On September 23, 2022, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued a revised Iran General License (GL) D-2 which authorizes the export, reexport by U.S. persons to Iran of certain services, software and hardware incident to communication. The purpose of the revised GL is to bring this OFAC guidance on
Information Technology/Cybersecurity
BIS Finalizes Cybersecurity Export Control Rule
On May 26, 2022, the Department of Commerce’s Bureau of Industry and Security (BIS) issued a Final Rule regarding export controls on certain cybersecurity items for national security and anti-terrorism reasons. Originally issued as an interim Final Rule in October 2021 (see Update of October 25, 2021), BIS implemented these export controls due…
BIS Delays Implementation of New Cybersecurity Export Controls
On January 12, 2022, the Department of Commerce’s Bureau of Industry and Security (BIS) announced it was delaying implementation of rules establishing new controls on certain cybersecurity items for National Security (NS) and Anti-terrorism (AT) reasons, along with a new License Exception, Authorized Cybersecurity Exports (ACE). In October 2021, BIS released this Interim Final Rule…
BIS Issues New Cybersecurity Export Controls
On October 21, 2021, the Department of Commerce’s Bureau of Industry and Security (BIS), released an Interim Final Rule to implement export controls on certain cybersecurity items that can be used for malicious cyber activities. Public comments are accepted until December 6, 2021. The final rule will become effective on January 19, 2022, and will…
U.S.-EU Hold Inaugural Trade and Technology Council Meeting
On September 29, 2021, the inaugural meeting of the United States–European Union Trade and Technology Council (TTC) met to discuss and establish “common principles to update the rules for the 21st century economy.” Attending were U.S. Co-Chairs, Secretary of State Antony Blinken, Secretary of Commerce Gina Raimondo and United States Trade Representative Katherine Tai, and…
Treasury Department Issues Updated Advisory on Ransomware Payments
Ransomware attacks have been increasing, forcing many businesses to choose between paying a ransom and losing access to their confidential and proprietary data or information networks and systems.
On September 21, the Department of the Treasury issued an updated advisory that highlights potential sanctions risks for companies that directly make or otherwise facilitate ransomware payments…
TikTok and WeChat “National Security” Cases Are Dismissed
In February 2021, President Joseph Biden’s administration sought a pause in ongoing litigation involving Chinese mobile applications TikTok and WeChat in order to evaluate the record and determine whether there was an actual national security threat as previously determined by former President Donald Trump. On June 9, 2021, President Biden issued a new executive order…
U.S.-EU Summit Statement Addresses Trade, Investment and Technological Cooperation
On June 15, 2021, the United States and European Union (EU) issued a joint Summit Statement trumpeting a “renewed transatlantic partnership” at the conclusion of President Joseph Biden’s first trip abroad as president. The statement establishes a Joint Transatlantic Agenda “for the post-pandemic era, and … regular dialogue to take stock of progress.” The leaders…
President Biden Signs Executive Order to Protect the U.S. Information and Communications Technology and Services Supply Chain
On June 9, 2021, President Joseph Biden issued an Executive Order (E.O.) to further address the threat posed to the U.S. information and communications technology and services (ICTS) supply chain declared in Executive Order 13873 (the “Telecom Supply Chain E.O.”; see Update of May 16, 2019). The June 9, 2021 E.O. also revoked and…
EU Approves New Standard Contractual Clauses for Cross-Border Data Transfers
On June 6, the European Commission adopted new Standard Contractual Clauses (SCCs) to enable organizations to transfer personal data outside the European Union (EU) in accordance with the General Data Protection Regulation (GDPR). The new SCCs are intended to address the complex data processing issues that impact modern businesses, and they impose several novel obligations…