Lawmakers Want New Definition of Hacking Software

A bipartisan group of 125 House lawmakers is calling on the Obama administration to redefine “hacking intrusion software” in an upcoming Commerce Department rule that would control the export of cybercrime tools.

House Homeland Security Committee Chairman Michael McCaul (R-Texas) and 124 other lawmakers, sent a letter to National Security Advisor Susan Rice, saying they disagree with how “hacking intrusion software” has been defined by the Commerce Department’s Bureau of Industry and Security for the purposes of 2013 updates to the Wassenaar Agreement, an international deal meant to fight international cybercrime and illicit surveillance by controlling the flow of certain types of software.

Commerce is preparing to issue a proposed rule that would implement the definition of hacking intrusion software initially set by BIS. The lawmakers said that definition is unnecessarily broad and “could seriously hinder our national security.”

The letter, dated Dec. 16 and signed by 66 Republicans and 59 Democrats, calls for the Obama administration to step in and “greatly narrow the range of affected technologies” within the definition. They said the current wording was meant to include cybersecurity research and cyber-defense products that would be used for beneficent cybersecurity purposes, not hacking.

“We cannot let the good intentions of these export controls trump the fact that in their current form they would depreciate cyber security at home and for billions around the world,” McCaul said in a statement.

The letter was signed by committee leaders such as House Judiciary Committee Chairman Bob Goodlatte (R-Va.), House Energy and Commerce Committee Chairman Fred Upton (R-Mich.) and House Armed Services Committee Chairman Mac Thornberry (R-Texas).