Langevin Statement on Wassenaar Arrangement Plenary Session

Congressman Jim Langevin (D-RI), co-founder and co-chair of the Congressional Cybersecurity Caucus and a senior member of the House Committees on Armed Services and Homeland Security, released a statement in response to changes made to intrusion software export controls at the recent Wassenaar Arrangement plenary session:

“I am deeply disappointed that Wassenaar member states declined to make needed updates to the intrusion software controls, particularly those related to technologies necessary for their development. For over a year, I have led my colleagues in Congress in calling for a careful review of these controls, which could harm our nation’s cybersecurity by making it more difficult to quickly share defensive tools and close vulnerabilities. The small changes clarifying the role of ‘command and control’ functionality that were made at the annual meeting, while needed, are simply insufficient to address the broader flaws in the language.

“That said, I am grateful to Ambassador Rice and her team for their work in formulating the U.S. position on the needed language changes and to the Department of State for their strong advocacy at the Plenary. I also commend the Department of Commerce’s Bureau of Industry and Security for their outreach to cybersecurity practitioners throughout the process and for the inclusion of representatives from industry, Katie Moussouris (CEO, Luta Security) and Iain Mulholland (CTO, Security, VMware), as expert advisers to the delegation. I am hopeful that the incoming Administration will continue to press the case for sensible language changes during negotiations next year and continue to forbear exercising rulemaking authority on these controls until such changes are made.”

View the letter by Congressman Langevin and 124 other Representatives to Ambassador Rice.

View the comments by Congressman Langevin on the Department of Commerce’s original proposed rule.