Criticism from a coalition of technology companies caused the U.S. government to delay implementing rules that could have hobbled security research, but the battle is far from over.
When the U.S. Department of Commerce proposed a rule to regulate the international trade and sharing of “intrusion software,” worried security firms immediately went on the defense. Industry giants, such as Symantec and FireEye, teamed up with well-known technology firms, such as Cisco and Google, to criticize the regulations. The proposed rules, published in May, would cause “significant unintended consequences” that would “negatively impact—rather than to improve—the state of cyber-security,” Cisco stated in a letter to the Commerce Dept.’s Bureau of Industry and Security (BIS).