[February 6, 1997]

IN THE UNITED STATES DISTRICT COURT
FOR THE NORTHERN DISTRICT OF OHIO
EASTERN DIVISION

____________________________________
                                    )
PETER D. JUNGER,                    )      CASE NO. 96 CV 1723
                                    )
     Plaintiff                      )                     
                                    )      Judge Nugent
v.                                  )               
                                    )      
WARREN CHRISTOPHER, Secretary of    )
State of the United States, et al   )
                                    )
     Defendants.                    )
                                    )
____________________________________)

DEFENDANTS' PROPOSED FINDINGS AND FACTS AND CONCLUSIONS OF LAW

FRANK W. HUNGER
Assistant Attorney General

EMILY M. SWEENEY
United States Attorney

VINCENT M. GARVEY
MARY E. KOSTEL
ANTHONY J. COPPOLINO
Department of Justice
Civil Division, Room 1084
901 E Street, N.W.
Washington, D.C. 20530
Tel. (Voice): (202) 514-4782

Attorneys for the Defendants

DATE: February 6, 1997

[i]

TABLE OF CONTENTS

INTRODUCTION 1

PROCEDURAL BACKGROUND 1

STATUTORY AND REGULATORY BACKGROUND 3

A. Prior Controls Under the State Department 3

B. New Export Controls Under the EAR 5

FINDINGS OF FACT 8

A. Cryptography and Encryption 8

B. Plaintiff's Activities10

C. Administrative Action11

D. Policy Basis for Export Controls on Cryptographic Software14

E. Academic Publication and Teaching in Cryptography16

CONCLUSIONS OF LAW 17

Summary of Conclusions of Law 17

I. THE COURT LACKS JURISDICTION TO REVIEW PLAINTIFF'S CLAIMS 19

A. Plaintiff's Challenge To The ITAR Is Moot 19

B. Plaintiff's Claims Are Not Ripe 20

C. Plaintiff Lacks Standing 22

(i) Plaintiff Has Not Shown Any Threat To His Academic Activities 23

(ii) Plaintiff Falls To Demonstrate That Any Case Or Controversy Exists Regarding the Export of His Cryptographic Software 24

[ii]

D. Plaintiff Cannot Establish Standing Through Doctrines Permitting First Amendment Facial Challenges 25

(i) The Overbreadth Doctrine Does Not Support Plaintiff's Standing 25

(ii) Plaintiff Lacks Standing to Bring a Facial Challenge Under City of Lakewood 27

II. SUMMARY JUDGMENT SHOULD BE ENTERED FOR DEFENDANTS 33

1. Export Licensing Controls On Cryptographic Software Are Constitutional 33

A. Export Licensing Controls On Cryptographic Software Are Not a System of Prior Restraint 33

B. Export Licensing Controls On Cryptographic Software Otherwise Comply With The First Amendment 37

(i) The Intermediate Standard Of Review Applies To Export Licensing Controls On Cryptographic Software 37

(ii) Export Licensing Controls On Cryptographic Software Satisfy Intermediate Scrutiny 41

C. Export Licensing Controls On Cryptographic Software Are Not Overbroad Or Void-For-Vagueness 47

D. Export Licensing Controls On Cryptographic Software Do Not Exceed Statutory Authority 50

2. Export Licensing Controls On Technical Data Are Constitutional 52

A. Export Licensing Controls On Technical Data Do Not Constitute A System Of Prior Restraint 52

C. Export Licensing Controls On Technical Data Are Not Overbroad Or Void-For-Vagueness 54

D. Export Licensing Controls On Technical Data Do Not Exceed Statutory, Authority 57

[iii]

III. PRELIMINARY INJUNCTION 58

A. Plaintiff Fails To Satisfy The Requirements For The Issuance of A Preliminary Injunction 58

IV. CONCLUSION 60

[iv]

INTRODUCTION

This case presents a constitutional challenge to licensing controls established by the United States Government on the export of "cryptographic" software -- software that can be used on a computer to encrypt or conceal information. The government licenses the export of certain cryptographic software for national security and foreign policy reasons. The government's concern is that powerful encryption software exported from the United States may be used overseas by foreign intelligence targets to conceal information vital to U.S. foreign policy and national security interests.

Plaintiff is a law professor who teaches a course on Computers and the Law at Case Western Reserve University Law School. He claims that export controls on cryptographic software, as well as related technical data, violate the First Amendment. Plaintiff alleges in particular that the government's export controls on cryptography interfere with his ability to teach students about legal issues concerning cryptography.

Having considered the submissions of the parties, and argument from counsel, the Court should now dismiss plaintiff's complaint and enter judgment in favor of the defendants.

PROCEDURAL BACKGROUND

On August 7, 1996, plaintiff filed his Complaint for Declaratory and Injunctive Relief challenging U.S. export controls on cryptography. On August 8, 1996, plaintiff moved for a preliminary injunction in connection with his class for the fall semester at Case Western. which was scheduled to begin on August 26, 1996.

On August 22, 1996, defendants filed an opposition to plaintiff's motion for a preliminary injunction and, in lieu of an Answer, simultaneously moved to dismiss this action or, in the alternative, for summary judgment.

1

On September 5, 1996, the Court held a status conference with the parties and established a schedule for the completion of briefing on the pending motions.

On October 2, 1996, plaintiff filed an opposition to defendants' motions, as well as his own cross-motion for summary judgment.

On November 20, 1996, the Court heard oral argument on the pending motions.¹ At the conclusion of the November 20 hearing, the Court requested that the parties submit proposed findings of fact and conclusions of law by January 14, 1997.²

After oral argument on the pending motions, the statutory and regulatory authority governing the export of cryptographic products (including software) changed, as described below. Export licensing controls on most encryption products and software are now administered by the Department of Commerce under the Export Administration Regulations ("EAR"), not the Department of State under the International Traffic in Arms Regulations ("ITAR"), which applied when the case commenced.

Plaintiff has advised defendants informally through counsel that he intends to seek leave of the Court to file a supplemental complaint challenging the new EAR controls. Defendants would respond separately to any such motion regarding whether leave to supplement the complaint should be granted.³ As set forth below, defendants have raised a number of threshold jurisdictional objections to plaintiff's complaint. These jurisdictional

_______________________

¹ The transcript of proceedings indicates incorrectly that this hearing occurred on November 18, 1996.

² The Court subsequently extended the deadline for this submission to February 6, 1997.

³ Plaintiff indicated that he may file such a motion for leave to supplement the complaint with his proposed findings of facts and conclusions of law.

2

defects, such as a lack of standing and ripeness, would still exist as to any challenge to export controls now administered by the Commerce Department. Indeed, the lack of jurisdiction would be even more apparent, since the Commerce Department regulations have never been at issue. In addition, to the extent the Court reaches the merits, export controls on cryptographic software under the new EAR provisions administered by the Commerce Department are not materially different than those plaintiff challenged under the now- superseded ITAR provisions. For these reasons, the following findings of fact and conclusions of law would be applicable to any challenge brought to the new EAR controls.⁴

STATUTORY AND REGULATORY BACKGROUND

A. Prior Controls Under the State Department.

When plaintiff filed suit, this action was governed by the Arms Export Control Act AECA") and the International Traffic in Arms Regulations. The Arms Export Control Act authorizes the President to control the import and export of "defense articles" and "defense services," and to designate such items on the United States Munitions List ("USML"). 22 U.S.C. § 2778(a)(1). The AECA is implemented by the ITAR, which sets forth the USML. See 22 C.F.R. Part 121.

Category XIII(b)(1) of the USML lists as defense articles cryptographic devices and software "with the capability of maintaining secrecy or confidentiality of information or information systems." 22 C.F.R. § 121. 1, XIII(b)(1). The ITAR provides that a defense article may not be exported -- i.e., sent or taken outside of the United States or disclosed or

_____________________

⁴ There may be some supplemental claims or arguments that plaintiff may raise concerning the new EAR provisions that could not be anticipated at the time of this filing. If plaintiff is granted leave to supplement, such matters would be addressed separately.

3

transferred in the United States to an embassy or agency of a foreign government, see 22 C.F.R. § 120.17(a)(1), (3), unless the exporter obtains a license from the State Department (or unless a licensing exception applies).

In addition to the items described on the USML (such as cryptographic software), information that falls within the definition of "technical data" is subject to export licensing controls under the ITAR. Technical data includes information "required for the design[,] development, production, manufacture, assembly, operation, repair, testing, maintenance, or modification of defense articles." 22 C.F.R. § 120. 10(a)(1). This includes information in the form of blueprints, drawings, photographs, plans, instructions, or documentation. Id. Subject to several exceptions described below, the ITAR provides that technical data may not be exported -- i.e., disclosed or transferred to a foreign person whether in the United States or abroad, see 22 C.F.R. § 120.17(a)(4), -- without first obtaining a license from the State Department.

The ITAR also requires that a license be obtained prior to the provision of a "defense service," which includes the export of technical data or the provision of technical assistance to foreign persons, whether in the United States or abroad, in the design, development, engineering, manufacture, production, assembly, repair, testing, maintenance, modification, operation, demilitarization, destruction, processing or use of defense articles. " 22 C. F. R. § 120.9.

The ITAR sets forth a number of exceptions to the definition of technical data that is subject to licensing controls. Specifically, technical data does not include "information

4

concerning general scientific, mathematical or engineering principles commonly taught in schools, colleges and universities or information that is in the public domain, " 22 C. F. R. § 120. 10(a)(5). Information is in the "public domain" if it is made generally available to the public, including "[t]hrough unlimited distribution at a conference, meeting, seminar, trade show or exhibition, generally accessible to the public, in the United States," or "through fundamental research in science and engineering at accredited institutions of higher learning in the U.S. where the resulting information is ordinarily published and shared broadly in the scientific community." 22 C.F.R. § 120.11(a)(6), (8).⁵ None of this information is subject to export controls under the ITAR.

B. New Export Controls Under the EAR.

On November 15, 1996, President Clinton issued Executive Order 13026 and a related Presidential Memorandum governing the export of encryption products.⁶ The President ordered the transfer of regulatory authority over the export of most encryption products from the Department of State under the ITAR to the Department of Commerce under the Export Administration Regulations. See Tab A, Presidential Memo at 1, ¶¶ 1-2. The transfer of regulatory jurisdiction applies to cryptographic hardware, software (including source code and object code), and to technical data.

On December 30, 1996, the Department of Commerce and the Department of State issued new rules implementing the Executive Order and Presidential Memorandum. See

_______________________

⁵ Information is also in the "public domain" if it is published and generally available and accessible to the public through, inter alia, sales at newsstands and bookstores, subscriptions, second class mail, and libraries open to the public. 22 C.F.R. § 120. 11 (a).

⁶ The parties provided this Order and Memorandum to the Court prior to the hearing on November 20, 1996. They are attached hereto at Tab A.

5

Tabs B and C hereto. The Department of Commerce amended the EAR to govern the export of cryptographic products transferred from the USML. 61 Fed. Reg. 68572-87 (Dec. 30, 1996) (Tab B).⁷ The Department of State issued a corresponding rule amending the USML to exclude the cryptographic products in question. 61 Fed. Reg. 68633 (Dec. 30, 1996) (Tab C).⁸ The new regulations were effective upon publication. Id. at 68573, 68633.

For present purposes, the heart of the EAR is the Commerce Control List ("CCL"). See 15 C.F.R. Part 774, reprinted at 61 Fed. Reg. 12937-13041 (March 25, 1996).⁹ Similar to the USML, the CCL lists categories of items whose export is regulated under the EAR. Items on the CCL are designated by an "Export Control Classification Number" ("ECCN"). See 15 C.F.R. Part 772, reprinted at 61 Fed. Reg. 12928 (March 25, 1996) (defining ECCN). With certain exceptions, persons must obtain a license from the Department of Commerce, Bureau of Export Administration ("BXA"), in order to export

____________________

⁷ The EAR is designed primarily, although not exclusively, to implement the Export Administration Act of 1979, 50 U.S.C. App. §§ 2401 et seq. ("EAA"). The EAA is not permanent legislation, and when it has lapsed, the President has issued Executive Orders under the International Emergency Economic Powers Act, 50 U.S.C. §§ 1701-1706 ("IEEPA"), directing and authorizing the continuation in force of the EAR. See 15 C.F.R. § 730.2, reprinted in 61 Fed. Reg. 12735 (March 25, 1996). Such Executive Orders are currently in effect. See Executive Order 12924 (Aug. 19, 1994), reprinted in 59 Fed. Re2. 1 43437 (Aug. 23, 1994); see also 61 Fed. Reg. 68576 (Dec. 30, 1996) (Tab B).

⁸ The State Department retains jurisdiction under the AECA and the ITAR over cryptographic items that are specifically designed for military applications. See Tab C, 61 Fed. Reg. 68633 (Dec. 30, 1996) (amending Category XIII(B) of the ITAR).

⁹ Until March 1996, the CCL was codified in 15 C.F.R. Part 799. At that time. the Department of Commerce undertook a general restructuring and reorganization of the EAR. See 61 Fed. Reg. 12714 (March 25, 1996). The restructuring moved the CCL to its present location in 15 C.F.R. Part 774. As of this date, the restructured provisions of the EAR have not been published in the printed edition of the Code of Federal Regulations. The Court is referred to 61 Fed. Reg. 12937-13041 (March 25, 1996) for the pertinent provisions of the current version of the CCL, as amended by the interim rule set forth at Tab B.

6

items listed on the CCL. See generally 15 C.F.R. Parts 738-44, reprinted at 61 Fed. Reg. 12756-12806 (March 25, 1996). The Department of Commerce's new regulatory jurisdiction over encryption items is reflected by amendments to relevant ECCNs on the CCL to include such items.¹⁰ In addition, the EAR now contains a new section governing the export of "Encryption Items" ("EI") transferred from the State Department's jurisdiction. See 15 C.F.R. § 742.159 61 Fed. Reg. 68580-82 (Dec. 30, 1996) (Tab B).

As under ITAR controls, because encryption products subject to the "EI" controls under the EAR "may be used by persons abroad to harm national security, foreign policy and law enforcement interests," they generally may not be exported without a license. 15 C.F.R. § 742.15, reprinted at 61 Fed. Reg. 68580-82 (Dec. 30, 1996) (Tab B).¹¹ Also as a general matter, applications for licenses to export such items "will be reviewed on a case-by-case basis by BXA, in conjunction with other agencies, to determine whether the export or reexport is consistent with U.S. national security and foreign policy interests." 15 C. F. R. § 742.15(b), 61 Fed. Reg. 68581 (Dec. 30, 1996); see also id. § 742.15(b)(4)(ii), 61 Fed. Reg. 68582 (Tab B).¹²

_______________________

¹⁰ Cryptographic devices and equipment (i.e., hardware) are covered by amended ECCN 5A002. Cryptographic software is covered by amended ECCN 5D002. Cryptographic technology is covered by amended ECCN 5E002. See 61 Fed. Reg. 68586-87 (Dec. 30, 1996) (Tab B).

¹¹ The definition of "export" for encryption source code and object code means an actual shipment, transfer, or transmission outside of the United States, including by unrestricted transmission over the Internet, and by transfer of such software to an embassy or affiliate of a foreign country. See 15 C.F.R. § 734.2(b)(9), 61 Fed. Reg. 68578 (Dec. 30, 1996) (Tab B).

¹² Less restrictive licensing provisions are applicable to certain "mass-market" encryption software and "key recovery" encryption items (that is, encryption items designed to allow- (continued ...)

7

Like the ITAR, the EAR also provides for export controls on technical information related to an item on the CCL, referred to under the EAR as "technology."¹³ Also like the ITAR, the EAR excludes several categories of information from export controls on technology, including information that is already published or will be published, educational information released by instruction in catalog courses of academic institutions, and information resulting from fundamental university research. 15 C.F.R. §§ 734,3(b)(3), 734.71 734.8, 734.9, reprinted at 61 Fed. Reg. 12747-50 (March 25, 1996), as amended by 61 Fed. Reg. 68578-79 (Dec.-30, 1996).¹⁴

FINDINGS OF FACT

A. Cryptography and Encryption.

1. Cryptography concerns the encryption and decryption of communications, and is used in an effort to prevent communications from being intercepted and read or altered. In the absence of cryptography, information sent via a computer is unsecure and may be viewed

_________________________

¹² ( ... continued)
government officials to decrypt ciphertext under proper legal authority). See id. § 742.15(b)(1)-(3) and Supplement Nos. 4-7 to 15 C.F.R. Part 742, reprinted at 61 Fed. Reg. 685812 68582-84 (Dec. 30, 1996) (Tab B).

¹³ See 15 C.F.R. Part 772 (defining "technology" to mean specific information necessary for the "development" "production" and "use" of a product, including technical data which may take the form of blueprints, plans, diagrams, models, engineering designs and specifications, manuals and instructions. See 22 C.F.R. § 120.10(a)(1) (similar definition of technical data under the ITAR).

¹⁴ Pursuant to E.O. 13026, cryptographic software (both source code and object code) is not treated as "technology" under the EAR. E.O. 13026, ¶ 2(c) (Tab A). Such software remains subject to export from the United States, and is not exempt from licensing controls by the exemptions for technology. See 61 Fed. Reg. 68578-79 (Dec. 30, 1996) (amending 15 C.F.R. §§ 734.7, 734.8, 734.9 exemptions as to "technology" to provide that cryptographic software remains subject to export controls) (Tab B).

8

by those other than the intended recipient. By utilizing cryptographic devices, including software, messages or text can be secured with the intention that whatever is sent is inaccessible to anyone except the intended recipient able to decrypt the message.

2. "Encryption" is the process of transforming the original text of a message into a text that is not understandable and, thus, whose content is hidden. This is referred to as transforming "plaintext" to "ciphertext. " Declaration of William P. Crowell ¶ 4.

3. "Decryption" is the process of transforming ciphertext back to plaintext (original text). Id.

4. Most modem cryptographic systems utilize what is referred to as a "key." which is the specific information (analogous to a password) that is necessary to encrypt and decrypt a message. Id. ¶ 9, n.4

5. "Cryptanalysis" is the science of reading "ciphertext" (i.e., determining the content of encrypted messages). Id. ¶ 4.

6. A "cryptographic algorithm" is a mathematical function or equation that can be applied to transform data into an unintelligible form (i.e., into cipher-text). Id. ¶ 9 and n. 5.

7. A cryptographic "source code" is a computer program that expresses a cryptographic algorithm in a precise set of operating instructions that enable a computer to perform cryptographic functions. Id. ¶ 9.¹⁵ "Fortran" and "C" are examples of computer programming languages used by computer programmers for writing source code that enable a cryptographic algorithm to be used on a computer. Id.

_________________________

¹⁵ See 15 C.F.R. Part 772, 61 Fed. Reg. 68585 (Dec. 30, 1996) (defining encryption source code to mean "[a] precise set of operating instructions to a computer that, when compiled, allows for the execution of an encryption function on a computer").

9

8. Source code can, in turn, be "compiled" by another computer program into "object code," which is a series of "ones" and "zeros" that may directly be executed by a computer. Id.¹⁶ Software compilers to automatically perform this conversion function are commonly available at computer retail outlets. Id. With such software loaded, compiling source code into object code is a trivial task that can take a matter of seconds. Id.

9. Thus, cryptographic software is an executable computer program that implements a cryptographic algorithm enabling a computer to perform a cryptographic function -- that is, to conceal information being transmitted. Cryptographic software is not merely "know how" that explains how cryptography works, or a description of scientific ideas or information related to cryptography. Rather, such software is a program that functions to enable a computer to encrypt information.

B. Plaintiff's Activities.

10. Plaintiff avers that he taught a course on Computers and the Law at Case Western Reserve University Law School during the Fall 1996 semester. Compl. ¶ 10. Plaintiff also avers that he taught the course in 1986, and from 1992 to 1995. Junger Decl. ¶ 2.

11. This course does not appear to concern technical aspects of encryption technology but, rather, legal issues concerning patent, copyright, and trade secret protection

_____________________

¹⁶ See 15 C.F.R. Part 772, 61 Fed. Reg. 68585 (Dec. 30, 1996) (defining encryption object code to mean "[c]omputer programs containing an encryption source code that has been compiled into a form of code that can be directly executed by a computer to perform an encryption function").

10

for computer programs, and government regulation of computers and computer programs. and the security of computer data. Junger Decl. ¶ 3.

12. Plaintiff also alleges that he is writing a textbook called "Computers and the Law" and is using a version thereof for his class. Junger Decl. ¶ 4.

13. Plaintiff alleges that, in 1993, he developed "a short encryption program that he intended to use in this class," See Compl. ¶ 11; Junger Decl. ¶ 7.

14. Plaintiff also alleges that his program is a "one-time pad," and that his course materials include the program in both source code and "machine" code form. Junger Decl. ¶ 8.

C. Administrative Action.

15. Plaintiff is not challenging a specific administrative action taken by the government, because none has occurred here.

16. Plaintiff avers that, beginning on May 7, 1993, he sought to contact individuals in government agencies by phone to determine whether his software program was subject to export licensing controls. Compl. ¶ 12; Junger Decl. ¶ 10. Plaintiff sets forth hearsay accounts of phone conversations in May 1993, and then again two years later in October 1995, with individuals who worked for various government agencies. Junger Decl. ¶¶ 10-16.

17. Plaintiff avers that, on May 7, 1993, the first day he informally sought information from the government by telephone, he was advised that "discussing the program in class should not cause a problem, but that posting on the internet was a 'gray area' that could present problems. " Junger Decl. ¶ 12.

11

18. Plaintiff does not allege that the government ever advised him that teaching about cryptography is subject to licensing controls, or threatened to prosecute him in connection therewith, or advised or directed him to exclude foreign students from his class. The focus of plaintiff's phone calls to government employees appears to have concerned the export of his cryptographic software program on the Internet.

19. The only information the government has about the program was that it was allegedly a "one-time pad" system and 170 bytes in length. Declaration of William J. Lowell Decl. ¶ 7; Crowell Decl. ¶ 14. Typically, a request to assess the export status of cryptographic software is accompanied by the software itself, including the source code, usually on a diskette, along with a description of its specifications and functions. In this case, however, at no time has plaintiff provided the government with any written specifications or a computer diskette of any program that he seeks to export. Lowell Decl. ¶ 7; Crowell Decl. ¶ 14.

20. A "one-time pad" system is the type of encryption system that would presumptively be covered by Category XIII(b)(1) of the USML. Crowell Decl. ¶ 15, 16. However, the government still does not know the specifications of any encryption software that plaintiff actually wishes to export from the United States and, thus, has been unable to determine whether any such software is in fact subject to U.S. export licensing controls.

21. Cryptographic software is not barred from export from the United States, but is controlled through a licensing process.¹⁷ Lowell Decl. ¶ 5; Crowell Decl. ¶ 7. The

_______________________

¹⁷ Certain embargoes and prohibitions on exports exist for specific countries, including Cuba, Iraq, Libya, North Korea, and the former Yugoslavia. See 22 C.F.R. § 126.1(d) (continued. . - )

12

licensing decision takes into account a combination of factors, including the Identity of the end-user, the declared end-use of the commodity, and foreign policy and national security interests. Id.¹⁸ The licensing process exists to enable the government to determine where and to whom certain powerful encryption software is going overseas so it can assess whether foreign policy or national security concerns are implicated by the export.

22. The government also has procedures for determining whether a commodity is even subject to export controls before an actual export license is sought. Lowell Decl. ¶ 5; Crowell Decl. ¶ 8; see also 15 C.F.R. § 748.3 (under the EAR, Commodity Classification determinations and Advisory Opinions are available from the Commerce Department).

23. Since Prof. Junger has not submitted the specifications for his software for an administrative determination, and has not applied for a license to export the software, the State Department had no occasion to take any action in this matter. See Lowell Dec. ¶ 8. That was the posture of the case when Prof. Junger filed his lawsuit on August 8, 1996. Id.

24. By letter dated January 2, 1997, counsel for plaintiff posed to counsel for the defendants several questions concerning the new export controls under the EAR on encryption software and technology. Tab D hereto. Even through this recent communication, plaintiff still has not provided the government with any software he wishes to export, or any technical specifications thereof, nor with any other details of the export

_______________________

¹⁷ ( ... continued)
(ITAR embargo provisions); 15 C.F.R. Part 746, 61 Fed. Reg. 12806-812 (March 25. 1996) (EAR embargo provisions).

¹⁸ See also 15 C.F.R. § 742.15(b) (export licenses reviewed on a case-by-case basis to determine if the export is consistent with U.S. national security and foreign policy interests), 61 Fed. Reg. 68581 (Dec. 30, 1996) (Tab B).

13

activities in which plaintiff wishes to engage. Plaintiff's letter was referred to the Department of Commerce, which responded by letter dated January 29, 1997. Tab E hereto.

D. Policy Basis for Export Controls on Cryptographic Software.

25. The National Security Agency ("NSA") has as its primary missions: (1) to conduct the signals intelligence ("SIGINT") activities of the United States Government; and (2) to carry out the responsibilities of the Secretary of Defense concerning the security of communications systems for the United States Government. Crowell Decl. ¶ 3.

26. NSA's SIGINT mission is conducted through sophisticated collection technologies that allow NSA to obtain information from foreign electromagnetic signals. Id. ¶ 4. Based on information derived from these activities, NSA provides reports on a rapid-response basis to national policymakers, military commanders, and other entities throughout the federal government. Id. This information has proven to be highly reliable and essential to the national defense, national security, and the conduct of the foreign affairs of the United States. Id.

27. Encryption used by foreign intelligence targets, in an effort to ensure that their communications remain secret from everyone except the intended recipient, can have a debilitating effect on NSA's ability to collect and report such critical foreign intelligence. Id.

28. Policies concerning the export control of cryptographic products are based on the fact that the proliferation of such products will make it easier for foreign intelligence targets to deny the United States Government access to information vital to national security interests. Id. ¶ 5. Throughout history, governments of all nations have relied on intelligence information to cope with wars and other international crises. Lowell Decl. ¶ 4.

14

Encryption has been used to conceal foreign communications, on the battlefield, aboard ships and submarines, or in other settings. Crowell Decl. ¶ 5. For example, the ability of the United States and its allies in World War II to break German "ENIGMA" and Japanese "PURPLE" coded communications of the axis forces was critical in shortening the war and saving lives.¹⁹

29. In addition, when U.S. armed forces are deployed, gathering intelligence information on the activities of hostile forces is critical to ensuring the effective accomplishment of their mission with minimal loss of life. Lowell Decl. ¶ 4. Encryption is also used to conceal other foreign communications that have foreign policy and national security significance for the United States. Crowell Decl. ¶ 5. For example, encryption can be used to conceal communications of terrorists, drug smugglers, or others intent on taking hostile action against U.S. facilities, personnel, or security interests. Id.

30. In his November 15, 1996 memorandum, President Clinton reaffirmed the designation of encryption products, including software in both source code and object code form, as subject to U.S. export controls. The President stated:

Encryption products, when used outside the United States, can jeopardize our foreign policy and national security interests. Moreover, such products, when used by international criminal organizations, can threaten the safety of U.S. citizens here and abroad, as well as the safety of the citizens of other countries. The exportation of encryption products accordingly must be controlled to further U.S. foreign policy objectives, and promote national security, including the protection of the safety of U.S. citizens abroad.

_______________________

¹⁹ See, e.g., The Code Breakers: The Story of Secret Writing, by David Kahn (MacMillan Publishing Inc. 1967).

15

Tab A, Presidential Memo at 1.

E. Academic Publication and Teaching in Cryptography.

31. The export of actual cryptographic software must be distinguished from academic discussion and publication of theories and ideas concerning cryptography. While the government licenses the export of cryptographic software, there exists a broad array of academic discourse in the field of cryptography that is not regulated by the government. Articles are published in academic journals and magazines that broadly discuss ideas related to cryptography. See Crowell Decl. ¶ 18, 21-29 and Tabs 1-9. Such academic exchanges concerning cryptography have substantially increased in the past two decades. Id. ¶ 18. Indeed, in the mathematical field of cryptography, it is common practice that cryptographic algorithms are widely published and discussed so that their capabilities may be evaluated by peers in the field. Id. The government itself published one of the more significant encryption algorithms, called the Data Encryption Algorithm, in January 1977. See Tab 10 to Crowell Declaration.

32. In addition, textbooks explaining theories related to encryption have also been published. Id., Tabs 11-12; see also Tabs 21-25 to Declaration of Anthony J. Coppolino. Public academic symposia also routinely occur in the field of cryptography, see Tabs 4-8 to Crowell Declaration, and courses on cryptography are routinely taught at various colleges and universities throughout the United States. See Tabs 1-20 to the Coppolino Declaration. Indeed, many NSA analysts working in the area of computer security or code-breaking have taken public courses in cryptography at colleges and universities. Crowell Decl. ¶ 19. They have also taken public courses in the fields of mathematics which form the basis of

16

cryptography as well as computer science, and have received undergraduate and graduate degrees in these areas. Id.

CONCLUSIONS OF LAW

Summary of Conclusions of Law

Plaintiff's complaint presents threshold jurisdictional problems. First, plaintiff's challenge to export licensing controls under the Arms Export Control Act and the International Traffic in Arms Regulations are now moot since those licensing controls are no longer applicable in this case.

Second, under either the prior ITAR controls or current EAR provisions, plaintiff lacks standing and presents claims that are not ripe for review. His claim that mere academic teaching is subject to licensing controls is too speculative to support standing or he reviewed by the Court. Plaintiff has never alleged that the government has threatened to prosecute him for teaching a class on cryptography, which he has apparently done for several years without interference. Indeed, plaintiff's own allegations indicated that he was advised in his informal contacts with the government that teaching about his cryptographic software was not an issue. Also, the government's regulations expressly seek to exclude such academic activity from licensing controls. Moreover, there is a broad array of academic activity in the field of cryptography, including teaching, that is not regulated by the government. Under these circumstances, plaintiff has failed to demonstrate any injury in fact or case or controversy concerning his teaching claims. Similarly, plaintiff's failure to submit his cryptographic software for any determination as to whether it is in fact subject to export controls negates any case or controversy as to licensing controls on such software.

17

First Amendment doctrines permitting facial challenges to certain licensing schemes do not establish standing for plaintiff. Even for facial challenges, a plaintiff must demonstrate some injury in fact resulting from an actual or threatened application of a regulation to his activities. As noted, this is lacking with respect to both his teaching activities and the export of cryptographic software. Plaintiff's reliance on City of Lakewood v. Plain Dealer Publishing Co., 486 U.S. 750 (1988) for the proposition that he has standing to bring a pre-enforcement facial challenge to the regulations is without merit. That authority applies only to licensing schemes which, on their face, create broad discretion to regulate the content of activities commonly associated with First Amendment protected expression. This authority does not apply to licensing controls on the export of cryptographic products that have a technical capacity to encrypt data on a computer, or to related technical data.

For the same reason, should the merits be reached, plaintiff's claim that licensing controls on the export of cryptographic software or technical data act as a system of prior restraint is also wrong. Assuming cryptographic software is even properly considered protected expression, the authority on which plaintiff relies, such as FW/PBS Inc. v. City, of Dallas, 493 U.S. 215 (1990), and Freedman v. Maryland, 380 U.S. 51 (1965), concern regulations that impact the content of expression, such as the dissemination of sexually explicit material, parades, prayer meetings, and even private discussions in the home. Controls on cryptographic software and technical data, which are intended to control the distribution abroad of an item that may adversely affect national security, or technical assistance in developing such an item, are not at all comparable to licensing schemes that can

18

be used to target the content of expression. In particular, plaintiff's contention that the President, or his designees, must obtain advance approval from a Federal district judge before the government could stop someone from exporting powerful cryptographic software to a hostile foreign adversary, that could be used to hinder the government's ability to gather sensitive national security information overseas, is clearly wrong.

Export controls on cryptographic software do not otherwise violate the First Amendment. Such controls are content-neutral, and satisfy intermediate First Amendment scrutiny. Controls on the export of cryptographic software further a legitimate governmental interest in protecting the government's critical need to gather sensitive national security information abroad, and are unrelated to the suppression of speech or ideas about cryptography. They are also narrowly tailored by leaving open ample alternative channels of communication in this field. Plaintiff's claims that export controls on cryptography are overbroad or vague, or in excess of statutory authority, also lack merit. Finally, although his motion for a preliminary injunction now appears to be moot since the Fall 1996 semester is over, plaintiff fails to satisfy the requirements for such relief in any event.

Each conclusion of law is addressed further in turn below.

I. THE COURT LACKS JURISDICTION TO REVIEW PLAINTIFF'S CLAIMS.

A. Plaintiff's Challenge To The ITAR Is Moot.

"Mootness results when events occur during the pendency of a litigation which render the court unable to grant the requested relief." Carras v. Williams, 807 F. 2d 1286, 1289 (6th Cir. 1986) (citations omitted). When the requested relief cannot be granted, a case

19

"does not satisfy the 'case or controversy' requirement of Article III, . . . and the federal courts are powerless to decide it." Id.²⁰ 

Plaintiff's complaint challenges export controls on cryptography administered by the State Department under the AECA and ITAR. Since the AECA and ITAR are no long applicable here, the Court cannot enter relief as to those provisions.²¹ To whatever extent a challenge may be brought to the new EAR controls on encryption software and technology administered by the Commerce Department, and a case or controversy may exist between the parties concerning the new regulations, this case no longer concerns the AECA and the ITAR. Accordingly, plaintiff's original claims concerning the regulation of cryptography under the AECA and the ITAR must be dismissed as moot.

B. Plaintiff's Claims Are Not Ripe.

A controversy is also not justiciable if it is not "ripe" for judicial resolution. See Abbott Laboratories v. Gardner, 387 U.S. 136, 148 (1967). The ripeness doctrine "prevent[s] the courts, through avoidance of premature adjudication, from entangling themselves in abstract disagreements over administrative policies." Id. at 148-49. Thus, where a court is called upon to "hypothesize that [the challenged] event will come to pass," its opinion would be "patently advisory," and beyond the bounds of its authority. Babbitt v.

_______________________

²⁰ See also Fusari v. Steinberiz, 419 U.S. 379, 386 (1974), Diffinderfer v. Central Baptist Church, 404 U.S. 412, 414-15 (district court judgment as to prior statute is moot, and the matter vacated and remanded for reconsideration, when superseding statute enacted, even where the challenge may proceed as to the new provisions).

²¹ The State Department retains export licensing jurisdiction over cryptographic products specifically designed for military capabilities, see Tab C hereto, which plaintiff has not challenged.

20

United Farm Workers, 442 U.S. 289, 304 (1979). Plaintiff's challenge to the government's export control policies concerning cryptography are not ripe.

Plaintiff's own rendition of the facts indicates that he made only informal telephone contacts with government employees regarding the applicability of export controls to his planned activities. Plaintiff claims he was advised that teaching about his software would not be a problem, although posting it on the Internet would present an export concern.²² Absent any indication that the government purports to apply its export controls to cover teaching (as opposed to the software itself), this aspect of plaintiff's complaint is not ripe for judicial review.²³

Similarly, plaintiff's claim with respect to the export of cryptographic software is not ripe. If plaintiff had requested a determination as to the export status of his software, the record here would reflect a position taken by the government with respect to a specific item plaintiff wished to export, and its underlying reasoning. In the absence of a submission by plaintiff and a formal determination on it, the present record is simply not sufficiently developed to resolve the merits of plaintiff's software claim. Indeed, the government still

_______________________

²² Informal phone conversations with government employees do not constitute official agency action so as to render a challenge ripe for adjudication. It is well-established that the government cannot be bound by the representations of any employee who does not have actual authority to make a binding determination or decision. Federal Crop Ins. Corp. v. Merrill, 332 U.S. 380, 384 (1947). Thus, aside from being inadmissible hearsay, plaintiff's reference to phone conversations with employees is irrelevant evidence, since such conversations do not reflect the actual discharge of legal authority by responsible agency officials.

²³ This conclusion would be no different for any challenge to the new EAR controls since, in response to plaintiff's letter of January 2, 1997, the government again indicated that information about cryptography distributed in an academic course is not treated as "technology" or technical data subject to the EAR. See Tab E (citing 15 C.F.R. § 734.9. 61 Fed. Reg. 12750 (Dec. 30, 1996)).

21

does not know exactly what plaintiff wishes to export or post to the Internet, or how he proposes to do so. Hence, plaintiff's claims as they relate to the export of software are not ripe as well.²⁴

C. Plaintiff Lacks Standing.

Article III of the Constitution requires a plaintiff to show that he personally has suffered some actual or threatened injury as a result of the putatively illegal conduct of the defendant. Valley Forge Christian College v. Americans United for Separation of Church and State, 454 U.S. 464, 471 (1982).²⁵ To satisfy this requirement, a plaintiff "must show that he has sustained or is immediately in danger of sustaining a direct injury as a direct result [of government action]." Laird v. Tatum, 408 U.S. 1, 13 (1972) (internal quotation omitted). Although a plaintiff contesting the constitutionality of a criminal provision need not "first expose himself to actual arrest or prosecution," Steffel v. Thompson, 415 U.S. 452, 459 (1974), allegations of a "subjective chill" based on a plaintiff's "speculative apprehensiveness," are "not an adequate substitute for a claim of specific present objective harm or a threat of specific future harm." Laird, 408 U.S. at 13-14.

_______________________

²⁴ Again, this conclusion would be no different for any challenge to the new EAR controls since, in response to plaintiff's letter of January 2, 1997, the government again indicated that it could not determine whether any software plaintiff wished to export might violate the EAR without actually reviewing and evaluating that software, which still has not been provided to the government. See Tab E.

²⁵ A plaintiff must also show that an injury is "fairly traceable" to the challenged action, and "likely to be addressed by a favorable decision." Valley Forge, 454 U.S. at 471.

22

(i) Plaintiff Has Not Shown Any Threat To His Academic Activities.

With respect to plaintiff's claim that the government's export controls threaten him with prosecution for teaching his class, plaintiff cannot show that he has suffered, or is threatened with suffering, an "injury-in-fact" necessary to establish standing. Plaintiff has not pointed to any instance where defendants have indicated they would regulate his teaching a class about cryptography. Indeed, his own averments indicate that he was informally advised that the issue of concern to the government was the posting of cryptographic software to the Internet, not teaching students about the software. See Junger Decl. ¶ 12.²⁶

Moreover, the ITAR export controls previously at issue expressly exempt from regulating as technical data information concerning commonly taught scientific and mathematical principles, and published scientific research, 20 C.F.R. §§ 120.10(a)(5), 120.11(a)(8). The new EAR controls also exempt information distributed in catalog courses of academic institutions, as well as published fundamental research, from the definition of technology that is subject to export controls. See 15 C.F.R. §§ 734.8, 734.9, 61 Fed. Reg. 12749-50 (Mar. 25, 1996). In addition, the government's showing that there is broad academic activity in the area of cryptography -- numerous college courses, textbooks on cryptographic theory, fundamental research published in scholarly journals, and academic

_______________________

²⁶ In addition, both the ITAR and EAR define the "export" of cryptographic software to mean an actual transmission from the United States, or to an embassy of affiliate of a foreign country in the United States. 22 C.F.R. § 120.17(a)(1), (3); 15 C.F.R. § 734.2(b)(9)(i)@ 61 Fed. Reg. 68578 (Dec. 30, 1996) (Tab B). Hence, mere distribution of such software to foreign students in his class would not be an impermissible export under either regulation.

23

symposia, see Crowell Declaration ¶¶ 18, 19 and Tabs 1-9, 11-12; Coppolino Declaration Tabs 1-25 -- has gone unrebutted.

Where the regulations seek to exclude academic activity from licensing controls, and where such activity is occurring freely on a wide scale, and where there is no allegation or indication that the government sought to regulate plaintiff's teaching about cryptography, there is no credible basis for plaintiff to claim that he faces a threat of prosecution merely for teaching his class. Hence, plaintiff cannot demonstrate injury-in-fact sufficient to sustain jurisdiction to review the claim that export controls concerning cryptography require that a license be obtained in order to teach a class in this subject area.²⁷

(ii) Plaintiff Fails To Demonstrate That Any Case Or Controversy Exists Regarding the Export of His Cryptographic Software.

Plaintiff also fails to present an actual case or controversy with respect to the export of cryptographic software. While the government presumes that software implementing a "one-time pad" encryption system would be subject to export controls, it has never been provided with any software that plaintiff actually wishes to export, does not know what is actually at issue in this case, and, accordingly, never issued a determination to plaintiff. Thus, even as to his challenge to software licensing controls, plaintiff has failed to demonstrate an actual case or controversy. If the government were to determine that plaintiff must obtain a license before exporting specific software put at issue, or deny him an export

_____________________

²⁷ See Greater Cincinnati Coalition for the Homeless v. Cincinnati, 56 F.3d 710, 716 (6th Cir. 1995) (no standing where plaintiff has not established that his activities and speech "fall within the strictures of the [challenged] ordinance," and that "speech such as that in which he engages is or will necessarily be suppressed by law enforcement authorities").

24

license, then arguably an injury might exist sufficient to establish standing. But that scenario is not before the Court and, until it is, an actual case or controversy does not exist.

D. Plaintiff Cannot Establish Standing Through Doctrines Permitting First Amendment Facial Challenges.

Plaintiff's standing is not saved by the contention that he may bring a "facial" challenge to the regulations, even if they have not actually been applied to him. Indeed, his reliance on such doctrines is a concession that the regulations have not yet actually been applied to him in an adverse manner. Even where facial challenges may properly lie in a First Amendment context, a plaintiff must still show some injury to himself to establish a that a case and controversy exists to be decided by the Court.

(i) The Overbreadth Doctrine Does Not Support Plaintiff's Standing.

Plaintiff first argues that he has standing because he has brought a facial challenge under the First Amendment "overbreadth" doctrine. Overbreadth is an exception to the Prudential standing requirement that a plaintiff generally "must assert his own legal rights and interests." Warth v. Seldin, 422 U.S. 490, 499 (1975). An overbreadth claim applies to enactments alleged to be so broad that they are incapable of any permissible application, not merely the application implicated by plaintiff's own circumstances. New York State Club Assn. v. New York City, 487 U.S. 19 14 (1987). For such claims, courts may relax standing requirements to allow a party to challenge a statute on its face because it threatens

25

others not before the court. Brockett v. Spokane Arcades, Inc., 472 U.S. 491, 503 (1984).²⁸

But the overbreadth doctrine is not a talisman that excuses a plaintiff from demonstrating that he faces some injury sufficient to invoke the jurisdiction of the court. The relaxation of standing requirements through the overbreadth doctrine applies only to allow a plaintiff, who otherwise demonstrates injury-in-fact to himself, to raise additional claims to an enactment on behalf of third parties. In other words, while an overbreadth challenge allows a plaintiff to vindicate the interest of a third party, even if the plaintiff does not share in whatever way the third party might be injured, the plaintiff must still show some injury to himself for jurisdiction to exist. See Secretary of State of Maryland v. Joseph H. Munson Co., 467 U.S. 947, 958 (1984) (where a plaintiff raises overbreadth claims on behalf of non-parties, the "crucial question" in determining whether case-or-controversy, exists is whether the plaintiff establishes his own injury-in-fact);²⁹ Greater Cincinnati, 56 F.3d at 718. Thus, merely purporting to raise a facial "overbreadth" claim is not enough for plaintiff to establish that he has standing.

In addition, overbreadth standing does not apply where the party challenginG the statute is one "who desire to engage in protected speech that the overbroad statute purports to punish," since, in such a circumstance, there is "no want of a proper party" to challenge the

_______________________

²⁸ See also Broadrick v. Oklahoma, 413 U.S. 601 (1973); Greater Cincinnati, 56 F.3d at 718.

²⁹ In Munson, plaintiff had standing to challenge on overbreadth grounds a requirement that charitable organizations pay no more than 25% of receipts for expenses, even though plaintiff was not a charitable organization, since the activity plaintiff sought to protect was to "at the heart of the business relationship" between himself (as a fundraiser) and his clients that were charitable organizations. 467 U.S. at 958.

26

statute. Brockett, 472 U.S. at 504; Members of the City Council of Los Angeles v. Taxpayers for Vincent, 466 U.S. 789, 802-803 (1984) (overbreadth doctrine did not apply where ordinance would potentially abridge the rights of plaintiff in the same manner as third parties not before court). Plaintiff's claim is that export controls on cryptography are "overbroad" in a colloquial sense, because they might encompass his academic activities. This claim presents one alleged impermissible application of the regulations as to which plaintiff would be a proper party. Plaintiff has "failed to identify any significant difference between [his] claims that the [regulation] is invalid on overbreadth grounds and [his] claim that it is unconstitutional when applied to [his own activities]." Taxpayers for Vincent, 466 U.S. at 802. Thus, plaintiff's "attack on the [regulation] is basically a challenge to the [regulation] as applied to [his] activities." Id. For this reason, the overbreadth doctrine does not apply here, and plaintiff must show standing in his own right.³⁰

(ii) Plaintiff Lacks Standing To Bring A Facial Challenge Under City Of Lakewood.

In addition to citing the overbreadth doctrine, plaintiff also relies on City of Lakewood, supra, for the proposition that a party has standing to bring a pre-enforcement facial challenge to a licensing scheme that affects First Amendment activities, without waiting for the requirement to be applied to him. This authority is inapposite here.

Once again, a facial challenge of the type recognized in Lakewood does not, by itself, waive Article III standing requirements for anyone who wishes to bring such a challenge. A

_____________________

³⁰ Plaintiff also lacks standing to bring an overbreadth challenge to export controls on cryptographic software on behalf of commercial software manufacturers, since he has not alleged or demonstrated any injury to himself resulting from the application of such controls to commercial enterprises. See Munson, 467 U.S. at 958.

27

plaintiff must show that he faces injury under the challenged ordinance. In Lakewood, for example, the Cleveland Plain Dealer newspaper challenged an ordinance which regulated the placement of newsracks on city sidewalks before that ordinance had actually been applied to them. But the Plain Dealer obviously had standing, since the ordinance unquestionably applied to their speech activity -- distributing newspapers.³¹

Here, it is far from certain that export controls on cryptography might apply to plaintiff in such a manner as to support standing to bring a facial challenge without the regulations ever having been actually applied. First, as noted, the government has not threatened to prosecute plaintiff for teaching his class, and the regulations, on their face, seek to exclude academic speech from their reach. This is in stark contrast to the ordinance at issue in Lakewood, which sought to include the activities of The Plain Dealer. Also, while government export controls cover the export of some cryptographic software, it is as yet unclear whether the specific software plaintiff seeks to export is covered by the regulations. A pre-application "facial" challenge makes little sense in this context, since there would be no controversy between the par-ties until it is clearly determined that plaintiff's "speech" (i.e.. his software) is, in fact, subject to licensing controls. Thus, even if plaintiff could fashion an argument on the merits that licensing controls on cryptographic software present general

___________________

³¹ Similarly, the authority on which plaintiff relies, G & V Lounge, Inc. v. Michigan Liquor Control Commission, 23 F.3d 1071, 10749 1075 (6th Cir. 1994), is inapposite since the ordinance at issue there, which required a license before allowing topless dancers, unquestionably applied to the plaintiff, who sought to include such dancing in his establishment. Moreover, the plaintiff demonstrated a separate basis for standing, namely that the government had threatened actual enforcement of the ordinance against him.

28

First Amendment concerns, this alone would not establish standing for plaintiff to bring a facial challenge if his speech is not being regulated.

Beyond this, Lakewood does not stand for the proposition that a facial challenge properly lies against any governmental licensing scheme that might, in some applications, implicate First Amendment concerns. Lakewood, and cases like it on which plaintiff relies, arose in a much different context. Such authority concerns broad licensing controls on activities that subjected the content of speech to discretionless regulation. In allowing a facial challenge to proceed in Lakewood, the Supreme Court set forth limiting criteria "to distinguish laws that are vulnerable to facial challenges from those that are not." 486 U.S. at 759. The Court stated that a speaker may not "challenge as censorship any law involving discretion to which it is subject." Id.

Rather, a facial challenge lies where a licensing law has "a close enough nexus to expression, or to conduct commonly associated with expression, to pose a real and substantial threat of identified censorship risks." Id. The basis for such a facial challenge is that the law at issue gives a government official or agency substantial power "to discriminate based on the content or viewpoint of speech by suppressing disfavored speech or disliked speakers." Id. (emphasis added).

In contrast to the type of law at issue in this case, laws of general application that are not aimed at conduct commonly associated with expression and do not permit licensing, determinations to be made on the basis of ongoing expression or words about to be spoken, carry with them little danger of censorship.

Id. at 761. A facial challenge to such laws is therefore inappropriate.

29

Licensing controls on the export of cryptographic software are quite distinct from the schemes at issue in Lakewood and similar cases. Such cases involved discretionary licensing schemes that expressly sought to regulate conduct commonly associated with expression -- the distribution of newspapers, civil rights or other parades, a meeting in a private home to discuss union affairs, a prayer group in the park, a theatrical production, or adult entertainment³² -- and thereby threatened to curtail the content of expression or a particular viewpoint. This case concerns a licensing scheme that regulates an item, cryptographic software, that unquestionably has a technical capacity and could be used abroad in ways that harm the government's foreign policy and national security interests. This is hardly the type of licensing program that has a close enough nexus to expression, or is so commonly associated with expression, or so directly threatens to censor or disfavor a particular viewpoint, that a facial challenge would be warranted. Indeed, while cryptographic software that can function on a computer is licensed for export, the government does not censor the publication or teaching of ideas or theories about the software. For this reason, a facial challenge to software controls does not lie under the Lakewood rationale.

_____________________

³² FW/PBS Inc. v. City of Dallas, 493 U.S. 215 (1990) and Freedman v. Maryland, 380 U.S. 51 (1965) (regulation of adult entertainment and obscene films); Niemotko v. Maryland, 340 U.S. 268, 271-72 (1950) (denying Jehovah's Witnesses group access to public park to talk about the Bible); Staub v. City of Baxley, 355 U.S. 313, 322 (1958) (ordinance applied to bar individuals from meeting in private homes for the purpose of discussing whether to unionize). Shuttlesworth v. City of Birmingham, 394 U.S. 147, 150-51 (1969) (ordinance requiring permit for a parade applied to stop a peaceful civil rights march), Southeastern Promotions, Ltd. v. Conrad, 420 U.S. 546 (1975) (denial of access to a municipal auditorium for the musical "Hair" based solely on the city's judgment as to the potentially "obscene" nature of the production); Forsythe County, Georgia v. Nationalist Movement, 505 U.S. 123 (1992) (ordinance granting city discretion to decide fee for parade without any limiting criteria); Lovell v. City of Griffin, 303 U.S. 444, 450 (1938) (ordinance licensing distribution of any literature in the city).

30

Similarly, plaintiff's claim that export controls on technical. data might reach his teaching activities also do not establish standing for a facial challenge here. Courts have long-since recognized and upheld the government's interest in regulating the dissemination abroad of technical data that could be used to assist in the development of a commodity whose own export is controlled for national security and foreign policy reasons. In United States v. Edler Industries, 579 F.2d 516, 520 (9th Cir. 1978), the Ninth Circuit recognized that "a necessary incident" to the power to control arms exports was the power to control the flow of information concerning the production and use of arms.- " The court upheld technical data controls on the ground that they were intended to "control the conduct of assisting foreign enterprises to obtain military equipment and related technical expertise." Id. at 521.³⁴

_____________________

³³ The court in Edler observed that "the authority to regulate arms traffic would be of negligible value if it encompassed only the exportation of particular military equipment but not the exportation of blueprints specifying the construction of the very same equipment." 579 F.2d at 520. See also United States v. Posey, 864 F.2d 1487, 1496-97 (9th Cir. 1989) ("technical data that is relatively harmless and even socially valuable when available domestically may, when sent abroad, pose unique threats to national security"); United States v. Van Hee, 531 F.2d 352, 355-56 (6th Cir. 1976) (Congress subjected technical data to the same controls as arms "doubtless . . . in recognition of the fact that world peace and American security and foreign policy could by threatened by the exportation of such data without the necessity of actually sending arms or implements abroad").

³⁴ In Edler, the defendant was convicted for exporting technical data concerning missile technology without a license to a French firm in furtherance of a technical assistance agreement. Edler, 579 F.2d at 518-19. In Posey, the defendant was convicted for conspiracy to transmit technical manuals concerning the C-130 aircraft to South Africa without a license, in violation of the AECA and the Comprehensive Anti-Apartheid Act. Posey, 864 F.2d at 1490. In Van Hee, the defendant was convicted for conspiracy to sell technical data concerning military amphibious vehicles to the government of Portugal without a license, in violation of the AECA. Van Hee, 531 F.2d at 354.

31

A licensing requirement on the export of technical data related to USML or CCL items is quite distinguishable from schemes that license speech activities, such as the distribution of newspapers, parades, or adult entertainment. While the latter clearly run the risk of censoring protected expression and preventing speech from occurring at all, export controls on technical data are directed at regulating the provision of technical assistance in the development abroad of items that could harm U.S. interests. Moreover, aside from implicating inherently different concerns, export controls on technical data seek to exclude protected speech from their reach, and thereby limit the discretion of the government, in contrast to the licensing schemes plaintiff cites, that sought to encompass activities by which the content of speech was disseminated. Both the ITAR and EAR set forth several exemptions from licensing controls -- for information publicly available at a newsstand., bookstore, library, or released at a public symposia or trade conference, or published as fundamental research, or commonly taught scientific principles, or educational information released in courses at academic institutions.

In light of these exceptions, and the judicially-recognized concern that technical data can be used to assist in the development of a controlled item abroad, it cannot be said that the technical data controls have such a close nexus to conduct commonly associated with the content of expression as to warrant a facial challenge prior to a specific challenged application. This is particularly so in light of the broad, unregulated academic discourse in this field. For these reasons, whatever First Amendment issues might be implicated by the technical data controls, a Lakewood-type facial challenge does not provide plaintiff with standing to challenge them. Plaintiff therefore lacks standing under all theories he advances.

32

II. SUMMARY JUDGMENT SHOULD BE ENTERED FOR DEFENDANTS.

Assuming the Court reaches the merits of plaintiff's claims, summary judgment should be entered for the defendants. Plaintiff argues that export controls on cryptographic software and technical data violate the First Amendment because they constitute a system of prior restraint, regulate the content of speech, and otherwise are overbroad and vague. Each theory will be addressed in turn, first as to cryptographic software and then as to technical data.

1. Export Licensing Controls On Cryptographic Software Are Constitutional.

A. Export Licensing Controls On Cryptographic Software Are Not A System of Prior Restraint.

Plaintiff claims first that export licensing controls on cryptographic software constitute an unconstitutional system of prior restraint on the ground that the regulations do not provide for several procedural requirements found necessary in other contexts for licensing speech activities. Relying primarily on FW/PBS Inc. v. City of Dallas, 493 U.S. 215 (1990) and Freedman v. Maryland, 380 U.S. 51 (1965), plaintiff contends that the government's licensing system must provide expeditious licensing determinations and advance judicial review of a license denial initiated by the government. As discussed below, this authority and these procedural requirements, are manifestly inapplicable to the licensing of encryption software.

As a threshold matter, however, plaintiff's prior restraint argument is built on the questionable premise that the act of exporting cryptographic software is expression protected by the First Amendment. Encryption software, in both source code and object code form. is a computer program that directs a computer to execute a particular function: to encrypt data.

33

The fundamental nature of such software is not as an item that expresses an idea, but one with a technical capacity to perform a certain function. Even if, as plaintiff contends, encryption source code is considered to have informational value to academics trained to understand programming language," such a program is nonetheless easily compiled into object code and executed on a computer to perform an encryption function.³⁶ As the President made clear, it is because of their functional capacity to encrypt information that both source code and object code are subject to export licensing. See Tab A, E.O. 13026, § 1(c) and Presidential Memo at 3. Thus, it is highly doubtful that a prior restraint analysis should even be applied here as if the export of cryptographic software were licensed for its informational value.³⁷

Even if the Court accepts the premise that exporting cryptographic software may have expressive value and could be considered an act of speech, the contention that the licensing

_____________________

³⁵ See Declarations of Harold Abelson, Carl M. Ellison.

³⁶ Plaintiff presents no evidence to support his contention that object code -- the code of "1"s and "0"s directly executed by a computer only -- is speech.

³⁷ Plaintiff will likely rely heavily on the district court's decision in Bernstein v. Department of State, Civ. 95-0582) (N.D. Cal.) (Mem. & Order entered December 16, 1996), where the court ruled against the government on summary judgment and held that cryptographic source code is protected speech, and that export licensing controls constitute a system of prior restraint as to which the FW/PBS and Freedman standards apply. This court is obviously not bound by that decision, which the government contends is in error. A prior district court decision in Karn v. Department of State, 925 F.Supp. 1 (D.D.C. 1995) (appeal pending) fully upheld export licensing controls on cryptographic software against a First Amendment challenge. The D.C. Circuit in Karn recently remanded that case for consideration of whether a non-constitutional APA claim is subject to judicial review, but did not vacate the district court's decision or analysis of the constitutional claims. At the time of this filing, the plaintiff in Karn was seeking reconsideration from the Court of Appeals of its remand order.

34

process for such an export must comport with the Freedman procedural requirements, including advance judicial review initiated by the government, is entirely without merit. FW/PBS and Freedman both involved licensing schemes on sexually explicit adult entertainment. At issue in Freedman was an ordinance requiring that films be presented to a censorship board for a determination on whether they were obscene before they could he exhibited. At issue in FW/PBS were licensing requirements directed at a number of sexually oriented "adult" entertainment businesses, including bookstores, video stores, theaters, nude model studios, escort agencies, and motels. "The core policy underlying Freedman is that the license for a First Amendment-protected business must be issued within a reasonable period of time, because undue delay results in the unconstitutional suppression of protected speech." FW/PBS, 493 U.S. at 228. It was because the ordinance in Freedman involved the "direct censorship of particular expressive material," id. at 229, that the procedural requirements of prompt licensing and judicial review initiated by the government were required.

Plaintiff's prior restraint claim based on Freedman falls for largely the same reasons that Lakewood does not apply: the licensing of a "First Amendment protected business," and the censorship of the content of speech activities simply, does not reasonably compare to licensing controls on the export of encryption software. The activity subject to licensing here is not the exposition of cryptographic theories, but the export of a computer program that could be used to hinder access by the United States to communications abroad with critical foreign policy and national security implications. Such licensing controls are not directed at controlling the spread of ideas concerning cryptography -- which are widely published and

35

discussed without regulation -- but to determine in advance where, to whom, and for what purpose, powerful encryption software programs are being sent overseas where they might cause harm to U.S. interests.

Accordingly, the notion that the government is obligated to unduly hasten its assessment of the national security impact of such an export, as if a First Amendment- protected business or a civil rights parade were at issue, is without merit. Moreover, the notion that the President, through his designees, would have to initiate and obtain advance approval from a Federal district judge before the government could stop someone from sending powerful encryption software abroad to a hostile foreign adversary, where it could be used to hinder the government's ability to gather sensitive intelligence, as if such an export were somehow analogous to distributing newspapers, is baseless. The Supreme Court in FW/PBS did not even require that the City of Dallas initiate judicial review before denying a license to operate a sexually oriented business, on the ground that the government did not "exercise discretion by passing judgment on the content of protected speech. FW/PBS, 493 U.S. at 229. If the City of Dallas does not have to initiate judicial review before licensing nude dancing establishments, it can hardly be said that the President must do so before preventing someone from sending cryptographic software abroad to a foreign adversary where it might be used against the United States. In sum, there is simply no resemblance between this regulatory scheme, which does not impose restrictions on the dissemination of cryptographic information, and imposes controls on software that can function to encrypt, and the licensing schemes that have been condemned as prior restraints by the Supreme Court.

36

B. Export Licensing Controls On Cryptographic Software Otherwise Comply With The First Amendment.

(i) The Intermediate Standard Of Review Applies To Export Licensing Controls On Cryptographic Software.

Not only do licensing controls on the export of encryption software satisfy constitutional prior restraint concerns, they do not otherwise violate the First Amendment. When assessing whether a particular statute or regulation violates the First Amendment. the court must determine what activity is being regulated, whether this activity is expression protected by the First Amendment and, if so, what standard of review applies to the regulation.

An activity falls within the scope of First Amendment protection if it is "'sufficiently imbued with elements of communication'." Texas v. Johnson, 491 U.S. 397, 404 (1989) (quoting Spence v. Washington, 418 U.S. 405, 409 (1974)). In deciding whether the matter is "sufficiently imbued with elements of communication," the Court looks to "whether '[a]n intent to convey a particularized message was present, and [whether] the likelihood was great that the message would be understood by those who viewed it."' Id. (quoting Spence, 418 U.S. at 410-11). The Supreme Court has also rejected "the view that an apparently limitless variety of conduct can be labeled "speech" whenever the person engaging in the conduct intends thereby to express an idea." United States v. O'Brien, 391 U.S. 367, 376 (1968). Rather, "when 'speech' and 'nonspeech' elements are combined in the same course of conduct, a sufficiently important governmental interest in regulating nonspeech elements can justify incidental limitations on First Amendment freedoms." Id.

37

In O'Brien, the Supreme Court established the standard for evaluating the government's regulation of conduct which might, in its particular applications, impose incidental restrictions on speech. Under O'Brien, an incidental restriction on speech will be sustained if: (i) it is within the constitutional power of the government; (ii) it furthers an important or substantial governmental interest; (iii) the governmental interest is unrelated to the suppression of free expression; and (iv) the incidental restriction on alleged First Amendment freedoms is no greater than is essential to the furtherance of that interest. 391 U.S. at 377. This is the so-called "intermediate" standard of review for First Amendment claims.³¹

The intermediate standard of review may also apply where the "time, place, and manner" in which speech is conveyed is regulated in a content-neutral manner. Turner Broadcasting System, Inc. v. FCC, 114 S.Ct. 2445, 2459 (1994) (regulation of cable television); Ward v. Rock Against Racism, 491 U.S. 781, 791 (1989) (regulation of loudspeakers for demonstration). See Vittitow v. City of Upper Arlington, 43 F. 3d I 100, 1103-04 (6th Cir.), cert denied, 115 S.Ct. 2276 (1995) (injunction barring abortion protest near physician residences was content-neutral). "The principal inquiry in determining content neutrality, in speech cases generally * * * is whether the government has adopted a regulation of speech because of disagreement with the message it conveys." Ward, 491 U.S. at 791 (citing Clark v. Community for Creative Non-Violence, 468 U.S. 288, 295 (1984)

_______________________

³⁸ In O'Brien, the statute at issue regulated conduct that was not intrinsically expressive (the destruction of draft cards) that in some cases could be undertaken to convey a message -- in that case, disapproval of the Vietnam War. The Court nonetheless applied intermediate scrutiny to that regulation since, as here, it was not targeted at intrinsically expressive activity.

