Dr Mark Bromley and Giovanna Maletta
In 2021 the European Union (EU) adopted a new iteration of the EU Dual-use Regulation, which sets common standards for EU member states’ controls on exports of dual-use items. Among other new features, Regulation (EU) 2021/821 introduces a new ‘catch-all control’ for cyber-surveillance items. This requires exporters to seek approval for exports of cyber-surveillance items when they become aware that the items are likely to be used in connection with human rights violations, even if those items are not specifically covered by existing export controls. It therefore gives EU member states the power to control such transfers.
Although the proliferation and misuse of spyware and other cyber-surveillance tools are growing concerns, the use of the new catch-all control has been limited to date. One likely reason is that exporters appear to be unclear about how to apply it. This week, the EU published a new set of guidelines intended to help exporters to comply with the catch-all control. This backgrounder examines the catch-all control and the new guidelines, highlighting their main features and limitations. It also suggests steps that could be taken by the newly elected European Parliament and others to improve the guidelines and support consistent, effective application of both the new catch-all control and restrictions on the trade in cyber-surveillance items more broadly.
No comments:
Post a Comment