MINES’ POLICY LIBRARY

Export Controls Procedure Manual

POLICY PROFILE

Responsible Administrative Unit: Research and Technology Transfer

Policy Contact: Research and Technology Transfer, Scot Allen (allen@mines.edu)

This policy is linked from the Data and Research sections of the policy library.

FOREWORD

This document sets forth the general procedures followed when an export control review is, or may be, required at Colorado School of Mines (Mines).  WE extend our gratitude to Arizona State University for the sharing of their guide as a basis for our procedures and their wonderful assistance to our university.

This manual is designed to be accessed mainly online and thus has many hyperlinks embedded in the text.  Many of the embedded links will provide quick access to the Glossary in the back of the manual.  If you have questions, please feel free to reach out to the Office of Compliance & Policy regarding any sources or references that you may want to search directly.

LETTER FROM MINES

November 18, 2016

Dear Mines Community~

Export control regulations have been in place in the U.S. for well over twenty years. It wasn’t until after September 11, 2001 that universities  started to focus on the regulations which then led to a heightened focus in the late 2000’s. Export Control has certainly been a focus here at Mines which includes recent efforts to provide clarity on the regulations to those in our campus community who may be impacted.

Export Control issues can arise while we are performing basic academic activities: conducting research, teaching, shipping or importing goods/equipment, traveling overseas, collaborating with international partner, sharing or disseminating knowledge and inventiveness, etc. The export laws affect all fields of science and engineering and apply to universities, industries, as well as individuals. Thus, when research or educational activities involve providing technology, data, or services to certain countries, foreign nationals, in the U.S. or abroad, Mines’ community members need to be able to identify whether export control laws and regulations are being met, or whether these are covered by the Fundamental Research Exception of the export control regulations.

As such, it is essential for every member of the Mines’ community to be aware of the myriad of Export Control laws and regulations, and the concerns that may arise through their work at Mines. To help better inform you of the relevant regulations, we are creating a new local resource manual, launching a website (https://research.mines.edu/export-controls-new/), identifying service offices (e.g., ORA, Compliance, Legal Services), and providing programming to assist and inform faculty, staff, and students. These new resources are intended to assist Mines’ community members with their export control questions.

If you do not find an answer to your export-related question in these materials, please ask questions and seek out additional resources. The resources we are developing will continue to evolve with your use and input.

Thank you to the entire Mines’ community for working together to build a stronger future.

Sincerely,

Thomas Boyd, Ph.D.
Interim Provost

Kirsten M. Volpi
EVP/COO/CFO

Tony Dean, Ph.D.
SVPRTT

I. INTRODUCTION

U.S. federal law restricts the export of certain goods (or items), technology, data, services, and the import or re-importation of certain goods, items, or technology.  These laws affect all fields of science, engineering, and math, and they apply to Universities, industry, and to individuals.  An “Export” occurs when there is a transfer or shipment of items/information out of the U.S., the electronic transmission of this information out of the U.S. (e.g., fax, email, phone), or the provision of specific services to a foreign national (except for green card holders).  The Export can also occur even if the foreign national is located in the United States, i.e., “Deemed Export,” (e.g., lab tours, presentations, discussions).  Thus, when research or educational activities may involve providing technology, data, or services to foreign nationals in the U.S. or abroad, the Mines’ community needs-to-know whether the export control laws and regulations apply in the situation.  This primer is available for the Mines’ community to assist in identifying the steps to take with any possible Export, including which agency has jurisdiction, what license requirements may apply, and how to proceed when faced with these questions and others.  Though this is a complex area of the law and applicability, there are many units available to work with the Mines’ community supporting all Mines’ efforts in research, teaching, and service.

A. Why do Export control laws exist?

U.S. Export Control laws were enacted for several reasons, including the following: 

1) protect national security (curtail exports of militarily significant items and technologies to U.S. adversaries) and prevent the proliferation of weapons of mass destruction (WMD) and abuse of conventional weapons by governments and non-state actors; 

2) combat crime, terror, and avoid illegitimate transfers of military and dual-use/End Use equipment and technology so that they are not abused or violate human rights; 

3) provide mechanism to sanction or embargo states to put economic pressure on governments to change their policies and restrict the capacity to pursue policies; and

4) preserve U.S. economic competitiveness.   See also 15 CFR 730.6 .

The U.S. is not the only country to have export laws; so the Mines community also should be aware of entering and exiting countries and exporting items, services, technology and the like among other nations.

B. Why Exports may matter to Mines/you?

Export Control laws, regulations, and requirements may apply to both the University and to you personally; thus, if you do any of the following activities you need to recognize the applicability of such laws, including:

1) Perform Research;

2) Teach at Mines, other US locations, or abroad;

3) Travel abroad;

4) Ship/Share any item or materials (physically or electronically), software or information globally;

5) Pay someone abroad for items, materials services, expenses, etc.; or

6) Demonstrate technology that is not yet public to foreign nationals, etc.

Beyond the local concerns to the University and to you, violations of the export control laws can cause injury to the United States due to the release of dangerous items or knowledge.  The improper release of such may be punishable by fines (individually or to an organization) or imprisonment, as seen later in this manual.

C. How to Get Help @ Mines

This manual and the offices of Research Administration (303-273-3411, ora@mines.edu ), Compliance (303384-2236, compliance@mines.edu ) and Legal Services (303-273-3325) are available to assist you at any time.  Additionally, there are many on-line resources, though many of the U.S. Government websites are geared toward commercial entities and listing at the Mines’ export control webpage @ https://www.mines.edu/policy-library/export-controls/.  

II. EXPORT JURISDICTION AND LICENSE DETERMINATION

There are a series of questions for any University community & employees to answer to determine which U.S. department/agency maintains jurisdiction over the export item, technology, article, or service.  After License jurisdiction, a determination must be made regarding whether a license is required or not for the item, technology, article, or service. The decision-making process includes the main issue of determining whether the research is “Fundamental” in nature, or not. (See section III.)   The University is often under the Fundamental Research Exception, however, there are many situations that are not covered or exempt from export control (or licensing) under the FRE.  Often the process requires both the faculty/employee and ORA or the Office of Compliance for further information on how to proceed with their project.  The Export Control decision trees  in Appendices 1 and 2 are helpful in analyzing these issues.

A. Agency Jurisdiction

The first step in the export review process is to identify the correct agency jurisdiction, which then identifies several regulations that apply to the situation or items at hand.  Projects, research, conferences, etc.,  involving exports to foreign nationals (including deemed exports), whether for research, hiring, visiting scholars, or students will be reviewed with Office of Research Administration, Office of Compliance & Policy, and/or Office of Legal Services, as appropriate. The review process is initiated in several ways, such as, from the request of a Principal Investigator (PI) or Faculty member to one of the resource offices.

Since a PI is the expert on the item, research, or technology, s/he is in the best position to explain the technology involved in the export review.  If this review involves research, the statement of work and other relevant information are reviewed to determine if the project is subject to export controls or not, and then determine the next steps. Mines relies on the PI or faculty member information and expertise in jointly determining whether the item, technology, research, etc. may fall within export controlled areas.

1. Export Control under U.S. Agencies.

The three (3) U.S. agencies that generally come into play on Export Control issues are the:  1) U.S. Department of Commerce, 2) U.S. Department of State, and 3) U.S. Department of the Treasury. Each agency has statutory basis for their power and they have promulgated and implemented regulations based on the statutory authority that are applicable to export controls and are discussed in this procedures document, in Table 1, “Regulations Agency and Oversight” below:

Regulations Agency (Jurisdiction) Oversight Areas
EAR: Export Administration Regulations Department of Commerce, Bureau of Business & Industry Technologies: both commercial & military application, not those covered by ITAR
ITAR: International Traffic in Arms Depart of State, Directorate of Defense Trade Controls (DDTC) Technologies, inherently military in properties
OFAC: Office of Foreign Assets Control Department of Treasury, OFAC Prohibits transactions of value with certain countries/persons

Table 1 Regulations Agency and Oversight

2. Additional oversight agencies.

The export or re-export of items or commodities may be controlled by/subject to oversight by the following agencies (as identified in the EAR, 15 CFR 734.3(b)(1)):

U.S. Nuclear Regulatory Commission (commodities related to nuclear reactor vessels (10 CFR part 110, Export & Import of Nuclear Equipment & Materials);

U.S. Department of Energy (technology related to the production of special nuclear materials and the transfer of unclassified nuclear technology & assistance (10 CFR part 810, Assistance to Foreign Atomic Energy activities under the Atomic Energy Act);

U.S. Patent & Trademark Office, (export to a foreign country of unclassified technology in the form of a patent application or an amendment, modification, or supplement thereto or division thereof (37 CFR part 5), with authority to BIS to address; and Exports and re-exports of such technology not approved under PTO regulations must comply with the EAR;

Department of Defense (DoD) and Department of State Foreign Military Sales (FMS) Program (Items that are subject to the EAR that are sold, leased or loaned by the DoD to a foreign country or international organization under the FMS Program of the Arms Export Control Act pursuant to a Letter of Offer and Acceptance (LOA) authorizing such transfers are not “subject to the EAR,” but rather, are subject to the authority of the Arms Export Control Act.)

B.  Export Administration Regulations (EAR)

U.S. Department of Commerce statutory authority over export issues comes from the Export Administration Act of 1979, as amended, (50 U.S.C. app. 2401-2420 (EAA)) and executive order(s). Commerce’s goal of the security of the US, including national defense and competitiveness of industry and healthy economy, resulting in the writing and adoption of  the EARs that cover Exports, Re-exports, and certain activities found in Title 15, Commerce and Foreign Trade, addressing the Bureau of Industry & Security (BIS) (parts 700-799, Subchapter C, §§730-780).  Note, the BIS regulations cover Chemical Weapons conventions and Nuclear Fuel activities.  Generally, Export Administration Regulations cover “Dual Use” (civilian and/or military uses) commodities, software, and technology export and/or re-export (i.e., shipment, transmission, or release of a US item from one foreign country to another). The regulations specifically provide that:

“the EAR control any item warranting control that is not exclusively controlled for export, re-export, or transfer (in-country) by another agency of the U.S. Government or otherwise excluded from being subject to the EAR pursuant to §734.3(b) of the EAR. Thus, items subject to the EAR include purely civilian items, items with both civil and military, terrorism or potential WMD-related applications, and items that are exclusively used for military applications but that do not warrant control under the International Traffic in Arms Regulations (ITAR) (22 CFR parts 120 et seq.).” See 15 CFR §730.3.

