recommended reading

Congress' Plan to Stop Exporting Technology to Repressive Regimes

An Egyptian protester uses his laptop next to a cooling fan in Cairo's Tahrir Square in July 2011.

An Egyptian protester uses his laptop next to a cooling fan in Cairo's Tahrir Square in July 2011. // Khalil Hamra/AP

When a U.S. company wants to export military technology, it has to go through a rigorous approval process in Washington. That’s because, of course, if it ends up in the wrong hands, the technology could interfere with U.S. foreign policy, destabilize conflict-prone regions, or worse.

Now one member of Congress wants to apply the same scrutiny to technology that “can be used for potentially illicit activities” such as Internet censorship.

Unveiled this week by Rep. Chris Smith, R-N.J., the Global Online Freedom Act of 2013 would, among other things, make it illegal for firms to export equipment that could facilitate digital monitoring. The latest measure resembles previous efforts at curbing online surveillance, but analysts say there’s a danger in the proposed law: The export controls cast too wide a net and could sweep up innocent companies by accident.

“It's very difficult to describe in words [the difference] between ‘bad’ software and ‘good’ software,” said Susan Crawford, a former special assistant on technology for the Obama administration and author of the book Captive Audience. “The consequences of getting it wrong could lead to stifling innovation and making life unnecessarily difficult for U.S. companies.”

Smith’s bill takes aim at firms that have been implicated in repressive governments’ domestic espionage. As monitoring schemes have become more complex, Western companies have become involved in selling goods and services to these governments.

In the Middle East, censorship is routinely tied to the private sector overseas. As a Bloomberg investigation revealed in 2011, American and British entities played a remarkable role in Tunisia’s powerful Internet surveillance machine:

Western suppliers used the country as a testing ground. Moez Chakchouk, the post-revolution head of the Tunisian Internet Agency, says he’s discovered that the monitoring industry gave discounts to the government-controlled agency, known by its French acronym ATI, to gain access.In interviews following Ben Ali’s ouster after 23 years in power, technicians, activists, executives and government officials described how they grappled with, and in some cases helped build, the repressive Wonderland.

Several California-based companies, including the popular antivirus company McAfee, were found to have provided filtering services to Tunisia’s government. Among other tactics, Tunisian censors were capable of intercepting and rewriting e-mails in transit.

But not all technology lends itself well to the suppression of speech, and that’s precisely where Smith's proposal stumbles, watchdogs say. Whether they know it or not, companies like Cisco that provide networking hardware — routers and other equipment — often find their products repurposed in ways that advance foreign governments’ censorship agenda. The conundrum reveals what until now has largely been the concern of the defense industry: the so-called “dual-use” problem.

To say a product or technology is “dual-use” is to say it can be used for both peaceful and non-peaceful ends. Nuclear equipment is a great example. In civil contexts, it can help produce vast amounts of valuable energy. But in a more nefarious context, it can lead to weapons of mass destruction.

The Global Online Freedom Act reveals how far we’ve come from an era when “dual-use” meant technologies with possible military applications. Now the boundaries of that term are being forced wide open. Today, practically any Internet tool — social networks, open-source software, and so on — that can be co-opted for monitoring purposes could also be considered a dual-use technology. Over half of all U.S. smartphones run Android, Google’s open-source operating system. An app running on that system that collects location or browsing data could potentially run afoul of GOFA. Skype, whichEgyptian officials used to monitor opposition phone calls in 2011, might also plausibly fall into this category. Repurposing a civilian product for darker motives is no longer limited to the military realm — we’re now seeing completely ordinary technologies being (ingeniously) applied to “solve” intrastate problems.

The dual-use problem creates ambiguity that makes legislating much harder than we’d like. Building a kind of terror watchlist for tech suddenly becomes a monumental task when you aren't sure what should qualify. 

Not only is a blacklist heavy-handed, but it requires constant updating as companies break up and products get updated in ever-faster product cycles. And it’s never been clear that unilateral export controls imposed by a single country are actually effective; repressive regimes will just find vendors elsewhere.

Smith is justifiably concerned about accidentally giving hostile governments the tools they need to stay in power. But without much more nuanced language, a bill aimed at creating new freedoms abroad could unwittingly limit them at home.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.


When you download a report, your information may be shared with the underwriters of that document.