The proposed U.S. rules for the Wassenaar Arrangement pose a real challenge for all sides of that equation. Security researchers have voiced their concerns in the two weeks since the proposed rules were made public. The rules are meant to curb the sale and trade of dual-use weapons, and in a computer security context, that means so-called intrusion software such as FinFisher and HackingTeam tools that are allegedly sold to and used by oppressive regimes to spy on citizens. That means researchers who find a zero-day vulnerability and develop a PoC exploit triggering the issue would have to apply for an export license.
Source: https://threatpost.com/bug-bounties-in-crosshairs-of-proposed-us-wassenaar-rules/113204/