1. Determine Licensing Requirements.  

The following steps generally outline how Mines determines licensing requirements for items/activities under the EARs/regulations, including 3-steps:

a. Screen entities and individuals against the most recent Restricted Parties lists using Visual Compliance Software to ensure that the individuals or entities to receive the technology or items to be exported are not on any of these lists;

b. Review restrictions under the EAR for embargo information/restrictions to the particular country of destination; and

c. Determine jurisdiction whether the commodity or activity is subject to the EAR, Part 734 and on the Commerce Control List, or CCL.

  • Note:  If your item falls under the jurisdiction of the U.S. Department of Commerce and is not listed on the CCL, then the item is designated as “EAR99.” The majority of commercial products are designated EAR99 and generally will not require a license to be exported or re-exported. However, if you plan to export an EAR99 item to an embargoed or sanctioned country, to a party of concern, or in support of a prohibited end-use, you may be required to obtain a license.

If the commodity is subject to the EARs, Mines uses Compliance Software (available through ORA) to review entities, individuals, embargo information, commodity/activity along with locations and reviews  the Commerce Control List (CCL) to identify items, technology, or materials that:  1) require a license for export; 2) if no license required (NLR); or 3) if the export cannot be made period.

2. Commerce Control List items & their Export Control Class Numbers (ECCN).

All commodities, technology, or software subject to the licensing authority of Commerce-BIS are included in the Commerce Control List (CCL), found in EAR (Title 15,  Part 774, Supplement No. 1). Individual items on the CCL are identified by an Export Control Classification Number, or ECCN, made up of numbers and letters to identify the commodity or technology. An ECCN categorizes items based on the nature of the product (i.e. type of commodity, technology, or software) and its respective technical parameters.  The CCL categories are in Table 2, and the five (5) CCL product groups (A-E) are in Table 3:

0 Nuclear & Miscellaneous
1 Materials, Chemicals, Microorganisms and Toxins
2 Materials Processing
3 Electronics
4 Computers
5 Part 1 Telecommunications
5 Part 2 Information Security
6 Sensors and Lasers
7 Navigation and Avionics
8 Marine
9 Aerospace and Propulsion

Table 2 CCL Categories

A Systems, Equipment and Components
B Test, Inspection and Production Equipment
C Material
D Software
E Technology

Table 3 CCL Product Groups A-E

a. Identify ECCN. Many products/items purchased, produced, or manufactured already have an applicable ECCN (for the product or the parts making up the product). Ensure you inquire with the manufacturer or through Mines Purchasing/Procurement Services to identify items or parts that already have an ECCN assigned.  For example, many computer manufacturers maintain a webpage listing many of the global trade compliance categories for their products.  E.g., see Apple Export Control page @ http://www.apple.com/legal/more-resources/gtc.html;  or see Dell Export Control page @   https://software.dell.com/legal/export-control.aspx.  (Manufacturers will advise you to verify through your own counsel/export control office and Mines’ agrees, though, these lists are a great place to start reviewing.)

b. Classify Commodity using CCL listing.  Commodities or products may be identified using the CCL listing (10 CCL categories and the 5 product groups) to narrow down the item, product, or technology and help identify jurisdiction/license requirements.  See Tables 2 & 3 above.  If you cannot identify the commodity, or if you built the product in-house, please contact ORA for a method to request and/or obtain a classification from the appropriate agency.

c. Catch-all Category:  EAR99.  The EAR99 designation is a “catch-all” category assigned to items that are subject to the EAR, but that do not have a specific ECCN on the CCL. The majority of U.S. origin goods are classified as EAR99, and under most circumstances, do not require a license for export.  EAR99 generally may be shipped under a “NLR” (No License Required) designation, unless the item is going to: 1) an embargoed/sanctioned country, 2) an “end-user” of concern, or 3) a prohibited end-use.

3.  Deemed Exports

The Commerce-BIS and other federal agencies have focused more attention on “Deemed Export(s)” in the past few years.  Typically, a Deemed Export occurs when there is a Release of technology or source code (subject to EAR) to a Foreign National outside of or within the US, and is “deemed” to be an export to the home country of the foreign national.  All U.S. employers hiring foreign nationals (usually on H-1B visas) to work in the United States on export controlled technologies are under the rules. See EAR, 15 CFR §734.2(b)(2) .

It is important for Mines/PI to determine if there is an export issue with research proposals/projects in which a foreign national will be assisting, collaborating, observing, or in situations where a software license agreement contains language indicating that the software is controlled in transfer to certain countries.  However, as usual in this area of the law, the issue is not always clear.  For example, in some cases, the supervised use of a controlled computer by a foreign national may not amount to a deemed export if the foreign national works under supervision of the U.S. faculty/PI, and if the foreign national does not access the operating system.  There are nuances within the regulations regarding this area, and generally technology that is Publicly Available is not subject to the deemed export rule.  However, that may also depend on whether the employee is a “Bona Fide” employee that is a permanent and regular employee or if the employee’s home country is part of the listing of countries authorized to receive the code.

The deemed export rule would not apply to Fundamental Research within an appropriate structure, such as where any export controlled information or technology would not be released to foreign nationals on the project (e.g., where an approved TCP, or Technical Control Plan, is in place to control access).

4. Activities that are Not Exports, Re-exports, or Transfers under the EAR.  See 15 CFR §734.18   The following activities are not exports, reexports, or transfers including:

(1) Launching a spacecraft, launch vehicle, payload, or other item into space;

(2) Transmitting or otherwise transferring “technology” or “software” to a person in the US who is not a foreign person from another person in the US;

(3) Transmitting or otherwise making a transfer (in-country) within the same foreign country of “technology” or “software” between or among only persons who are not “foreign persons,” so long as the transmission or transfer does not result in a release to a foreign person or to a person prohibited from receiving the “technology” or “software”;

(4) Shipping, moving, or transferring items between or among the US, District of Columbia, Commonwealths of Puerto Rico or Northern Mariana Islands, or any territory, dependency, or possession of the US, as issued by the US Bureau of the Census;

(5) Sending, taking, or storing “technology” or “software” that is:

(i) Unclassified;

(ii) Secured using `end-to-end encryption;’

(iii) Secured using cryptographic modules (hardware or “software”) compliant with Federal Information Processing Standards Publication 140-2 (FIPS 140-2) or its successors, supplemented by “software” implementation, cryptographic key management and other procedures and controls that are in accordance with guidance provided in current U.S. NIST publications, or other equally or more effective cryptographic means; and

(iv) Not intentionally stored in a country listed in Country Group D:5 (US Arms Embargoed Countries, see 15 CFR part 740, Supp. 1) or in the Russian Federation.

5. Commodity Jurisdiction (CJ) Request procedures

When it is difficult to make a determination regarding whether the particular product or service is civil, military, or Dual-Use, Mines may request an opinion from either the Department of Commerce or the Department of State to help clarify the appropriate agency jurisdiction.  This request to an agency is known as a Commodity Jurisdiction (“CJ”) request.  The request will be made in conjunction with ORA and/or Office of Compliance.

A Commodity Jurisdiction Request is submitted to the Department of State, Directorate of Defense Trade Controls (DDTC), in the form of a letter with supporting documents.  Once received, a CJ request is assigned a case number and copies of the request are staffed to appropriate U.S. Government agencies for review.  Mines will identify the letter as a “Commodity Jurisdiction Request for [specific item or technology]” e.g., with specific information, including manufacturer, model and/or part numbers, if any, and name of item. A CJ Request case normally takes 40-60 days to complete.  Note:  Mines does not have to be registered with the Department of State in order to make a CJ Request regarding the article or service and whether it is covered by the US Munitions List.  See 22 CFR §120.4.

6. “China Rule” or Validating End Use(r)

Prior to an Export, Re-export, or transfer in country, Mines must check for military end-use activities in the People’s Republic of China, or for a ‘Military end use’ or ‘Military end user’ in Russia or Venezuela, either in part or in whole, to meet the compliance obligations (including related terms such as use, development, production, operation, installation, maintenance, and deployment).  See 15 CFR 744.41.  End User screening distinguishes between private company and government owned end-use, through obtaining information on how the end-user will use the item, at what location, and for what specific purpose or contract.  This also allows for the differentiation between commercial and military use.

For quick triage, see the Decision Tree for Export Control in the Export Administration regulations regarding the scope, general prohibitions, license exceptions, etc.

C. International Traffic in Arms Regulations (ITAR)

The International Traffic in Arms Regulations (ITAR) are administered by the U.S. Department of State (State) and apply to the control(s) of the export of defense articles that are enumerated on the U.S. Munitions List (USML).  The legal authority comes from the Arms Export and Control Act and Executive Order 13637 and covers the export and temporary import of “Defense Articles” and/or “Defense Services.”   Designation as a Defense Article is principally based on whether the article is inherently military in character, and includes the actual item, models and technical information that may reveal technical details about the item.  See 22 CFR§ 120.6.

1. Designate the item.

A specific article or service may be designated a Defense Article or Defense Service, if:

    • The article or service meets the criteria on the US Munitions List or provides equivalent performance capabilities of a Defense Article on the USML;
    • in the future, the article/service provides a critical military or intelligence advantage and it warrants control under this ITAR; or
    • basically under a Commodity Jurisdiction determination, the article/service is covered under ITAR.  See 22 CFR 120.3.

All U.S. Persons (including governmental entities) engaged in the manufacturing or exporting of Defense Articles, technical defense information, or Defense Services are required to register with the Office of Defense Trade Controls (ODTC), and then where necessary apply for and obtain licenses to work in this area.  Note:  Mines is not registered with ODTC, and thus would need to register through ORA prior to obtaining a license under ITAR.  For informational purposes, if Mines decides to register in the future, the following steps would be reviewed.

2. Entities that register with ODTC. 

In order to apply for licenses the entities register with ODTC through an “Empowered Official” with independent authority to enquire into any aspect of a proposed export or temporary import.”  Thus, a PI or faculty member alone is not an Empowered Official for Mines.  Should Mines register with ODTC, then the Office of Research Administration will maintain application direction and filing procedures.

3. Information and procedures regarding entities that apply for licenses.

Entities that have an Empowered Official and approve a license application follow the procedures including:

a.   Review countries (including entities) for end-users that are denied licenses for the export of Defense Articles/Services or Technical Data under Section 126.1 of ITAR. These may include statutorily debarred parties listed under DDTC website and DOD excluded parties, BIS denied party lists, and OFAC SDN list.

b.   Review commodity or services on the US Munitions list, ITAR Part 121, for a licensing determination, that includes at least the following:

      • Describe item/use?  Identify Source/developer?
      • Specify item capabilities? Identify end user’s intended purpose?
      • Additional applications beyond item intended use?
      • Country (entity) of ultimate destination? Foreign availability for like items?
      • Specific purpose for export?

c.   Exporting entity/university determines the type of license/approval that will be needed for a particular circumstance based on regulations.  Documentation, such as request letters, projects, etc. will be requested, including for example, the DSP-83 Form (application for authorization to export significant military equipment and classified equipment or data (22 CFR §§123.10(a), 124.10 and 125.7)) a non-transfer and use certificate for any item classified as Significant Military Equipment (SME), and the end use and foreign end-user; previous licenses to the same entity, etc.

