I must note at least one point about the recent prohibitions/restrictions upon certain software (at least in the US). Last Thursday the Biden Administration placed a ban upon sales of software from the Kaspersky company due to possible risks from the Russian government's access to telemetry or results from such software (like antivirus products). This recalls similar moves against Tik Tok, a social media platform with ties to China, indirect though they may be.
I'm not a lawyer but as I understand it, both situations mentioned above are questionable since the owner/operators of the programs/platforms have some connection to offshore entities (governments). This means that there exists a channel or channels possible to exfiltrate information from US users to potentially hostile or competitive interests which would not exist in many or most other products. That's the empirical point here - the channels exist.
There's also a legal point. If and when such channels are used to exfiltrate anything from domestic US users to any offshore location/entity, any number of violations of export restrictions could happen. And although the specifics of the exfiltering operation may not be mentioned by current legislation, the intent if not the letter of the law could easily be at risk here.
And there's an additional empirical point: if a channel exists via which domestic user information could be snatched, what's to prevent the curious third party (domestic or foreign) from discovering that channel? So here's the list of issues that impelled me to comment: first, we have potentially insecure communications situations present in certain software. Second, legal risks are created by the existence of said com situations. Third, the com situations create potential vulnerabilities that would be discoverable by any additional organization with the analytic capability to search for them.
I thought it was needed to overtly mention these points so as to contribute to the national-security-VS-free-speech debate (my own position being that free speech protections would not apply where national security concerns are objectively demonstrable).
