Bernstein v. United States

Bernstein III
Bernstein III
Court	United States Court of Appeals for the Ninth Circuit
Full case name	Daniel J. Bernstein et al., v. United States Department of State et al.
Decided	May 6, 1999
Citation	176 F.3d 1132
Case history
Prior action	Hon. Marilyn Hall Patel ruled for plaintiff in 974 F.Supp. 1288
Court membership
Judges sitting	Betty Binns Fletcher, Myron H. Bright, Thomas G. Nelson
Case opinions
	Opinion by Fletcher; Concurrence by Bright; Dissent by Nelson

Bernstein II
Bernstein II
Court	United States District Court for the Northern District of California
Full case name	Daniel J. Bernstein et al., v. United States Department of State et al.
Decided	December 9, 1996
Citation	945 F. Supp. 1279
Court membership
Judge sitting	Marilyn Hall Patel

Bernstein I
Bernstein I
Court	United States District Court for the Northern District of California
Full case name	Daniel J. Bernstein et al., v. United States Department of State et al.
Decided	April 15, 1996
Citation	922 F. Supp. 1426
Court membership
Judge sitting	Marilyn Hall Patel

Last updated January 17, 2025

Bernstein v. United States was a series of court cases filed by Daniel J. Bernstein, a mathematics Ph.D. student at the University of California, Berkeley, challenging U.S. government restrictions on the export of cryptographic software. In the early 1990s, the U.S. government classified encryption software as a "munition," imposing strict export controls. As a result, Bernstein was required to register as an arms dealer and obtain an export license before he could publish his encryption software online.

With the support of the Electronic Frontier Foundation (EFF), Bernstein filed a lawsuit against the U.S. government, arguing that the export controls violated his First Amendment rights. The case ultimately led to a relaxation of export restrictions on cryptography, which facilitated the development of secure international e-commerce. The decision has been recognized by First Amendment and technology advocacy groups for affirming a "right to code" and applying First Amendment protections to code as a form of expression.^[1]^[2]

History

The case was first brought in 1995, when Bernstein was a student at University of California, Berkeley, and wanted to publish a paper and associated source code on his Snuffle encryption system. Bernstein was represented by the Electronic Frontier Foundation, who hired outside lawyer Cindy Cohn and also obtained pro bono publico assistance from Lee Tien of Berkeley; M. Edward Ross of the San Francisco law firm of Steefel, Levitt & Weiss; James Wheaton and Elizabeth Pritzker of the First Amendment Project in Oakland; and Robert Corn-Revere, Julia Kogan, and Jeremy Miller of the Washington, DC, law firm of Hogan & Hartson. After four years and one regulatory change, the Ninth Circuit Court of Appeals ruled that software source code was speech protected by the First Amendment and that the government's regulations preventing its publication were unconstitutional.^[3] Regarding those regulations, the EFF states:

Years before, the government had placed encryption, a method for scrambling messages so they can only be understood by their intended recipients, on the United States Munitions List, alongside bombs and flamethrowers, as a weapon to be regulated for national security purposes. Companies and individuals exporting items on the munitions list, including software with encryption capabilities, had to obtain prior State Department approval.
— Electronic Frontier Foundation: EFF's History^[4]

The government requested en banc review.^[5] In Bernstein v. U.S. Dept. of Justice, 192 F.3d 1308 (9th Cir. 1999), the Ninth Circuit ordered that this case be reheard by the en banc court, and withdrew the three-judge panel opinion, Bernstein v. U.S. Dept. of Justice, 176 F.3d 1132 (9th Cir. 1999).^[6]

The government modified the regulations again^{[ when? ]}, substantially loosening them, and Bernstein, then a professor at the University of Illinois at Chicago, challenged them again. This time, he chose to represent himself, although he had no formal legal training. On October 15, 2003, almost nine years after Bernstein first brought the case, the judge dismissed it and asked Bernstein to come back when the government made a "concrete threat".^[7]

Recent

Apple cited Bernstein v. US in its refusal to hack the San Bernardino shooter's iPhone, saying that they could not be compelled to "speak" (write code).^[8]

Related Research Articles

Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications. Phil Zimmermann developed PGP in 1991.

