Regulating Cyber Activity in Israel - Establishing a National Registry of Cyber Practitioners
Recent developments in the regulation of the cyber domain in Israel relating to defense export control of the cyber domain.
1. On January 7, 2016, the Defense Export Control Agency ("DECA") published a draft for public review on the definition of products and knowledge to be subject to defense export control (the Public Review Draft, or "PRD"). The PRD expands the export control on cyber defense technologies beyond even accepted international standards.
2. The explanatory document accompanying the PRD notes that the cyber sector in Israel is a strategic growth engine, but if certain technologies reach hostile destinations, it may endanger the national security and political interests of the state. Therefore, the need arose to add cyber export to the list of exports controlled by defense export control. The PRD should aid exporters by establishing clear cyber export rules, removing the uncertainty surrounding cyber export.
3. The PRD proposes to expand export control of offensive cyber technologies so that it applies to the technologies themselves (and not only the platforms required to develop them). Export control of technologies simulating offensive technologies is also addressed, as well as export control of knowledge regarding flaws in a code that can be utilized in a cyber attack; export control of cyber defense technologies used by security forces, including military equipment or espionage; and export control of the capability to obtain digital data by physically connecting to the attacked system.
4. Subsequent to the order taking effect, any company who wishes to export goods defined by the order will be required to obtain an export license. It can be estimated that the proposed additional regulation will impede the cyber sector, for many companies who had no need to obtain export licenses will now be required to possess such a license. Export control will require companies to log and report transactions involving controlled products, obtain an export license (in some cases even prior to the negotiation stage), appoint a corporate defense export control official, and more.
5. It should be noted that due to tightening export control (as per the new order), export destinations may be limited, and products previously freely exported to any country may now be banned from export to certain countries.
6. It should also be noted that the DECA is considering the possibility to form a team, along with representatives of cyber technology exporters, to review the PRD and amend it as required.
7. Our recommendation is to examine the implications of the emerging regulation for your business as soon as possible. In view of the importance of the matter, our firm intends to submit a comprehensive commentary on the suggested draft. Companies that wish to offer suggestions and reservations to be presented to the regulator and legislator are welcome to send their comments to the email provided below.
AUTHOR: Adv. Noga Robinstein, Adv. Gill Nadel
Copyright Gill Nadel Law Office
More information about Gill Nadel Law Office
Disclaimer: While every effort has been made to ensure the accuracy of this publication, it is not intended to provide legal advice as individual situations will differ and should be discussed with an expert and/or lawyer. For specific technical or legal advice on the information provided and related topics, please contact the author.