KubeCon + CloudNativeCon Europe · Apr 1-4 · London REGISTER TODAY

Search

    Join
    1 MIN READ

    Understanding US Export Controls and Open Source Projects (2021 Update)

    The Linux Foundation | 15 July 2021

    One of the greatest strengths of open source development is how it enables collaboration across the entire world. However, because open source development is a global activity, it necessarily involves making available software across national boundaries. Some countries’ export control regulations, such as the United States, may require taking additional steps to ensure that an open source project is satisfying obligations under local laws.

    In July of 2020, The Linux Foundation published a whitepaper on how to address these issues in detail, which can be downloaded here. In 2021, the primary update in the paper is to reflect a change in the US Export Administration Regulations.

    • Previously, in order for publicly available encryption software under ECCN 5D002 to be not subject to the EAR, email notifications were required regardless of whether or not the cryptography it implemented was standardized.
    • Following the change, email notifications are only required for software that implements “non-standard cryptography”.

    Please see the updated paper and the EAR for more specific details about this change.
    Similar Articles
    Understanding the Cyber Resilience Act: What Everyone involved in Open Source Development Should Know
    Open Source Communities and Trademarks: A Reprise
    Browse Categories

    Cloud Computing Compliance and Security Open Source Projects 2024 Linux How-To LF Research Open Source Ecosystem and Governance Blog Diversity & Inclusion Research Newsletter Data, AI, and Analytics linux blog Training and Certification Linux Cross Technology Cloud Native Computing Foundation cybersecurity software development Announcements Decentralized Technology Legal OpenSearch Sustainability and Green Initiatives cloud native generative AI lf events Finance and Business Technology Networking and Edge cncf industries Emerging Technology Health and Public Sector Interoperability Kubernetes Topic: Security Web Application & Development amazon web services aws community tools confidential computing challenges decentralized AI decentralized computing eBPF funding japan spotlight kernel license compliance openssf ospo research survey skills development state of open source tech talent

    Stay Connected with the Linux Foundation