[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Encryption in Russia

On Wed, 1 Jan 2003, Oleg wrote:

O>> O>I'm curious, did they make it legal to use PGP and other
O>> O>encryption methods in Russia? Last I heard, it was illegal unless
O>> O>sanctioned by some government office.
O>> 	Of course, it is pretty legal to just _use_ it (for
O>> yourself). But it may be illegal to offer a commercial services
O>> involved encryption. In that case, you must call it somehow else
O>> ("data protection", for example) :-)

O>Here's what lsh-client description says, for example:

O>"In some countries, particularly Russia, Iraq, Pakistan, and
O>France, it may be illegal to use any encryption at all without a
O>special permit."

	Yes. This is well-known, popular misunderstanding of exact
terms of law. It based on the real facts, but is not quite correct.

	Restriction on encryption was first introduced in 1995 by
"Указ Президента РФ N 334" (Edict of the president of Russian
Federation 334). Edict has messy language, and it was not clear,
which exactly type of activity it restricted. In 2001 edict was
superseded by the new edition of "Закон о лицензировании отдельных
видов деятельности" (Law about licensing of specific types of
activity). Law declares that cryptography tech (among about a
hundred other kinds of business) is needed government license to
maintain and produce.

	According to that law you can not _sell_ cryptographic
devices without government license. Also, you can not _offer_
encryption as service (or part of service) to your customers without
government license.

	But using cryptography for protecting your own personal
privacy and|or securing communication to peers is clearly beyond the
scope of this law. Communication business ("деятельность в области
связи") has its own, separate regulation, not covered by this law.
In most cases it far more severe, but, AFAIK, say nothing about

Reply to: