20 March 1998, PRNewswire: Network Associates Announces Availability of 128bit PGP Encryption Software For Global Customers Strong Encryption to Spur Growth of Secure Electronic Communications Worldwide Hanover, Germany, CEBIT '98,-- Network Associates International B.V. (Nasdaq: NETA), today announced the immediate availability of PGP, the world's best encryption software, for businesses around the world. The PGP encryption technology is the cornerstone of Network Associates' Total Network Security (TNS) Suite and enables users to successfully protect their confidential email and documents. "Electronic commerce has not been a viable option for many businesses due to the lack of guaranteed protection for confidential information," said Peter Watkins, general manager of the Net Tools Secure Division at Network Associates. "We now have a solution to this problem with full-strength internationally developed PGP software -- guaranteeing safe communications over the Internet and the safe delivery of confidential documents via email." Network Associates' PGP encryption products for international markets will be fully developed and compiled in Europe by cnlab Software, based upon widely available published source code that was legally exported from the United States. No United States technical assistance has been, or will be provided to cnlab Software or to international offices of Network Associates, ensuring full compliance with United States export laws. Network Associates International B.V. will work with technical partners throughout the world to ensure that customers have access to technical support and development expertise throughout the region. Network Associates Announces New Security Division Network Associates is also announcing a new, dedicated security division headed up by Graham Curme in Windsor, United Kingdom. The new division will work with selected technical partners throughout Europe to provide technical support to customers. At the same time, a dedicated security division will be established in Germany, followed closely by Scandinavia and the rest of Europe. Network Associates' PGP software, the flagship technology of the company's Total Network Security (TNS) Suite, is a multi-platform, fully scaleable encryption solution -- designed for single users to large corporations. The TNS Suite, employing 128-bit encryption, combines Network Associates' PGP Desktop Suite, providing multi-platform encryption protection for desktops and the PGP Server Security Suite, offering authentication and policy-based administration and management of security. PGP can cost as little as $80.00 (U.S.) for single users, while corporate pricing is dependent on the number of users. [Snip corporate blurb] site: http://www.nai.com/ (NETA) ---------- 20 March 1998, Reuters: US Quickly Takes Aim at Encryption Product Santa Clara: A leading encryption software company has announced a plan to sell its powerful data scrambling products overseas, bypassing strict export limits and quickly prompting the U.S. Commerce Department to promise a thorough review. Network Associates Inc. said Friday it planned to sell its powerful Pretty Good Privacy (PGP) encryption software, which cannot be exported from the United States, in other countries through a deal with a Swiss company, cnlab Software. Network Associates said PGP encryption products for international markets will be developed and compiled in Europe by cnlab, based on widely available published software code it said was legally exported from the United States. The Santa Clara, Calif.-based company said no U.S. technical assistance has been or will be provided to cnlab Software or to Network Associates' international offices, ensuring full compliance with U.S. export laws. The Commerce Department said it would carefully review Network Associates' plan. ``We're going to have to look at it very closely to see if it violated U.S. law or regulation,'' Undersecretary of Commerce William Reinsch said. Encryption, which scrambles information and renders it unreadable without a password or software ``key,'' has become an increasingly critical means of safeguarding electronic commerce and communications over the Internet. But the government fears encryption will be used by crooks to hide criminal acts. The FBI favors requiring a ``back door'' in all encryption software allowing agents to read any coded message. Last year, the Commerce Department stymied a plan similar to Network Associates' to evade export restrictions by computer workstation and software maker Sun Microsystems Inc. Reinsch declined Friday to comment on the Sun plan. Reinsch said Network Associates' plan could have two flaws. The government will seek to learn whether the company illegally exported any encryption to make the products abroad. The government will also directly review the products, which could be deemed subject to U.S. export rules if they contain more than 25 percent U.S. content, Reinsch said. The Clinton administration, backed by law enforcement and intelligence agencies, has long been at odds with software