4. License to export approved. 

The License is valid for four (4) years from the date issued (or as provided on the documentation from the agency), and often has restrictions for the applying entity and faculty to follow (e.g.,  attaching license copy when shipping items.)  There may be additional requirements/agreements when a License is approved by the agency, including, but not limited to, the following:

a.  Technical Assistance Agreement (TAA):  Required to be submitted and approved by ODTC before defense services or training (including technical data) may be provided to a foreign person either in the U.S. or in a foreign country.  A TAA approval may require many months for approval or rejection, and is not official unless ODTC approves it.

b. Manufacturing License Agreement (MLA):  Similar to TAAs, MLAs usually involve the export of technical data, the performance of defense services, and the export of defense articles necessary for the manufacturing or production of an ITAR controlled item.

c. Office of Defense Trade Controls (ODTC) Review Process if an entity submits a License Application or TAA, ODTC staffs out the case to various federal governmental agencies for review (such as DOD – DTSA).  Factors considered include policies, region, country, technology, level of technology at destination vs. U.S. systems and countermeasures, end-user and end-use history, military operational impact, inter-operability requirements, foreign availability of like systems, and classified data transfers.

5.  ITAR Exemption.

An exemption may be available if a US Government agency as “Sponsor” requests a Mines Researcher to perform work under an ITAR exemption.  Mines must be notified at the earliest possible point to determine applicability of the exemption and assessment by the compliance/ORA offices.  A license exemption will not be approved if all of the requirements of ITAR are not met.  Further, any applicable shipping documentation must reference the exemption.

6.  Foreign National Employee may require license under ITAR.   ITAR requirements for a foreign-national employee license are on the State Department’s website at www.pmddtc.state.gov.  Mines’ compliance offices should be contacted to this review and guidelines for foreign national employment.

 D.  Office of Foreign Assets Control (OFAC) [U.S. Dept. of Treasury]

OFAC administers and enforces economic sanctions/programs primarily against countries and/or groups of individuals, such as terrorists and narcotics traffickers, restricting imports, exports and other transactions (e.g. monetary or financial).  See Dept. of the Treasury, OFAC, @ 31 CFR Part 500. This function started during WWII to stop Germany from repatriating funds they commandeered or absorbed after invasions.   Today OFAC maintains a “Specially Designated Nationals” and Blocked Persons listing (“SDN list”) that includes over 6,000 names of companies and individuals who are connected with the sanctions targeted, and these are continually updated. Multiple U.S. statutes and U.N. Resolutions also guide the OFAC sanctions/prohibited transactions.  See OFAC Resource Center.

1. Sanctions/Prohibited Transactions.  The sanctions can be either comprehensive or selective, using the blocking of assets and trade restrictions to accomplish foreign policy and national security goals.  “Prohibited Transactions” include trade or financial transactions and other dealings in which “U.S. persons” may not engage unless authorized by OFAC or expressly exempted by statute. U.S.  persons include all branches, subsidiaries, and controlled affiliates of US organizations, wherever located.  See OFAC Faq’s #3. Because each program is based on different foreign policy and national security goals, prohibitions may vary between programs. Sanctions may be against areas such as Crimea (Ukraine/Russia areas), Sudan/South Sudan, or sanctions may be topical, such as by Industry (e.g. cyber-related sanctions.)

2. Travel to embargoed countries (Cuba1, Iran, North Korea, Syria and Sudan) related to one’s position or activities at Mines.

a. Professional Conferences: special note should be taken regarding speaking, lecturing, or sharing information at professional conferences if the conference occurs in sanctioned or embargoed areas, or if the conference will have attendees from an embargoed country. Generally, speaking at professional conferences in embargoed countries requires the prior approval of Office of Foreign Assets Control (OFAC) in the form of applying for and obtaining a license for sharing of the information.

b. Advance Application for License. OFAC licenses must be requested at least three (3) months in advance of travel, due to the time required to process the requests.  Travel may not occur without an OFAC license in hand, where required.

c. Physical items.  Other export licenses (e.g., BIS) may be required in addition to an OFAC license for any physical items (e.g., laptops, cameras, GPS, equipment on CCL, etc.) that will be (hand) carried to an embargoed country. (e.g., TMP or BAG)

3. Personal travel that is not associated with one’s position at Mines (i.e. family vacation) usually will not require a license.  However, prior to travel consider anything you are taking or sharing while abroad, that may require a license.

E. Data or Information Policy

The Mines’ Data Classification Policy provides that Export Controlled Data will be treated at least as “Confidential” information under the Mines’ policies and procedures.

F. Potential Penalties and Sanctions

The penalties for unlawful export of items or information can be severe.  Table 5 below represents the main penalties or sanctions available from the three main agencies described in this manual in the event of a violation (including, civil penalties, administrative penalties and criminal penalties)2:

Regulations Possible Penalty (Civil/Administrative) Possible Penalty (Criminal)
EAR (Dept. of Commerce) $10K to Civil penalties may be assessed; administrative monetary penalties can reach $12,000 per violation, and $120,000 per violation in cases involving items controlled for national security reasons  denial of export privileges and/or exclusion from practice or forfeiture of goods $1 million or 5 times value of export, whichever is greater/ violation to university;  $250K or imprisonment up to 10 years, or both for individual; 20 years imprisonment and $1M/violation
ITAR (Dept. of State) Up to $500K/violation to University;  up to $500K/individual; Civil penalty can be in addition to or in lieu of other penalty Denial of privilege or forfeiture of goods possible Up to $1M/violation to University; Up to 10 years imprisonment/violation and possibly $250K/individual
OFAC (Dept. of Treasury) $55K for each violation to University and/or to individual; International Emergency Economic Powers Act violation up to $250,000 or twice the amount of the underlying transaction for each violation; Foreign Narcotics Kingpin Designation Act violations can range up to $1,075,000/each violation Up to $20 million depending on violation to University; Up to $1M, or 20 years imprisonment, or both to individual

Table 4 Regulations & Possible Penalties

G. Other Agencies

As mentioned in the section above on Additional Agencies, several other agencies may have jurisdiction when nuclear items, equipment, or technology are involved (e.g., (NRC, DOE, USPTO).  Please consult with ORA and/or Office of Compliance to determine appropriate agency jurisdiction.  For example, the DOE National Nuclear Security Administration (NNSA) Office of Non-Proliferation and Arms Control issued a guidance document in 2015 that provides information for anyone interested in transferring peaceful nuclear technology, data, or assistance to a foreign person or entity/destination.  But it is complicated, so please contact the ORA or Office of Compliance for more information and determination of whether or not the item, equipment, technology, software requires a License, including general or specific authorization. There are also potential requirements in meeting international requirements or safety conventions.

H.  Continuing Projects

For continuing projects involving export controls, Mines will work with the PI/faculty/employee on obtaining any necessary license renewals for the project and employees or personnel working on the project.  The PI/faculty/employee will need to contact ORA to inform them of the continuation and tracking of licensing that may be required.  This includes changes such as, but not limited to: adding or removing employee or personnel names to projects, adding entities/personnel that require screening, adding new equipment to a project that may have ECCN or other tracking numbers and requirements, etc.

 


1 Even though Cuba and Iran have amended status, there are still embargoes in place.  The requirements are constantly being updated by country or region.  Please check with ORA or Office of Compliance regarding travel to any embargoed country or a country that you are unsure of regarding status.

2 81 FR 36791 June 08, 2016, Civil Monetary Penalties will increase with inflation starting august 1, 2016, 81 FR 36791 based on the 2015 passage of the Federal Civil Penalties Inflation Adjustment Act (updating the 1990 Act of the same name).  Some violations may reach over US$1M per violation.

III. LICENSE EXCEPTIONS FOR UNIVERSITY RESEARCH

Much of the research and education activities taking place at Mines are excluded from export controls because universities often may assert a Fundamental Research Exception.  The exceptions, however, must meet the legal definitions and analysis. Note:  The FRE is not an automatic exception or exclusion; working at a University or on a University project does not magically mean ITAR or EAR does not apply. Thus please consult with ORA and/or Office of Compliance.

A.  Fundamental Research Exception (FRE)

The Fundamental Research Exception (FRE) in both EAR and ITAR pertains to research (basic or applied) in science, engineering, and mathematics performed or conducted at an accredited institution of higher learning (“University”) in the U.S., where the results will be published and shared broadly in the scientific community (and under the EAR where the resulting information has been or is about to be published).  The provisions for the FRE are somewhat different when comparing  EAR (covering Dual Use goods and technology, predominately for commercial use, but possibly with military use) and ITAR (covering Defense Articles, Services and technology–design, development, production, manufacture, assembly, operation, repair, testing, maintenance or modification of item). Thus, attention to definitions and activities must be considered when examining whether a FRE exists and under what applicable statute it is analyzed.  The BIS commentary tells us that university-based research may be presumed to be fundamental research, however, it is a rebuttable presumption (i.e., where the research is not within the scope of technology and software that arises during, or results from fundamental research.  See 15 CFR § 734.8.
Some things are the same under the FRE analyses under EAR and ITAR, including:

1. FRE is not restricted.  Fundamental Research is distinguished from research that results in information restricted for proprietary reasons or national security reasons or pursuant to specific U.S. government access and dissemination controls.

2. FRE freely publishes.  If the subject of review involves a contract/agreement with publication restrictions of any type (including pre-publication approvals), for other than the sponsor’s review of its proprietary information on a temporary, short-term basis (e.g., patent filing window), then fundamental research exception to export controls or licensing may not be relied upon.

Thus, ORA works to maintain this important Fundamental Research Exceptions on behalf of the entire University, as well as the individual PI, in the contractual terms and conditions.

B.  Other Exclusions

1. Public Domain.  Public Domain is the term used for information that is published and generally accessible or available to the public through a variety of means.  Both the EAR and ITAR provide that no license is needed to disclose technical information to foreign nationals inside the United States in classes or laboratories, at conferences, or in publications, if the information is in the public domain.  In fact, just because an item or activity is subject to the EAR does not mean that a license or other requirement automatically applies. A license or other requirement applies only in those cases where other parts of the EAR impose a licensing or other requirement on such items or activities.” Emphasis added. See 15 CFR §734.2(a)(3).  

a. Public Domain is defined differently under EAR & ITAR. 

To be in the Public Domain, the following applies:

b. “Publicly Available” software not necessarily an Exclusion.

