Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] "Cyber Weapon" Controls in NDAA 2014

Collin Anderson collin at
Fri Jul 12 06:17:21 PDT 2013

Members of Libtech may be interested to know that the National Defense
Authorization Act for Fiscal Year 2014 includes recommendations for
controls on "cyber weapons."


(a) Interagency Process for Establishment of Policy- The President shall
establish an interagency process to provide for the establishment of an
integrated policy to control the proliferation of cyber weapons through
unilateral and cooperative export controls, law enforcement activities,
financial means, diplomatic engagement, and such other means as the
President considers appropriate.
(b) Objectives- The objectives of the interagency process established under
subsection (a) shall be as follows:
(1) To identify the types of dangerous software that can and should be
controlled through export controls, whether unilaterally or cooperatively
with other countries.
(2) To identify the intelligence, law enforcement, and financial sanctions
tools that can and should be used to suppress the trade in cyber tools and
infrastructure that are or can be used for criminal, terrorist, or military
activities while preserving the ability of governments and the private
sector to use such tools for legitimate purposes of self-defense.
(3) To establish a statement of principles to control the proliferation of
cyber weapons, including principles for controlling the proliferation of
cyber weapons that can lead to expanded cooperation and engagement with
international partners.
(c) Recommendations- The interagency process established under subsection
(a) shall develop, by not later than 270 days after the date of the
enactment of this Act, recommendations on means for the control of the
proliferation of cyber weapons, including a draft statement of principles
and a review of applicable legal authorities.

This seems less concerned with human rights violations, and more the
effects of things like the Shamoon virus. It's also useful to read the
Senate report that discusses the issues around pentesting tools (pg. 159).
*Collin David Anderson* | @cda | Washington, D.C.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the liberationtech mailing list