Cryptography law

Cryptography is the practice and study of encrypting information, or in other words, securing information from unauthorized access. There are many different cryptography laws in different nations. Some countries prohibit export of cryptography software and/or encryption algorithms or cryptoanalysis methods. Some countries require decryption keys to be recoverable in case of a police investigation.


Issues regarding cryptography law fall into four categories:[1]

  • Export control, which is the restriction on export of cryptography methods within a country to other countries or commercial entities. There are international export control agreements, the main one being the Wassenaar Arrangement. The Wassenaar Arrangement was created after the dissolution of COCOM (Coordinating committee for Multilateral Export Controls), which in 1989 "decontrolled password and authentication-only cryptography."[2]
  • Import controls, which is the restriction on using certain types of cryptography within a country.
  • Patent issues, which deal with the use of cryptography tools that are patented.
  • Search and seizure issues, on whether and under what circumstances, a person can be compelled to decrypt data files or reveal an encryption key.

Cryptography law in different countriesEdit


As of 2011 and since 2004, the law for trust in the digital economy (LCEN) mostly liberalized the use of cryptography.[3]

  • As long as cryptography is only used for authentication and integrity purposes, it can be freely used. The cryptographic key or the nationality of the entities involved in the transaction do not matter. Typical e-business websites fall under this liberalized regime.
  • Exportation and importation of cryptographic tools to or from foreign countries must be either declared (when the other country is a member of the European Union) or requires an explicit authorization (for countries outside the EU).

United StatesEdit

In the United States, the International Traffic in Arms Regulation restricts the export of cryptography.

See alsoEdit


  1. ^ Kumar, Pankaj. "Cryptography with Java". Pearson. Retrieved 12 February 2013. CS1 maint: discouraged parameter (link)
  2. ^ Koops, Bert-Jaap (November 1996). "A survey of cryptography laws and regulations". Computer Law & Security Report. 6. 12: 349–355. (access restricted to current University of Toronto)
  3. ^ " - Loi pour la confiance dans l'économie numérique (LCEN)". Retrieved June 14, 2011. CS1 maint: discouraged parameter (link)

External linksEdit