US: Iran tech sanction exemptions become federal regulation

US: Iran tech sanction exemptions become federal regulation - Digital

ARTICLE 19 welcomes the decision to codify the US Treasury Department’s General License D-2 into federal regulation, exempting internet communications services and related software, hardware, or technologies from US sanctions against Iran. 

For years, ARTICLE 19 has advocated for provisions to ensure US sanctions do not hinder access to technology that could help empower civil society in Iran, especially as people in Iran face insurmountable hurdles of censorship, surveillance, and internet disruptions and shutdowns enacted by the Islamic Republic. This is why, after years of advocating for its reform, we welcomed the US Treasury’s changes to their General License D-2 at the onset of the Mahsa Jhina Amini uprising in September 2022. 

‘US internet communication technologies are key for human rights defenders and civil society to report on and fight the Islamic Republic’s systems of offline and online repression,’ said Quinn McKew, Executive Director of ARTICLE 19. ‘We hope that tech companies will follow this federal regulation and protect these essential services for civil society.’

This codification is a reminder to technology companies that they bear the responsibility to ensure their platforms remain accessible to Iranian civil society in the face of the Islamic Republic’s digital repression. One particularly difficult subject has been ensuring technologists and circumvention tool providers have access to cloud infrastructure to help Iranian users overcome censorship. Without access to the cloud servers, those hosting circumvention tools have been unable to provide them to Iranian activists. Previously, large cloud infrastructure companies such as Google (Google Cloud Platform), Cloudflare and Amazon (Amazon Web Services) have placed restrictions on the use of their devices for hosting tools for Iranian users. 

Large technology companies that host some of the largest and most effective cloud infrastructure for circumvention technologies should take heed. They must work with their compliance and legal teams to ensure their cloud platforms are accessible using the assurances of this federal regulation.