Under EAR, publicly available has different meanings for software; encryption technology may be publicly available, and yet the technology may not be in the public domain. Mass Market software that might otherwise be exported under License Exception TSU (technology and software) is not eligible for treatment as an exception, if the software includes encryption capability as described in certain ECCNs.  Encryption software is eligible for a “tools of the trade” License Exception for temporary exports (TMP or BAG), e.g., taking it along on a business trip in a notebook computer, as long as the required conditions for that License Exception are met.  BIS has an excellent Encryption FAQ resource page on the web.

Please consult ORA or Office of Compliance for more information.

2. Limitations of FRE/Public Domain 

The fundamental research and public domain exclusions apply only to information or technical data.  The exclusions do not apply to articles, things (e.g., physical items including specified scientific equipment, etc.) or services (e.g., training foreign nationals inside or outside the United States).  Other exemptions may apply to exports of equipment and services, even if the fundamental or public domain exemptions do not. For example, use of public domain information might be considered a defense service and thus require a license from a government agency, if the information is part of a covered activity (e.g., teaching foreign military about the public domain information relating to a defense article, see 22 CFR 120.9(a), Defense Service definition).

Public domain information is excluded from control as ITAR technical data. Open source information or code though available to the public is not “public domain” just because an owner provides the software or technology publicly and generally accessible.  The software or code available as “open source” is only provided under a grant of rights (license).  Thus, it cannot be “public domain”.

3. Public Information Exclusion.

Public Information Exclusion refers to information that is already published or is out in the public domain is considered public information and, as provided for under the EARs is NOT subject to export controls. Examples of information in the public domain include, but is not limited to:

    • Books, newspapers, pamphlets;
    • Readily available materials at libraries open to the public or at university libraries;
    • Publicly available technology and software;
    • Information presented at open conferences, meetings, and seminars open to the public;
    • Information included in published patents; and
    • Websites freely accessible by the public.  See 15 CFR§734.7 and §734.10.

4. Loss of FRE 

If a researcher or employee agrees to a “side-deal” (for example, not to publish even though the Mines agreement with a sponsor identified that Mines is freely available to publish), then the FRE would be lost and the research may be subject to export controls.

C. Educational Information Exclusion 

The Educational Information Exclusion refers to information that is normally taught or released by the university as part of the normal instruction in a catalog course or in an associated teaching laboratory.  This information may be considered Educational Information and the federal regulations may NOT cover this information under export controls. See 15 CFR §734.9.  Note:  The regularly taught in a college level course may require review with ORA or Compliance as not all areas are assumed to be covered as “Educational Information.”  For example, continuing education courses are not necessarily the same as undergraduate courses for enrolled students.

D. Encryption under EAR.

Encryption or encryption functionality comes packaged in almost all devices today that have a computing functionality or structure.  Similar to other products or items, though, some software encryption export controls are “within scope” (requiring a classification and license) and some products/items are not within scope under the EAR.3  Items or products that have encryption (or the ability to encrypt data) include things that have an operating system, such as, but not limited to, cell phones, routers, network infrastructure, Point of Sale/credit card devices, wireless keyboards, laptops, tablets, etc.  (AEUCO 2016 conference).

1.     Review Encryption for License.

Generally, we review encryption for EAR license/regulatory coverage, such as:

    1. What’s within Scope?
    2. Is it excluded from the regulations? Specific exclusion such as medical devices or under fundamental research exception?
    3. Are we dealing with Published Information? (E.g., in a University library?)
    4. Is the Educational Information Exclusion available (i.e., does not apply to ECCN 5D002 software, except when published/publicly available object code)?
    5. Does this impact research or funding source? (Exclusions do not cover some types of encryption)  
    6. Will the code be published eventually? 
    7. Will the encryption be hand-carried out of country?  Certain encryption software remains subject to EAR even if published.

2. Other Options to Encryption Licenses.

Some options to being under the EAR requirements due to encryption, e.g.,  or “de-controls”, may apply to exclude encryption;  however, these options require analysis and documentation.  Recall, the ability to encrypt data is not the only thing that brings Encryption within scope of the EAR.    Thus, we need to identify if the “de-controls” attach to the item or product containing encryption, so the encryption functionality may be considered out of scope.  This may include an analysis as follows:

    1. Is the item/product medical end-use? (mostly exempted from EAR coverage);
    2. What is the “Primary Function” of your product?  (depending on the primary function, the product may escape EAR coverage).  The function is not primary, if the main function of the encryption is not for one of the following four (4) activities: 
      1). Information security;  2). Computing; 3). Communicating; or 4). Networking.
    3. When the encryption is not primarily one of the 4 items above and thus under EAR, determine if the software or technology is covered by EAR99?
    4. Does the “Dormant Encryption” exception apply? (e.g., product has an encryption chip in it, however, the functionality/code does not use this functionality, so product becomes EAR classification, ECCN 5D992, such as virus protection software that has encryption software)
    5. Does the “Mass Market” exemption apply? (e.g., items that are sold from stock, online selling points, etc., and product available to general public and using standard encryption), so many apps, cell phones, tablets, most likely a 5D992 Mass Market exemption.  Applications, aka “App” being developed for mass market that have encryption functionality require review by BIS in limited circumstances and when they provide encryption functionality in another item (e.g., chip). Mass market app using non-standard or proprietary encryption functionality (must review what meets “non-standard crypto”) would require BIS review.
    6. End-user, end-use or country of transfer?  The end-user and ultimate location of the enduse is part of the inquiry as well.

3. Controlled Items that need License May Sometimes Use Exceptions.  

License exceptions and consideration are somewhat different under Encryption and we do not necessarily start with FRE review.  These include the following 4 exceptions for review in Encryption/Cryptography: 

    1. ENC— encryption;  
    2. TMP—temporary exception (professional use laptops);  
    3. BAG—baggage exception (personal use laptops); or 
    4. TSU:  occasionally used for specific open source published software. See Ear §740.

To use the ENC Exception, BIS has a submission process for an entity to submit an encryption registration under Mass Market Exemption, and the applicant can receive approval from BIS to self-classify the product.  This must be done at least once, when originally applied for and then an annual report sent to BIS of all the products we self-classify in that calendar year follows. 

4. Common topics affecting Faculty:    

a.Traveling abroad with Laptop?: 

What questions do I need to ask when I want to travel abroad with a laptop?

      1. Where am I traveling?  (certain countries have restrictions, sanctions or embargoes,  E.g., need license on mass-market encryption;  if going to N. Korea, Iran, Sudan, Syria, and Cuba* may not be able to take it there because of embargo/sanction)
      2. What is the type/inventory of software on the laptop and what does it do?  
        a) Inquire about USML/ECCN number.  Did the manufacturer put classification of the laptop or operating systems on their website? (E.g., Microsoft Windows 10 is 5D992 and “Mass Market” exception.  Apple is similar at their website; Redhat, using Linux 5D992 ENC unrestricted and they list number of commodity classifications/C-Cats.)   b). Trust but Verify, is the Manufacturer correct on the assigned ECCN (by checking with ORA and using the software to review the item/product)? c) Take Paperwork with you. If a license can be completed, fill out the paperwork and travel with the documentation (either from BIS or the self-classification of an exception).
      3. Consider the Usage/Access to Data.  The laptop may be approved to go with faculty under an exception, however, the Data coming across the laptop while abroad may not be approved under the license exception. Ask the question of what data you can receive/access via email or home file directory access while abroad?

b. Traveling abroad with Smartphone (iPhone, Android phone, Etc.) do I need a license for the encryption in the phone?  

      1.  Where are you traveling? Restricted or embargoed location?
      2. Does a license exception *such as Mass Market apply to the software/item?  Often the Mass Market exception applies for smartphone, however ECCN 5D002 classification of software “unrestricted” may be on the website.  

Note: If the company/manufacturer website uses incorrect language (e.g., “5D002 restricted”) there is necessity to review more thoroughly with ORA or Compliance.

c. Exports to the “Cloud”.

Under the BIS Final Rule to harmonize and reform Export Controls (effective September 1, 2016), the agency provides a Safe Harbor for entities regarding certain electronic data subject to the EAR not being considered an “Export,” if stored in the cloud outside the U.S.  In order to qualify for the Safe Harbor, (and excluding ITAR technical data/information, etc.), the transmitting or storing electronic data that meet certain security standards would not constitute an Export of that data, provided that the technology or software is:

      1. Unclassified;
      2. Secured using “end-to-end encryption”;
      3. Secured using cryptographic modules (hardware or software) compliant with Federal Information Processing Standards Publication 140-2 (FIPS 140-2) or its successors, supplemented by software implementation, cryptographic key management, and other procedures and controls that are in accordance with guidance provided in current U.S. National Institute for Standards and Technology (NIST) publications, or other equally or more effective cryptographic means; and
      4. Not intentionally stored in a military-embargoed country or in the Russian Federation.

d. Decryption.

BIS includes a definition for “access information,” which is information (like decryption keys, network access codes and passwords) that would allow access to encrypted technology and software in unencrypted form. Such access information is subject to the same level of Export Controls as the data being accessed if the data were unencrypted.  Note:

e. Data Breach/Loss.  Any member of the Mines’ community is required to report the loss, breach, or unintended access to technical data or private data.  Please consult the Office of Compliance for further direction on how to address a loss of Mines’ data.  Generally, a data breach is not an export control issue for the victim; however, the steps for Safe Harbor should be applied to all private or export controlled data to avoid an accidental Export.


3 Note:  Encryption used to be covered under ITAR, however, it is under the EAR, which does not exclude it from review for scope and license.

IV. EXPORT LICENSES: MANAGEMENT AND PLANS

When a tangible good, equipment, technology, or software is ready for export to another country, and the item is identified as being on the Commerce Control List (CCL) with an ECCN, then one method to allow for legal transfer of the item or technology is to obtain a License from the U.S. Agency.  Triggers for Export Licenses may include, but not be limited to, these situations:

  • Research involving
    • the use of export restricted information obtained from external sources;
    • collaborations with foreign nationals at Mines or abroad;
    • travel or field work done abroad;
    • the transfer or shipment of tangible items or equipment abroad;
    • the provision of financial support or services outside the U.S.

Presentations at meetings or conferences of unpublished information not protected under the Fundamental Research (FRE) or Educational Information exclusions.

Imports or re-exports are also considered for purposes of licensing under these reviews.  Not surprisingly other countries may have licensing requirements that differ from those in the U.S. and must be considered when importing or re-exporting.

A. Seek & Obtain a License

If an Export License is required, it is sought by Mines through ORA or Office of Compliance in collaboration with a PI/Mines’ personnel. The Mines’ Empowered Official is the authorized Mines’ official to seek a license. Mines and the employee will work together in order to properly comply with the limitations or provisos required in any approved government license.