A cypherpunk is one who advocates the widespread use of strong cryptography and privacy-enhancing technologies as a means of effecting social and political change. The cypherpunk movement originated in the late 1980s and gained traction with the establishment of the "Cypherpunks" electronic mailing list in 1992, where informal groups of activists, technologists, and cryptographers discussed strategies to enhance individual privacy and resist state or corporate surveillance. Deeply libertarian in philosophy, the movement is rooted in principles of decentralization, individual autonomy, and freedom from centralized authority. Its influence on society extends to the development of technologies that have reshaped global finance, communication, and privacy practices, such as the creation of Bitcoin and other cryptocurrencies, which embody cypherpunk ideals of decentralized and censorship-resistant money. The movement has also contributed to the mainstreaming of encryption in everyday technologies, such as secure messaging apps and privacy-focused web browsers. The cypherpunk ethos has had a lasting impact on debates around digital rights, surveillance, and personal freedoms in the 21st century. The movement has been active since at least 1990 and continues to inspire initiatives aimed at fostering a more private and secure digital world.

Daniel Julius Bernstein is an American mathematician, cryptologist, and computer scientist. He was a visiting professor at CASA at Ruhr University Bochum until 2024, as well as a research professor of Computer Science at the University of Illinois at Chicago. Before this, he was a visiting professor in the department of mathematics and computer science at the Eindhoven University of Technology.

40-bit encryption refers to a (now broken) key size of forty bits, or five bytes, for symmetric encryption; this represents a relatively low level of security. A forty bit length corresponds to a total of 2⁴⁰ possible keys. Although this is a large number in human terms (about a trillion), it is possible to break this degree of encryption using a moderate amount of computing power in a brute-force attack, i.e., trying out each possible key in turn.

The export of cryptography from the United States to other countries has experienced various levels of restrictions over time. World War II illustrated that code-breaking and cryptography can play an integral part in national security and the ability to prosecute war. Changes in technology and the preservation of free speech have been competing factors in the regulation and constraint of cryptographic technologies for export.

<span class="mw-page-title-main">EFF DES cracker</span> Cryptographic hardware

In cryptography, the EFF DES cracker is a machine built by the Electronic Frontier Foundation (EFF) in 1998, to perform a brute force search of the Data Encryption Standard (DES) cipher's key space – that is, to decrypt an encrypted message by trying every possible key. The aim in doing this was to prove that the key size of DES was not sufficient to be secure.

<span class="mw-page-title-main">Marilyn Hall Patel</span> American judge

Marilyn Hall Patel is a former United States district judge of the United States District Court for the Northern District of California.

Hepting v. AT&T, 439 F.Supp.2d 974, was a class action lawsuit argued before the United States District Court for the Northern District of California, filed by Electronic Frontier Foundation (EFF) on behalf of customers of the telecommunications company AT&T. The plaintiffs alleged that AT&T permitted and assisted the National Security Agency (NSA) in unlawfully monitoring the personal communications of American citizens, including AT&T customers, whose communications were routed through AT&T's network.

Cryptography is the practice and study of encrypting information, or in other words, securing information from unauthorized access. There are many different cryptography laws in different nations. Some countries prohibit the export of cryptography software and/or encryption algorithms or cryptoanalysis methods. Some countries require decryption keys to be recoverable in case of a police investigation.

Junger v. Daley is a court case brought by Peter Junger challenging restrictions on the export of encryption software outside of the United States.

John Doe v. Alberto R. Gonzales was a case in which the American Civil Liberties Union (ACLU), Library Connection, and several then-pseudonymous librarians, challenged Section 2709 of the Patriot Act; it was consolidated on appeal with a separate case, Doe v. Ashcroft.

United States v. Arnold, 533 F.3d 1003, is a United States court case in which the United States Court of Appeals for the Ninth Circuit held that the Fourth Amendment to the United States Constitution does not require government agents to have reasonable suspicion before searching laptops or other digital devices at the border, including international airports.

<span class="mw-page-title-main">Cryptography</span> Practice and study of secure communication techniques

Cryptography, or cryptology, is the practice and study of techniques for secure communication in the presence of adversarial behavior. More generally, cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages. Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, information security, electrical engineering, digital signal processing, physics, and others. Core concepts related to information security are also central to cryptography. Practical applications of cryptography include electronic commerce, chip-based payment cards, digital currencies, computer passwords, and military communications.

The Electronic Frontier Foundation (EFF) is an international non-profit digital rights group based in San Francisco, California. It was founded in 1990 to promote Internet civil liberties.

The Electronic Frontier Foundation (EFF) is an international non-profit advocacy and legal organization based in the United States and serves its operations worldwide.

Nordyke v. King was a case in the United States Court of Appeals for the Ninth Circuit in which a ban of firearms on all public property and whether the Second Amendment should be applied to the state and local governments is to be decided. After several hearings at different levels of the federal court system, Alameda County, California promised that gun shows could be held on county property, essentially repudiating its ordinance.

