It still is, to an extent: if you have strong enough encryption products, you have to get an export permit for it, even now.
I’ve had to sign ITAR certifications when I’ve worked for U.S.-based companies, and some companies here in Canada have to prevent any Iranian-born employees from working on certain software in order to comply with ITAR (even if those employees are now Canadian citizens).
It’s stupid and I’m glad that I don’t work for those sorts of companies anymore.
For most "mass market" software, since 2010 all you need is an encryption registration. Before that you had to do a classification request which was a harder and more difficult process. I wonder why this took until 2010 before it was fixed.
It still is, and pretty much every nation on earth has signed the agreement.
Most nations don't make themselves look like idiots by enforcing it against a bunch of open-source hippies, but try to export some crypto software for military use to North Korea...
I’ve had to sign ITAR certifications when I’ve worked for U.S.-based companies, and some companies here in Canada have to prevent any Iranian-born employees from working on certain software in order to comply with ITAR (even if those employees are now Canadian citizens).
It’s stupid and I’m glad that I don’t work for those sorts of companies anymore.