[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Encryption law in Israel



Nadav,

Nadav Har'El wrote:

> I'm not a criminal, and I don't want any of my daily actions to be
> deemed illegal. I think that this is a basic right in a democracy.

You are making a very good point, and a sad one, too.

> P.S. the URL quoted by someone in a previous message seems to imply that
> all "unauthorized" use of encryption is illegal, including personal use
> (I didn't see any mention of such an exception), but that the authorities
> have "guidelines" not prosecute people using "weak" encryption. Another
> person said that these guidelines are actually part of the law. So
> which is true?

The URL states (very well, as it was written by an informed person)
the state of things as they were in 1997. Things changed.

A long public struggle that followed (with many participants, each making
their own small contribution), led to a change in the implementation.

Actually, the law (primary law) does not say anything about encryption.
It just describes (as noted correctly by a previous poster) some products
and services that are subject to governmental supervision and regulation.
An addendum to the law is the "order" (TZAV TSOFEN), which has the
status of secondary legislation. That one, until 1998, gave full control
over any type of encryption to MoD (and its executor, KASHRAR).
According to the original order, any activity that involves encryption
is prohibited without a specific permit; four examples I usually give
when I lecture about those issues: according to the precise word of
the law, it is prohibited:

1. To teach cryptology in school or university;
2. To click on "secure shopping" in amazon.com;
3. To *tell* a potential client that you are making a product that
   can encrypt (even if last week you sold ten of them, with a license)
4. To say ABANIBI. (yes!).

The 1998 change was pretty well described in a previous post.
It's a bit of "reality check" to the written law. There is still
a long way to go, though.

Doron Shikmoni



=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il