Earlier this year, the US Bureau of Industry and Security (BIS) published a proposed rule relating to the export of “cybersecurity items”, a category which includes software used to intrude on systems, network communications surveillance systems, and software, equipment, and technology used in the design and operation of these programs.  Some products which fall under the new “cybersecurity items” heading are already controlled for their information security functionality under rules applying to “encryption items”, which are designed to maintain the secrecy of information, and are subject to registration and review requirements prior to export.  These controls would continue to apply in addition to the new restrictions.

The proposed rule is designed to implement agreements by the Wassenaar Arrangement, a multilateral export control regime comprising 41 states (including the US and majority of Europe), made at a plenary session in December 2013.  It:

  1. subjects intrusion and surveillance software, and related items, to export controls;
  2. requires a licence for the export, reexport, or domestic transfer of these items to all destinations except Canada;
  3. imposes a strict licencing policy, including a policy of presumptive denial for certain cybersecurity items;
  4. requires that specific technical information be submitted in support of licence applications, in addition to the usual information requirements; and
  5. makes cybersecurity items ineligible for most licence exceptions under the Export Administration Regulations and ends the application of License Exception ENC to encryption items, meaning that an export licence would be required for exports to foreign subsidiaries and foreign national employees of US companies.

BIS also requested that software and technology companies comment on the proposed rules. There have been strong objections, with Google publishing an article stating that the “proposed rules, as currently written, would have a significant negative impact on the open security research community. They would also hamper our ability to defend ourselves, our users, and make the web safer”. These sentiments have been echoed by the Electronic Frontier Foundation, a prominent digital rights charity based in the US (here).

This entry was posted in USA by Michael O'Kane. Bookmark the permalink.

About Michael O'Kane

Michael O’Kane is a partner and Head of the Business Crime team at leading UK firm Peters & Peters. Described as ‘first-rate’ (Legal 500 2012), he “draws glowing praise from commentators” (Chambers 2013) for handling the international aspects of business crime, including sanctions, extradition and mutual legal assistance. Called to the Bar in 1992 and prior to joining Peters & Peters he was a senior specialist prosecutor at the Crown Prosecution Service Headquarters(CPS). At CPS HQ he was a key member of a small specialist unit responsible for the prosecution of serious and high profile fraud, terrorist and special interest criminal matters including the Stansted Airport Afghan hijacking and the prosecution of Paul Burrell (Princess Diana’s butler). Michael joined Peters & Peters in 2002. He became a partner in May 2004, and Head of the Business Crime team in May 2009. Since joining Peters & Peters, Michael has dealt with a wide range of business crime matters. He has particular expertise in international sanctions, criminal cartels, extradition, corruption, mutual legal assistance, and FSA investigations. Described as“ an influential practitioner in fraud and regulatory work, so much so that he is top of the referral lists of many City firms for independent advice for directors” (The Lawyer’s Hot 100 2009), he was recognised as one of the UK’s most innovative lawyers in the 2011 FT Innovative Lawyer Awards and included in the list of the UK's leading lawyers in 'The International Who's Who of Asset Recovery 2012. In 2012 he was the winner of the Global Competition Review Article of the Year. Michael regularly appears on television and radio to discuss his specialist areas and he is the author of the leading textbook on the UK Criminal Cartel Offence “The Law of Criminal Cartels-Practice and Procedure” (Oxford University Press 2009). Recent/Current Sanctions Work • Representing 109 individuals and 12 companies subject to designation by the European Council under targeted measures imposed against Zimbabwe. This is the largest and most complex collective challenge to a sanctions listing ever brought before the European Court. • Acting for a former Egyptian Minister and his UK resident wife, challenging their designation by the European Council of Ministers under targeted measures brought against former members of the Egyptian Government. • Advising a company accused in a UN investigation report to have breached UN sanctions imposed in relation to Somalia. • Advising a UK company in relation to ongoing commercial relationships with an Iranian company listed under both EU and UN sanctions. • Advising an individual in relation to a UK investigation for alleging breaching nuclear export controls.

Please Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s