When Phil Zimmerman, an MIT professor, released Pretty Good Privacy in 1991, he was racing against time to preempt government regulations that might have made strong cryptography illegal.
PGP was developed under difficult conditions, with no funding, in a race against time in 1991 to get it out before it became illegal to publish software of this type. Senate Bill 266, the 1991 anti- crime bill, had a measure buried in it that foretold the shape of things to come.[11, preface]The bill in question, if it had become law, would have required ``back doors'' to be implement within secure communication equipment. This would give the government the ability to read communication secured with these devices, against the wishes of people like Phil, who claim ``Its personal, its private, and its nobody's business but yours.''
After the release of version 1.0, PGP was distributed electronically and leaked outside of the US. The first group to complain was RSA Data Security which has a patent on some of the technology in PGP. The patent issues with RSA Data Security were resolved, however the government had become interested and started a three year investigation of Phil Zimmerman on allegations that he distributed the source code outside the US in violation of ITAR.
After three years, the investigation was closed. The defense attorney's take on the matter was that they chose not to prosecute because they had not found proof that Mr. Zimmerman did anything wrong, because they feared the export laws might be overturned, or both. Despite not prosecuting Phil, exporting cryptography will be considered serious business until the year 2000 when export controls on high cryptography are loosened.
Presently, the key encryption algorithm used by PGP (pun not intended) has taken on a new role in ridiculing ITAR, with t-shirts printed with: