New Controls Would Be ‘Broadest Expansion’ of Export Control Authority in Years, BIS Says

Proposed U.S. export controls issued by the Bureau of Industry and Security last week are meant to “prevent hack-for-hire business models from circumventing our human rights-based export controls,” including U.S. restrictions on “cyber-intrusion tools,” said Thea Kendler, the agency’s assistant secretary for export administrations. In a news release announcing the proposed rules, Kendler said the restrictions could improve “controls on activities supporting foreign police and security services, including those known to violate human rights.”

The rules, including two from BIS and one from the State Department, propose a range of new restrictions on U.S. support for certain foreign military intelligence and security services, along with a new control on exports of certain facial recognition technology (see 2407250032). The restrictions would implement a provision in the FY 2023 defense spending bill designed to limit exports of U.S. items and expertise to foreign intelligence units (see 2212210032 and 2403270063).

BIS said the rules “propose to implement the broadest expansion of presidential export control authority since” the Export Control Reform Act was signed in August 2018, echoing comments made by at least one lawmaker before the defense bill became law (see 2212210032).

“In amending ECRA in this manner, Congress sought to prevent U.S. persons from [assisting] in foreign military, intelligence, and security services that threaten international peace and stability or spy on dissidents, journalists, and American citizens,” BIS said.