[Fwd: IP: Fact Sheet on Export Controls on High Performance Computers]

Joseph A Del corso j.a.delcorso at larc.nasa.gov
Thu Jan 11 12:58:05 PST 2001

I know this may be way off base, but I figure I might as well
throw the idea out there. (Perhaps this already exsists and I'm 
simply un-aware of it) 
In light of what I just read, I'm curious if it wouldn't benefit
the open source community to form some kind of regulatory committee
to (and I shudder at the thought of what I'm about to say) control
the software being put out.  I realize that open source is a wonderful
idea, but who takes the blame for the mis-use of software?  
While I don't have any examples to prove the point, I think the idea
of "we just built the atom bomb, whatever people do with it is out 
of our hands" is kind of bogus.  A "hands off" approach to responsibility
for software produced is wrong.    
My personal opinion, specifically for the open source community, is 
to take responsibility for regulating itself.  I realize this goes 
against the "open source" concept... 

I dunno...

Just an idea...


On Thu, 11 Jan 2001 Eugene.Leitl at lrz.uni-muenchen.de wrote:

> -------- Original Message --------
> From: Dave Farber <farber at cis.upenn.edu>
> Subject: IP: Fact Sheet on Export Controls on High Performance Computers
> To: ip-sub-1 at majordomo.pobox.com
> >
> >
> >                            THE WHITE HOUSE
> >
> >      Office of the Press Secretary
> >________________________________________________________________________
> >For Immediate Release                                   January 10, 2001
> >
> >
> >
> >
> >
> >The President today announced the sixth revision to U.S. export controls
> >on high performance computers (HPC) since 1993.  The President's action
> >will promote our national security, enhance the effectiveness of our
> >export control system and ease unnecessary regulatory burdens on both
> >government and industry.
> >
> >Review of Alternative Control Measures.  In 1995, the President
> >announced a new policy for controlling the export of HPCs.  The new
> >policy focused on two complementary objectives: (1) limiting the
> >acquisition of computational capabilities by potential adversaries and
> >countries of proliferation concern, and (2) ensuring that U.S. domestic
> >industries supporting computing capabilities important for national
> >security could compete in markets of limited security or proliferation
> >risks.
> >
> >The new policy controlled hardware and software products and technology.
> >The Administration recognized that the controls would need periodic
> >adjustment to ensure effectiveness, given the ever-increasing
> >availability of commodity products, such as workstations and servers, of
> >which millions are manufactured and sold worldwide every year.  Until
> >recently, the 1995 policy has been able to keep pace with this growth by
> >adjusting hardware controls periodically to ensure that controls were
> >only placed on computers that could be effectively controlled.  Control
> >levels have been based on a metric of performance that was well suited
> >to the computer architectures of the mid-1990's -- that is, measuring
> >performance in millions of theoretical operations per second (MTOPS)
> >through a fixed formula.
> >
> >In mid-1999, it became apparent that the growth in widely available
> >computer hardware capabilities was outpacing the ability of export
> >control policy to keep up.  President Clinton announced in July 1999
> >that hardware controls would be adjusted more frequently and that the
> >Administration would seek a more effective way to control the export of
> >computational capabilities important for security and proliferation
> >interests.  The review, which began in the fall of 1999 and involved all
> >relevant security and nonproliferation agencies and private sector
> >experts, sought to address the realities of the computer hardware
> >market, including the continuing growth in single processor performance
> >that can be aggregated relatively easily into multiple processor
> >machines, and the advancements in interconnection capabilities that
> >allow end-users to network large clusters of computers.  The latter
> >element has, in particular, become the single most important challenge
> >to the ability to effectively control computer hardware.
> >
> >The Administration has concluded that there are no meaningful or
> >effective control measures for computer hardware that address the
> >technological and marketplace challenges identified during the review.
> >The review found that the ability to control the acquisition of
> >computational capabilities by controlling computer hardware is becoming
> >ineffective and will be increasingly so within a very short time.  This
> >conclusion reflects our understanding of the level of hardware
> >capabilities needed to address problems of national security and
> >nonproliferation concern.  Nevertheless, the review did find that there
> >is merit in continuing to control national security and
> >proliferation-related software.
> >
> >Given these conclusions about the inability to effectively control
> >computer hardware, the Administration would prefer to remove most
> >controls on computer hardware exports, including the existing controls
> >on exports to Tier 3 countries.  However, it recognizes that the new
> >Administration needs an opportunity to examine such a proposal, and,
> >that as a legal matter, the FY 1998 National Defense Authorization Act
> >(NDAA ? P.L. 105-85) requires continued use of MTOPS to control computer
> >exports to Tier 3 and Tier 4 destinations.  The President has decided,
> >therefore, based on the advice of n7ational security agencies, to revise
> >the current HPC control policy in the short term consistent with legal
> >requirements, and at the same time to propose a longer term strategy for
> >the consideration of the next Administration.
> >
