US will revise Wassenaar pact changes

US Commerce Department’s Bureau of Industry and Security (BIS) will rethink the Wassenaar pact changes regarding “cybersecurity items” that it proposed and made available for comment to the public in May.

In the months that followed, a number of companies (including Google) and security researchers have commented on the proposed amendments, mostly by saying that the new rules are too vague and, therefore, dangerous, and that they could negatively affect vulnerability research.

“All of those comments will be carefully reviewed and distilled, and the authorities will determine how the regulations should be changed,” a spokesman for the Commerce Department shared with Reuters. “A second iteration of this regulation will be promulgated, and you can infer from that that the first one will be withdrawn.”

The compilation of the new version will take months, and the public will again be asked for comments.

The Wassenaar Arrangement, which is supported by 41 states, aims to promote transparency and responsibility in transfers of conventional arms and dual-use (civilian and military) goods and technologies.

Among those technologies is encryption, which is currently a hotly debated subject in the US and UK. While security experts repeatedly asserted that encryption backdoors are a bad idea because they can’t be made to be accessible only to law enforcement, FBI director James Comey refuses to believed this.