On 14 May 2018, nine EU members States (Czech Republic, Cyprus, Estonia, Finland, Ireland, Italy, Poland, Sweden and the United Kingdom) issued a discussion paper on the recast of the dual-use Regulation (Council of the European Union, General Secretariat, Brussels, 15 May 2018, WK 5755/2018 INIT).
The article is available at: https://www.euractiv.com/section/cybersecurity/news/nine-countries-unite-against-eu-export-controls-on-surveillance-software/.
The group of nine Member States claims that, despite the risk of misuse of cyber surveillance technology and the need to prevent it, the introduction of unilateral control measures, deviating from the international export control regimes, such as an autonomous EU control list, could seriously undermine the competitiveness of EU-based industry. Besides, they underline the inefficiency of such measures if implemented unilaterally by the EU, while other major economies continue exporting “freely” such technologies.
Other risks, such as the quality of these measures are highlighted, notably due to the lack of international expertise as it is the case for current control lists elaborated within international trade control regimes.
The group of States also questions the scope of such control measures, which might quickly evolve, over the years, as to include a broad-ranging list of any new technologies such as artificial intelligence, robotics, etc. with the risk of portraying the EU as a technology-averse actor.
The proposed alternatives, to reduce the risk of misuse of cyber-surveillance technology while avoiding to undermine EU industry and EU multilateral approach to trade controls, include a common approach to the issue within the Wassenaar Arrangement (which already covers some cyber-surveillance items) and the implementation of Article 8 of the Regulation but improving communication and transparency between Member States.