Deep Dive Episode 14 – Discussion on the Wassenaar Arrangement

Should software be regulated like a military weapon? That’s the direction in which most Western nations seem to be moving, under the guidance of the international Wassenaar Arrangement governing international export controls. During its 2013 plenary session, the Wassenaar member nations agreed to implement export controls for (1) software, hardware, and technology that generate, operate, deliver or communicate with “intrusion software”; and (2) “carrier class” IP network communications surveillance items. The purpose of these controls was to protect activists and opposition figures from monitoring by authoritarian governments and to keep software and technology out of the hands of malicious hackers.

But the agreed-to controls control not only malicious “intrusion” software items, but virtually any type of software, hardware, and technology designed to counter “intrusion” software. The controls have also been ineffective in actually reaching their intended targets—barring specific companies from exporting specific tools to specific end-users for specific purposes—and international implementation has been widely divergent. Join us for a discussion of the Wassenaar rules and their regulatory effects.

Stewart A. Baker


Steptoe & Johnson LLP

Alan Cohn


Steptoe & Johnson LLP

Matthew R. A. Heiman

Chief Legal + Administrative Officer

Waystar Health

Cyber & Privacy

The Federalist Society and Regulatory Transparency Project take no position on particular legal or public policy matters. All expressions of opinion are those of the speaker(s). To join the debate, please email us at [email protected].

Related Content

Skip to content