During the 1990s, encryption was one of the most hotly debated areas of technology law and policy. Law enforcement and security agencies initially supported limits on the export of strong encryption for national security reasons. In 1999, however, the administration shifted position to allow largely unrestricted export of encryption technologies. Encryption law and policy discussions largely faded from view.
Recently, encryption is again resurfacing as a major point of policy discussion. Changes to Indian and Chinese laws regarding encryption technologies have raised questions of international trade, national security, and communications security.
There are key lessons learned from the U.S. experience that are highly relevant when the debate shifts from one country to a globalized setting. However, since the U.S. encryption question was settled in 1999, a new generation of policy makers, lawyers, and technologists has emerged with little or no experience in the area of encryption policy.
This article seeks to fill an important gap in the literature, and to inform the debate on encryption policies in the face of increasing globalization. By examining the relevant history, technology, law, and policy, this article explains why it is vital to assure the widespread and global availability of strong encryption for our data and communications.