While video-game lovers around the world rejoiced at the opportunity to play "Duke Nukem: Total Meltdown" on the newly released Sony Playstation 2, the Japanese government was preparing its case to impose export controls on the revolutionary gaming system on the grounds that it represented "a general-purpose product related to conventional weapons. " The argument was straightforward: the new Playstation came with a 128-bit microprocessor fast enough to humble the speediest desktop processors and a graphics card capable of such precision that it could guide a cruise missile. Fearing that hostile states and terrorist groups might use this gaming system for aggressive ends, the government passed a new law restricting exportation from Japan to no more than a few units at a time, under penalty of fines and imprisonment. Though this policy might deter some smugglers, it is difficult to imagine that any government intervention could prevent a widely-available and easily portable commercial product from reaching the wrong hands.

The Playstation 2 problem is not unique. As the level of technological sophistication in commercial products increases, so does the likelihood that states without indigenous technological expertise will import these products and adapt them to their own ends. So-called "dual-use" commodities-- including computer, aerospace, chemical, biological, and electronic devices-can be found in virtually any high-tech market, making their eventual dissemination inevitable. But because these technologies can be applied so easily to encryption, missile control, and other military projects, they pose a significant threat to the very nations that produce them. In a world where one nation's household tool is another's offensive weapon, policymakers concerned with stopping the flow of dual-use technologies to potential enemies are left with an impossible challenge.

The Encryption Debate

Political and commercial leaders alike have long faced a similar challenge in the debate over regulation of encryption-related technologies and software. The ability to intercept and analyze communications is vital to espionage, anti-terrorist, and law-enforcement operations, providing technologically-savvy countries with a strong motive to protect their own encryption abilities.

But the importance of encryption is not limited to national security. Corporations, especially e-businesses, also rely on airtight security to prevent fraud and earn public trust. This need has prompted international businesses to demand from their governments the right to use advanced encryption software and technologies, whether from domestic companies or from abroad.

Beginning in 1996, the US government tried to reconcile the interests of national security and commercial interests by establishing a 56-bit cap encryption export level. International corporations and certain financial institutions operating in foreign nations were exempt from this restriction. There was no cap on the degree of encryption that could be developed or used domestically.

Though modifications to this policy were made, any fixed standard set in the rapidly-changing world of computer science was bound to be inadequate. Within a few years, 56-bit encryption software became readily available both in foreign markets and from publicly-accessible Internet sources. Faster computers also meant that the old standard of 56-bit encryption posed far less of a challenge to code breakers than it did when the policy was implemented. In fact, while the prohibition was still in place, companies routinely employed encryption methods much stronger than those allowed for international use. The situation was further complicated by the fact that there was no international consensus on encryption export regulation. As a result, US businesses were unable to offer the same level of encryption to their international clients as businesses based in less stringently regulated countries could.

The importance of sound encryption to international business is so great that whole markets may have been closed off to US businesses by the government's policy. The US policy also greatly disadvantaged less-developed trading partners that, because of export restrictions, could not gain legal access to necessary encryption technologies from the United States. Seconding this objection, the Organization for Economic Cooperation and Development (OECD), which aims to foster economic growth through international trade, has gone so far as to make the dissemination of encryption technologies to growing markets an official priority. Finally, the US policy was undermined by its failure to provide sufficient exceptions to allow specific groups, like human-rights organizations, access to encryption levels that would let them distribute information and coordinate activities freely and safely.

Faced with these and other objections to US encryption regulations, the administration finally yielded to its critics. In September 1999, the first steps to remove the 56-bit ban were taken in spite of the fact that law enforcement analysts were confident the technology was still dangerous. The Cyberspace Electronic Security Act of 1999 represented the surrender of the world's most powerful state to the forces of technological diffusion.

Time Tactics

Such a dramatic policy shift highlights the short-term versus long-term trade-off that any regulation of commercial technology must confront. As with virtually every dual-use commodity, rapid advances in commercial technologies ensure that the technology being protected will eventually be easily attainable. But while the threats and dangers associated with technological diffusion will have to be faced sooner or later, the benefits of immediate technological dissemination-including regional development, increased trade opportunities, and greater international cooperation-are all magnified in the long run.

This point, though, is not entirely fair to advocates of export regulation, since the impact of a certain state's possession of a given technology might be entirely different ten years down the road. The point of export regulations, advocates insist, is not to prevent the natural diffusion of technology, but rather to control it in such a way as to ensure that the technological leaders of today maintain that position tomorrow. However, this perspective fails to accurately characterize all cases of export regulation. Certain abilities, such as those related to the construction of weapons of mass destruction, are inherently threatening to established technological powers and so are vigorously contained regardless of the fact that many of these abilities rest on scientific knowledge decades old. Nuclear science, for instance, could bring electricity to powerless communities around the world, but making high-grade uranium a marketable good would create dangerous new possibilities for war and international terrorism. Along these lines, the overall effect of increased global stability might well justify the failures and inefficiencies of technology regulation.