1 / 43

Export Control Regulations

Export Control Regulations. for Researchers. Why Is Compliance Important?. Potential civil and criminal penalties, for the individual and the institution Loss of export privileges Risk to reputation; bad publicity

cameron-richard
Télécharger la présentation

Export Control Regulations

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Export Control Regulations for Researchers

  2. Why Is Compliance Important? • Potential civil and criminal penalties, for the individual and the institution • Loss of export privileges • Risk to reputation; bad publicity • Limiting participation of foreign nationals in University research is not realistic and contrary to policy

  3. Three U.S. Export Licensing Programs U.S. Department of State (Office of Defense Trade Controls) controls defense articles, defense services, and related technical data, including most space-related articles. U.S. Department of Commerce (Bureau of Industry and Security) controls “dual-use” items – goods and technology with both civilian and military/strategic uses. U.S. Department of the Treasury oversees U.S. trade embargoes (Office of Foreign Assets Control) and enforces all three programs at U.S. borders through U.S. Customs Service. Cuba

  4. Law and Regulations

  5. What Is an Export?ITAR 120.17, EAR 734.2(b) • An actual shipment or transmission of items subject to the EAR or ITAR (commodity, technical data, or software) out of the United States. • Releasing (including oral or visual disclosure) “technical data” or software “source code” to a “foreign person,” in the United States (“deemed export”). • Performing technical assistance, training, or other “defense services” for, or on behalf of, a “foreign person,” (including foreign corporations) whether in the United States (“deemed export”) or abroad • Re-exporting from foreign countries U.S.-origin goods or technical data, goods incorporating U.S. components, or goods manufactured from U.S. technology or re-exporting U.S.-origin “technical data” or software

  6. Examples of Exports SHIPPING OUT of US • Physical shipments or hand carried items • Release of technical data or software in a foreign country RELEASING INFO in US • Release of source code to a foreign national in the US • Release of technical data to a foreign national in the US • Inspections of U.S. equipment and facilities by a foreign national

  7. U.S. and Foreign PersonsITAR 120.15 & 16, EAR 772.1 • “U.S. Person” means: • a “Lawful Permanent Resident (8 USC 1101 (a)(20)) • U.S. Citizen or national • Legal immigrant with a “green card” • a “Protected Individual” under the INA (8 USC 1324(b)(3)) • designated an asylee or refugee • a temporary resident under amnesty provisions • but does not include Protected Individuals who: • fail to apply for citizenship within 6 months of becoming eligible • have not been naturalized within 2 years after applying • any entity incorporated to do business in the United States

  8. U.S. and Foreign PersonsITAR 120.15 & 16, EAR 772.1 • “Foreign Person” means everyone else • includes foreign businesses not incorporated in the U.S. • EAR does not use the term “Foreign Person,” instead refers to “foreign national,” exempting Protected Individuals (See EAR 734.2(b)(ii))

  9. I - Firearms II - Artillery Projectors III - Ammunition *IV - Launch Vehicles, etc... *V - Explosives, Propellants, Incendiary Agents and Their Constituents VI - Vessels of War and Special Naval Equipment VII - Tanks and Military Vehicles VIII - Aircraft and Associated Equipment IX - Military Training Equipment X - Protective Personnel Equipment XI - Military Electronics XII - Fire Control, Range Finder, Optical and Guidance and Control Equipment XIII - Auxiliary Military Equipment XIV - Toxicological Agents and Equipment and Radiological Equipment *XV - Spacecraft Systems and Associated Equipment XVI - Nuclear Weapons Design and Related Equipment XVII - Classified Articles, Technical Data and Defense Services Not Otherwise Enumerated XVIII - Reserved XIX - Reserved XX - Submersible Vessels, Oceanographic and Associated Equipment XXI - Miscellaneous Articles U.S. Munitions List (USML)

  10. Category 0 - Nuclear Materials, Facilities and Equipment and Misc. Category 1 - Materials, Chemicals, Microorganisms and Toxins Category 2 - Materials Processing Category 3 - Electronics Category 4 - Computers Category 5 - Telecommunications and Information Security Category 6 - Lasers and Sensors Category 7 - Navigation and Avionics Category 8 - Marine Category 9 - Propulsion Systems, Space Vehicles and Related Equipment Commerce Control List (CCL)

  11. Examples of Items Covered by Category 3 - Electronics

  12. Example: Shipment of Polygraph(Basic Steps) • Step 1 - Classification of item. Start by looking in the Commerce Control List under the category of electronics (Category 3) and product group which covers equipment (Product Group A). Then read through the list to find whether your item is included in the list. The ECCN for polygraphs is 3A981. • Step 2 – License requirements. These list the reason that the item is controlled. Polygraphs are controlled for “CC”, or crime control.

