June 25, 2022

Volume XII, Number 176

Advertisement
Advertisement

June 24, 2022

Subscribe to Latest Legal News and Analysis

June 23, 2022

Subscribe to Latest Legal News and Analysis

June 22, 2022

Subscribe to Latest Legal News and Analysis

Controls Coming for Intrusion & Network Surveillance Tools

The Commerce Department’s export control agency, BIS, has proposed a new rule to control exports of equipment and software designed or modified to perform network intrusion and internet protocol communications surveillance.  The proposed controls also cover technology used to develop intrusion software or network communications surveillance systems.

“Intrusion software” is defined to include software specially designed or modified to defeat protective countermeasures and monitoring tools that have the ability to extract or modify information on the target device or enable the execution of externally provided instructions.

As drafted, the proposed rule would cover equipment and software designed to perform penetration testing of networks to determine vulnerabilities of computers and network connected devices by the owners of the networks or their security contractors.  The rule would impose a license requirement on all exports, except those to Canada.

Some of the items designated in the proposed rule may already require licenses for export under existing export regulation governing encryption, but the new rule is focused directly on the cybersecurity threat such technologies pose.

Another part of the proposed rule restricts export of network traffic analysis systems.  Systems that intercept and analyze internet traffic to produce personal, human and social information for the communciations stream also could not be exported anywhere (except Canada) without a license.

Parties interested in commenting on this proposed rule may do so at the www.regulations.gov website, under Docket No. BIS-2015-0011.   The comment period closes July 20, 2015.

©1994-2022 Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C. All Rights Reserved.National Law Review, Volume V, Number 162
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

The frictionless flow of information is a defining feature of today’s information economy. Your organization’s ability to transfer customer data, employee files, financial records, and other information around the country or the globe quickly and cheaply has opened a world of new opportunities. Privacy laws vary by jurisdiction and are interpreted unpredictably, and even if your business is extremely conscientious, it can make a false step as it captures, uses, transfers, and discloses personal information. The consequences can be serious and even devastating — heavy...

617-348-1732
Advertisement
Advertisement
Advertisement