B. License Management

Mines is the applicant for (and recipient) of any necessary licenses, limitations, requirements or restrictions. Mines will forward a copy of the approval, including any limitations and provisos to the Principal Investigator for review. ORA will facilitate the Mines license application and management if involving a grant, contract, or agreement to Mines that is managed by ORA.

  1. Required Markings:  All information or data transferred under a ITAR license must be marked with the following statement: “This technical data is controlled by the US ITAR.  Exemption 22 CFR 125.4(b)(2) and insert (TAA number) applicable.” 
  2. Shipment:  Data shipped by courier must contain the following statement on the airway bill: “These commodities are authorized by the U.S. Government for export only to (insert country) for use by (insert licensee).  They may not be transferred, transshipped on a non-continuous voyage, or otherwise disposed of in any other country, either in their original form or after being incorporated into other end-items, without the prior written approval of the U.S. Department of State.”  
  3. Recordkeeping:  ITAR section 123.26 requires that Mines maintain records of all technical data transferred under a TAA.  The PI must maintain a log of all transfers and retain the records for a period of five (5) years after the last transaction regardless of the jurisdiction (ITAR or EAR).  
  4. Notice to ORA (Changes).  The PI shall provide advance notice of any change in the scope of the program, any additional funding, or addition of a new party, so that Mines can file for a license amendment, which requires ODTC approval.  If an item will result from the work under the Technical Assistance Agreement, a DSP-5 License for Permanent Export of Unclassified Defense Articles and Related Unclassified Technical Data may be required prior to shipping.  See Guidelines for Completing Department of State DSP-5 Form.
  5. Foreign Visitors and Compliance.  Foreign visitors to campus should be screened sufficiently in advance of the planned visit and prior to arrival.    See §V. VISITORS & SCHOLARS; and see International.mines.edu.  A VISA from the State Department is not the same as approval to receive a transfer of certain information or to access certain equipment.

B.  Technology Control Plans (TCP) and Guidance Forms

A Technology Control Plan (TCP) is required for work that is export controlled, export issue, or other restrictions. A TCP sets out necessary procedures to manage the access limitations to the information that is considered sensitive and must be prepared and approved prior to the handling of export-controlled information, potentially prior to the start date of a project.  

  1. A TCP is generally used when:
    • Projects or activities involve the receipt of confidential or proprietary from an outside party or sponsor, such as through a nondisclosure agreement (NDA/CDA) or sponsored research agreement;
    • Projects or activities are not considered Fundamental Research or under an FRE/Public Domain Exclusion; or
    • Projects or activities involve technology and software associated with export-controlled equipment.

     2. TCP Preparation and Contents:

The TCP will document compliance with any required agreement terms and conditions and contains the following elements:

    • Sponsored project title;
    • PI name and department/unit;
    • Research location (lab/building);
    • Brief statement of need for plan; 
    • Description of plan for protection of technology; and
    • Principal Investigator(s) signature(s).

      3. Compliance.  

The TCP will be prepared in conjunction with ORA, signed by the PI, ORA, and other units if necessary.   The TCP shall include at least the following:

    1. a physical and information security plan; 
    2. employees or personnel screening procedures; and 
    3. a process for carrying out the research in a controlled environment.

The TCP requires ORA approval prior to implementation. Compliance with the TCP is the responsibility of the PI, and Mines ORA and Compliance are here to assist with the process.  For more information and assistance with a TCP, please contact ORA.

C. Non-Discrimination in Hiring and Admissions

Mines does not discriminate against any person by reason or basis of age, gender, race, ethnicity, religion, national origin, disability, sexual orientation, or military veteran status is prohibited. No discrimination in admission, application of academic standards, financial aid, scholastic awards, or any terms or conditions of employment shall be permitted.  When navigating this difficult area of export control compliance and nondiscrimination, the hiring or admission process can be a challenge.  Please seek advice and counsel from HR, Admissions, Office of Compliance, or Office of Legal Services when trying to navigate through these areas.  

A blanket “citizens only” hiring or recruitment policy would likely constitute citizenship status discrimination because it is overly broad and would impact hiring for positions not subject to the legal restrictions under US law (IRCA).  However, the person seeking employment must be employable in the US; either have a Green card or other appropriate VISA status in order to be eligible for employment. As with all hiring or admissions decisions, please contact the appropriate offices to obtain training or clarification regarding interviewing/reviewing applicants and how these laws intersect.

  1.  US Agency Guidance. In 2016, the U.S. Department of Justice, Office of Special Counsel for Immigration-Related Unfair Employment Practices (the “OSC”) issued a technical assistance letter to help navigate between export controls and non-discrimination requirements. However, there are nuances that may add confusion surrounding these requirements in other areas. The Deemed Export rule, enforced by BIS, identifies the “release of technical data to a foreign person within the United States” as an Export. Similarly, if a product/item is classified as a Defense Article under ITAR, then usually the entity would need an export license from DDTC to release technical data related to that product/item to an employee who is a Foreign Person. Release to Foreign Persons of technology related to non-defense articles is subject to the Export Administration Regulations (“EAR”) and may need a license from BIS, depending upon the specific product and foreign nationality involved.  (OSC Letter March 31, 2016, accessed 10/12/2016 at https://www.justice.gov/crt/file/837281/download)
  2. ITAR Clarification.  ITAR does not impose requirements on U.S. employers concerning the recruitment, selection, employment, promotion, or retention of foreign persons; rather, ITAR requires that employers obtain export licenses for non-U.S.-person employees if their positions require access to information governed by ITAR. OSC guidance states the “ITAR does not limit the categories of work-authorized non-U.S. citizens an employer may hire.”
V. VISITORS & SCHOLARS

A. Foreign National Visitors 

Foreign National Visitors to campus should be screened against the denied entity/restricted parties and Specially Designated Nationals (SDN) lists.  International Scholars and Students visiting on J-1 VISAS are processed and screened through ORA and International Students and Scholars Services (ISSS). Non-students and visiting faculty/scholars should be processed through the ISSS and Office of Legal Services. 

  1. Visiting Scholars and Research. Visiting scholars involved in research receive additional screening by Mines.   General or industry visitors should be screened prior to visiting campus.  Please notify ORA at least two (2) weeks in advance of a visit by a Visiting Scholar and ensure that you have the necessary information regarding foreign national visitors.  The Mines International Scholar and Student Services (ISSS) office has information regarding VISA and processing.  See the ISSS website @ http://isss.mines.edu for more information.
  2. Foreign Students. Screening is not generally required for students who have applied, been accepted, and/or are enrolled in any degree granting program that the Mines offers; however, if that student will be performing research in a laboratory or working for Mines (i.e. Graduate Assistant, Research Assistant, etc.) then there may be screening required if they are from certain countries to properly place them on projects.  See
  3. Permanent Resident or Other Status. Screening is not required for foreign visitors who provide documentation they hold permanent resident alien status in the U.S. (i.e., current “green card” holder) or have been granted asylum or refugee status by the U.S. government.

B. I-129 Process & H-1B Status

US Citizenship and Immigration Services (USCIS) Form I-129 “Petition for Nonimmigrant Worker”, is used in the H-1B temporary worker process.  The ISSS office can identify what type of documentation must be filed for the visitor. This form is required to be filled out for any foreign national working on an internal or sponsored account.  A background check is performed on the individual using our Compliance software to ensure the person is not on the restricted parties list.  A current passport/visa for the foreign national is required at the time of submission of the form.

  1. Form completion. The form must be completed in conjunction with ISSS and Office of Legal Services.  This form must be completed and approved prior to invitation and subsequent arrival of the foreign national. The inviting party or Mines community member is responsible for ensuring that the appropriate information is submitted to ISSS and Office of Legal Services to complete this process.
  2. Determine if License required. I-129 Foreign National Employee Petition requires Mines to determine if an export license is required to share technical data with the beneficiary (foreign national employee). In order to facilitate the necessary review, there is a process with Office of Legal Services and International Student and Scholar Services (ISSS) and the required completion of the paperwork by those offices. 

While it is anticipated that an export license will not be required in most cases, some need for export licenses will occur and typically be associated with sponsored research. Should additional information be needed to complete the assessment, ORA will work directly with the Sponsor identified on the form or the Legal Office/ISSS with the appropriate internal unit. Once the process is completed, the export assessment or advisory letter will be provided to the unit, copied to the administrative/ORA contract regarding the form, for inclusion in the visa application packet to be submitted to Human Resources.

VI. FOREIGN TRAVEL

As discussed above in the section on Encryption and Issues for Faculty, there are several areas of consideration when faculty or staff travel outside of the U.S. borders (“abroad”).  This includes anywhere from Canada and Mexico, to S. America, Europe, Asia, Africa, Australia, Antarctica and perhaps someday into Space.  Generally, travel authorization is needed when items, technology, software, or services fall under the jurisdiction of EAR or ITAR and are not in the public domain or freely disseminated through publication.  Some restrictions may apply if travel is to sanctioned countries or where persons from sanctioned countries are in attendance. 

A.  Travel Authorization Letters

Employees must comply with U.S. laws and regulations when traveling internationally on University business.  Though rarely used, if you are in need of travel authorization letters, please contact ORA well in advance of the travel to determine if letters are necessary.  

B.  Hand-Carrying Tools of the Trade

When hand-carrying “Tools of the Trade” to countries outside the US for use by the person carrying the item or software, travelers should review Customs regulations of both US and the foreign destination in advance of travel.  Tools of the Trade are classified as personal and household effects, including instruments, tools, and other effects (such as laptops and smartphone devices).  Under EAR, the exception to the requirements for an export license may be available for the temporary export or Re-export of certain tangible items, software, or technology for professional use, as long as specific criteria to which the exporting employee certifies in advance. 

  1. TMP (Temporary) Exception.  Typically, these Tools of the Trade are only for Temporary Export and fall under the TMP Exception.  See 15 CFR §740.9.  The TMP Exception is used on temporary exports, imports, and re-exports of commodities, software and technology that is of usual and reasonable kinds and quantities for use in a lawful enterprise or undertaking.  See 15 CFR §740.9 (a)(2)(i)).  Eligible items are usual and reasonable kinds and quantities of tools of trade for use in a lawful enterprise or undertaking of the exporter.  Software used as a tool of trade must be protected against unauthorized access and to guard against unauthorized release of the technology during shipment or transmission.  Encryption technology controlled by ECCN 5E002 is ineligible for this license exception. Also see Appendix 3.
    1. Effective Control.  Portable electronic computing devices are a prime target for theft especially while traveling.  The basic rule for protecting a portable electronic device is to treat it like one’s wallet or purse and maintain “Effective Control” over the item.  Devices should be kept out of sight when not in use, and should always be kept on one’s person.
    2. Return Item to U.S.  Unless the item is consumed or destroyed, the item should be returned to the U.S. no later than one year following the export. If the item is to be disposed of outside the U.S., a license may be required.  Please consult with ORA or Office of Compliance regarding that option. 
  1.  

