Subscribe
Modern field guide to security and privacy

State Department reverses course on cybersecurity exports

The State Department aims to renegotiate an international pact designed to limit exports of surveillance software – bowing to pressure from Obama administration officials and cybersecurity experts.

  • close
    A barbed-wire fence is seen in the foreground of containers on a cargo ship at a port in Tokyo.
    Reuters/File
    View Caption
  • About video ads
    View Caption
of

After nearly 10 months of intense pressure from cybersecurity experts, the Obama administration will send the State Department to renegotiate a controversial arms control agreement meant to limit surveillance software exports.

The decision represents a turnabout for the State Department, which had resisted reopening talks with the 41 nations that are signatories of the Wassenaar Arrangement. But after widespread criticism that the trade pact would hamper the trade of legitimate security software, the US is aiming to return to the negotiating table.

"There is simply no way to interpret the plain language of the text in a way that does not sweep up a multitude of important security products," said Rep. Jim Langevin (D) of Rhode Island in a statement. "The Administration is staking out a clear position that the underlying text must be changed."

Recommended: Mercenary hackers: an elusive, challenging foe (+video)

Representative Langevin says National Security Advisor Rice also became a strong factor in swaying Foggy Bottom to renegotiate the deal. Obama administration officials unanimously called for a new agreement at a meeting last week.

The controversy around Wassenaar began heating up last May when the Department of Commerce released proposed export regulations based on the pact's terms. Experts feared the broad language in the proposed rules would even ban some cybersecurity researchers in the US from jointly conducting security work abroad.

In addition to cybersecurity experts, US lawmakers and Department of Homeland Security officials also worried that Wassenaar's language could limit threat information-sharing initiatives and damage domestic security.

At a congressional hearing in January, the State Department publicly opposed renegotiating Wassenaar – citing the difficulty of signing another deal with the 31 countries that had already adopted the terms. Instead, the agency had hoped to satisfy critics by creating exemptions in the trade restrictions.

But those claims were met with Congressional skepticism. Soon after the hearing, however, State Department officials reached out to industry experts to work on a new proposal. 

"The [House Oversight] hearing hammered home the national security implications of the Wassenaar language," said Katie Moussouris, the chief policy officer of the bug bounty firm HackerOne.

A vocal critic of the regulations, Ms. Moussouris was one of the industry experts called in to work on the new proposal. She says the new draft language shifts the focus of the Wassenaar guidelines with a narrower focus on surveillance software itself.

Moussouris cautions that the State Department’s evolving position on cybersecurity exports does not mean the issue is closed. Other nations will still have to agree to change.

"We’ll consider the issue settled when we see it settled," she said.

About these ads
Sponsored Content by LockerDome
 

We want to hear, did we miss an angle we should have covered? Should we come back to this topic? Or just give us a rating for this story. We want to hear from you.

Loading...

Loading...

Loading...

Save for later

Save
Cancel

Saved ( of items)

This item has been saved to read later from any device.
Access saved items through your user name at the top of the page.

View Saved Items

OK

Failed to save

You reached the limit of 20 saved items.
Please visit following link to manage you saved items.

View Saved Items

OK

Failed to save

You have already saved this item.

View Saved Items

OK