Product Management Confabulation
What Product Managers are talking about.
The U.S. Department of Commerce has announced that it will ban the export of hacking tools to authoritarian governments in an effort to curb violations of human rights and other malicious cyber activities.
The rule, first reported by The Washington Post and later confirmed by the Commerce Department, will effectively ban the export or resale of hacking software and equipment to China, Russia, and other countries of concern for national security reasons, without a license from the department’s Bureau of Industry and Security (BIS).
The move comes after the Biden administration in March restricted the export of U.S. technologies — including advanced semiconductors and software that uses encryption for information security — to China and Russia as it continues to take a hard-line national security approach towards the two countries.
The latest sanctions are due to go into effect in 90 days and will cover software such as Pegasus, spyware developed by Israeli firm NSO Group that several authoritarian governments have used to hack into the phones of their most vocal critics, including journalists, activists, politicians and business executives.
Software intended for cyber defense purposes, on the other hand, is exempt from needing an export license, since the new rule won’t prevent U.S-based cybersecurity researchers from collaborating with colleagues overseas or disclosing flaws to software makers. When BIS first published a proposed rule in 2015, it received almost 300 comments that raised “substantial concerns” about the the impact it would have on legitimate cybersecurity research and incident response activities.
The rule brings the U.S. in line with the 42 European nations and allies that are members of the Wassenaar Arrangement, which sets voluntary export control policies on military and dual-use technologies.
“The United States is committed to working with our multilateral partners to deter the spread of certain technologies that can be used for malicious activities that threaten cybersecurity and human rights,” said Commerce Secretary Gina M. Raimondo. “The Commerce Department’s interim final rule imposing export controls on certain cybersecurity items is an appropriately tailored approach that protects America’s national security against malicious cyber actors while ensuring legitimate cybersecurity activities.”
The Commerce Department — which last year become one of the first victims of the Russia-linked SolarWinds hack — is giving the public 45 days to comment on the rule, and is seeking including comments on the potential cost of compliance and any impacts it could have on legitimate cybersecurity activities. The agency will have another 45 days to make changes before the rule becomes final.
Another federal judge has issued a preliminary injunction against U.S. government restrictions that would have effectively banned TikTok from operating in the United States.
The ruling (embedded below) was made by U.S. District Court Judge Carl Nichols in a lawsuit filed by TikTok and ByteDance against President Donald Trump, Secretary of Commerce Wilbur Ross and the Commerce Department. Judge Nichols wrote the government “likely exceeded IEEPA’s [the International Emergency Economic Powers Act] express limitations as part of an agency action that was arbitrary and capricious.”
This is the second time a federal judge has issued an injunction against Trump administration restrictions that would have prevented U.S. companies, including internet hosting services, from transactions with TikTok and ByteDance. The first injunction was granted in October by U.S. District Court Judge Wendy Beetlestone, in a separate lawsuit brought against the President Trump and the U.S. Commerce Department by three TikTok creators.
Both lawsuits challenge an executive order signed by President Trump on August 7, banning transactions with ByteDance. The order cited both the IEEPA and National Emergencies Act, claiming TikTok posed a national security threat because of its ownership by a Chinese company.
In today’s ruling, Judge Nichols wrote TikTok and ByteDance are likely to succeed in their claims that Secretary Ross’ prohibitions against TikTok and ByteDance, which were originally supposed to go into effect on November 12, likely violated limits in the IEEPA and the Administrative Procedures Act.
The Commerce Department already issued a notice last month saying it will comply with Judge Beetlestone’s injunction pending further legal developments.
ByteDance is also facing a divestiture order that would force it to sell TikTok’s U.S. operations. While it has reached a proposed deal with Oracle and Walmart, ByteDance also asked the federal appeals court to vacate the order last month. On November 26, the Trump administration extended the order’s deadline to December 4, but allowed it to lapse without setting a new one.
