First, the government actions extend to a broad range of surveillance technology, from to WEP and WPA code breaking equipment. Some of the actions are broad enough to include almost any type of surveillance technology, including those broadly referred to as filtering technology, tracking technology, or .

To further complicate matters, some actions ambiguously define the scope of captured surveillance technology, leaving that task to a government agency or even the manufacturers and vendors themselves. Furthermore, the actions include not only hardware and software falling within the generic rubric of "surveillance" technology, but also information such as blueprints and manuals corresponding to such hardware and software.

Second, governments around the world are imposing restrictions on exporting, re-exporting, and transferring surveillance technology to unfriendly countries for nefarious end uses. Even among countries that have such laws already in place, such as the United States, the laws are becoming more aggressively enforced and/or getting amended to become more restrictive.

Finally, even if your business doesn't sell surveillance technology abroad, existing laws impose obligations on third party transfers within the United States. For instance, U.S. law prohibits companies engaging in business dealings with parties published by the U.S. Department of Treasury Office of Foreign Assets Control (OFAC). In addition, it is unlawful to sell items or information if the seller has reason to know that the buyer will subsequently export, re-export, or otherwise transfer the items or information in violation of U.S. law.

Affected parties should bolster their compliance with existing laws and engage in the lawmaking process. As to the former, companies should refresh their knowledge of existing laws that apply to the sale and transfer of surveillance technology and implement policies, processes, and procedures to help comply with those laws. Examples of such measures include screening customer names against OFAC's SDN list and conducting brief due diligence to determine the intended end use of a sale.