ANNEX TO THE RECOMMENDATION OF THE COUNCIL:
GUIDELINES FOR CRYPTOGRAPHY POLICY

I. AIMS

The Guidelines are intended:

[31] -- to [strengthen privacy and] ensure the security of data in national and global information and communications networks while recognising the possible effects [of cryptography] on [without adversely affecting] public safety, law enforcement or national security;

[32] -- to raise awareness of the need for compatible cryptography policies and laws, as well as the need for interoperable [and portable] cryptographic methods in national and global information and communications networks;

[33] -- to assist decision-makers [in the public and private sectors] in developing and implementing coherent national and international policies, methods, measures, practices and procedures for the [appropriate and] effective use of cryptography;

[34] -- to promote co-operation between the public and private sectors in the development and implementation of national and international cryptographic policies, methods, measures, practices and procedures;

[35] -- to foster confidence in information and communications networks and the manner in which they are used;

[36] [-- to promote international trade by ensuring cost effective, interoperable cryptographic systems;]

[37] [-- to promote international co-operation between governments, business and research communities and within [the framework of] [internationally recognised, voluntary/ standardisation organisations [standard-making bodies/ in achieving co-ordinated use of cryptographic methods.]

II. SCOPE

[38] The Guidelines are primarily aimed at governments, in terms of the policy recommendations therein, but with anticipation that they will be widely read and followed by both the private and public sectors.

[39] [These Guidelines do not apply to cryptography policies relating to classified information.]