Robert L. "Bob" Corn-Revere is an American First Amendment lawyer. Corn-Revere is the Chief Counsel at the Foundation for Individual Rights and Expression and was formerly a partner at Davis Wright Tremaine LLP in Washington, D.C. He is regularly listed as a leading First Amendment and media law practitioner by The Best Lawyers in America (Woodward/White), SuperLawyers Washington, D.C., and by Chambers USA. Best Lawyers in America named him as Washington, D.C.’s 2017 “Lawyer of the Year” in the areas of First Amendment Law and Litigation – First Amendment. He was again named as Best Lawyers’ “Lawyer of the Year” for First Amendment Law for 2019 and 2021, and in Media Law for 2022. In 2022 he was listed in Washingtonian Magazine's Top Lawyers Hall of Fame for Lifetime Achievement.

Jewel v. National Security Agency, 673 F.3d 902, was a class action lawsuit argued before the District Court for the Northern District of California and the Court of Appeals for the Ninth Circuit, filed by Electronic Frontier Foundation (EFF) on behalf of American citizens who believed that they had been surveilled by the National Security Agency (NSA) without a warrant. The EFF alleged that the NSA's surveillance program was an "illegal and unconstitutional program of dragnet communications surveillance" and claimed violations of the Fourth Amendment.

Attempts, unofficially dubbed the "Crypto Wars", have been made by the United States (US) and allied governments to limit the public's and foreign nations' access to cryptography strong enough to thwart decryption by national intelligence agencies, especially the National Security Agency (NSA).

City of Los Angeles v. Patel, 576 U.S. 409 (2015), was a United States Supreme Court case in which the Court held that a Los Angeles law, Municipal Code § 41.49, requiring hotel operators to retain records about guests for a 90-day period, is facially unconstitutional under the Fourth Amendment to the United States Constitution because it does not allow for pre-compliance review.

References

↑ Dame-Boyle, Alison (April 16, 2015). "EFF at 25: Remembering the Case that Established Code as Speech". Electronic Frontier Foundation. Retrieved November 8, 2024.
↑ "Bernstein v. United States Department of States (District Court of California) (1997)". The Free Speech Center. Retrieved November 8, 2024.
↑ "U.S. Court of Appeals for the Ninth Circuit: Bernstein v. USDOJ". Electronic Privacy Information Center. May 6, 1999. Retrieved April 17, 2019.
↑ "EFF's History". Electronic Frontier Foundation. October 7, 2011. Retrieved May 4, 2012.
↑ Bernstein, Daniel J. "Summary of the case status". cr.yp.to. Retrieved April 17, 2019.
↑ "192 F. 3d 1308 – Daniel Bernstein v. United States Department of Justice". OpenJurist. F3d (192): 1308. 1999. Retrieved April 17, 2019.
↑ Bernstein, Daniel J. "Press Release: Crypto Case on indefinite hold". cr.yp.to. Retrieved April 17, 2019.
↑ Kim Zetter; Brian Barrett (February 25, 2016). "Apple to FBI: You Can't Force Us to Hack the San Bernardino iPhone". Wired. Retrieved January 6, 2021.

External links

This cryptography-related article is a stub. You can help Wikipedia by expanding it.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] Dame-Boyle, Alison (April 16, 2015). "EFF at 25: Remembering the Case that Established Code as Speech". Electronic Frontier Foundation. Retrieved November 8, 2024.

[2] "Bernstein v. United States Department of States (District Court of California) (1997)". The Free Speech Center. Retrieved November 8, 2024.

[3] "U.S. Court of Appeals for the Ninth Circuit: Bernstein v. USDOJ". Electronic Privacy Information Center. May 6, 1999. Retrieved April 17, 2019.

[EFF_History-4] "EFF's History". Electronic Frontier Foundation. October 7, 2011. Retrieved May 4, 2012.

[5] Bernstein, Daniel J. "Summary of the case status". cr.yp.to. Retrieved April 17, 2019.

[6] "192 F. 3d 1308 – Daniel Bernstein v. United States Department of Justice". OpenJurist. F3d (192): 1308. 1999. Retrieved April 17, 2019.

[7] Bernstein, Daniel J. "Press Release: Crypto Case on indefinite hold". cr.yp.to. Retrieved April 17, 2019.

[8] Kim Zetter; Brian Barrett (February 25, 2016). "Apple to FBI: You Can't Force Us to Hack the San Bernardino iPhone". Wired. Retrieved January 6, 2021.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]