CONTROLS IN THE EU
HELSINGIN YLIOPISTO − HELSINGFORS UNIVERSITET − UNIVERSITY OF HELSINKI
− Fakultet/Sektion − Faculty/Section
− Institution − Department
Faculty of Law
Tekijä − Författare − Author
Department of Public Law
−Arbetets titel − Title − Subject
Aika − Datum − Date Sivumäärä − Sidoantal
Cryptographic Software Export Controls in the EU
Oppiaine − Läroämne
− Arbetets art − Level
− Number of Pages
Tiivistelmä − Referat − Abstract
Certain software products employing digital techniques for encryption of data are subject toexport controls in the EU Member States pursuant to Community law and relevant laws in the Member States. These controls are agreed globally in the framework of the so-called Wassenaar Arrangement. Wassenaar is an informal non-proliferation regime aimed at promoting international stability and responsibility in transfers of strategic (dual-use) products and technology. This thesis covers provisionsof Wassenaar, Community export control laws and export control laws of Finland, Sweden, Germany, France and United Kingdom. This thesis consists of five chapters. The first chapter discusses the ratio of export control laws and the impact they have on global trade. The ratio is originally defence-related – in general to prevent potential adversaries of participating States from having the sametools, and in particular in the case of cryptographic software to enable signals intelligence efforts. Increasingly as the use of cryptography in a civilian context has mushroomed, export restrictions can have negative effects on civilian trade. Information security solutions may also be took weak because of export restrictions on cryptography. The second chapter covers the OECD’s Cryptography Policy,which had a significant effect on its member nations’ national cryptography policies and legislation. The OECD is a significant organization, because it acts as a meeting forum for most important industrialized nations. The third chapter covers the Wassenaar Arrangement. The Arrangement is covered from the viewpoint of international law and politics. The Wassenaar control list provisionsaffecting cryptographic software transfers are also covered in detail. Control lists in the EU and in Member States are usually directly copied from Wassenaar control lists. Controls agreed in its framework set only a minimum level for participating States. However, Wassenaar countries can adopt stricter controls. The fourth chapter covers Community export control law. Export controls are viewed inCommunity law as falling within the domain of Common Commercial Policy pursuant to Article 133 of the EC Treaty. Therefore the Community has exclusive competence in export matters, save where a national measure is authorized by the Community or falls under foreign or security policy derogations established in Community law. The Member States still have a considerable amount of power in the domain ofCommon Foreign and Security Policy. They are able to maintain national export controls because export control laws are not fully harmonized. This can also have possible detrimental effects on the functioning of internal market and common export policies. In 1995 the EU adopted Dual-Use Regulation 3381/94/EC, which sets common rules for exports in Member States. Provisions of this regulation receivedetailed coverage in this chapter. The fifth chapter covers national legislation and export authorization practices in five different Member States – in Finland, Sweden, Germany, France and in United Kingdom. Export control laws of those Member States are covered when the national laws differ from the uniform approach of the Community’s acquis communautaire.
Avainsanat – Nyckelord − Keywords...