Recent trends and discussions relating to export controls and national security concerns may now capture the attention of software manufacturers, technology firms, and online retailers of software, as well as their global trade compliance teams. In a time where cyber-hacking and cyberterrorism pose increasingly greater threats to the national security of the United States, government agencies like the Department of State seem to be looking to actively crack down on such threats. Cyber and technology products may now face more scrutiny as the United States seeks to gain greater control over national security threats like cyber-hacking and cyberterrorism.

On October 29, 2015, the Defense Trade Advisory Group (DTAG) of the Department of State met to discuss the possibility of adding “cyber products” to the United States Munitions List (USML).1 DTAG is an advisory panel comprising defense trade specialists and private sector exporters in the defense realm. The meeting provoked the heightened attention of industry, as these types of controls could result in licensing fees, increased wait times for licenses, and other burdens for private software companies at a time when commercial sales are down. In the meeting, DTAG considered whether “cyber products” should be added to the USML, and the impact of including such products on the highly controlled list of items.

Ultimately, DTAG determined that “cyber products” should not be added to the USML.2 The government would have to delineate between cyber products with sensitive military or intelligence capabilities, and those that do not possess such capabilities. One risk of including a broad term like “cyber products” on the USML would be that commercial components and sub-systems could potentially be caught by such a term. Including “cyber products” on the USML would also seem to run counter to the president’s Export Control Reform (ECR) initiative, which seeks to ultimately revise the export regulations to prioritize which items warrant heightened controls. The result of ECR has been to create “detailed, enumerated lists that impose controls based on the sensitivity of the item and the destination.”3

The mere fact that this issue has been discussed and is being addressed by the Department of State should be enough to pique the interest of technology firms and software manufacturers. Even though no immediate action has been taken to add “cyber products” to the USML, the increasing government attention on this issue may indicate a possibility that such items could become subject to increasing controls in the future. As always, export/import compliance officers and professionals should be aware of the increasing scrutiny that such products are receiving from the U.S. government, and be prepared to address any changes in the regulations.