makers, Internet users and civil libertarians over encryption regulations. Under current policy, U.S. citizens are free to use any form of encryption but stronger products cannot be exported unless they include a means for the government to break any coded message. Congress is debating a variety of proposals to change encryption regulations, ranging from a plan to require back doors in software used by U.S. citizens to bills that would nearly eliminate the current export limits. Reinsch said the government was ``disappointed'' about the Network Associates deal. ``It's not consistent with our policy and we're always disappointed when people do things that make our job more difficult,'' he said. A series of acquisitions have put Network Associates near the top of the U.S. encryption software market. In December, the company bought one of its leading competitors, Pretty Good Privacy Inc., and last month announced a deal to acquire another, Trusted Information Systems. ---------- 20 March 1998, NewsBytes: Network Associates Ships 128-Bit Encryption Without License Santa Clara, California: You can't call it exporting and it may squeak by the letter of the law, but terms like "quarterback sneak" keep coming to mind. A Dutch subsidiary of Santa Clara-based Network Associates Inc. [NASDAQ:NETA] (NAI) is shipping 128-bit strong encryption to international customers with no US export license. NAI officials say the US government has not objected. The announcement came Friday morning in a teleconference in the US, with a separate press release issued at the Cebit '98 trade show in Hannover, Germany. What NAI did was contract with a small Swiss company named Cnlabs Software to develop a clone version of PGP, the e-mail and file strong-encryption system that NAI acquired last year, without help from any US citizen or entity. That presumably takes the resulting encryption program beyond the reach of US Commerce Department export rules. Cnlabs then licensed its export and marketing rights to Network Associates International B.V., an NAI Dutch subsidiary. That presumably placed international marketing into the regulatory hands of the Dutch, who have a long tradition of unfettered private-sector international trading. At a Friday morning teleconference attended by Newsbytes, Peter Watkins, general manager of NAI's net tools secure division, told reporters: "We believe we are the first and only US company to actually begin to operate in this manner. In many respects this is not radically different than what anyone else could have done." The encryption products NAI has taken international are actually not identical to PGP. They are just "functionally equivalent" clones. Like PGP, they can use 128-bit strong encryption to scramble messages to the point where intruders -- including government agencies -- cannot unscramble them in a reasonable amount of time without the key. That ability to hide file contents from anyone including the government spurred the US to treat strong encryption as equivalent to a weapon, but restrictions have relaxed recently. Last month, Hewlett-Packard received official permission to export its VerSecure strong-encryption system outside the US, subject only to local restrictions at the destination nations (Newsbytes, February 27, 1998). In an announcement from Hannover, the Dutch NAI subsidiary said Cnlabs used "widely available published source code that was legally exported from the United States" to develop its international PGP version. Said Watkins: "Essentially, any third party could have contracted with any non- US entity for any product (including strong encryption) and offer it worldwide. We do believe however we are the first to do that, and to make it available through our distribution channels throughout the world, so that there is one single sales and support organization." Watkins said NAI will work to remain "in full compliance with all the (US) Commerce Department rules" including those forbidding shipments to some individuals and countries. He cited Iran, Iraq and Libya as nations where PGP will not be sold. Watkins described Cnlabs as "a small company in Switzerland" associated with "a series of world renowned cryptographers." He said the contract explicitly called for complete interoperability, and testing showed the Swiss firm had met that goal. Next the Swiss firm will make localized versions available in Japan, Europe and other non-English speaking nations. The version shipping today will be sold in the UK and most of Europe, Australia and Japan, the firm said. Newsbytes notes PGP already holds US permissions to export 128-bit strong encryption without key recovery systems to limited sets of customers like financial institutions and subsidiaries of U.S. firms. The strategy announced Friday will presumably remove even that short leash from NAI's PGP marketing group, if all goes as planned. About today's announcements, Watkins declared: "It's the ability for customers to securely communicate from Japan or Australia to the US or Germany or Switzerland, or wherever it may be." ----------