20 March 1998, PRNewswire:

Network Associates Announces Availability of 128bit PGP Encryption
Software For Global Customers Strong Encryption to Spur Growth of 
Secure Electronic Communications Worldwide

Hanover, Germany, CEBIT '98,-- Network Associates
International B.V. (Nasdaq: NETA), today announced the immediate
availability of PGP, the world's best encryption software, for businesses
around the world. The PGP encryption technology is the cornerstone of
Network Associates' Total Network Security (TNS) Suite and enables users
to successfully protect their confidential email and documents. 

"Electronic commerce has not been a viable option for many businesses due
to the lack of guaranteed protection for confidential information," said Peter
Watkins, general manager of the Net Tools Secure Division at Network
Associates. "We now have a solution to this problem with full-strength
internationally developed PGP software -- guaranteeing safe communications
over the Internet and the safe delivery of confidential documents via email." 

Network Associates' PGP encryption products for international markets will
be fully developed and compiled in Europe by cnlab Software, based upon
widely available published source code that was legally exported from the
United States. No United States technical assistance has been, or will be
provided to cnlab Software or to international offices of Network
Associates, ensuring full compliance with United States export laws. 

Network Associates International B.V. will work with technical partners
throughout the world to ensure that customers have access to technical
support and development expertise throughout the region. 

Network Associates Announces New Security Division 

Network Associates is also announcing a new, dedicated security division
headed up by Graham Curme in Windsor, United Kingdom. The new
division will work with selected technical partners throughout Europe to provide
technical support to customers. At the same time, a dedicated security division
will be established in Germany, followed closely by Scandinavia and the rest of
Europe. 

Network Associates' PGP software, the flagship technology of the company's
Total Network Security (TNS) Suite, is a multi-platform, fully scaleable
encryption solution -- designed for single users to large corporations. The
TNS Suite, employing 128-bit encryption, combines Network Associates' 
PGP Desktop Suite, providing multi-platform encryption protection for 
desktops and the PGP Server Security Suite, offering authentication and 
policy-based administration and management of security. PGP can cost as 
little as $80.00 (U.S.) for single users, while corporate pricing is 
dependent on the number of users. [Snip corporate blurb]

site: http://www.nai.com/ (NETA) 

----------

20 March 1998, Reuters:

US Quickly Takes Aim at Encryption Product

Santa Clara: A leading encryption software company has
announced a plan to sell its powerful data scrambling products overseas,
bypassing strict export limits and quickly prompting the U.S. Commerce
Department to promise a thorough review. 

Network Associates Inc. said Friday it planned to sell its powerful Pretty Good
Privacy (PGP) encryption software, which cannot be exported from the
United States, in other countries through a deal with a Swiss company,
cnlab Software. 

Network Associates said PGP encryption products for international
markets will be developed and compiled in Europe by cnlab, based on widely
available published software code it said was legally exported from the
United States. 

The Santa Clara, Calif.-based company said no U.S. technical assistance has
been or will be provided to cnlab Software or to Network Associates'
international offices, ensuring full compliance with U.S. export laws. 

The Commerce Department said it would carefully review Network
Associates' plan. 

``We're going to have to look at it very closely to see if it violated U.S. law
or regulation,'' Undersecretary of Commerce William Reinsch said. 

Encryption, which scrambles information and renders it unreadable
without a password or software ``key,'' has become an increasingly
critical means of safeguarding electronic commerce and
communications over the Internet. 

But the government fears encryption will be used by crooks to hide criminal
acts. The FBI favors requiring a ``back door'' in all encryption software
allowing agents to read any coded message. 

Last year, the Commerce Department stymied a plan similar to Network
Associates' to evade export restrictions by computer workstation
and software maker Sun Microsystems Inc. Reinsch declined Friday to
comment on the Sun plan. 

Reinsch said Network Associates' plan could have two flaws. 

The government will seek to learn whether the company illegally exported
any encryption to make the products abroad. The government will also
directly review the products, which could be deemed subject to U.S.
export rules if they contain more than 25 percent U.S. content, Reinsch said. 

The Clinton administration, backed by law enforcement and intelligence
agencies, has long been at odds with software makers, Internet users and
civil libertarians over encryption regulations. 

