Today the DOC’s Bureau of Industry and Security (BIS) published a meeting notice in the Federal Register (81 FR 43185) for a meeting of the Information Systems Technical Advisory Committee (ISTAC). The partially closed two-day meeting will be held on July 27th and 28th, 2016 in San Diego, CA. The session on the 27th will be open to the public and will be available via teleconference.
Two of the public session items may be of specific interest to readers of this blog:
• Comments on ECCN 5A001.J; and
• Wassenaar Proposals for 2017.
Export classification control number (ECCN) 5A001.J is the controversial export control language for ‘intrusion software’. BIS withdrew the proposed language that caused so much discord last year. I would suspect that this is the replacement language that BIS is proposing. I have not yet seen a copy of this new proposed language.
Last year the cybersecurity community was pretty much caught by surprise with the proposed intrusion software language that BIS proposed based upon the DOC interpretation of the latest Wassenaar language. In order to get ahead of future changes in these export controls, the community needs to pay attention to the development of the Wassenaar agreements.