> >The Revised Controls.  The Administration will change the four tiered
> >country group structure created in 1995 to a three tiered system as
> >follows:
> >
> >Tier 1 (encompassing Western Europe, Japan, Canada, Mexico, Australia,
> >New Zealand, Hungary, Poland, the Czech Republic and Brazil) and what
> >was formerly Tier 2 (South and Central America, South Korea, ASEAN,
> >Slovenia and most of Africa) will be combined into a single Tier 1.
> >Exports without an individual license will be permitted for all
> >computers (i.e., there is no prior government review) destined for
> >end-users/end-uses in this combined Tier 1.  Lithuania will be moved
> >from Tier 3 to the new Tier 1.  P.L. 105-85 requires a 120-day
> >congressional notification before this move becomes effective.
> >
> >Tier 3 (India, Pakistan, all Middle East/Maghreb, the former Soviet
> >Union, China, Vietnam and Central Europe).  Based on President Clinton's
> >August 2000 decision, effective February 26, 2001, exports will be
> >permitted under general license up to 28,000 MTOPS and individual
> >licenses are required for exports to all end-uses and end-users above
> >that figure.
> >
> >The Administration will implement a new level, 85,000 MTOPS, above which
> >individual licenses will be required for all end-users in Tier 3
> >countries.  This new level will become effective at the same time as the
> >new NDAA notification level.
> >
> >NDAA Notification.  P.L. 105-85 imposed a requirement for companies to
> >provide the Commerce Department with prior notice of exports for systems
> >above a certain level to all Tier 3 end-users.  U.S. export control
> >agencies have 10 days to inform the company if it must apply for a
> >license.  The President's August 2000 decision raised the NDAA
> >notification level to 28,000 MTOPS; that decision will become effective
> >on February 26, 2001.
> >
> >The NDAA notification level will be raised from 28,000 MTOPS to 85,000
> >MTOPS.  The President will advise the appropriate Congressional
> >committees of his decision to raise the NDAA notification level.  By
> >law, Congress has sixty days to review this decision, after which the
> >change will become effective.
> >
> >Tier 4 (Iraq, Iran, Libya, North Korea, Cuba, Sudan and Syria).  There
> >are no planned changes for Tier 4 countries, current policies continue
> >to apply (i.e., the United States will maintain a virtual embargo on
> >computer hardware and technology exports to these destinations).
> >
> >For all these tiers, re-export and retransfer provisions continue to
> >apply, and we will continue the policy of individual license review
> >under the Enhanced Proliferation Control Initiative (EPCI), which
> >provides authority for the government to block exports of computers of
> >any level in cases involving exports to end-uses or end-users of
> >proliferation concern or risks of diversion to proliferation activities
> >(e.g., foreign nuclear weapons design laboratories).  Criminal and civil
> >penalties apply to EPCI violators.
> >
> >The revised controls will become effective when they are implemented in
> >formal Commerce Department regulations.  In addition, the Commerce
> >Department will continue to review its list of published entities of
> >concern as a means of informing exporters of potential proliferation and
> >other security risks.  The Department will remind exporters of their
> >duty to check suspicious circumstances and inquire about end-uses and
> >end-users.  Exporters are advised to contact the Commerce Department if
> >they have any concern with the identity or activities of the end-users,
> >and the Department will work to expand its efforts -- through public
> >seminars and consultations with companies -- to keep industry regularly
> >informed regarding problem end-users and programs of proliferation
> >concern.
> >
> >Enhanced Controls on Critical Applications Software.  In addition to
> >these short term changes, the President has directed agencies to
> >undertake a six-month effort to increase the awareness within industry
> >and the government of the already strong export controls that exist on
> >software for national security applications (e.g., codes for the design,
> >development and operation of weapon systems), and to identify and invest
> >in additional measures for the protection of critical national security
> >software codes.
> >
> >Legislative Proposal.  Given the Administration's conclusions about the
> >lack of controllability of computer hardware, the inadequacy of MTOPS as
> >a control measure, and the lack of appropriate substitutes, the
> >President also proposes that Congress repeal the provisions of P.L.
> >105-85 that require notification of certain proposed computer hardware
> >exports, waiting periods for adjustments in controls and post-shipment
> >visits.
> >
> >Multilateral Coordination.  The Administration has consulted with other
> >nations, including members of the Wassenaar Arrangement, to ensure that
> >they understand the basis for today's changes in controls.  We are
> >committed to working closely with them to adjust multilateral controls
> >to reflect technological advances and collective security concerns.  Our
> >controls remain consistent with the purposes of the Wassenaar
> >Arrangement -- to deny arms and sensitive dual-use technologies to
> >countries of concern, and to develop mechanisms for information sharing
> >among the partners as a way to harmonize our export control practices
> >and policies.  The United States will also continue to implement
> >reporting requirements on computer exports as appropriate to fulfill
> >U.S. obligations under the Wassenaar Arrangement.
> For archives see: http://www.interesting-people.org/
> _______________________________________________
> Beowulf mailing list
> Beowulf at beowulf.org
> http://www.beowulf.org/mailman/listinfo/beowulf

More information about the Beowulf mailing list