38

("CCNV")); Turner, 114 S.Ct. at 2459. "The government's purpose is the controlling consideration." Ward, 491 U.S. at 791 (citation omitted) (emphasis added); Vittitow 43 F.3d at 1104. "Government regulation of expressive activity is content-neutral so long as it is 'justified without reference to the content of regulated speech."' Ward, 491 U.S. at 791 (quoting CCNV, supra, at 293) (original emphasis). Whether or not a statute or regulation is content-neutral may be discerned from an examination of the plain language of the statute or regulation itself, or from a finding that the regulation's "manifest purpose" is to regulate speech because of the message it conveys. Turner, 114 S.Ct. at 2461.³⁹

Based on the foregoing authority, the intermediate standard of review applies here. First, the regulation at issue seeks to license conduct -- the export of cryptographic software -- that is not so intrinsically expressive as to warrant the strictest First Amendment scrutiny. At best it may be said that licensing such conduct might incidentally affect whatever informational value is implicit in the software, or intended to be conveyed by its export. Hence, in accord with O'Brien, intermediate review would apply.

___________________

³⁹ "As a general rule, laws that by their terms distinguish favored speech from disfavored speech on the basis of their ideas or views expressed are content based." Id. at 2459. A law regulating whether individuals may exercise their free speech rights near a polling place that "depends entirely on whether the speech is related to a political campaign" is a content-based regulation. Burson v. Freeman, 504 U.S. 191, 197 (1992); Boos v. Barry, 485 U.S. 312, 318-19 (1988) (plurality opinion). Similarly, a law barring the distribution of literature on the basis of whether it concerns "controversial issues of public policy" is content-based. Consolidated Edison Co. v. Public Service Comm'n., 447 U.S. 530, 533, 537 (1980). Likewise, a law that regulates on the basis of whether words would "arouse anger, alarm, or resentment in others on the basis of race, color, creed, religion, or gender" is content-based. R.A.V. v. St. Paul, 505 U.S. 3779 380@ 391 (1992). See also Sable Communications v. FCC, 492 U.S. 115, 126 (1989) (restriction on access to "indecent" communications, i.e., patently offensive depictions of sexual or excretory activities, is content-based).

39

Even if exporting cryptographic software were characterized as "speech" and not "conduct," intermediate review would still apply. Neither the language of the regulations, nor the governmental purpose underlying them, is directed at the content of ideas or information. The plain language of the regulations reflect a concern with the function of encryption software. For example, Category XIII(B) of the USML, applicable when this suit was brought, establishes export controls on cryptographic equipment or software "with the capability of maintaining secrecy or confidentiality of information." 22 C.F.R. § 121.1 XIII(b)(1) (emphasis added). For the new EAR export controls, the President specifically stated that encryption software is subject to export licensing control "because of such software's functional capacity, rather than because of any possible informational value. E.O. 13026, § l(c); see also Presidential Memo at 3 (encryption source code regulated for its functional capacity) (Tab A). EAR controls on "Encryption Items" also state that the "[e]ncryption items can be used to maintain the secrecy of information" and that the "export of encryption software, like the export of encryption hardware, is controlled because of this functional capacity to encrypt information on a computer system, not because of any informational or theoretical value that such software may reflect, contain, or represent, or that its export may convey to others abroad." 15 C.F.R. § 742.15, 61 Fed. Reg. 68580 (Dec. 30, 1996) (Tab B).⁴⁰ Thus, neither the text of the regulations, nor their stated purpose, are directed at regulating the content of ideas, but are concerned with the

_______________________

⁴⁰ See also Karn v. Department of State, 925 F. Supp. at 10 (the government is not regulating the export of a diskette containing cryptographic source codes because of any expressive content of the code, but in the belief that combination of encryption source code in machine readable media will make it easier for foreign intelligence sources to encode their communications).

40

potential hann to national security that may be caused by the capability of cryptographic software if used overseas.

Contrary to plaintiff's contention, the fact that non-encryption software is not regulated in the same manner as encryption software does not demonstrate that encryption controls are content-based. See Pl.'s Opp. at 23. It simply does not follow that because the government does not regulate all software in the same manner, that encryption software is therefore regulated because of the content of speech. Rather, it is because this type of software has a function of such greater national security significance that more stringent licensing requirements apply to it -- and do not apply to other types of software. This does not reflect a regulation of the content of ideas, but of a more sensitive function and capability. Also, plaintiff's claim that the "harm" of concern to the government "can be traced directly to the content of the communication it seeks to prohibit: cryptographic source code and object code," see PI. Opp. at 26, is erroneous. The harm to the government is caused by what the software is capable of doing overseas, and it is this function, not the content of scientific ideas, that is of concern here.

Because export controls on cryptographic software are not targeted at the content of speech, intermediate scrutiny applies to evaluating plaintiff's claims. See Karn, 925 F. Supp. at 10 (export controls on cryptographic source code are content-neutral and subject to intermediate scrutiny).

(ii) Export Licensing Controls on Cryptographic Software Satisfy Intermediate Scrutiny.

The first two prongs of the intermediate standard of review are readily met here. Export controls are squarely within the powers of Congress and the President to provide for

41

the common defense and regulate international affairs and trade. U.S. Const. Art. 1. § 8 Art. II, § 2. Moreover, the governmental interest at stake -- to protect critical foreign intelligence-gathering functions -- is clearly a substantial one.

The National Security Agency provides essential intelligence reports on a rapid-response basis to national policymakers, including military commanders, based on sophisticated intelligence collection technologies. The use of encryption by foreign intelligence targets to conceal their communications can have a debilitating effect on NSA's ability to collect and report such critical foreign intelligence. Crowell Decl. ¶ 4. The President recently reaffirmed the need for export controls on encryption software, including source code, and found that encryption products, when used outside the United States, can jeopardize our foreign policy, national security, and law enforcement interests. E.O. 13026, § l(c); Presidential Memo at 3 (Tab A).

This is, moreover, the type of interest that merits great deference. Courts have recognized that the decision on whether to control a particular commodity for export is one that inherently involves national security and foreign policy concerns that should be left to the discretion of the Executive branch. In United States v. Martinez, 904 F.2d 601, 602 (11th Cir. 1990), a case concerning the designation of cryptographic devices (video signal descramblers) under Category XIII(B) of the USML, the court stated:

Neither the courts nor the parties are privy to reports of the intelligence services on which this decision, or decisions like it, may have been based, Chicago & Southern Air Lines [v. Waterman SS. Com.], 333 U.S. [103,] 111 [(1948)]. The consequences of uninformed judicial action could be grave. Questions concerning what perils our nation might face at some future time and how best to guard against those perils "are delicate, complex, and involve large elements of prophecy.

42

They are and should be undertaken only by those directly responsible to the people whose welfare they advance or imperil . . . . Id.

Martinez, 904 F.2d at 602. See also United States v. Martinez, 904 F.2d at 602. See also United States v. Mandel, 914 F.2d 1215, 1218-20 (9th Cir. 1990) (determination as to whether restrictions must be placed on the export of a particular commodity "are quintessentially matters of policy entrusted by the Constitution to the Congress and the President, for which there are no meaningful standards of judicial review"). Id. at 1223." In this case in particular, plaintiff's "facial" challenge is that export licensing controls as to any cryptographic software product, whether source code or object code, and including commercial software, violate the First Amendment. This is nothing less than a challenge to the President's overall policy decision to designate encryption software as subject to export licensing controls.

Moreover, the governmental interest at stake is "unrelated to the suppression of speech." O'Brien, 391 U.S. at 377; Turner, 114 S.Ct at 2469. The government's concern is with the unrestricted spread of an encryption capability abroad. This concern applies to software and hardware products alike, and the export licensing requirements apply across the board to all types of cryptographic products, not merely software, because of potential harm caused by their function to encrypt information overseas. The fact that ideas on cryptography are broadly disseminated without regulation also demonstrates that the

_______________________

⁴¹ Accord United States v. Moller-Butcher, 560 F. Supp. 550, 553-54 (D. Mass. 1983) ("[t]he power to classify goods on the CCL -- and to restrict them for export on national security grounds -- can (and should) be turned over to the Executive branch, as it has the dominant role in conducting foreign policy"); United States v. Helmy, 712 F. Supp. 1423 (E.D. Cal. 1989) (the designation of export controlled commodities is "the very product of a national security analysis").

43

governmental interest is unrelated to suppressing ideas. Cryptographic software is not merely "know how" that explains how cryptography works, or a description of scientific ideas or information related to cryptography. Crowell Decl. ¶ 10. It is the actual commodity that enables a computer to perform a cryptographic function, and that is why it is regulated for export, just as hardware is.

Finally, to satisfy the intermediate standard, a challenged regulation must "'promote[] a substantial government interest that would be achieved less effectively absent the regulation."' Ward, 491 U.S. at 799 (quoting United States v. Albertini, 472 U.S. 675, 689 (1985)). The regulation "need not be the least restrictive or least intrusive means of doing so." Id. at 798. Rather, if the governmental interest at stake would be "more exposed to harm" absent the regulation, the regulation "is safe from invalidation under the First Amendment." CCNV, 468 U.S. at 297.

For example, in CCNV, the Supreme Court held that a Park Service ban on overnight camping in Lafayette Park and on the Mall in Washington, which was intended to highlight the homeless problem, satisfied intermediate scrutiny, despite the claim that the Park Service's conservation goals could be achieved by other means that would have had less impact on expressive activities. The Court explained that "these suggestions represent no more than a disagreement with the Park Service over how much protection the * * * parks require or how an acceptable level of preservation is to be attained." 468 U. S. at 299. The Court held that the intermediate standard of review did not "endow the judiciary with the competence to judge how much protection of park lands is wise and how that level of conservation is to be attained." Id.

44

Export controls on cryptographic software easily meet this standard. In the absence of these controls, highly significant U.S. cryptographic software would be available abroad in greater amounts and quality without regard to its end-use or end-user. The government's interest in gathering foreign intelligence and breaking encrypted foreign communications would surely be "more exposed to harm" absent export controls, see CCNV, 468 U.S. at 297, since there would be less control over which products are being exported, to where, and to whom. If the judicial branch defers to the judgment of the Park Service that protecting park areas warrants precluding overnight camping intended to express support for the homeless, CCNV, 468 U.S. at 297-99), then a fortiori, courts should not second-guess a judgment by the President as to how much protection against the export of cryptographic products is required for the national security, and how that level of protection is to be achieved.

At the same time, the government has taken care not to cast its net more widely than necessary. Rather, the regulations at issue are narrowly tailored. See O'Brien, 391 U.S. at 377; Turner, 114 S.Ct. at 2469. First, it is the export of cryptographic software that is subject to licensing controls, not domestic distribution or use of such software. Second, the regulations do not ban the export of cryptographic software. When someone applies for a license to export that item, a separate licensing decision is made, taking into account such factors as the threat to national security, the end-user, and the end-use. The licensing process thus further narrows the scope of the export controls on cryptographic exports.

Third, not all cryptographic software is subject to individual export licensing controls. A variety of specific cryptographic products that do not lend themselves to use for general

45

data encryption purposes are subject to licensing exceptions.⁴² Thus, license requirements are directed at cryptographic software that has particular foreign policy and national security significance, and thereby "'respond[] precisely to the substantive problems which legitimately concern the [Government]."' CCNV, 468 U.S. at 297 (quoting Taxpayers for Vincent, 466 U.S. at 810).

Finally, as explained above, the regulations do not restrict the ability of individuals to publish books and articles on cryptography, nor restrict the export of cryptographic publications in the public domain. For this reason, licensing of controls on cryptographic software do not have "a substantial deleterious effect" on the ability of persons to disseminate information about cryptography, and "leave[s] open ample alternative channels of communication." see Ward, 491 U.S. at 801, 802.⁴³

_______________________

⁴² Software limited in function to authenticating that data has not been tampered with, or to the encryption of passwords or PIN numbers for access to a computer, or to use in banking and financial transactions, is not subject to licensing controls under CCL category ECCN 5D002. See 15 C.F.R. Part 774, ECCN 5D002, Note (b), 61 Fed. Reg. 68586-87 (Dec. 30, 1996 (Tab B). Also, certain "mass market" cryptographic software, and other cryptographic software which provides for "key escrow" or "key recovery" features may also be released from controls and eligible for licensing exceptions, Id. § 742.15(b)(l)-(3).

⁴³ The authority which plaintiff cites in support of his theory that export controls restrict his right to "academic freedom" is clearly inapposite to whether he may, in the name of academic freedom, export an item that the President has determined may be harmful to U.S. interests abroad. See Regents of the University of California v. Bakke, 438 U.S. 265 (1977) (academic freedom generally includes right of university to select diverse student body), Keyishian v. Board of Regents, 385 U.S. 589 (1966) (striking down anti-subversive law as applied to faculty at state universities); Sweezy v. New Hampshire, 354 U.S. 234 (1956) (university faculty member's right to due process violated when he was investigated about the communist and subversive nature of his teaching).

