Talk of the Wassenarr Arrangement has appeared in many news forums over the past week. In a recent statement by The Bureau of Industry and Security (BIS), the U.S. is finally set to implement export controls from the Wassenaar Arrangement’s Plenary meeting in December 2013. This announcement from the BIS concerns some security experts that the new controls will not support the current open security research community.
The Wassenaar Arrangement (WA) is a multilateral export control regime that consists of 41 participating states, including the United States. Having begun in Wassenaar of the Netherlands in 1996, the arrangement seeks to regulate use of conventional arms and dual-use goods and technologies among the nations involved. In December of 2013, the Wassenaar Arrangement held their 19th annual Plenary meeting that suggested further export controls in areas of surveillance and law enforcement and intelligence.
After 18 months, the U.S. has finally moved to implement these new controls as proposed by the WA. The Bureau of Industry and Security announced their proposed changes in May of this year, and then asked for comments (which were already collected on July 20).
The concerns Google raises are concerns that would affect not only Google’s own systems, but that would affect the entire Internet ecosystem.
While the export controls themselves have not yet been approved or implemented by the U.S. Department of Commerce, those in the security industry should be aware of the potential rules that could come from the Wassenaar Arrangement and how that could affect security in the future. Namely, that according to some security experts these controls could great stunt security research.