Encryption tools have historically been subject to regulations, what has changed?
Mullick: Many nations have historically placed export controls on “outbound” encryption technologies produced by their domestic industries, motivated by a desire to keep technology away from potential adversaries. Assigning and managing these controls was arguably simpler when the ranks of encryption providers and customers were fewer and the methods for their distribution more limited. However, in today’s digital world, anyone with a Web browser can download almost any kind of software available. It is fundamentally more challenging to govern “who” can use “what”. A key example is the emergence of laws in multiple countries restricting the use or importation of encryption software, or imposing “inbound” controls. These can be triggered whether encryption will be sold or used internally and regardless of whether the technology enters the country physically or through “intangible” transfer, such as via the Internet. Just as businesses have always monitored their native countries’ laws o
