Is cryptography restricted by users?

Can anyone tell me whether it is legal to have a web application with highly encrypted data based in the UK which can be used by users based in any other country worldwide?

I understand that many countries like to monitor their citizens and that there are some examples of encryption causing issues for companies such as RIM and their Blackberry's encryp开发者_开发知识库tion.

Is it the case that a web application would be exempt from such worries if it is physically based in a country such as the UK, where data may be encrypted to any level, or will it have to conform to the rules of whatever countries its users are based in?

See this survey on cryptographic laws around the world. The section on UK is quite long.

As for RIM, drawing conclusions is a bit hazardous. As Schneier says, "this is a weird story" and only small parts of it are publicly known.