The United States Government Will Ban the Reselling of Potentially Hacking Tools to Authoritarian Regimes
The U.S. Companies Will Be Banned from Exporting and Reselling Software and Hardware Tools That Could Be Used to Fuel Authoritarian Practices.
The Bureau of Industry and Security (BIS) supports the US national security, foreign policy, and economic objectives by maintaining an effective export control and treaty compliance system and encouraging continuing US leadership in key technology.
The Bureau of Industry and Security (BIS) of the Commerce Department proposed new regulations that would prohibit U.S. firms from exporting and reselling software and hardware capabilities, as these may be used to fuel authoritarian policies through harmful hacking and human rights violations.
The regulation will take effect in 90 days, essentially prohibiting the export of “cybersecurity goods” for national security (NS) and anti-terrorism (AT) purposes.
As explained by BleepingComputer, the regulation also creates a new License Exception Authorized Cybersecurity Exports (ACE) program, which prohibits the export and resale of certain products to nations with security concerns, such as China and Russia, without first obtaining a license.
The full list covers countries with weapons of mass destruction, countries with national security concerns, and countries that are subject to a US arms embargo.
The United States Government opposes the misuse of technology to abuse human rights or conduct other malicious cyber activities, and these new rules will help ensure that U.S. companies are not fueling authoritarian practices.
Today’s rule is consistent with the result of BIS’s negotiations in the Wassenaar Arrangement (W.A.) multilateral export control regime and with a review of comments from Congress, the private sector, academia, civil society, and other stakeholders on previously proposed BIS rulemaking in this area.
According to the new regulation, these products are subject to restrictions because they may be used to carry out harmful cyber operations such as spying, espionage, or other acts that would disrupt, block, or degrade access to network devices.
The new regulation, according to US Secretary of Commerce Gina M. Raimondo, is intended to prevent malevolent threat actors from gaining access to hacking tools that might be used to target US companies and endanger US national security while simultaneously permitting their lawful usage.
The United States is committed to working with our multilateral partners to deter the spread of certain technologies that can be used for malicious activities that threaten cybersecurity and human rights.
The Commerce Department’s interim final rule imposing export controls on certain cybersecurity items is an appropriately tailored approach that protects America’s national security against malicious cyber actors while ensuring legitimate cybersecurity activities.