On January 12, 2022 the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) issued a federal register notice delaying the effective date of new controls on cybersecurity items and an accompanying new license exception. The rules are now set to take effect on March 7, 2022.

The new controls were published in an interim final rule on October 21, 2021, please see our earlier client alert on this. Broadly speaking, they cover (a) items, including software, for the generation, command and control, or delivery of intrusion software and (b) internet protocol (IP) network communication surveillance equipment. BIS delayed the implementation to give industry additional time to comply with the new restrictions as well as update internal compliance procedures, and to provide BIS itself time to provide additional guidance on the rule. BIS may also consider some modifications to the rule, but is not reopening the comment period and these modifications based on the latest comments will most likely be made, if at all, sometime after the new effective date for the interim final rule.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Alexander Urbelis Alexander Urbelis

Alex Urbelis is a senior counsel in the New York office and a member of the Privacy & Cybersecurity Group. Alex has more than 20 years of experience in the information security community and has varied experience as a Chief Information Security Officer…

Alex Urbelis is a senior counsel in the New York office and a member of the Privacy & Cybersecurity Group. Alex has more than 20 years of experience in the information security community and has varied experience as a Chief Information Security Officer (CISO), Chief Compliance Officer, in-house counsel, and private practice litigator.

Alex has a unique skill set that has allowed him to create a bridge between the technical and legal side of cybersecurity. As a result, he is the primary architect of an exclusive DNS (Domain Name Search) monitoring and intelligence platform. Through this intel platform, Alex advises his clients on identified and early-stage indicators of cybersecurity threats and provides counsel on legal actions and technical defensive remedies to neutralize those threats. Alex tracks sophisticated cyber adversaries and advanced persistent threats (APTs) through his intel platform and, notably, detected a state-sponsored cyber intrusion attempt targeting the World Health Organization in March 2020. For combining legal and technical skill sets with public service, the Financial Times selected Alex as a finalist for its Innovative Lawyers awards for pandemic response in 2020.

Photo of Chandler Leonard Chandler Leonard

Chandler S. Leonard is an associate in Crowell & Moring’s Washington, D.C. office and a member of the firm’s International Trade Group. Chandler’s practice focuses on export controls and economic sanctions issues, including voluntary disclosures and enforcement matters before the Departments of Commerce…

Chandler S. Leonard is an associate in Crowell & Moring’s Washington, D.C. office and a member of the firm’s International Trade Group. Chandler’s practice focuses on export controls and economic sanctions issues, including voluntary disclosures and enforcement matters before the Departments of Commerce, State, and Treasury. Chandler has experience analyzing and advising U.S. and non-U.S. companies with respect to proposed transfers of U.S. origin technology, software, hardware, and services. She has performed jurisdictional and classification analyses under the ITAR and EAR, including drafting Commodity Jurisdiction requests and CJ Reconsideration requests. She assists in developing and/or reviewing U.S. export and sanctions compliance programs, including risk assessments. Chandler also has experience training a wide variety of audiences, both U.S. and foreign, on compliance with U.S. export control and sanctions requirements.