Adrian Johnson
TLDR:
US bans Kaspersky products from commercial sale over concerns about personal information collection. The ban, set to go into effect on September 29, is based on national security concerns and fears that the Russian government could compel the company to turn over private customer information. Kaspersky denies any collaboration with Russia’s government for cyberespionage.
In a recent development, the US Department of Commerce has banned the sale of Kaspersky products in the US over concerns about personal information collection. This ban comes as a result of national security fears regarding the Russian government’s potential ability to compel Kaspersky to hand over customer information. The ban goes into effect on September 29, but Kaspersky will be allowed a grace period to continue serving existing US clients with updates and patches until it must withdraw from the market entirely. The ban does not impose any fines or legal repercussions on US companies that continue to use Kaspersky products.
While the US government has not presented any evidence of collaboration between Kaspersky and Russia’s government for cyberespionage, the concerns stem from Russian national security laws that could compel the company to share private customer information. Kaspersky has denied any such collaboration and claims that the ban is not based on a comprehensive evaluation of its products. The ban could have significant financial implications for the company, as it boasts 200,000 corporate clients and 400 million individual users worldwide, with a significant portion of clients in the United States.
The ban on Kaspersky products is part of a larger trend of US bans on foreign software over concerns about theoretical government access scenarios. The Department of Commerce has cited concerns that the Russian government could use Kaspersky products to remotely access client systems, prompting the ban. This ban is the first of its kind initiated by the department under an executive order issued in 2019, granting them the power to self-initiate investigations of foreign companies posing national security risks related to information and communication technology.