46

C. Export Licensing Controls on Cryptographic Software Are Not Overbroad or Void-For-Vagueness.

Plaintiff also claims that provisions of the ITAR concerning cryptographic software are overbroad and vague in violation of the First Amendment. Assuming plaintiff has standing to make this claim,⁴⁴ it readily fails.

Courts have recognized that the overbreadth doctrine is "strong medicine" to be administered with hesitation, and then "only as a last resort." Broadrick, 413 U.S. at 613. Plaintiff must show that the alleged "overbreadth of the statute must not only be real, but substantial as well, judged in relation to the statute's plainly legitimate sweep." Id. at 615. See also Leonardson v. City of East Lansing, 896 F.2d 190, 195 (6th Cir. 1990). Plaintiff "must demonstrate from the text of the [regulations] and from actual fact that a substantial number of instances exist" in which the provisions he challenges "cannot be applied constitutionally. " New York State Club Ass'n. v. New York City, 487 U. S. 1, 11- 12 (1987) (emphasis added). As with all constitutional challenges, overbreadth should not be found where a limiting construction of the regulation at issue is possible. Broadrick, 413 U.S. at 613.

In addition, plaintiff must also show that the regulations violate the "void-for- vagueness" doctrine. Leonardson, 898 F-2d at 195-96. In assessing First Amendment vagueness claims, the Court must look to whether a statute or regulation defines an offense

_______________________

⁴⁴ As noted, such a facial challenge seeks to invalidate the regulations "in toto" i.e., on the ground that they are "incapable of any valid application" to any other person. Hoffman Estates v. Flipside, Hoffman Estates, 455 U.S. 489, 494 n.3 (1981). Plaintiff would be a proper party for the claim that controls affect academic activity, which may proceed only on an "as-applied" basis, Taxpayers for Vincent, 466 U.S. at 802-03, if plaintiff himself has standing. Greater Cincinnati, 56 F.3d at 718.

47

"with sufficient definiteness that ordinary people can understand what conduct is prohibited and in a manner that does not encourage arbitrary and discriminatory enforcement. Kolender v. Lawson, 461 U.S. 352, 357 (1982).

For the same reasons that export controls on encryption software are narrowly tailored, they also satisfy any overbreadth concern. Even if, at the margins, licensing controls could be applied in a manner that incidentally restricted some notion of expression. such controls have a plainly legitimate purpose to limit the spread abroad of powerful encryption products that could be used to the detriment of U.S. interests. In seeking invalidation of these controls in every application, plaintiff entirely fails to acknowledge such concerns. Moreover, the regulations are expressly targeted at how encryption products function, not mere ideas, and are limited to the more significant encryption software. This. too, meets overbreadth concerns.

Plaintiff's contention that export controls on cryptographic software are vague is also without merit. To begin with, cryptographic software is a clearly defined class of commodity: software that maintains the secrecy of information. Even a lay-person can understand what "maintaining secrecy" means. Plaintiff certainly does, for he has described this function. Pl.'s PI Mem. at 1 and n. 1. In addition, far from being vague, the regulations differentiate between the function and characteristics of cryptographic software that are subject to export licensing controls in substantial detail.⁴⁵

_____________________

⁴⁵ See 22 C.F.R. Part 121, Category XIII(B) (USML distinguishes between software that maintains secrecy with that limited to data authentication, access control, and financial transaction functions, as well as with "mass market" encryption software). See 15 C.F.R. (continued...)

48

Plaintiff argues that the ITAR definition of cryptographic software is vague and overbroad on the ground that it covers "much more than the source codes and executable machine codes of encryption programs such as the one Prof. Junger wrote," but also includes algorithms." Pl.'s PI Mem. at 20. Licensing controls have been applied to encryption algorithms in the context of their implementation in actual software. "In the mathematical field of cryptology, it is common practice that cryptographic algorithms are widely published and discussed so that their capabilities may be evaluated by peers in the field. " Crowell Decl. ¶ 18. Cryptographic algorithms, by themselves, are freely published and discussed without regulation. See, e.g., Tabs 1-4, 8 to Crowell Declaration. Indeed, the government itself published one of the more significant cryptographic algorithms in this field, the Data Encryption Algorithm. See Tab 10 to Crowell Declaration. The issue, therefore, is not the publication of algorithms, but their implementation in encryption software that can function on a computer. Hence, plaintiff cannot demonstrate that the regulations are vague or overbroad in this respect.

Plaintiff also argues that the export controls are vague and overbroad because the government regulated a computer diskette containing source codes that the plaintiff in the

_____________________

⁴⁵ ( ... continued)
§ 742.15(b) & ECCN 5D002 (reflecting similar distinctions between mass market and key recovery/escrow software, as well as software limited to authentication, access control, and financial transaction functions).

⁴⁶ This definition of software at 22 C.F.R. § 121.8(f), which referenced algorithms, no longer applies here. The EAR definition of encryption items, including encryption software, source code, and object code, are set forth at 15 C.F.R. Part 772, 61 Fed. Reg. 68585 (Dec. 30, 1996) (Tab B). Encryption software is defined as "[c]omputer programs that provide capability of encryption functions or confidentiality of information or information systems. Such software includes source code, object code, applications software, or system software."

49

Karn case sought to export, while not previously regulating a book containing the same source codes in printed form. Pl.'s PI Mem. at 21-22. This presents neither an issue either of "overbreadth" -- since printed source codes were not regulated, nor of "vagueness" -- since the distinction drawn is quite clear. Moreover, this issue was fully adjudicated in the government's favor in Karn, where the court noted that a computer diskette is more readily useable to enable a computer to encrypt than are source codes printed in a book. Karn, 925 F.Supp. at 14.⁴⁷

D. Export Licensing Controls on Cryptographic Software Do Not Exceed Statutory Authority.

Plaintiff's last claim that the government is acting in excess of statutory authority by regulating "the publication and dissemination of unclassified cryptography in the United States." Pl.'s PI Mem. at 23, -- is an exercise in circular reasoning. Plaintiff assumes the conclusion that the government does regulate "publication," then argues this is not authorized by statute." Plaintiff claims in particular that the government seeks to regulate the

_______________________

⁴⁷ Plaintiff's reliance on Minneapolis Star & Tribune Co. v. Comm. of Revenue, 460 U.S. 575 (1983) for the proposition that export controls on cryptographic software are overbroad because encryption plays a direct role in protecting communications is without merit. In Minneapolis Star, the Supreme Court struck down a state law that taxed paper and ink used by local periodicals. The Supreme Court employed heightened scrutiny in Minneapolis Star not because the law affected "tools of speech," but rather "because [the challenged law] applied only to the press * * * [and] because in practical application it fell upon on a small number of newspapers," thereby "rais[ing] suspicions that [its] objective was, in fact, the suppression of certain ideas." Turner Broadcasting, 114 S. Ct. at 2468. see Time Warner Entertainment Co. v. FCC, 93 F.3d 957, 977-78 (D.C. Cir. 1996) (per curiam) (discussing Minneapolis Star). Plaintiff's First Amendment rights do not extend to equipping foreign entities with items that can function to conceal communications abroad.

⁴⁸ At the time suit was filed, the statutory authority at issue in this case was the Arms Export Control Act. That Act broadly grants the President authority to designate defense articles and defense services "[i]n furtherance of world peace and the security and foreign (continued ...)

50

"domestic disclosures and transfers" on the Internet. Pl.'s PI Mem. at 25. This assertion underscores the error of presenting a claim that is not ripe. At no time was plaintiff advised that he could not post materials domestically to the Internet.

It is indisputable, however, that the Internet is an international telecommunications medium, and that FTP and World Wide Web sites are accessible internationally, and that Internet "newsgroups" are distributed internationally as well." This presents the obvious concern that the indiscriminate posting of software to the Internet will result in an export to international destinations. Plaintiff cannot dispute that software is an item that can be distributed over computer networks for downloading and use.

For this reason, the State Department has advised parties to take reasonable steps to confine the distribution of software to Internet sites within the United States and Canada. Lowell Decl. ¶ 25. The new Commerce Department regulations also provide that steps should be taken to limit distribution overseas when posting encryption software subject to

___________________

⁴⁸ ( ... continued)
policy of the United States 22 U.S.C. § 2778(a)(1). "The purposes of the provision were to be accomplished not by a detailed statutory scheme but by a grant of authority to the President to control the exportation of listed munitions." United States v. Gurrola-Garcia, 547 F.2d 1075, 1078 (9th Cir. 1976) (construing the predecessor to the AECA, the Mutual Security Act of 1954, 22 U.S.C. § 1934). In so doing, Congress "relied primarily on the President's traditional dominance in and responsibility for foreign affairs." Id. As noted above, the statutory authority for current export controls on encryption items under the EAR is the International Emergency Economic Powers Act, 50 U.S.C. §§ 1701-1706. Plaintiff's prior complaint did not address this statute. However, his contention that mere "publication" is regulated by the government is incorrect, as set forth herein. Should plaintiff raise further claims concerning IEEPA, defendants would respond as warranted.

⁴⁹ See ACLU v. Reno, 1996 U.S.Dist. Lexis, 7919 (E.D. Pa. June 11, 1996) (Part II, Preliminary Injunction Findings of Fact) (¶ 3 - an estimated 40% Internet host computers are overseas); (¶ 4 - the Internet is an international system); (¶ 25 - USENET newsgroup servers are located throughout the world); (¶ 33 - the World Wide Web provides international links between computers).

51

export licensing controls to the Internet. See 15 C.F.R. 734.2(b)(9)(1)), 61 Fed. Reg. 68587 (Dec. 30. 1996) (Tab B). Defining an export of cryptographic software to include its distribution overseas by means of a computer network is clearly consistent with authority to control the export of such software by any other means.

2. Export Licensing Controls on Technical Data Are Constitutional.

A. Export Licensing Controls On Technical Data Do Not Constitute A System Of Prior Restraint.

Plaintiff also claims the government's export controls on technical data constitute a system of prior restraint. Both the ITAR and now operative EAR define technical data to mean information necessary for the design, production, and use of a commodity controlled for export, such as blueprints, diagrams, models, and manuals.⁵⁰ If export controls on such information were such that any scientific or technical information had to be licensed in advance of publication or discussion, then the requirements discussed in Freedman and FW/PBS might be applicable. But this is not the case here.⁵¹

First, courts have recognized the important purpose served by export licensing controls on technical data, and have upheld such controls against First Amendment challenge. In Edler, supra, the Ninth Circuit upheld an earlier version of the ITAR technical data

__________________

⁵⁰ See 15 C.F.R. Part 772 (definition of technology), 61 Fed. Reg. 12936 (Mar. 25, 1996); 22 C.F.R. § 120.10 (definition of technical data).

⁵¹ This claim again exposes the ripeness problem. While plaintiff claims that certain procedures must be followed to license technical data, no action has been taken or threatened by the government concerning the publication of any information about cryptography that plaintiff wishes to undertake, and no license application or denial is at issue as to any information. Under these circumstances, it is premature to decide whether the government must make its licensing decisions within a certain time frame, or initiate judicial review in advance of any denial.

52

controls that were seemingly less protective of speech against a prior restraint challenge. Recognizing that "an expansive interpretation of technical data relating to items on the Munitions List could seriously impede scientific research and publishing and the international scientific exchange," 579 F.2d at 519, the court concluded that these provisions "prohibit only the exportation of technical data significantly and directly related to specific articles on the Munitions List." Id. at 521. As construed, the regulations "do not interfere with constitutionally protected speech but "control the conduct of assisting foreign enterprises to obtain military equipment and related technical expertise." 579 F. 2d at 521. For this reason, the Court held that the licensing requirement was not an unconstitutional prior restraint on a speech. Id.; see also Posey, 864 F.2d at 1496-97 (holding in accord with Edler that technical data controls under the AECA and Comprehensive Anti-Apartheid Act did not violate the First Amendment).⁵³

Current export controls on technical data under the ITAR and EAR are even more susceptible to a construction that they do not interfere with constitutionally protected speech. The numerous exceptions to technical data subject to export controls carve out multiple categories of protected speech from licensing requirements. Rather than extending discretion over the content of speech or its dissemination, both the ITAR and EAR set forth criteria that

__________________________

⁵² At the time of Edler, the ITAR exempted published unclassified technical information from the licensing requirement, but purported to put the burden on the person seeking publication to obtain government approval prior to publication. Edler, 579 F.2d at 519 (citing 22 C.F.R. § 125.11(a)(1) n.3 (1977)) (Tab 1C to Lowell Declaration).

⁵³ Not only did the State Department indicate in 1984 that Edler reflected its practice, see Lowell Decl. ¶ 18, but it amended the ITAR several times in response to First Amendment concerns to more expressly exempt categories of speech and information not subject to export controls. See Def. MSJ Mem. at 16-17 & n. 22, 23.