    2. Replacement (RPL) Exception.   Similarly, the Replacement Part license exception requires the Effective Control of the person over the parts, including the return of the repair kit and parts replaced.

    3. Unavailable.  The TMP and RPL exceptions are generally not available for the following countries, as well as the demonstrations/exhibitions of including: Sudan, Syria, N. Korea, Iran or Cuba.  For more information and confirmation of restricted countries, please consult the ORA/Office of Compliance.

C.  Presenting at Conferences Overseas or Transferring Controlled Information, Technology, Software or Equipment to Foreign Parties Overseas

If any controlled information, technology, software or equipment (including those under an exception) will be transferred to a foreign party overseas, a license may be required prior to the transfer unless a valid licensing exception or exclusion applies.  Faculty presenting at conferences or meetings overseas are responsible for understanding export laws and regulations and how they apply to their respective disciplines. See 15 CFR 734, Supplement 1. Release of Technology at Conferences.  In general, if a conference will be open to anyone and the information to be presented is already published (ITAR) or is information that will be published (EAR), a license should not be required.  Travelers should review the Mines export web site for information regarding laptop computers and the tools of the trade exceptions, as well as ensuring they maintain “effective control” if items/materials will be part of the presentation.  If the Conference is in a restricted or embargoed country, the travel and content should be reviewed in advance with ORA.

D.  Travel to Countries for Which State Department Has Issued Travel Warning

Mines strongly recommends against, but does not prohibit, travel to countries where the U.S. Department of State has issued an official Travel Warning or where there is other reliable information of significant health or safety risks.  A Travel Warning is distinct from a State Department issued Public Announcement or Travel Alert. The final decision about making a trip to such a country is up to the individual making the trip.  This recommendation is directed toward individual travelers in the following categories:  faculty, staff, graduate students, and postdocs.  The Mines’ Office of International Programs http://oip.mines.edu/OIPTA-travel provides information on the process to travel abroad, including necessary approvals.  You may register for free in Smart Travelers Enrollment Program, or STEP, a service of the Bureau of Consular Affairs (part of the State Department) for U.S. Citizens to enroll your trip with the nearest U.S. Embassy or Consulate while abroad.  This provides important safety or emergency information and updates

Mines may review on a case-by-case basis plans for travel using Mines/state or sponsored funds to countries for which travel warnings have been issued.  Mines reserves the right to require the execution of an appropriate release or waiver before permitting such travel and the ability to restrict use of Mines’ funds for the travel. 

E.  Additional Guidance for International Travelers

Prior to international travel, faculty should be aware of applicable export laws, regulations, and risks associated with international travel.  Several key reference sources include:

F.  Personal Travel

No export review by Mines is required for personal trips; however, regulations still apply (i.e. employees traveling internationally on vacation or attending conferences at their own expense).  A review is required if Mines contributes to any cost of the trip, including but not limited to, salary, benefits, (e.g., sabbatical, professional development, etc.)  See also Consulting in Miscellaneous Section below.

VII. INTERNATIONAL SHIPPING (IMPORT & EXPORT)

International shipments may require that an Electronic Export Information, or EEI, (formerly called a Shipper’s Export Declaration (SED)) is filed with the U.S. Customs and Declaration Bureau and is used to control exports and act as a source document for export statistics. (Additional information is available on the U.S. Census Bureau website on the EEI process.)  The EEI is now filed electronically through the Automatic Export System (AES).

A.  Electronic Export Information (EEI) Requirements

The EEI must be prepared for shipments when the shipment is handled by U.S. Postal Service (USPS) and is valued over $500.  EEIs are required for shipments not using the USPS when the value of the commodities classified under any single schedule B number is over $2,500.  The exporter acquires the Schedule B number for the commodity they intend to export, and then it is reported in the AES to identify the goods being exported. This schedule B number can be obtained from the Census Bureau at 1-800-549-0595, option 2.  If an EEI is not required, the airway bill or other loading document should state “No EEI required no individual Schedule B number valued over $2,500.”

  1. EEI.   An EEI must be prepared regardless of value for all shipments requiring an export license.   Federal Express (FedEx) International will file the EEI on behalf of the sender for a nominal fee.  A copy of the EEI documentation should be provided to Mines and retained in file.  If you choose to ship on your own with another carrier, you must ensure that the AES has been filed and provide a copy to Mines. (Note:  A delay is required for shipping ITAR items.  See section V. above).
  2. Required Statement   Destination statement should appear on any items subject to US control – “These commodities, technology, or software were exported from the United States in accordance with the Export Administration Regulations.  Diversion contrary to US law is prohibited.”
  3. Intangible Technology Exports   Intangible exports of technology controlled under Commerce (EAR 99) will not require an EEI.  Software or technology should be marked with an appropriate ECCN. 

 

B. Shipping Equipment Outside of the US

Equipment may not be sent outside the US until a determination has been made as to whether an export license is required.

  1. Determine if item controlled.   The PI/faculty/employee must review the equipment and determine if either ITAR or EAR controls the equipment.  If the equipment if controlled under ITAR, the PI/faculty/employee must identify the USML Category.   If the equipment/material is controlled under EAR, the PI/faculty/employee must provide the ECCN citation.
  2. Information to Assist Shipper.  For assistance in making this determination, the shipper must provide the following:
    • Contact information for Principal Investigator or other responsible person for shipment, including telephone and fax numbers, e-mail address, and school/department/lab;
    • Information about the Equipment, including its common name, technical name, manufacturer, model number, general function and/or use, dollar value, URL where specifications can be found;
    • Information about purpose of shipment, including intended recipient and address, intended end-user (requires names of individuals and nationality), and intended use of equipment;
    • State whether Mines will be responsible for training foreign national to use equipment;
    • Information regarding the time period of the use–Will this be a loan?  If yes, what is the loan period?
    • Other disposition of equipment/material?

C.  Shipping Chemicals or Biological Materials Outside of the U.S.

Shipments of chemicals and/or biological materials are handled by the Mines EHS Office (Environmental Health & Safety).

  1. Determine if License Required.   Prior to shipments of chemicals or biological materials internationally, an export review must be completed to determine if a license is needed.  
  2. Material Transfer Agreements (MTA).   If a request is received by a faculty or staff member to provide a shipment of chemicals or biologicals outside the US under a material transfer agreement (MTA), the Technology Transfer Office should coordinate with the Office of Compliance and Policy to Mines for review and approval.  If these shipments relate to a project managed through ORA, ensure that ORA has copies of the documentation for the file.  If the project or request to ship materials is not handled through ORA, the PI or faculty-member is responsible for retaining documentation in their files.  Researchers cannot sign MTA’s at Mines themselves, so this process of sending chemicals or biologicals can be performed in tandem with that process.  See also VPRTT information.  
  3. Nuclear materials, “Dual Use” commodities, software, or technology.   Other than publicly available information, that cannot be used in a WMD, the EAR identifies that missile projects or end-users of concern and particular foreign entities will need a license to ship/disseminate.  A license to export is required if a U.S. Exporter, including a Mines person:
    • Knows or has reason to believe that an export will be used in certain nuclear explosives activities, un-safeguarded nuclear activities, and certain safeguarded nuclear activities;
    • A missile project of concern in a listed country or the design, development, production, stockpiling, or use of chemical or biological weapons; or
    • Is informed by the Department of Commerce that an export would present an unacceptable risk of use in or diversion to WMD activities or a missile project of concern anywhere in the world.

 

D.   Hand-carrying data

ITAR:  If hand carrying technical data, in accordance with 22 CFR Part 123.22(3), the exporter is not required to report using the Advanced Electronic System, but the exporter must provide electronic notice to DDTC.  A copy of such notice should accompany the technical data “shipment” (i.e., you should have the notice with you while traveling with the information.)

VIII. IMPORTS

A. Jurisdiction

Import jurisdiction. The Department of State regulates the temporary import of defense articles. Permanent imports of defense articles into the United States are regulated by the Department of Justice’s, Bureau of Alcohol, Tobacco, Firearms and Explosives (ATFE), under the direction of the Attorney General (Department of Justice). See 22 CFR § 123.2.

Ports

For Imports that port in Denver, please contact the following: Charles M. Schayer & Company  http://www.schayer.com/about.asp.

Charles M Schayer & Company – and –  CMS Domestic 3839 Newport Street Denver, Colorado 80207 303-399-5160 800-200-0565 CMS Domestic 303-393-7084 Fax denver@schayer.com

For other U.S. ports, first contact Charles M. Schayer as they have locations in Seattle, Houston, Los Angeles, and Phoenix.

B. Customs Brokers.

When a customs broker is obtained, send their information to FedEx (or whichever carrier is requesting it), and they will obtain an IT number (a bond number) to release to the customs broker.  The fee for clearance may vary; Expect at least $100.00 fee. 

The customs broker will send a power of attorney to Mines (whoever is dealing with the package) to give the broker the right to process and clear the package.  Charles M. Schayer has the Mines POA on file and can assist if they service that area.  When the package is cleared by the customs broker, the broker will act as the courier and ship the item(s) to Mines.

IX. PUBLICATION WAIVERS

Mines is not in the practice of waiving rights to publications as we endeavor to support the right to sharing of our research and scholarly endeavors and to preserve the FRE.  If a waiver is requested, ORA in conjunction with the VPRTT will assist in the process.  A form or documentation needs to be filled out whenever there is a restriction to publish dealing with export controls, restricted data sets in human subject research, intellectual property, or other reason that could be stated in a sponsored agreement.  

If a PI has students working on a sponsored agreement involving a publication waiver, there is also an attached letter that they must sign attesting that the publication restriction will not adversely affect their studies at Mines.  Contact ORA for further assistance.

X. TRAINING ON EXPORT CONTROLS

Mines provides training on export control laws and regulations upon request and through materials available to our community.  Additional information and materials are available on the export web site or by contacting ORA and Office of Compliance.  Contact ORA at 303-273-3411, ora@mines.edu, or see https://ora.mines.edu/; Contact Compliance Office at 303-384-2236 or compliance@mines.edu.  These resources are available for scheduled training for small groups, departments, units, or others on request.

Additionally, Department of Commerce, BIS, has free resources regarding Export Control training, regulations, announcements, and decision trees.  See https://www.bis.doc.gov/index.php/compliance-atraining.

