Modern field guide to security and privacy

Can National Security Advisor settle cybersecurity feud?

Two Congressional lawmakers want Susan Rice to get involved in a dispute between the State Department and industry officials over proposed export rules for technology that could be used for malicious purposes.

|
Jonathan Ernst/Reuters
National Security Advisor Susan Rice with President Obama during a meeting with Kenya's President Uhuru Kenyatta in July.

Congressional lawmakers are calling on President Obama's National Security Advisor Susan Rice to settle a debate pitting the private sector against the State Department in a row over export controls on cybersecurity products and research.

Reps. Jim Langevin (D) of Rhode Island and Michael McCaul (R) of Texas plan on submitting a letter to Dr. Rice next week, asking her to intervene in the feud centering around how the US government classifies certain types of technology as "intrusion software."

The debate over export controls on cybersecurity products and research – meant to limit the sale of militarized spyware to repressive regimes – dates back to 2013 when the State Department took part in annual international negotiations to alter the 41-nation Wassenaar Arrangement, an international arms control pact.

Two years later, the vast majority of nations have implemented updated Wassenaar terms but divisions between information security professionals and software engineering academics and government agencies have stalled the changing from taking affect. 

Now, Representatives Langevin and McCaul want Dr. Rice to significantly overhaul the government's draft rules that the two lawmakers – and many security professionals – view as overly restrictive and potentially harmful to international cybersecurity, by preventing research and the transport of critical network testing tools.

"Your involvement will help resolve the uncertainty facing businesses as they await resolution of what has already been an overlong process," the lawmakers say in the letter, which the two are circulating among their House colleagues in search of additional cosigners.

Officials from several government agencies including the Department of Homeland Security and Pentagon have suggested the most recent draft of the Wassenaar Agreement needs to be overhauled. Even the Department of Commerce – which is charged with writing the export controls – is taking the rare step of reopening a public comment period on the draft after it received overwhelmingly negative comments to the earlier proposal. 

But Langevin as well as many industry experts complain that the State Department is blocking any substantial changes to how the US implements the Wassenaar deal.

"State has been telling Commerce that [protesting] is what industry does, and that they can wait it out.... But this is not a typical export control issue," he said. "The State Department will have to budge."

More than three-quarters of the Wassenaar Arrangement signatories have already implemented the 2013 changes, leaving the State Department in a precarious position if the US can't implement the core language that American negotiators helped determine.

Though many industry professionals involved with negotiations over the export controls say the State Department has been willing to compromise on certain aspects of the proposal, it appears only willing to list exemptions to the Wassenaar agreement but not change the core agreement.

A State Department officials told Passcode he was optimistic that a reasonable compromise could be found along those lines, and said "discussions with industry partners were still ongoing."

But even though many cybersecurity experts were critical of the government's initial plan to apply Wassenaar, most applaud the Department of Commerce's willingness to listen to industry professionals. 

"The United States is really the first to listen to industry experts," said Dave Aitel of the security firm Immunity. "And most of the cybersecurity industry is located in the United States, so it was bound to be the place where the real pushback would begin."

 

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

QR Code to Can National Security Advisor settle cybersecurity feud?
Read this article in
https://www.csmonitor.com/World/Passcode/2015/1211/Can-National-Security-Advisor-settle-cybersecurity-feud
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe