U.S. updates encryption export policy

The United States has updated its encryption export policy affecting companies

that sell encryption software to the 15 European Union nations and eight

other U.S. allies.

The policy is being updated to assure the continued competitiveness

of U.S. encryption software producers in international markets, White House

Chief of Staff John Podesta said in a briefing Monday.

Under the new policy, U.S. companies can export any encryption product

to any end user in the EU, as well as end users in Australia, Norway, the

Czech Republic, Hungary, Poland, Japan, New Zealand and Switzerland.

Restrictions on U.S. sales of encryption software in those countries

were partially lifted in January. Under that first phase of encryption export

liberalization, U.S. companies could export encryption software after a

technical review to nongovernment end users in any country except Cuba,

Iran, Iraq, Libya, North Korea, Sudan and Syria.

The updated policy announced Monday removes the distinction that applied

to government end users, allowing companies to sell their products to those

customers as well. It also says companies no longer have to wait for the

completion of a technical review or wait 30 days to ship their products.

The U.S. moves follow the adoption of regulations by the EU that ease

encryption exports to the same countries, Podesta said.

Removing the distinction between government and nongovernment end users

is vital to vendors because there are many government-owned commercial entities,

said Robert Holleyman, president and chief executive officer of the Business

Software Alliance.