XI. COMPLIANCE AUDITS

These procedures have been developed to ensure that appropriate reviews and documentation exist to provide evidence of compliance with the export laws and regulations.  Export review records relating to sponsored projects are maintained in Mines ORA.   Mines will maintain records of export reviews relating to travel and other miscellaneous reviews.  Records will be kept for a period of five (5) years from the expiration date of the authorization or date an exemption is claimed, whichever is longer.  If research project is involved, then the document should be retained for 5 years from the last date of funding and official close-out.  

The PI/faculty/employee will also retain copies of any records relating to export controls for their files of all forms and associated documents during this five (5) year period

XII. MISCELLANEOUS

A.  Anti-boycott 

The Export Administration Act and associated export regulations discourage and often prohibit US persons from complying with certain aspects of unsanctioned boycotts.  See BIS Office of Anti-Boycott https://www.bis.doc.gov/index.php/enforcement/oac. The primary impact of this rule is the boycott on Israel by the Arab League and some other countries, however, this rule could apply to other boycotts as well.  Mines employees may not provide any information or agree to any term(s)/condition that furthers the boycott on Israel.   Conduct that may be penalized under the Ribicoff Amendment to the 1976 Tax Reform Act (TRA) (under Department of Treasury) and/or prohibited under the EAR includes the following:

  • Agreements to refuse or actual refusal to do business with or in Israel or with blacklisted companies; 
  • Agreements to discriminate or actual discrimination against other persons based on race, religion, sex, national origin or nationality;
  • Agreements to furnish or actual furnishing of information about business relationships with or in Israel or with blacklisted companies; and 
  • Agreements to furnish or actual furnishing of information about the race, religion, sex, or national origin of another person.

Any such request should be reported to ORA or the Office of Compliance so that we may determine if reporting to BIS is required.  This effort must be coordinated through Mines.  Contact the Office of Compliance for more information.

B. Political Contributions/Foreign Corrupt Practices Act (FCPA) 

Any political contribution to any foreign government actor, or any fee or commission in connection with obtaining a sponsored contract or business must be reported to the ORA or Office of Compliance and approved by Mines.  The FCPA is an anti-bribery act to prevent corrupt payments involving foreign government officials or instrumentalities of a foreign government.

  1. Two main components of the FCPA for Mines to focus on, include: 
    1. Anti-bribery provisions.  This prohibits a payment, offer, authorization or promise to pay money or anything of value to a foreign government (including a family member) or to any other person knowing that the payment or promise will be passed on to a foreign official/instrumentality; with a corrupt motive; for the purpose of influencing any act/decision of that person, inducing such person to do/omit any action in violation of lawful duty; secure an improper advantage, or induce a person to use their influence to affect an official act/decision to assist in obtaining/retaining business for or with or directing any business to any person (including the university);
    2. Internal Controls.  Maintaining accurate books, records, and internal controls so bribes are not hidden and information resources to our community to avoid these issues and areas.

     2.  Where to watch for these:

    1. There is no monetary threshold so even purchasing meals or entertainment/gifts for a foreign official could come under attack of the FCPA or the local government prohibitions in that region.
    2. Even charitable donations in a foreign country may constitution a violation.

C.  Brokering 

Under ITAR, Brokering includes the financing, transportation, freight forwarding, or taking of any other action that facilitates the manufacture, export, or import of a defense article or defense service. (U.S. regulations define a broker as “any person who acts as an agent for others in negotiation or arranging contracts, purchases, sales, or transfers of defense article or defense services in return for a fee, commission, or other consideration.”)  See http://www.state.gov/strategictrade/practices/c43181.htm. Further, the Department of State, provides that “arms brokering” in the U.S. “includes but is not limited to, activities by U.S. persons located inside or outside the United States or Foreign persons subject to U.S. jurisdiction involving defense articles or defense services of U.S. or foreign origin located inside or outside of the United States.  The term “Defense Article” or “Defense Service” includes any hardware, technical data, or services covered by the U.S. munitions list, regardless of whether it is of U.S. origin or contains U.S. components in the U.S., every person who engages in the business of arms brokering activities, other than employees of U.S. or foreign governments acting in an official capacity, must register with the U.S. State Department’s Office of Defense Trade Controls.” 

Mines employees should not enter into contracts with third parties to obtain defense contracts or to provide any defense services without review and approval of Mines ORA and/or Office of Legal Services.

D. Red Flags

The U.S. Government has various resources to prevent the illegal export of sensitive munitions/strategic technology, both through US Department of Homeland Security and US Department of Commerce. BIS provides “Things to Look for in Export Transactions” that is a checklist to discover possible violations of the Export Administration Regulations. These include:

  • Screen parties (End-Users):  The customer or its address is similar to one of the parties found on the Commerce Department’s [BIS’] list of denied persons.
  • Get all information: The customer or purchasing agent is reluctant to offer information about the end-use of the item.
  • Consider Request (End Use): The product’s capabilities do not fit the buyer’s line of business, such as an order for sophisticated computers for a small bakery; or the item requested is incompatible with the technical level of the country to which it is being shipped, such as semiconductor manufacturing equipment being shipped to a country that has no electronics industry.
  • Consider payment (if relevant): The customer is willing to pay cash for a very expensive item when the terms of sale would normally call for financing.
  • Consider collaborator/requestor (End-User): The customer has little or no business background; or the customer is unfamiliar with the product’s performance characteristics but still wants the product; Person denies routine installation, training, or maintenance services information; when questioned, the buyer is evasive and especially unclear about whether the purchased product is for domestic use, for export, or for re-export.
  • Where to send/share (Countries/Embargo): Delivery dates are vague, or deliveries are planned for out of the way destinations; or a freight forwarding firm is listed as the product’s final destination; the shipping route is abnormal for the product and destination.

http://www.bis.doc.gov/index.php/enforcement/oee/compliance/23-compliance-a-training/51-red-flagindicators

E. Drones/UAS

Unmanned Aerial Systems (UAS) or Drones are subject to Export Controls if you are planning to use them outside of the country.  The UAS may be a commercial product that you can purchase in the U.S, however, there may be payload (E.g., additional batteries, sensors, or certain types of cameras that are added to the system) that make the UAS subject to Export Controls.  Further, the Federal Aviation Administration (FAA) is the U.S. federal agency responsible for the laws and regulations over UAS, though only in the borders of the U.S.  (Note:  At Mines’ community requires registration with the Compliance office, FAA, and Pilot training.)  Once you leave the country there may be foreign airspace requirements requiring compliance.  Please check in with ORA, Office of Compliance or Office of Legal Services prior to shipping or hand-carrying a UAS out of the U.S.

F. Consulting

Consulting in an individual (Non-Mines) capacity is allowed and encouraged in order to increase your scholarly efforts and provide service back to the community.  Consulting is reviewed and approved by the Department Head and Dean regarding the time, effort and Institutional Responsibility being covered during any absence.  Please remember that in your personal capacity as a Consultant you are not reviewed for Export Control compliance nor does Mines review for Export Compliance.  Please seek appropriate external advice or counsel regarding your Consulting Activities and Export Control concerns.  (E.g., Technical Assistance may include consulting and may be subject to EAR or ITAR).    

G. Other Exclusions from being an Export. 

  1. In 2016, the Export Control Reform (ECR) provided two exclusions from the EAR:  1) Items that are non-proprietary system descriptions or  2) Items that are telemetry data.
  2. The ECR provided that “technology” or “software” is “published” and is thus not “technology” or “software” subject to the EAR when it is not classified national security information and has been made available to the public without restrictions upon its further dissemination.  The phrase “classified national security information” refers to information that has been classified in accordance with Executive Order 13526, 75 FR 707; 3 CFR 2010 Comp., p. 298. The relevant restrictions do not include copyright protections or generic property rights in the underlying physical medium.  Certain published encryption software, however, remains subject to EAR under the 2016 ECR by BIS.
APPENDIX 1

 Export Control Decision Tree in 15 CFR Part 732, Supp. 1 (see BIS Decision Tree Tools on the BIS website)

APPENDIX 2

Subject to EAR?  See 15 CFR 732, Supp. 1

APPENDIX 3: Forms

TMP Eligibility Certification Form

This form is for use for temporary exports of Mines “Tools of Trade” items under the Export Administration Regulations.  The Export Administration Regulations (EAR) control the export of items listed on the Commerce Control List (CCL). It has been determined that the item stated below is listed on the CCL and is controlled to your destination.  The EAR, however, makes an exception to export license requirements for the temporary export or re-export of certain tangible items, software, or technology for professional use as long as specific criteria, to which you are certifying below, are met.

Please identify your place of travel, date of export and reentry, describe your item  below, and sign this Certification. Upon signature, please provide the completed form to the Office of Research Administration (ORA) via email to ORA: mines.edu.

*Retain a copy for your records and to take with you to your destination.

Export Details:

Destination(s): __________________________ 

Date of export of item will be: ____________________ Date of Return to U.S. will be: _______________

Detailed Description of Item(s) to which this Certification applies: ________________________________

TMP Certification:

By my signature below, I certify the following:

  1. I am an employee of the Mines and will take the item(s) and its software abroad ONLY as a “Tool of the trade” (15 CFR 740 (a)(2)(i)) of usual and reasonable kinds and quantities for use in a lawful enterprise or undertaking;
  2. I will return the Item(s) and its software to the US no later than 12 months from the date of export unless they are certified by me to have been consumed or destroyed abroad during this 12-month period (15 CFR §740 (a)(1));
  3. I will maintain the item or software under my “effective control” while abroad. You maintain effective control over an item when you either retain physical possession of the item, or secure the item in such an environment as a hotel safe, a bonded warehouse, or a locked or guarded exhibition facility (15 CFR 772.1);
  4. I will not take the item or software to Cuba, Iran, North Korea, Sudan, or Syria. I am exporting this item to:  ___________________________ (specific location) under the authorization provided by 15 CFR 740.9(a)(2)(i) of the EAR, which, specifies that tools of the trade may be exported under license exception TMP if 740(a)(2)(i)(A) or (a)(2)(i)(B) are met.
  5. The item is a Tool of the Trade with an Export Control Classification Number (ECCN) eligible for export to the destination listed above under §740.9(a) (2) (i) (A).  The ECCN is:  __________________.
  6. The item exported under TMP does not contain data or software controlled by the EAR.
NAME: Title:
SIGNATURE: Date:

**Retention Period:   5 years after termination of funding period

APPENDIX 4: Tips on Education/Course Content
Taught Without review Taught Without review
Regularly taught in Undergraduate courses and teaching laboratories and listed regularly in course catalogs so information is publicly available (e.g., published in textbooks) In the U.S. and abroad

Material released in catalog courses is generally considered publicly available, except for the following areas: a. Encryption (EAR) (may need license); b. Principles not commonly taught (ITAR),  c. Principles @ professional/business level; & d. Sensitive nuclear technology (DoE)

