For years the US government has attempted to limit the use (and 'export') of strong encryption protocols like PGP using the argument that they should be treated as munitions. The case against Zimmermann in the early 1990s regarding his posting of PGP to a Usenet site, and the eventual decision by the US government not to proceed with the case, is illustrative. Here's an excerpt from the statement by lawyer on the case. It's from over two decades ago, but still worth reading (the laws have been relaxed somewhat since then, but it's not really clear how far):
> "Now, some words about the case and the future. Nobody should conclude
that it is now legal to export cryptographic software. It isn't. The
law may change, but for now, you'll probably be prosecuted if you break
it. People wonder why the government declined prosecution, especially
since the government isn't saying. One perfectly good reason might be
that Mr. Zimmermann did not break the law. (This is not always a
deterrent to indictment. Sometimes the government isn't sure whether
someone's conduct is illegal and so prosecutes that person to find out.)
Another might be that the government did not want to risk a judicial
finding that posting cryptographic software on a site in the U.S., even
if it's an Internet site, is not an "export". There was also the risk
that the export-control law would be declared unconstitutional. Perhaps
the government did not want to get into a public argument about some
important policy issues: should it be illegal to export cryptographic
software? Should U.S. citizens have access to technology that permits
private communication? And ultimately, do U.S. citizens have the right
to communicate in absolute privacy?"
> "There are forces at work that will, if unresisted, take from us our
liberties. There always will be. But at least in the United States, our
rights are not so much stolen from us as they are simply lost by us. The
price of freedom is not only vigilance but also participation. Those
folks I mention in this message have participated and no doubt will
continue. My thanks, and the thanks of Philip Zimmermann, to each of
you."
One obvious concern about this move in the EU is that they'll try to criminalize the use of cryptography again.
http://dubois.com/No-prosecute-announcement.txt
> "Now, some words about the case and the future. Nobody should conclude that it is now legal to export cryptographic software. It isn't. The law may change, but for now, you'll probably be prosecuted if you break it. People wonder why the government declined prosecution, especially since the government isn't saying. One perfectly good reason might be that Mr. Zimmermann did not break the law. (This is not always a deterrent to indictment. Sometimes the government isn't sure whether someone's conduct is illegal and so prosecutes that person to find out.) Another might be that the government did not want to risk a judicial finding that posting cryptographic software on a site in the U.S., even if it's an Internet site, is not an "export". There was also the risk that the export-control law would be declared unconstitutional. Perhaps the government did not want to get into a public argument about some important policy issues: should it be illegal to export cryptographic software? Should U.S. citizens have access to technology that permits private communication? And ultimately, do U.S. citizens have the right to communicate in absolute privacy?"
> "There are forces at work that will, if unresisted, take from us our liberties. There always will be. But at least in the United States, our rights are not so much stolen from us as they are simply lost by us. The price of freedom is not only vigilance but also participation. Those folks I mention in this message have participated and no doubt will continue. My thanks, and the thanks of Philip Zimmermann, to each of you."
One obvious concern about this move in the EU is that they'll try to criminalize the use of cryptography again.