In order to protect U.S. national security interests and promote foreign policy objectives, various U.S. agencies collectively administer and enforce U.S. export control laws and participate in various multilateral export control regimes to prevent the proliferation of weapons of mass destruction and prevent destabilizing accumulations of conventional weapons and related materials. To that end, the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) governs the export and reexport of commodities, software, and technology falling under the jurisdiction of Export Administration Regulations. BIS promotes continued U.S. strategic technology leadership and is responsible for enforcing the regulation of export, reexport, and transfer of items with commercial uses that can also have a dual use, and be used in conventional arms, weapons of mass destruction, terrorist activities, or human rights abuses, and less sensitive military items, which bleeds into cybersecurity as well.
Cybersecurity has recently become an essential aspect in export controls and on October 21, 2021, BIS published its Interim Final Rule (this rule is effective January 19, 2022), which summary states:
SUMMARY: This interim final rule outlines the progress the United States has made in export controls pertaining to cybersecurity items, revised Commerce Control List (CCL) implementation, and requests from the public information about the impact of these revised controls on U.S. industry and the cybersecurity community. Specifically, this rule establishes a new control on these items for National Security (NS) and Anti-terrorism (AT) reasons, along with a new License Exception Authorized Cybersecurity Exports (ACE) that authorizes exports of […]