问HN:你是否曾因为制裁而不得不拒绝客户?
在过去的几年里,我不得不拒绝来自伊朗、俄罗斯和中国等国家的一些客户,因为这些国家的网络产品受到一般出口管理条例(EAR)的限制,需申请商务部许可证,或者相关实体实际上在商务部实体名单上。你有遇到过这种情况吗?你是如何处理的?
从某种意义上说,这很糟糕,因为这些国家的市场很大,可能有些人出于合法原因(如自由等)希望获得这些产品。同时,你必须遵守法律并尊重制裁。这些制裁是有其合法目的的,这是不可谈判的。有没有网络安全领域的人士有过类似的经历?
从技术上讲,申请许可证是可能的,但如果状态是“拒绝假设”,即使不是,这个过程对于那些只想开发产品的小型公司来说也是一个巨大的麻烦。
我并没有因此失眠,但这感觉并不好。我只是对其他美国公司的经历感到好奇(不确定欧盟是否有类似情况)。
查看原文
Over the last few years I've had to turn away a few customers from countries like Iran, Russia and China because either a BIS license was required due to general EAR restrictions on cyber products to those countries, or the entity was actually on the BIS Entity list. Have you experienced this? How do you handle it?<p>In some sense it sucks because the markets of some of these countries are large, and there may be people in those countries who want it for legitimate reasons (Freedom, etc). At the same time, you have to obey the law and respect sanctions. They have a legitimate purpose. That's non negotiable. Any cybersecurity people have experience with this kind of scenario?<p>Technically it's possible to apply for licenses, but if the status is "presumption of denial", or even if it's not, the process is a massive hassle for tiny product companies that just want to build stuff.<p>I'm not losing sleep over this stuff - but it doesn't feel great - and I'm just curious of others' experiences in US corporations (not sure if EU has similar).