  13. Example: Shipment of Polygraph(Basic Steps) • Step 3 – Destination Country. Check whether a license is required for the country.

  14. Example: Shipment of Polygraph(Basic Steps) • Step 4 – Screening. Certain individuals and organizations are prohibited from receiving U.S. exports. • Entity List – BIS list of organizations identified as engaging in activities related to the proliferation of WMD. • Specially Designated Nationals and Blocked Persons List – OFAC list of individuals and organizations representing restricted countries or known to be involved in terrorism or narcotics trafficking. • Unverified List – BIS list of firms for which it was unable to complete an end-use check.

  15. Examples of Items Covered by Category 1 Materials, Chem, Microorganisms, & Toxins

  16. Technical Data & TechnologyITAR 120.10, EAR 772.1 • ITAR 120.10 defines “technical data” as • Information . . . required for the design, development production, manufacture, assembly, operation, repair, testing, maintenance, or modification of defense articles. • Invention covered by an invention secrecy order • Software directly related to defense articles

  17. Technical Data & TechnologyITAR 120.10, EAR 772.1 • EAR 772.1 defines “technology” as • Specific information necessary for the “development,” “production,” or “use” of a product. The information takes the form of “technical data” or “technical assistance.” • Technical assistance may take forms such as instruction, skills training, working knowledge, and consulting services and may involve transfer of “technical data.” • “Technical data” may take forms such as blueprints, plans, diagrams, models, formulae, tables, engineering designs and specifications, manuals and instructions written or recorded on other media or devices such as disk, tape, read-only memories.

  18. What is Not Controlled ?(The “Safe Harbor”)Technical Data & Software (ITAR 120.10, EAR 772.1) What is not defined as export controlled “technical data” or “software”? • Publicly available technical data and software • Published for sale, in libraries open to the public, or through patents available at any patent office • General scientific, mathematical, or engineering principles commonly taught in colleges and universities • Available through unlimited distribution at a conference, meeting, seminar, trade show, or exhibition (provided no previous government or industry restrictions on distribution applied) • Arises during or results from fundamental research, where no restrictions on publication or access accepted • Non-technical contract or business documents

  19. National Security Decision DirectiveNSDD-189 • In September 1985, the Reagan Administration issued NSDD-189 in which it established the following policies: • To the maximum extent possible, the products of fundamental research should remain unrestricted. • Where the national security requires control, the mechanism for control of information generated during Federally-funded fundamental research in science, technology, and engineering at colleges, universities, and laboratories is classification. • No restriction may be placed upon the conduct or reporting of Federally-funded fundamental research that has not received national security classification, except as provided in applicable U.S. statutes. • President Bush’s National Security Advisor, Condoleezza Rice, reaffirmed NSDD-189 in November 2001.

  20. National Security Decision DirectiveNSDD-189 • NSDD-189 defined “fundamental research” as • Basic and applied research in science and engineering, the results of which ordinarily are published and shared broadly within the scientific community. • It is distinguished from research which results in information which is restricted for proprietary reasons or pursuant to specific U.S. Government access and dissemination controls.

  21. National Security Decision DirectiveNSDD-189 • NSDD-189’s definition of “fundamental research” is reflected throughout the ITAR and EAR in terms of what research is subject to export controls. • Avoiding restrictions on access and dissemination of research findings in contracts with the U.S. Government and industry is a key strategy for minimizing export control issues in university and research laboratory settings.

  22. What is Not Fundamental Research? • Given this definition of fundamental research, university research will not qualify as fundamental research if • The university or research institution accepts any restrictions on the publication of the information resulting from the research, other than limited prepublication reviews by research sponsors to prevent inadvertent divulging of proprietary information provided to the research by the sponsor or to ensure that publication will not compromise patent rights of the sponsor; or • The research is Federally-funded and specific access and dissemination controls regarding the resulting information have been accepted by the university or researcher.

  23. Key EAR Exceptions • EAR 734.3(b) – “What is not subject to the EAR?” • Publicly available technology and software, except software controlled for EI (encryption) under ECCN 5D002 that • Are already published or will be published – EAR 734.7 • Arise during, or result from, fundamental research – EAR 734.8 • Are educational – EAR 734.9 • Are included in certain patent applications – EAR 734.10 • See Supplement No. 1 to Part 734 for extensive explanatory questions and answer regarding what is not subject to the EAR in the context of university and research laboratory activities.

  24. Key EAR Exceptions • EAR 734.11 – “What is government research covered by contract controls? • If research is funded by the U.S. Government, and specific national security controls are agreed on to protect information resulting from the research, EAR 734.3(b)(3) will not apply.

