On August 27, a federal judge in San Francisco handed down a victory for internet commerce. By finding export restrictions on encryption technology unconstitutional, Marilyn Hall Patel added momentum to the movement to eliminate them altogether. This movement recognizes what federal regulators do not: the internet’s potential can only be realized if a free market technology policy is adopted.

Patel’s decision to allow Daniel Bernstein to post an encryption program on the Web is another chapter in the epic struggle between the government and the technology community over export policy. This struggle is being fought not only in the courts but also in Congress, where three reform bills are pending.

Encryption software protects privacy by scrambling information into unreadable text. Would-be exporters include hi-tech firms, and companies seeking to encode international communications.

Encryption strength is measured in bits and, until recently, these businesses could only export 40-bit software that could be easily broken. Recently the policy has been relaxed to allow export of stronger, 56-bit programs, but even these have been broken in the past.

While exports are at issue, the future of internet commerce is at stake. In today’s global economy, the internet will only flourish in an environment where communications and transactions are secure. This environment will not exist unless people are free to use the strongest technology to protect their information.

This freedom is what FBI Director Louis Freeh and others are seeking to limit. In recent Senate testimony, Freeh called for a policy requiring encryption producers to give law enforcement agencies the tools to decode and monitor communications they deem suspect. “Unbreakable encryption will allow drug lords, spies, terrorists, and even violent gangs to communicate about their crimes and conspiracies,” Freeh argued. “Our national security will… be jeopardized.”

Freeh and other regulation advocates refuse to recognize two things. The first is that most countries have no export restrictions. While criminals abroad can’t legally obtain U.S. encryption software, they can buy unbreakable products from German and Japanese companies. The U.S. policy has no effect on illegal activity.

Second, by prohibiting U.S.-based, multinational firms from using strong encryption to protect their communications, export controls compromise the national security they are supposed to protect. Transmissions are already being stolen by foreign competitors at alarming rates; the National Counterintelligence Center recently reported that “[S]pecialized technical operations (including computer intrusions and encryption weaknesses) account for the largest portion of economic and industrial information lost by U.S. corporations.”

Supporters of the reform bills claim to promote market solutions that protect companies’ rights to compete internationally. But the bills represent compromise. Even the most liberal proposal would only allow the export of products whose strength is equal to technology that is “generally available” on world markets. By placing a ceiling on encryption strength, this restriction would stifle innovation. Forced to follow the world market, U.S. hi-tech companies would lose their front-runner status.

While legislators’ limited vision only allows for less-strict controls, the ideal policy would eliminate export restrictions altogether. The free market would be highlighted, and all parties would be better off.

The most obvious result of this policy would be a totally secure electronic environment. Anyone seeking guaranteed privacy would buy unbreakable encryption software. Companies could communicate with foreign affiliates without fear of having their ideas stolen. Firms selling encryption could compete globally, bringing jobs and dollars to America. Consumers could conduct internet transactions with confidence, knowing their credit card numbers are safe.

While Freeh’s predictions of increased criminal communications would also likely come true, law enforcers would not be impotent. Just as they can demand phone records, they could acquire records of electronic communications. More significantly, they could respond to whatever threats technology presents with innovations of their own. Just as industries are expected to respond creatively to regulations, we should expect public institutions like the police to respond creatively to private-sector innovations.

Undoubtedly critical, this idea remains absent in the encryption debate. As the information age grows near, legislators must open their eyes to policies that maximize opportunities for the public and private sectors to respond to each other with innovations, not regulations. Until this approach is adopted into technology policy, the future of the internet will remain a promising vision on a distant horizon.

Justin Matlick is a Chicago-based senior fellow in information studies for the Pacific Research Institute in San Francisco. He can be reached via email at jmatlick@pacificresearch.org.