Date: Thu, 3 Feb 1994 02:24:31 -0500 From: BITNET list server at BITNIC (1.7f) Subject: File: "LEGAL COUNSEL" To: gnu@cygnus.com CREN Information Center LEGAL COUNSEL Feb. 21, 1990 Suite 600, 1112 Sixteenth St, NW, Washington, DC 20036 (202)872-4200 Legal Aspects of Linking BITNET to Foreign Countries The network access to foreign countries (especially those which may have restrictions placed upon the information which can legally be sent to them) which is now possible through CREN networks places significant legal responsibilities on CREN Members and Affiliates to ensure that they do not violate federal law by transmitting material to such foreign countries which is not allowed under current law and federal policy. The definitive policy statement regarding what data may be freely distributed is provided by the US Department of Commerce Export Administration Regulations, of which section 779.3, "General License GTDA; Technical Data Available to All Destinations" defines that information which may be distributed without special license from the Department of Commerce. It is the responsibility of each CREN Member and Affiliate to ensure that it abides by these regulations in all respects. The following opinion from CREN counsel supplements the letter of clarification to CREN from the US Department of Commerce and the GTDA policy statement defining General Technical Data Availability to provide CREN Members and Affiliates with an understanding of the legal issues of which they should be aware in using the networks for communication abroad. These three documents are all available from LISTSERV@BITNIC as the files LEGAL COUNSEL, LEGAL COMMERCE, and LEGAL GTDA, respectively. CREN Members and Affiliates are strongly advised to familiarize themselves with these documents and to take whatever steps are necessary to ensure that their staff and students are not in violation of the federal regulations in their use of the networks. Legal Aspects of Linking BITNET to East Block Nations Opinion of Counsel OPINION MEMORANDUM TO: Ira Fuchs, President CREN Board of Trustees DATE: February 7, 1990 FROM: Edward J. Bergman, Esquire CREN Corporate Counsel RE: Link to Eastern Europe and PRC This memorandum is in response to your request for an opinion of counsel regarding network connection by entities within Eastern European Countries and The People's Republic of China. Following review of the United States Department of Commerce, Bureau of Export Administration, letter to Jim Conklin, dated January 18, 1990, hereafter "The Commerce Letter" (Exhibit A); The Export Regulation Act, USCA, Title 50, Appendix, Sections 2401 et seq; the General License GTDA, 15 CFR Part 779, Federal Register Vol. 54, No. 190, October 3, 1989, (Exhibit B); and telephone conferences with the Department of Commerce, we offer the following review and evaluation: Broadly speaking, the General License GTDA permits the exportation of non-proprietary information consisting of three principal categories: a. Publicly available information b. Fundamental research c. Educational information We will refrain from restating or paraphrasing the General License GTDA which is, instead, attached as Exhibit "A" hereto. The salient common characteristic of the aforementioned categories is the lack of proprietary restrictions upon access to the information in question. Thus "fundamental" research generates information which is "ordinarily published and shared broadly within the scientific community," and "educational information" comprehends information released "by instruction in catalog courses and associated teaching laboratories of academic institutions." "Publicly available information" constitutes the broadest category comprehended within the General License GTDA and is well defined in Sec. 779.3(b). Narrower categories are covered by Sec. 779.3(e), (f) and (g). The information carried over the network will almost universally qualify for the licensing protection of the GTDA unless and until CREN decides to add proprietary data bases at some future time. CREN member guidelines already prohibit use of the network for "commercial traffic". Presently, CREN does not disseminate or export technical data as an entity since CREN does not undertake activities other than internal organization, policy making and membership related matters through its Board of Trustees and its prime contractor, EDUCOM. The members, not CREN, are the prospective exporters within this format. Logically, and in accordance with The Commerce letter, the foregoing structure determines that CREN's principal, if not sole responsibility, is communication to the membership of applicable statutes and regulations governing restrictions on exportation of information. CREN is thus encouraged to transmit or publish the General License GTDA over the network. Perhaps the most troublesome and elusive aspect of The Commerce letter deals with its elaboration of "Bitnet" responsibilities. "Bitnet" is burdened by a "level of care" commensurate with its organizational structure in which members elect "management", "use guidelines" are established, and Trustees or the prime contractor could, at times, learn of the content of transmitted information. That "level of care", however, appears limited to reportage of prospective member violations which are known or should be known by "Bitnet" to be forthcoming. The Commerce Letter evinces confusion about what or who "Bitnet" is, i.e. the members, the Board, and/or the prime contractor. It mistakenly refers to "Bitnet employees." Conferences with the Department of Commerce reveal that the problem lies in a lack of actual guidelines or regulations on the duty of care issue. This paucity of data is not likely to be remedied. In practice, should a Trustee or a representative of the prime contractor know of a prospective violation or have reason to know of a prospective violation, and fail to prevent or report same, CREN could be prosecuted for said violation. If a member knows of a prospective violation or has reason to know of a prospective violation by another member and fails to report same, the passive but aware member would almost certainly not be prosecuted unless it received a benefit from the violation, either pecuniary or in the sense, for example, that it was collaborator in wrongfully disseminated research data. Without some connection between the members regarding the improperly disseminated information, prosecution of the non- reporting, but aware member, would apparently be deemed too remote. No regulation or stated opinion of the Department of Commerce imposes a duty on CREN to actively monitor network transmission. Sanctions for violations of the Export Regulations Act, Act and regulations promulgated thereunder are covered by Section 2410 of the Act. Three categories of sanctions exist. Ordinary violations which are not willful are punished by fines of "not more than five times the value of the exports involved or $50,000.00, whichever is greater, or imprisoned not more than 5 years, or both." (Corporations cannot be imprisoned and, assuming we do not have a violation by an individual acting outside the scope of his corporate duties, it is almost inconceivable that incarceration would be an issue). Willful violations involve somewhat more complex sub-categories but, in the worst instance, expose the corporate offender to fines up to five times the value of the exports involved or $1,000,000.00, and the individual violator to fines up to $250,000.00 or imprisonment for up to 10 years, or both. Civil penalties are also authorized up to $10,000.00 for each violation along with potential suspension or revocation of authority to export. In conclusion, counsel recommends that the proposed connection of entities within Eastern European Countries and The People's Republic of China to the network proceed via entertainment of such applications for processing according to existing membership guidelines. It is further recommended that the General License GTDA Section 2410 of the Export Regulation Act, the Commerce Letter and the Memorandum Opinion of Counsel be disseminated to the membership over the network. All interested parties should be aware that a conservative approach mandates that any questions or gray areas be the subject of inquiries addressed to counsel.