In an email to TechCrunch, a TikTok spokesperson said, “We’re pleased that the court agreed with us and granted a preliminary injunction against all the prohibitions of the Executive Order. We’re focused on continuing to build TikTok as the home that 100 million Americans, including families and small businesses, rely upon for expression, connection, economic livelihood, and true joy.”
A U.S. Commerce Department spokesperson said, “The Department maintains that the [executive order] is fully consistent with law and promotes legitimate national security interests. The Government will continue to comply with the injunctions and has taken immediate steps to do so, but intends to vigorously defend the [executive order] and the Secretary’s implementation efforts from legal challenges.”
To keep track of the often overlapping developments in ByteDance and TikTok’s fight with the U.S. government, we have compiled a comprehensive timeline and will keep it updated.
TikTok vs Trump Injunction by TechCrunch on Scribd
About two months after Huawei was placed on the Commerce Department’s Entity List, the Chinese telecom equipment and smartphone giant will be able to do business with American suppliers again–but only if they get a license from the U.S. government. Commerce Secretary Wilbur Ross made the announcement during a department conference, adding that companies must first demonstrate that the technology they sell to Huawei will not put national security at risk.
Huawei will remain on the entity list, however, and license applications will be reviewed under a “presumption of denial,” making it likely that most will not be approved.
Last month while both presidents were in Japan for the G20 Summit, Donald Trump told Chinese leader Xi Jinping that he would allow U.S. companies to sell equipment to Huawei again, but the promise created confusion about how it would be carried out, with the Commerce Department instructing staff to continue acting as if the blacklist is still in place. Huawei, the world’s largest telecom equipment maker and second-largest smartphone vendor, is a major bargaining chip in the ongoing trade war between the U.S. and China.
The blacklist has had a major impact on Huawei, with important suppliers like Qualcomm, Intel and Google severing ties after it was placed on the entity list. Huawei, which has repeatedly denied being a threat to U.S. national security, said that being blacklisted would cost the company about $30 billion in revenue, though founder and CEO Ren Zhengfei later downplayed the impact in an interview with CNBC. It also means U.S. companies have lost an important customer. Out of the $70 billion Huawei spent buying components last year, $11 billion went to American companies like Qualcomm, Intel and Micron.
President Donald Trump recently promised to ease the ban on American companies doing business with Huawei, but the Commerce Department is requiring its staff to treat Huawei as if the blacklist is still in place, reports Reuters.
Enforcement staff were sent an internal letter this week by John Sonderman, the Deputy Director of the Office of Export Enforcement, to continue treating Huawei as blacklisted. The letter, viewed by Reuters, said applications from companies that want to sell to Huawei should be considered on merit and flagged with language that notes Huawei is on the entity list. The applications should also still be viewed under a “presumption of denial” policy that applies to companies on the blacklist. This means license applications are scrutinized more closely and most of them are rejected.
Along with 70 other companies, Huawei was added in May to an “entity list” of companies that U.S. companies are forbidden to do business with. As a result, many of Huawei’s most important component suppliers, including Qualcomm and Intel, severed ties with Huawei, while Google cut off its access to Android--a major headache for Huawei, which is the third-largest smartphone maker in the world. Huawei founder and CEO Ren Zhengfei said the ban would result in $30 billion in lost revenue.
According to Reuters, this is the only guidance enforcement officials have received since Trump’s surprise announcement, made after he met with Chinese premier Xi Jinping at the G20 summit. In an apparent concession to China, which sees Huawei as major sticking point in the U.S.-China trade war, Trump suggested that the U.S. will allow American companies to resume selling hardware to Huawei as long as it doesn’t pose a “great national emergency problem,” and would hold meetings about Huawei’s trade status.
After Trump’s announcement, Ren downplayed the effect of the promised partial reprieve, telling the Financial Times that the ban has helped the company “become more united than ever.” He added “if we aren’t allowed to use U.S. components, we are very confident in our ability to use components made in China and other countries.”