United States of America: Implemented Rule with Additions to the Entity List under the EAR for Trafficking in Cyber Exploits

On 18 July 2023, the US Commerce Department's Bureau of Industry and Security (BIS) added four companies to the Entity List established under the Export Administration Regulations (EAR). In particular, four entities were included in the Entity List for trafficking in cyber exploits used to gain unauthorised access to information systems and threaten the privacy of individuals and organisations. More specifically, the BIS aims to restrict these entities' access to commodities, software, and technology that could contribute to the development of surveillance tools with a risk of misuse in human rights violations or abuses. The entities include Intellexa S.A. in Greece, Cytrox Holdings Crt in Hungary, Intellexa Limited in Ireland, and Cytrox AD in North Macedonia.