United States to ban export of cybersecurity tools and software to countries with "authoritarian practices"

The United States Commerce Department today announced new rules that will ban the export and sale of cybersecurity software and hardware to countries considered to be “problematic.”

The rule, which will be active 90 days from today, will prohibit the export of “cybersecurity items.” The rule cites “National Security and Anti-terrorism” reasons as its basis. 

The law specifically bans the sale of cybersecurity software and tools to countries deemed to have authoritarian governments or that have been judged by the U.S. to have a history of human rights abuses. Some examples of barred countries are China and Russia. Other prohibited countries include those with weapons of mass destruction or those under arms embargoes by the United States. The rule allows some exceptions to the export ban; for example, a license issued by the Commerce Department can be requested to sell cybersecurity items to prohibited countries.

In a comment, the Bureau of Industry and Security (a group within the Commerce Department that issued the law) stated that the “new rules will help ensure that U.S. companies are not fueling authoritarian practices.” The BIS aims to prevent malicious parties and other bad actors from accessing U.S.-developer cybersecurity tools, using the potential threat to the States’ national security as the main reason for the rule.

What do you think of the United States’ ban on the export of cybersecurity tools to specific countries? Let us know in the comments.