Cybersecurity goods are technologies that enable secret eavesdropping or unauthorised reading.

The regulation of new controls for cybersecurity goods could enter into force after the expiry of the objection period on 7 March 2022. This was already included in the Interim Rule of 21st Oct. 2021 for reasons of national security (NS) and counter-terrorism (AT). At the same time, a new License Exeption, “Authorised Cypersecurity Exports” (§740.22 of the EAR) was created, which, with some exceptions, allows these items to be shipped to most destinations without requiring an individual licence from the Bureau of Industry (BIS).

This updating process required some changes to the list items. List items affected include ECCN 4D001 “Software”, ECCN 4E001 “Technology”, and the addition of Notes 3 and 4 to Category 4. Caterory 5 underwent a change in usability for certain parts of the licence exemptions under (parts of) ECCNs 5B001, 5D001,5E001.

ECCN 5A004 “Systems”, “Equipment” and “Components” for Defeating, Weakening or Bypassing “Information Security” was also amended.

Overview of the Rule

86 FR 58205 Cybersecurity Items 10-21-21