If this is the case, it is illegal to export PGP from the USA or Canada to any other country.
Of course, if you don't get PGP from the US or Canada, the issue is moot.
In some countries, it is outright illegal to encrypt data at all. In other countries, they're working on it.
Some providers of networking services restrict what sort of traffic is allowed on their networks. Make sure your service provider allows the passage of encrypted data.
The RSA algorithm had been developed with Federal funding from grants from the National Science Foundation and the Navy. It was patented by MIT (U.S. patent #4,405,829, issued 20th September 1983).
The patent was then handed over to a commercial company in California called Public Key Partners (PKP). PKP hold the exclusive commercial license to sell and sub-license the RSA public key cryptosystem. They also hold other patents which cover other public key cryptography algorithms. This gives them absolute control over who may legally use public key cryptography in the US and Canada.
Note that the RSA patents are not valid outside the USA and Canada, because the patent was not applied for until after publication.
Also note that none of PKP's patents have been tested in court. They might be ruled invalid in a real court case. PKP have been reluctant to take people to court, although they did threaten Phil Zimmerman, the author of PGP, with legal action. So far, there has been a lot of sabre-rattling, but no real action.
PKP have also been seemingly reluctant to produce any products or license their patents. Eventually, after PGP 1.0 was released, PKP released their own RSA code. Called RSAREF, it licensed for test applications only, not for real use. They repeatedly refused to license RSA for use in PGP, until MIT (the original patent holders, remember) forced them to license MIT PGP 2.6.
The IDEA algorithm used in PGP is also patented, by Ascom-Tech AG of Zurich. However, Ascom-Tech allow free use of the IDEA algorithm in freeware and shareware products.
A US company, ViaCrypt, has side-stepped this legal issue. They had
already licensed the RSA algorithm from PKP, and it was clear that the
license applied to PGP, given a suitable implementation of RSA.
ViaCrypt have therefore been able to start selling an entirely legal,
100% legitimate version of PGP, with all patents properly licensed.
ViaCrypt PGP is a commercial public-key encryption package which is
based on, and virtually identical to, the freeware program known as PGP,
or "Pretty Good Privacy".
(The source code is in fact identical to that of the freeware version of PGP, with the exception of the RSA encryption module, which is one ViaCrypt developed in-house after acquiring a license for the algorithm from PKP. In addition, ViaCrypt incorporates a few bug fixes. The private-key crypto algorithm is IDEA, as in freeware PGP, for which ViaCrypt has obtained a license from Ascom-Tech AG of Zurich.)
ViaCrypt bought its RSA license from PKP before either PKP or ViaCrypt knew that ViaCrypt would someday use it to sell PGP. ViaCrypt later acquired the rights to sell PGP from Phil Zimmermann. ViaCrypt's PKP license clearly allows them to sell PGP. ViaCrypt PGP Output is byte-for-byte identical with that of freeware PGP 2.3a, except that the "Version" header before the message body reads "Version: 2.4" instead of "Version: 2.3a". Keys, signature certificates, and ciphertexts produced by one program will be identical to, and transparently handled by, the other.
ViaCrypt PGP is available in the US and Canada only, pending any future relaxation of the ITAR export control laws. Phil Zimmermann says that no compromises in the cryptographic strength of PGP were made for ViaCrypt's version of PGP.
The ViaCrypt PGP package includes program disks (executables only, no source code), a user manual, and an individual user license. The current release is available for MS-DOS and UNIX. There is a special version available which interfaces to CompuServe's CIM. Prices start at $100 for the DOS version.
For more information, see ViaCrypt's home page.
Thanks to Hugh Miller <email@example.com> and Jack Edward Brown, Jr. <firstname.lastname@example.org> for the information.
ViaCrypt plan a 2.7 release which will be compatible with PGP 2.6 from MIT. Upgrades from ViaCrypt PGP 2.4 will cost $10 or so.
PKP promptly threatened MIT with a lawsuit. Bizarre, given that the RSA patent was MIT's to start with. MIT refused to give in, and now there is a perfectly legal freeware version of PGP available in the USA from MIT. Note that it may not be exported.
For more information, try the International PGP home page.