Under current policy, U.S. citizens are free to use any form of encryption but
stronger products cannot be exported unless they include a means for the
government to break any coded message. 

Congress is debating a variety of proposals to change encryption
regulations, ranging from a plan to require back doors in software used by
U.S. citizens to bills that would nearly eliminate the current export limits. 

Reinsch said the government was ``disappointed'' about the Network
Associates deal. ``It's not consistent with our policy and we're always
disappointed when people do things that make our job more difficult,'' he
said. 

A series of acquisitions have put Network Associates near the top of the
U.S. encryption software market. In December, the company bought one of
its leading competitors, Pretty Good Privacy Inc., and last month announced
a deal to acquire another, Trusted Information Systems. 

----------

20 March 1998, NewsBytes:

Network Associates Ships 128-Bit Encryption Without License

Santa Clara, California: You can't call it exporting
and it may squeak by the letter of the law, but terms like "quarterback sneak"
keep coming to mind. A Dutch subsidiary of Santa Clara-based
Network Associates Inc. [NASDAQ:NETA] (NAI) is shipping
128-bit strong encryption to international customers with no US
export license. 

NAI officials say the US government has not objected. 

The announcement came Friday morning in a teleconference in the US,
with a separate press release issued at the Cebit '98 trade show in Hannover,
Germany. 

What NAI did was contract with a small Swiss company named Cnlabs Software
to develop a clone version of PGP, the e-mail and file strong-encryption
system that NAI acquired last year, without help from any US citizen or
entity. That presumably takes the resulting encryption program beyond
the reach of US Commerce Department export rules. 

Cnlabs then licensed its export and marketing rights to Network Associates
International B.V., an NAI Dutch subsidiary. That presumably placed
international marketing into the regulatory hands of the Dutch, who
have a long tradition of unfettered private-sector international trading. 

At a Friday morning teleconference attended by Newsbytes, Peter Watkins,
general manager of NAI's net tools secure division, told reporters: "We
believe we are the first and only US company to actually begin to operate in
this manner. In many respects this is not radically different than what anyone
else could have done." 

The encryption products NAI has taken international are actually not identical
to PGP. They are just "functionally equivalent" clones. Like PGP, they can
use 128-bit strong encryption to scramble messages to the point where
intruders -- including government agencies -- cannot unscramble them in
a reasonable amount of time without the key. 

That ability to hide file contents from anyone including the government
spurred the US to treat strong encryption as equivalent to a weapon,
but restrictions have relaxed recently. Last month, Hewlett-Packard received
official permission to export its VerSecure strong-encryption system
outside the US, subject only to local restrictions at the destination nations
(Newsbytes, February 27, 1998). 

In an announcement from Hannover, the Dutch NAI subsidiary said Cnlabs
used "widely available published source code that was legally exported from
the United States" to develop its international PGP version. 

Said Watkins: "Essentially, any third party could have contracted with any
non- US entity for any product (including strong encryption) and offer
it worldwide. We do believe however we are the first to do that, and to make it
available through our distribution channels throughout the world, so that
there is one single sales and support organization." 

Watkins said NAI will work to remain "in full compliance with all the (US)
Commerce Department rules" including those forbidding shipments to some
individuals and countries. He cited Iran, Iraq and Libya as nations where PGP
will not be sold. 

Watkins described Cnlabs as "a small company in Switzerland" associated
with "a series of world renowned cryptographers." He said the contract
explicitly called for complete interoperability, and testing showed
the Swiss firm had met that goal. Next the Swiss firm will make localized
versions available in Japan, Europe and other non-English speaking nations. 

The version shipping today will be sold in the UK and most of Europe,
Australia and Japan, the firm said. 

Newsbytes notes PGP already holds US permissions to export 128-bit strong
encryption without key recovery systems to limited sets of customers
like financial institutions and subsidiaries of U.S. firms. The strategy
announced Friday will presumably remove even that short leash from
NAI's PGP marketing group, if all goes as planned. 

About today's announcements, Watkins declared: "It's the ability for
customers to securely communicate from Japan or Australia to the US or
Germany or Switzerland, or wherever it may be." 

----------


