Privacy Ninja

US Govt To Ban Export Of Hacking Tools To Authoritarian Regimes

US Govt To Ban Export Of Hacking Tools To Authoritarian Regimes

The Commerce Department’s Bureau of Industry and Security (BIS) today announced new controls that would ban U.S. companies from exporting and reselling software and hardware tools that could be used to fuel authoritarian practices through malicious hacking activities and human rights abuse.

The rule will become effective in 90 days and will effectively ban the export of “cybersecurity items” for National Security (NS) and Anti-terrorism (AT) reasons.

It also establishes a new License Exception Authorized Cybersecurity Exports (ACE) that bans exports and resale of these items to problematic countries, such as China and Russia, without a license.

The complete list includes states of weapons of mass destruction or national security concern or subject to a U.S. arms embargo.

“The United States Government opposes the misuse of technology to abuse human rights or conduct other malicious cyber activities, and these new rules will help ensure that U.S. companies are not fueling authoritarian practices,” the BIS said.

Also Read: Going Beyond DPO Meaning: Ever Heard of Outsourced DPO?

BIS’ new rule says that these items warrant controls because they could be leveraged to conduct malicious cyber activities, including but not limited to surveillance, espionage, or other actions that would disrupt, deny or degrade access to network devices.

“Today’s rule is consistent with the result of BIS’s negotiations in the Wassenaar Arrangement (W.A.) multilateral export control regime and with a review of comments from Congress, the private sector, academia, civil society, and other stakeholders on previously proposed BIS rulemaking in this area,” the Commerce Department bureau said.

U.S. Secretary of Commerce Gina M. Raimondo added that the new rule is designed to block malicious threat actors’ access to hacking tools that could be used to target U.S. entities and threaten U.S. national security, while also allowing their use for legitimate purposes.

“The United States is committed to working with our multilateral partners to deter the spread of certain technologies that can be used for malicious activities that threaten cybersecurity and human rights,” Raimondo said.

Also Read: 5 Common Sections in an Agreement Form Example

“The Commerce Department’s interim final rule imposing export controls on certain cybersecurity items is an appropriately tailored approach that protects America’s national security against malicious cyber actors while ensuring legitimate cybersecurity activities.”

Outsourced DPO – It is mandatory to appoint a Data Protection Officer. Engage us today.

PDPA Training (SkillsFuture Eligible) – Empower data protection knowledge for your employees.

Vulnerability Assessment Penetration Testing – Find loopholes in your websites, mobile apps or systems.

Privacy Ninja provides GUARANTEED quality and results for the following CORE SERVICES:

DPO-As-A-Service (Outsourced DPO Subscription)
Vulnerability Assessment & Penetration Testing (VAPT)
PDPA Obligations for Organizational Compliance (SkillsFuture Credit Eligible)

OTHER SERVICES:

PDPA Compliance Audit
Dig
ital Transformation Consultancy
Data Protection Trustmarks Certification Readiness Consultancy

PDPA Data Protection Software
Smart Contract Audit

LIKE & SUBSCRIBE:
Facebook
LinkedIn
Twitter
YouTube
Podcast

0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Powered by WhatsApp Chat

× How can we help you?