  25. Key EAR Exceptions • Examples of “specific national security controls” include: • Requirements for prepublication review by the Government, with right to withhold permission for publication • Restrictions on prepublication dissemination of information to non-U.S. citizens or other categories of persons • Restrictions on participation of non-U.S. citizens or other categories of persons in the research. • BUT: A general reference to one or more export control laws or regulations or a general reminder that the Government retains the right to classify is not a “specific national security control.” (EAR 734.11)

  26. Key ITAR Exemptions (used in Space Science Research) • ITAR 125.4(b)(10) – Exempts from licensing requirements disclosures of unclassified technical data in the U.S. by U.S. institutions of higher learning to foreign persons who are their bona fide and full time regular employees. • Employee’s permanent abode throughout the period of employment must be in the U.S. • Employee must not be a national of a country to which exports are prohibited pursuant to ITAR 126.1 (e.g., Belarus, Cuba, Iran, Libya, North Korea, Syria, Vietnam, Burma, China, Haiti, Liberia, Somalia, and Sudan—list as of 7/2003) • The institution informs the individual in writing that the technical data may not be transferred to other foreign persons without the prior written approval of the Office of Defense Trade Controls

  27. Key Exception: Publicly Available Software • Software (and technical data) is published when it is available for general distribution either for free or at a price that does not exceed the cost of reproduction and distribution. • Such reproduction and distribution costs may include variable and fixed allocations of overhead and normal profit for the reproduction and distribution functions either in your company or in a third party distribution system. Such costs may not include recovery for development, design, or acquisition because the provider of the software does not receive a fee for the inherent value of the software.

  28. What is Publicly Available Software? • If the source code of a software program is publicly available, then the machine readable code compiled from the source code is software that is publicly available. • Note that encryption software controlled under ECCN 5D002 for “EI” (Encryption Items) reasons on the Commerce Control List and mass market encryption software with symmetric key length exceeding 64-bits controlled under ECCN 5D992 remain subject to the EAR.

  29. Key Exception: EncryptionSoftwareTechnology & Software Unrestricted • Encryption source code controlled under ECCN5D002 that would be considered publicly available, and corresponding object code resulting from compiling such source code, may be exported under Exception TSU (but not knowingly to Cuba, Iran, Iraq, Libya, N.Korea, Sudan or Syria) • Provide written notification to Commerce (BIS) of the Internet location of the source code or a copy of the source code by the time of export (see 740.13) • Posting of source code or object code on the Internet (e.g. FTP or World Wide Web site) where it may be downloaded by anyone would not establish ‘knowledge’ of a prohibited export or reexport.

  30. What can you take with you overseas?Exception TMP: “Tools of Trade” • Usual and reasonable kinds and quantities of tools of trade (commodities and software) for use by the exporter or employees of the exporter in a lawful enterprise • The tools of trade must remain under the effective control of the exporter or the exporter’s employee (retain physical possession of the item, locked in hotel safe, or guarded) • Encryption commodities and software may be pre-loaded on a laptop, handheld device or other computer or equipment • All tools of trade may accompany the individual departing from the US or may be shipped unaccompanied within one month before the individual’s departure from the US, or at any time after departure

  31. License Exception TMPTemporary: “Tools of Trade” • All commodities and software, if not consumed or destroyed in the normal course of authorized temporary use abroad, be returned as soon as practicable but no later than one year after the date of export • No tools of the trade may be taken to Cuba or Sudan • Reference 15 CFR Part 740.9(a)(2)(i) for TMP “Tools of Trade” License Exception

  32. Take Home Messages

  33. Do’s and Don’ts: General • Do NOT Ship Any Item Outside the U.S. without first checking the ITAR and EAR Lists to determine if the item is controlled (This includes Outgoing MTA’s, Software Licenses, and any Agreement Deliverables) • Secure License Approval (through campus contact or UCOP for ITAR) or verify license exception PRIOR to Shipment for all controlled items • Do NOT Accept Publication or Access Controls in research agreements (regardless of whether federal, state, or private) • Do NOT create special training or access programs limited to select foreign companies or foreign nationals without first securing a government-approved Technical Assistance Agreement

  34. Do’s and Don’ts: Contract Clauses • Screen all proposed research contracts from government and industry for access and dissemination restrictions that might jeopardize the project’s qualification as “fundamental research.” • Do NOT Accept clauses, such as: • DOD Clause 252.204-7000, Disclosure of Information • FAR Clause 52.227-17, Rights in Data, Special Works • Airforce Clause 5352.227-9000, Export Controlled Data Restrictions • Army Clause 52-04-4401, Foreign Nationals Performing Under Contract (Feb 2002) • Questionnaire for Public Trust Positions (SF89P) or National Agency Check/Name Check Request • DD2345, Militarily Critical Technical Data Agreement • Watch out for flow down language!

