I mentioned efforts by the U.S. to make changes to the Wassenaar arrangement in: Beyond TPP: An International Agreement to Screw Security Researchers and Average Citizens.
The Electronic Freedom Foundation (Nate Cardozo and Eva Galperin) has blogged on this topic in: What Is the U.S. Doing About Wassenaar, and Why Do We Need to Fight It?.
Deadline for comments: July 20, 2015.
Nate and Eva close with this plea:
…
BIS [Bureau of Industry and Security]has posted a request for comments on this proposed rule and the comment period is open through July 20, 2015. BIS is specifically asking for information about the negative effects the proposed rule would have on “vulnerability research, audits, testing or screening and your company’s ability to protect your own or your client’s networks.” We encourage independent researchers, academics, the security community, and companies both inside and outside the U.S. to answer BIS’ call and submit formal comments. Researchers and companies whose work has been hindered by the European regulations, which are notably less restrictive than the U.S. proposal, are also encouraged to submit comments about their experience.EFF will be submitting our own comments closer to the July 20 deadline, but in the meantime, we’d love it if those of you who are submitting comments to copy us (wassenaar@eff.org) so that we can collect and highlight the best arguments both in our own comments and on this blog.
Take special note of:
BIS is specifically asking for information about the negative effects the proposed rule would have on “vulnerability research, audits, testing or screening and your company’s ability to protect your own or your client’s networks.”
Here is your chance to be specific. The more detail you can provide, the stronger the case will be against the proposed changes. If all the concerns seem like idle hand waving, bad things could happen.
I don’t do security research but if you need a second pair of eyes on your comments, I can make the time to review a very limited number of comments. patrick@durusau.net
No promises that efforts to oppose these changes will be successful but if we skip opportunities to influence the process, we have only ourselves to blame for the outcome.