In seeking to restrict the sale of cyber-intrusion and network surveillance tools, the 41 countries that participate in the Wassenaar Arrangement placed these tools on a common export control list. This session will discuss the unintended consequences on cybersecurity technology, vulnerability testing, and information sharing, and how the control list can be renegotiated to fix these problems.