  35. Do’s and Don’ts: Confidentiality Clauses • Review any Confidentiality/Non-Disclosure Agreements to insure that UC is not assuming the burden of restricting dissemination based on citizenship status or securing license • Allow Commercial Contractor to Transfer Export Controlled Data (as long as it isn’t proprietary), or Proprietary Data that isn’t Export Controlled (See EAR 734.8(b)(4) and EAR Supplement 1, Section D, Question 2) • In limited cases, can agree that the individual to receive export controlled proprietary data will not disclose it to anyone (including other UC personnel) in most cases, proprietary data from a commercial entity that is also export controlled cannot be accepted or used in University research. • Can agree that UC will comply with Export Regulations; can not agree that data generated by UC in the course of the research is export controlled

  36. Do’s and Don’ts: Citizenship Info • Do NOT provide citizenship, nationality, or VISA status information for project staff to others or include such information in proposals. It is a violation of the INS regulations, of the Federal Privacy Act, and of the California Information Practices Act to do so. It is also contrary to University policy to discriminate on this basis or to select research project staff on any basis other than merit. See C&G Memo for guidance: http://www.ucop.edu/raohome/cgmemos/04-02.html • Do NOT agree to background checks or other arrangements where the external sponsor screens, clears, or otherwise approves project staff. University policy allows for background screening conducted by the University when appropriate to the position.

  37. Do’s and Don’ts: Software • Whenever possible, make University created software, databases, and other technical data “publicly available” • Publication in periodicals, books, print, electronic, or other media available to a community of persons interested in the subject matter either free or at a price that does not exceed the cost of reproduction and distribution (See EAR Supplement 1, Questions A(1) - A(6) • If the source code of a software program is publicly available, then the machine readable code compiled from the source code is software that is publicly available and, therefore, not subject to the EAR • The cost of reproduction and distribution may include variable and fixed allocations of overhead and normal profit for the reproduction and distribution functions but may not include recovery for development, design, or acquisition, such that the provider does not receive a fee for the inherent value of the software.

  38. Do’s and Don’ts: Software License • Do not agree to software license restrictions on • access to or use of the software by nationals of certain countries, particularly those from Country Group D • restrictions on dissemination of the ‘direct product’ of the software • ask the software provider to identify the ECNN number that controls the software, and research the applicability of control, given the possibility that the software provider is being overly cautious and the software is not, in fact, controlled

  39. Do’s & Don’ts: EncryptionSoftware Technology & Software Unrestricted • Encryption source code controlled under ECCN5D002 that would be considered publicly available, and corresponding object code resulting from compiling such source code, may be exported under Exception TSU (but not knowingly to Cuba, Iran, Iraq, Libya, N.Korea, Sudan or Syria) • Provide written notification to Commerce (BIS) of the Internet location of the source code or a copy of the source code by the time of export (see 740.13) • Posting of source code or object code on the Internet (e.g. FTP or World Wide Web site) where it may be downloaded by anyone would not establish ‘knowledge’ of a prohibited export or reexport.

  40. Do’s and Don’ts: Embargoes • Do NOT travel to the Balkans, Burma, Cuba, Iran, Iraq, Liberia, Libya, North Korea, Sudan,or Syria, for research or educational activities without first contacting the campus VC-Research to secure a license from the Office of Foreign Assets Control. These are embargoed countries. A general license for Cuba may cover you; all other countries require a specific license. • Review scope of work and collaborators to identify any projects that may require travel to embargoed countries. UC has secured OFAC licenses for research in embargoed countries. It simply takes a bit of time.

  41. UC Policy References • C&G Memo 04-02: Provision of Information on Citizenship, Visa Status, Nationality or Country of Origin: Federal and State Law and Regulation http://www.ucop.edu/raohome/cgmemos/00-05.html • C&G Memo 00-05: Unacceptable Controls Based on U.S. Citizenship Status http://www.ucop.edu/raohome/cgmemos/00-05.html • C&G Memo 90-03: Acceptance of Funds Restricted to U.S. Citizens http://www.ucop.edu/raohome/cgmemos/90-03.html • UCOP Website on Export Regulations http://www.ucop.edu/research/policies/exportcontrols.htm

  42. Is the Item “Export Controlled?” • EAR List at: http://www.access.gpo.gov/bis/ear/ear_data.html • ITAR List at: http://www.pmdtc.org/docs/ITAR/22cfr121_Part_121.pdf • For EAR Items: 1)Check the “reason for control”; 2)Check country chart; 3)Determine if license required in the column for the country where item to be shipped • For EAR Item, if no “check” in control column for country, then ship under NLR (no license required); If item being shipped is not on Commodity Control List, then ship EAR99 (exempt) • For ITAR Item, if on list, contact UCOP; license will be required because there is no EAR equivalent “country chart”

  43. Questions?

More Related