Well, you can try calling the NAI number at 972-308-9960, and see
what kind of story you get.
I'm still trying to get an upgrade, which is what I called about in
the first place. I've been having trouble dealing with one of their
resellers, so had to go back to the source. This matter came up when
the rep told me that I had to answer "yes" to the three export
questions, and I asked "Do you really think that such software can be
kept out of the hands of those black-listed countires?" He told me
that it could because even if the people in those countries got the
software, that it would be useless to them because nobody in the US
could receive encrypted messages from those countries.
Why, I asked. There's nothing in the EARs to prohibit reception of
encrypted messages. There's no big filter at the borders checking
for messages. After all, (quoting Tim May) national borders aren't
even speed bumps on the information superhighway. He conceded that
while there was no big filter at the border, ISPs wouldn't accept
such email.
Which ISPs, I asked. He mentioned AOL. Any others? He didn't know.
I asked under what law they were required to filter such incoming
messages. He didn't know, but replied this is what the customer
support people had been told by NAI management. I suggested (more
than once) that he ask the NAI legal department if this was indeed
the case.
Might be also worthwhile to call AOL corporate. This could evolve
into a very interesting PR incident for them if they are indeed
blocking such messages, when it's pointed out that PGP usage is
essential to the work of human rights, relief, charitable, and even
religious organizations in those countries.
On the other hand, what's one more nasty PR incident to AOL?
--CH
> Of course there is no law or regulation that prohibits individuals
> from accepting encrypted email from the blacklist countries (or
> an ISP from forwarding it).
>
> Though perhaps government pressure or simple misunderstanding can
> explain the situation you encountered. I'd be interested in any
> verifiable info on this.
>
> -Declan
>
>
> On Mon, Jul 16, 2001 at 02:29:16PM -0700, [EMAIL PROTECTED] wrote:
> > I just got off the phone with one of the customer service people at
> > NAI, who informed me that "Encrypted e-mails from certain countries
> > aren't accepted in the US" and that accepting encrypted email from
> > one of the "black list" (i.e., North Korea, Libya, Iran, Iraq, China,
> > etc.) is illegal under US law.
> >
> > When queried about the issue of *accepting* encrypted e-mail from a
> > "black-list" country, the customer rep stated that this is what he
> > was told by higher-ups in the company.
> >
> > Never mind the issue of web-based email, mail originating from the
> > dot-com, dot-edu, dot-net or dot-org TLDs, spoofed headers or open
> > relays. It was impossible to resist quoting Tim May on the
> > transparency of national borders, and to point out that so far,
> > anyway, there was no ubiquitous filter at the borders. The rep
> > backpedaled and stated that "some" ISPs, specifically AOL, were
> > choosing not to accept such email.
> >
> > Anyone have any idea if any ISPs are refusing to accept encrypted
> > email from "black-listed" countries?
> >
> > Or is this just a matter of NAI cluelessness?
