← Back to context

Comment by mschuster91

3 years ago

The problem is, all you can virtually do is to block North Korean IP space [1], but you're still legally liable if North Korean users, say, use a foreign VPN service to interact with you.

International sanctions laws are pure and utter madness, with extremely high stakes if the government changes its course on selective enforcement, so everyone is "playing it safe" rather than "doing what makes sense and question outright bullshit".

[1] https://www.trendmicro.com/en_us/research/17/j/a-closer-look...

3 comments

mschuster91

Reply
kube-system  3 years ago

The OFAC isn't going to expect you to bend space and time, but they do expect due diligence.

  • mschuster91  3 years ago

    My point is, what is the definition of "due diligence"? Who can say "yes, you're doing everything required"?

    Usually, that's court cases and resulting case law, as well as executive fines... which means there is an insane amount of risk attached to everything related to sanctions, and additionally enforcement may vary between different governments.

    • kube-system  3 years ago

      Interpreting and complying with laws is something all business have to deal with, and not just with sanctions. I am not a lawyer, but due diligence is usually “do the best you can with the data you can reasonably get”. If you need to comply with sanctions law then you should ask your corporate lawyer.

      Either way, your company is required to follow the law regardless of your opinion on it.