off government attempts to prevent publication of protected speech.

Similarly to the Bernstein case, most prior restraint cases involve national security matters. However, the Supreme Court in the Pentagon Papers case had noted that national security concerns only justify a prior restraint when publication would "surely result in direct, immediate, and irreparable damage to our Nation or its people." Here the government had failed to argue that the international publication of Snuffle would "directly and immediately imperil national security."

Schemes of prior restraint may, however, survive constitutional attack if the due process rights of the speaker are respected. In 1965, the Supreme Court formulated a test under which a prior restraint might be found constitutional: (1) any restraint must be for a specified brief period of time; (2) there must be expeditious judicial review; and (3) the censor must bear the burden of going to court to suppress the speech in question and must also bear the burden of proof (Freedman v. Maryland, 380 U.S. 51 (1965)).

The appeals court found that ITAR flunked the Freedman test. Although the regulations required that an export license decision be made within 90 days, the agency might simply decide to refer the application to the President, who could sit on it forever. Secondly, ITAR denied the opportunity for prompt judicial review, because an administrative appeals process, also not bounded by time limits, was required before litigation could commence.

"We conclude," said the court, "that the challenged regulations allow the government to restrain speech indefinitely with no clear criteria for review. As a result, Bernstein and other scientists have been effectively chilled from engaging in valuable scientific expression."

The court went on to offer some social underpinnings for its decision. It noted that a rise in surveillance of cell phones, email and electronic commerce transactions has brought "our ability to shield our affairs from prying eyes" to a new low. "The availability and use of secure encryption may offer an opportunity to reclaim some portion of the privacy we have lost." We are each, said the Court, the potential recipients of "encryption's bounty."