The Commerce Department’s Bureau of Industry and Security today announced new controls that would ban U.S. companies from exporting and reselling software and hardware tools that could be used to fuel authoritarian practices through malicious hacking activities and human rights abuse.
The rule will become effective in 90 days and will effectively ban the export of “Cybersecurity items” for National Security and Anti-terrorism reasons.
“The United States Government opposes the misuse of technology to abuse human rights or conduct other malicious cyber activities, and these new rules will help ensure that U.S. companies are not fueling authoritarian practices,” the BIS said.
“Today’s rule is consistent with the result of BIS’s negotiations in the Wassenaar Arrangement multilateral export control regime and with a review of comments from Congress, the private sector, academia, civil society, and other stakeholders on previously proposed BIS rulemaking in this area,” the Commerce Department bureau said.
U.S. Secretary of Commerce Gina M. Raimondo added that the new rule is designed to block malicious threat actors’ access to hacking tools that could be used to target U.S. entities and threaten U.S. national security, while also allowing their use for legitimate purposes.
“The Commerce Department’s interim final rule imposing export controls on certain cybersecurity items is an appropriately tailored approach that protects America’s national security against malicious cyber actors while ensuring legitimate cybersecurity activities.”