US government fines Intel’s Wind River over crypto exports

Posted on by

Top 5 reasons to deploy VMware with Tegile

The US Government has imposed a $750,000 fine on an Intel subsidiary for exporting encryption to China, Russia, Israel and other countries

Wind River Systems was fined for exporting products that incorporated encryption to foreign governments and to organisations on the US government restricted list. The controversial move means the US Department of Commerce appears to be coming down heavily against the export of encryption even in cases where no export to sworn enemies of the US (Iran, Cuba and North Korea etc.) is involved.

The Intel subsidiary was fined for falling to get Department of Commerce licenses for a modest piece of business, valued at under $3m. As such the fine represents a slap on the wrist, but it's still a clear signal that priorities are changing.

Previously self-reported cases of crypto export used to be handled by a warning only. Multinational commercial law firm Goodwin Procter warned its clients to treat what happened to Wind River as the new normal.

We believe this to be the first penalty BIS has ever issued for the unlicensed export of encryption software that did not also involve comprehensively sanctioned countries (e.g., Cuba, Iran, North Korea, Sudan or Syria). This suggests a fundamental change in BISs treatment of violations of the encryption regulations.

Historically, BIS has resolved voluntarily disclosed violations of the encryption regulations with a warning letter but no material consequence, and has shown itself unlikely to pursue such violations that were not disclosed. This fine dramatically increases the compliance stakes for software companies a message that BIS seemed intent upon making in its announcement.

Senior FBI and US government law officers have repeatedly complained over recent weeks about plans by Apple and Google to incorporate enhanced security into smartphones. Now, as Techdirt notes, the conflict between government regulation and the tech industry is moving onto the renal original turf of the first crypto wars of the late 90s - the export of strong encryption.

Strong cryptography was classified as a weapon and subject to export controls back in the 90s. This approach fell into disfavour for several good reasons that are even more relevant today than they were 20 years ago.

Firstly cryptography is essentially applied mathematics and the knowledge is already out there. Secondly decent cryptography is a fundamental component of any computing system that aspires to be secure.

Originally posted here:
US government fines Intel's Wind River over crypto exports

Related Posts
This entry was posted in $1$s. Bookmark the permalink.