The government is headed back to the drawing board over controversial cybersecurity export rules

The cybersecurity industry and the government have been struggling over proposed export rules that researchers say could end up making the Internet less safe. And now the government says it will try again and give the public another chance to weigh in.

Earlier in 2015, the Department of Commerce's Bureau of Industry and Security released a proposal for how to implement restrictions on exporting so-called "intrusion software" in order to comply with an international arms control agreement known as the Wassenaar Arrangement. The list of items covered by the agreement was updated in December of 2013 to include some surveillance and intelligence-gathering tools and the proposed rules were meant to ensure the US meets its obligations under the pact. But the proposal drew criticism from big tech companies and independent researchers alike, who argued that they were too broad and would end up stymieing defensive cybersecurity research. Security professionals warned that licensing requirements in the proposed regulations could limit the use of so-called "penetration testing" -- tools designed to help researchers discover problems in computers systems or even make it more difficult for researchers to disclose vulnerabilities they uncover to software makers so they can be fixed. On July 29, representatives from the Department of Commerce told industry stakeholders that there would be a new version of the proposed rules incorporating industry feedback, as well as more time for the public and industry to weigh in. An official at the agency's Bureau of Industry and Security confirmed that it was working on a updated version of the rules and there would be a second comment period, but said it was unclear exactly when the new version would be ready. The initial round of comments closed on July 20th.