53

limit the implementation of technical data controls." While plaintiff may contend that these exceptions to technical data controls are not sufficiently clear, the system established by the regulations, on its face, does not seek to impose a prior restraint requirement on speech, but rather to exclude protected speech from its sweep. The unrebutted evidence that there is a broad exchange of technical and scientific information in the field of cryptography, including through publication and teaching, attests to this.⁵⁵

Because export licensing controls on technical data seek to regulate conduct not commonly associated with expression, and to exclude protected speech from their reach, the authority on which plaintiff relies, such as FW/PBS and Freedman, is inapposite.⁵⁶

C. Export Licensing Controls on Technical Data Are Not Overbroad or Void-For-Vagueness.

Export controls on technical data also are not overbroad or impermissibly vague. Such controls have a plainly legitimate purpose to regulate the provision of technical assistance in the development of commodities abroad. Edler. Posey. The only issue is

_____________________

⁵⁴ Information publicly available at a newsstand, bookstore, library, or released at a public symposia or trade conference, or published as fundamental research, or is educational information released in courses at academic institutions, it is not controlled for export. See 22 C.F.R. § 120.10(a)(5) and 120.11 (ITAR exceptions) and 15 C.F.R. § 734.7, 734.7, 734.9, 61 Fed. Reg. 12747-50 (Mar. 25, 1996) (EAR exceptions).

________________________

⁵⁵ See Crowell Declaration, ¶¶ 18, 19 and Tabs 1-9, 11-12; Coppolino Declaration Tabs 1-25 (describing publications, textbooks, and college courses on cryptography).

⁵⁶ Aside from the prior restraint issue, the court's analysis in Edler also indicates that technical data controls would be assessed under intermediate scrutiny. Echoing an O'Brien-type analysis, the court observed that "'[G]eneral regulatory statutes, not intended to control the content of speech but incidentally limiting its unfettered exercise,"' have not been regarded as violating the First Amendment when "'justified by subordinating valid governmental interests."' 579 F.2d at 520 (quoting Konigsberg v. State Bar, 366 U.S. 36. 50-51 (1961)).

54

whether the regulations are drawn so broadly that they encompass substantially more speech than necessary to serve that legitimate purpose, or so indefinitely that ordinary people would not know what they mean. Neither is the case.

As delineated above, the technical data provisions set forth multiple exceptions as to the type of information and activities that are subject to export controls. Merely conceiving of an impermissible application of the regulations is not sufficient to establish overbreadth. Broadrick, 413 U.S. at 630; Taxpayers for Vincent, 466 U.S. at 800. The regulations, on their face, seek to protect a substantial amount of First Amendment protected expression, and are clearly capable of permissible application. See Edler; Posey; Van Hee supra.

Moreover, the language of the regulations is not vague. The multiple exceptions to technical data define and limit what is regulated and what is not. "Language is unavoidably inexact," and, thus, courts are mindful that statutes or regulations "cannot, in reason, define proscribed behavior exhaustively or with consummate precision." United States v. Thomas, 864 F.2d 188, 195 (D.C. Cir. 1988). Rather, the test is whether the regulations at issue are reasonably clear. Id.⁵⁷ Also, "where the constitutional requirement of definiteness is at stake, we have the further obligation to construe the statute, if that can be done consistent with the legislature's purpose, to avoid the shoals of vagueness." Buckley , 424 U.S. at 77- 78.

Plaintiff argues that the exceptions to licensing controls on technical data are vague because there might be an impermissible specific application of the regulations and, hence,

______________________

⁵⁷ See Grayned v. City of Rockford, 408 U.S. 104, 108 (1972) (ordinance at issue was "marked by flexibility and reasonable breadth, rather than meticulous specificity" but it was "clear what the ordinance as a whole prohibits").

55

the exception "gives no real assurance.""⁵⁸ But particularly where there is broad academic discussion and publication in cryptography unregulated by the government, the regulatory exceptions are readily sustainable on their face, and any "specific application" that might he impermissible should be left for an as-applied challenge.

Plaintiff also alleges that the exception from export controls for publicly available information is vague on the ground that it is unclear whether placing information in the public domain is itself a potential violation that must be approved in advance by the government. See Pl.'s Opp. at 13. But this view is, by far, is the most unreasonable interpretation of the regulations. The State Department does not pass on which information may be placed in the public domain or taught in schools. Lowell Decl. ¶¶ 12-14. Similarly. the EAR exempts from licensing controls information that is already published or will be published. 15 C.F.R. § 734.b(3)(ii) & 734.7. The focus of technical data controls is on nonpublic proprietary or classified information. See Lowell ¶¶ 18, 19.⁵⁹

_______________________

⁵⁸ Brief in Opposition to Defendants' Motion for Summary Judgment and in Support of Plaintiff's Motion for Summary Judgment at 13 ("Pl. Opp.").

⁵⁹ Plaintiff also contends that the regulations do not clearly distinguish between technical data and cryptographic software. This, too, is without merit. Encryption software is specifically enumerated in Category XIII(B) of the United States Munitions List. It is also specifically designated on the Commerce Control List in ECCN 5D002. Technical data is defined, under both the ITAR and EAR to mean information necessary to develop or use a controlled commodity. See 22 C.F.R. § 121.10(a)(1); 15 C.F.R. Part 772 (definition of technology). There is also a separate ECCN 5E002 for encryption technology. The reason for this distinction is also clear: cryptographic software is not mere technical information, but the actual item that can be loaded onto a computer and used to encrypt information. See Crowell Decl. ¶ 10.

56

D. Export Licensing Controls on Technical Data Do Not Exceed Statutory Authority.

Finally, plaintiff contends that defining the export of technical data to include domestic disclosure to foreign persons is beyond the government's statutory authority. See 22 C.F.R. § 120.17(a)(4); 15 C.F.R. § 742.2(b). This argument also lacks merit.⁶⁰ As the court in Edler observed, the government's concern is not only with the export of actual products, such as cryptographic software, but the provision of technical knowledge to a foreign entity with the intent to assist in the development of that controlled item overseas. Edler, 579 F.2d at 521; Lowell Decl. ¶ 19. It would be senseless if the government could control only the export of the item that might harm national security, but not U.S. technical assistance in its development abroad. Edler, 570 F.2d at 520; Van Hee, 531 F.2d at 355-56. It would also be senseless if the government could only regulate the provision of technical assistance abroad by a U.S. person, but not in the United States, since in either case a U.S. person is aiding in the development overseas of an item controlled for export. But the regulations do not provide that all disclosures of scientific information domestically are "exports" of technical data. As explained, they carve out information and activities -- such as publication, teaching, research, and symposia -- from technical data controls in the first place. Thus, the definition of exporting technical data does not reach too far.⁶¹

___________________

⁶⁰ As noted above, the IEEPA is now the governing statutory authority. For now, defendants address only the point raised by plaintiff concerning whether the regulatory definition of an "export" of technical data may include domestic distribution.

⁶¹ Also, while the EAR prohibits the provision of technical assistance or training with the intent to assist in the development of a controlled item overseas, mere academic discussion would not be sufficient intent to violate this prohibition. See 15 C.F.R. § 744.9, 61 Fed Reg. 68584 (Dec. 30, 1996).

57

III. PRELIMINARY INJUNCTION

A. Plaintiff Fails To Satisfy The Requirements For The Issuance of A Preliminary Injunction.

Since the Fall 1996 semester at Case Western Reserve law school is now over, consideration of plaintiff's motion for a preliminary injunction may now be moot. Assuming, the Court still considers it, plaintiff has failed to satisfy the requirements for the issuance of a preliminary injunction. See Golden v. Kelsey-Hayes Co., 73 F.3d 648, 65') (6th Cir. 62 1996).

For the reasons detailed above, plaintiff has no likelihood of success on the merits. In addition, plaintiff has failed to demonstrate any irreparable harm.⁶³ Such harm cannot be established merely by speculating that his constitutional right to engage in academic discussion is "chilled" where no such action has been threatened or taken against him. See Los Angeles v. Lyons, 461 U.S. 95, 111 (1983). Instead, a party moving for a preliminary injunction must "substantiate the claim that irreparable injury is 'likely' to occur . . . [by] provid[ing] proof that the harm has occurred in the past and is likely to occur again, or proof indicating that the harm is sure to occur in the near future." Wisconsin Gas Co. v. FERC, 758 F.2d 669, 674 (D.C. Cir. 1985) (emphasis added) (internal quotation omitted). Plaintiff

_______________________

⁶² The four elements considered in ruling on a motion for preliminary injunction are: "(1) the plaintiff['s] likelihood of success on the merits, (2) whether the plaintiff[] could suffer irreparable harm without the injunction; (3) whether granting the injunction will cause substantial harm to others; and (4) the impact of the injunction on the public interest." Golden, 73 F.3d at 653; Dayton Area Visually Impaired Persons v. Fisher, 70 F.3d 1474, 1480 (6th Cir. 1995), cert. denied, 116 S.Ct. 1421 (1996).

⁶³ This is particularly fatal to plaintiff's motion, because "where the plaintiff establishes something less than probable success on the merits, need for proof of the threat of irreparable damage is even more pronounced." Friendship Materials, Inc. v. Michigan Brick, Inc., 679 F.2d 100, 104 (6th Cir. 1982).

58

has not, and cannot, produce evidence of a prior governmental action against him for disseminating scientific ideas about cryptography in the classroom, and he claims to have been teaching his class for the last three years. Moreover, the extent of unregulated academic teaching and publication in this area belies any threat of irreparable harm.

In addition, because "[p]reliminary injunctions are usually granted under the theory that there is an urgent need for speedy action to protect the plaintiffs' rights," delay in seeking such action may "indicate an absence of the kind of irreparable harm required to support [such an action]." Citibank, N.A. v. Citytrust, 756 F.2d 273, 276-77 (2nd Cir. 1985).⁶⁴ Plaintiff's motion was not filed until nearly three years after his first phone call to the government in May 1993, and nine months after his last call in October 1995. Plaintiff alleges nothing that has occurred in the past three years that would necessitate injunctive relief now. His motion was apparently prompted by the onset of the fall semester at Case Western University Law School -- an event that has come and gone three times since his first phone call in 1993, and was easily expected to recur this fall. For this reason as well, preliminary injunctive relief is unwarranted.

Finally, the granting of a preliminary injunction would cause serious harm to the government and to the public interest, and upset the status quo. Plaintiff asks the Court for the right to export software, purportedly for academic reasons, to any foreign destination or entity. Plaintiff has never presented the specifications of any software he wishes to export to

_______________________

⁶⁴  See also Blanksteen v. New York Mercantile Exchange, 879 F. Supp. 363, 366-67 (S.D.N.Y. 1995) (denying preliminary injunction where "plaintiff could have sued anytime over the last two years"). This is true even where First Amendment rights are at stake. See WPIX, Inc. v. League of Women Voters, 595 F. Supp. 1484, 1493-94 (S. D. N. Y. 1984).

59

the government. "One-time pad" encryption systems are presumptively subject to export controls, and plaintiff seeks the right to export such software without any examination of the specific item at issue, or how and to where it would be exported. Particularly given the national security concerns at issue,⁶⁵ the government would clearly be harmed, and the public interest ill-served, if plaintiff is permitted to export cryptographic software potentially subject to licensing controls without a chance for the government to assess the matter beforehand.⁶⁶ Hence, plaintiff's request for preliminary injunctive relief should be denied.

IV. CONCLUSION

For the foregoing reasons, plaintiff's motion for a preliminary injunction should be denied, defendants' motion to dismiss or, in the alternative, for summary judgment should be granted, and plaintiff's complaint should be dismissed.

Respectfully Submitted,

FRANK W. HUNGER
Assistant Attorney General

EMILY M. SWEENEY
United States Attorney

VINCENT M. GARVEY
Deputy Branch Director

_____________________

⁶⁵ Courts are particularly reluctant to grant injunctive relief where, as here, it would "deeply intrude[] into the core concerns of the executive branch. " Adams v. Vance, 570 F.2d 950, 954 (D.C. Cir. 1977) (per curiam). In such situations, an extraordinary showing for injunctive relief must be made. Id.

⁶⁶ Indeed, even if the Court determined that plaintiff had valid First Amendment concerns, an injunction that allowed him to export would never be appropriate before the merits have been finally adjudicated, since it would radically change the status quo and thereby vitiate the government's interests.

60

[Signature]

ANTHONY J. COPPOLINO
MARY E. KOSTEL
Department of Justice
Civil Division, Room 1084
901 E Street, N.W.
Washington, D.C. 20530
Tel. (Voice): (202) 514-4782
(FAX): (202) 616-8470 or 616-8460

Attorneys for the Defendants