Members of Libtech may be interested to know that the National Defense Authorization Act for Fiscal Year 2014 includes recommendations for controls on "cyber weapons."
SEC. 946. CONTROL OF THE PROLIFERATION OF CYBER WEAPONS. (a) Interagency Process for Establishment of Policy- The President shall establish an interagency process to provide for the establishment of an integrated policy to control the proliferation of cyber weapons through unilateral and cooperative export controls, law enforcement activities, financial means, diplomatic engagement, and such other means as the President considers appropriate. (b) Objectives- The objectives of the interagency process established under subsection (a) shall be as follows: (1) To identify the types of dangerous software that can and should be controlled through export controls, whether unilaterally or cooperatively with other countries. (2) To identify the intelligence, law enforcement, and financial sanctions tools that can and should be used to suppress the trade in cyber tools and infrastructure that are or can be used for criminal, terrorist, or military activities while preserving the ability of governments and the private sector to use such tools for legitimate purposes of self-defense. (3) To establish a statement of principles to control the proliferation of cyber weapons, including principles for controlling the proliferation of cyber weapons that can lead to expanded cooperation and engagement with international partners. (c) Recommendations- The interagency process established under subsection (a) shall develop, by not later than 270 days after the date of the enactment of this Act, recommendations on means for the control of the proliferation of cyber weapons, including a draft statement of principles and a review of applicable legal authorities. http://thomas.loc.gov/cgi-bin/query/F?c113:1:./temp/~c113eXtUjr:e386426: This seems less concerned with human rights violations, and more the effects of things like the Shamoon virus. It's also useful to read the Senate report that discusses the issues around pentesting tools (pg. 159). http://www.gpo.gov/fdsys/pkg/CRPT-113srpt44/pdf/CRPT-113srpt44.pdf -- *Collin David Anderson* averysmallbird.com | @cda | Washington, D.C.
-- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at [email protected] or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
