United States of America: Published Bureau of Industry and Security (BIS) Interim Final Rule on cybersecurity items regulation includes consultation
Description
Published Bureau of Industry and Security (BIS) Interim Final Rule on cybersecurity items regulation includes consultation
On 21 October 2021, an interim final rule is published by the US Bureau of Industry and Security (BIS). The Rule aims to implement controls against certain “cybersecurity items" that are used to pursue malicious cyber activities such as espionage or surveillance. This is done through amendments to the Commerce Control List (CCL). Furthermore, the Export Control Classification Numbers (ECCNs) are updated and a new License Exception Authorized Cybersecurity Exports (ACE) is created. A consultation on the possible effects of the interim final rule on the U.S. industries and cybersecurity, in general, has been opened that will close on 5 December 2021. The Rule will be put in effect on 19 January 2022.
Original sourceScope
Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
cross-cutting
Implementation Level
national
Government Branch
executive
Government Body
central government
Complete timeline of this policy change
Hide details
2021-10-21
in consultation
2021-12-05
processing consultation
Key regulatory dimensions
Regulated subjects
The businesses, government agencies or individuals affected by this policy or regulatory change.
producer / supplier
1
Type
Private organisation
Economic activity
cross-cutting
Category
All