U.S. updates encryption export policy

The United States has updated its encryption export policy affecting companies

that sell encryption software to the 15 European Union nations and eight

other U.S. allies.

The policy is being updated to assure the continued competitiveness

of U.S. encryption software producers in international markets, White House

Chief of Staff John Podesta said in a briefing Monday.

Under the new policy, U.S. companies can export any encryption product

to any end user in the EU, as well as end users in Australia, Norway, the

Czech Republic, Hungary, Poland, Japan, New Zealand and Switzerland.

Restrictions on U.S. sales of encryption software in those countries

were partially lifted in January. Under that first phase of encryption export

liberalization, U.S. companies could export encryption software after a

technical review to nongovernment end users in any country except Cuba,

Iran, Iraq, Libya, North Korea, Sudan and Syria.

The updated policy announced Monday removes the distinction that applied

to government end users, allowing companies to sell their products to those

customers as well. It also says companies no longer have to wait for the

completion of a technical review or wait 30 days to ship their products.

The U.S. moves follow the adoption of regulations by the EU that ease

encryption exports to the same countries, Podesta said.

Removing the distinction between government and nongovernment end users

is vital to vendors because there are many government-owned commercial entities,

said Robert Holleyman, president and chief executive officer of the Business

Software Alliance.


  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

  • Cloud
    cloud migration

    DHS cloud push comes with complications

    A pressing data center closure schedule and an ensuing scramble to move applications means that some Homeland Security components might need more than one hop to get to the cloud.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.