Courses in economics, foreign languages, history, literature, music, writing have subject matter that is not within the scope of the export controls, which focus on controlled items and the resources needed to make them Graduate Level Courses or that have external, business level attendees may not be covered by this exception.
Courses with content within the scope of ITAR (possibly in physics, nuclear science, or mining):  “information concerning general scientific, mathematical or engineering principles commonly taught in schools, colleges and universities“ is excluded from the definition of ITAR-controlled “technical data” and is not subject to ITAR controls §120.10(a)(5) Courses with unusual content or certain expertise not otherwise known should be evaluated for consistency
Fall under the scope of Dept. of Energy, 10 CFR 810 (including some courses in Nuclear Science, Engineering and/or Physics) and    furnishing public information, including information “in university courses”, is generally authorized, provided no sensitive nuclear technology is transferred “Sensitive nuclear technology” means information (including tangible items and services) not available to the public that is important to the design, construction, fabrication, operation, or maintenance of a uranium enrichment or nuclear fuel reprocessing facility or a facility for the production of heavy water.  10 CFR §810.3, 810.7

Note: Course material may be excluded from export controls, BUT, may be considered a “Defense Service” under ITAR, (§120.9(a)(1)), if 

1. follow-on discussion (outside normal scope) or  2. active selection, collection, and transfer of the uncontrolled course material  meets the defense services definition/coverage

  DoE has pointed out that follow-on-questions and discussion can go beyond the public information and into practical implementation, which requires specific authorization. Some of the above is based on verbal discussion or other resources, and cannot be readily identified in the current regulations

Thank you to the MIT Office of Sponsored Programs and Cal Tech for their amazing materials published on their website and for sharing this information and examples.

GLOSSARY

Glossary of terms for Export Controls:  

The Glossary is a quick reference tool.  If you have any questions, please refer to the definitions in the regulations pertaining to the export item that shall control if there is a conflict or confusion.  See 15 CFR Part 772.1 (EAR); 22 CFR Part 120 (ITAR).  Some agencies may have different definitions as well.

600 Series refers to items formerly “defense articles” that moved to the CCL after Export Control Reform and still require Licenses from Dept. of Commerce to export them.  The 600 series derives its name from the 3rd character of the ECCNs in the “xY6zz” format on the Commerce Control List (CCL) that control items on the CCL that were previously controlled on the U.S. Munitions List or that are covered by the Wassenaar Arrangement Munitions List (WAML). The “6” indicates the entry is a munitions entry on the CCL. The “x” represents the CCL category and “Y” the CCL product group. The “600 series” constitutes the munitions ECCNs within the larger CCL.

Arms Export Control Act (AECA). The Arms Export Control Act (22 U.S.C. 2778), as amended, authorizes the U.S. President to control the export and import of Defense Articles and Defense Services.  The regulations implementing AECA are at 22 CFR 120 et. seq. The President deems the articles/services to be “Defense” and places them on the US Munitions List.

Code of Federal Regulations (CFR) is the collection of rules and regulations published in the Federal Register by the US federal government executive departments/agencies. The CFR may be viewed online at eCFR.gov.

Commerce Control List (CCL) – The CCL identifies specific items subject to the list-based controls of the Export Administration Regulations (EAR), under the export control jurisdiction of the US Department of Commerce, Bureau of Industry and Security (BIS), found in 10 CFR §774.

  • Commerce Control List (CCL) Category – The CCL is divided into 10 categories, numbered 0-9:  (0) Nuclear Materials, Facilities and Equipment, and Miscellaneous; (1) Materials, Chemicals, “Microorganisms,” and Toxins; (2) Materials Processing; (3) Electronics;   (4) Computers; (5) Telecommunications and Information Security; (6) Lasers and Sensors; (7) Navigation and Avionics; (8) Marine; and (9) Propulsion Systems, Space Vehicles, and Related Equipment.
  • Commerce Control List (CCL) Group – Each of the 10 CCL categories is subdivided into five (5) groups/kinds of controlled items, A-E:  (A) Equipment, Assemblies, and Components; (B) Test, Inspection and Production Equipment; (C) Materials; (D) Software; and (E) Technology.

Controlled Country – Under the EAR, may refer to one of the countries subject to §746 Embargoes and Other Special Controls, or to a country included in one of the Country Groups defined in Supplement No. 1 to §740 and used in conjunction with §740 license exceptions. Under the ITAR, may refer to a country identified in ITAR §126.1, Prohibited Exports, Imports, and Sales to or from Certain Countries.

Deemed Export – Release of technology or source code subject to the EAR to a foreign national in the United States is “deemed” an “export” to the home country of the foreign national under the EAR.  ITAR harmonized the definition (9/1/2016) to clarify that disclosing (or transferring) technical data subject to the ITAR to any non-US person is deemed to be an “export” to all countries in which the foreign person holds or has held citizenship or holds permanent residency  (whether the foreign person is in the United States or abroad) (ITAR §120.17(a)(5)). This is a central export compliance concern for U.S. universities with international students, scholars, and faculty.   See also Export; and 15 CFR §730.5(b)  The sending or taking of technical data out of the U.S. to a foreign person employee remains an “export” if under ITAR jurisdiction.  (BIS provides the deemed export is to the foreign national’s most recent country of citizenship or country of residency;  State provides the deemed export may go back to the foreign national’s place of birth.)

Defense Article – Any item or technical data designated in the ITAR’s United States Munitions List (USML), including any technical data recorded or stored in any physical form, models, mock-ups, or other items that reveal technical data directly relating to a “defense article” listed in the USML; Defense Article also includes forgings, castings, and other unfinished products, such as extrusions and machined bodies, that have reached a stage in manufacturing where they are clearly identifiable by mechanical properties, material composition, geometry, or function as defense articles. “Defense Article” does not include basic marketing information on function, purpose, or general system descriptions. (22 CFR §120.6). 

Defense Service – Furnishing assistance (including training) anywhere (inside the United States or abroad) to foreign nationals in connection with the design, development, engineering, manufacture, production, assembly, testing, repair, maintenance, modification, operation, demilitarization, destruction, processing, or use of defense articles; 2) furnishing to foreign persons any ITAR-controlled “technical data” anywhere, requires authorization from the State Department; or 3) military training of foreign units & forces (regular & irregular) including formal or informal instruction of foreign persons (in the US or abroad) or by correspondence courses, technical, educational, or information publications and media of all kinds, training aid, orientation, training exercise, and military advice. (22 CFR §120.9). 
Note: While transfer of public domain information is not a defense service, the State Department noted in 2013 that “it is seldom the case that a party can aggregate public domain data for purposes of application to a defense article without using proprietary information or creating a data set that itself is not in the public domain.” [78 FR 31445].

Denied Persons or Party.  A list of individuals and entities that have been denied export privileges. Any dealings with a party on this list that would violate the terms of its denial order are prohibited.  See also Restricted Party.

Dual-use – Items that have both commercial and military (e.g., defense) application. Items subject to the EAR are often referred to as “dual-use” civil applications as well as terrorism and military or weapons of mass destruction (WMD)-related applications; MIT identifies that the Dual-Use items in the Commerce Control List is very similar to the “Lists of Dual-Use Goods and Technologies” of the multilateral Wassenaar Arrangement (export controls for Conventional Arms and Dual Use Goods and Technologies), to which the U.S. and approximately 40 other countries are parties.  See EAR, 15 CFR §730.3

Encryption Items. Under EAR, the phrase encryption items include all encryption commodities, software, and technology that contain encryption features and are subject to the EAR. This does not include encryption items specifically designed, developed, configured, adapted or modified for military applications (including command, control and intelligence applications) that are controlled by the Department of State on the U.S. Munitions List (ITAR).  (See 15 CFR 772.1, Definitions; See also Mass Market/Exception)

End-to-End Encryption under the EAR is (i) the provision of cryptographic protection of data such that the data are not in unencrypted form between an originator (or the originator’s in-country security boundary) and an intended recipient (or the recipient’s in-country security boundary), and (ii) the means of decryption are not provided to any third party. The originator and the recipient may be the same person. Transmissions within a cloud service infrastructure also fit within this Safe Harbor provision when the transmission is made from one node or cloud infrastructure element to another, provided that it was appropriately encrypted before any data crossed a national border.

End-use(r) – The EAR controls the export of all items subject to the EAR, even those not subject to list based controls, if they will finally be received by certain entities or used for certain applications.

Embargo – The export of defense articles or services may be restricted or banned to certain countries.  The Department of State continuously updates the listings.  See Country Policies and Embargoes.

Export – An actual shipment or transmission of items, services, or technical data subject to either EAR or ITAR outside of the United States, generally by sending or taking that item out of the US. Alternatively, the release (disclosure) of technology (EAR), software source code (EAR), or technical data (ITAR) to a non-U.S. person in the United States may qualify as an export. (See also Deemed Export.) See regulations for EAR @ https://www.bis.doc.gov/index.php/regulations/export-administration-regulations-ear or see eCFR.

Technology, software, or technical data is “released” or “disclosed” through:

  1. Visual inspection by a foreign national of U.S. origin equipment and facilities;
  2. Oral exchanges of information (e.g. or a demonstration of technology) in the United States or abroad; See 15 CFR §730.5(c)
  3. Transfer or shipment via any means (physical or electronic) to a foreign entity (e.g., even the return of a product to a foreign country after repair in the U.S. under the EAR 15 CFR 730.5(C); or the electronic transmission of non-public information received abroad); or
  4. Provision of a service (e.g., “defense service”) or the application to situations abroad of personal knowledge or technical experience acquired in the United States. See 22 CFR 120.17 – Export under ITAR;  See also Re-export. 

Export Administration Regulations (EAR) – The Export Administration Regulations (EAR), 15 CFR §730–774 are promulgated by the Department of Commerce to regulate the export of most items not controlled by the ITAR (defense items). “Items” includes products; equipment required to make controlled products or materials; materials required to make controlled products; software required to develop, produce, or use controlled items; and information required to develop, product, or use controlled items. Items specifically not controlled by the EAR include those controlled by another U.S. government department (items to embargoed countries, nuclear reactor items and technology, patent applications) and publicly available information, informational materials, software and technology.

Export Control Classification Number (ECCN) – a five-character alphanumeric classification used under the EAR to identify items on the Commerce Control List.

  • EAR 99 – EAR99 is a classification for an item. EAR99 class is used when a particular item is subject to the Export Administration Regulations (EAR), but the item is not listed with a specific Export Control Classification Number (ECCN) on the Commerce Control List (CCL). While the classification describes the item, the authorization for shipment of that item may change, depending on the transaction, or the country or party to which you are shipping the item, or if the end-use is prohibited.
  • 600 Series – The “600 Series” is the ECCN grouping on the Commerce Control List.  Items that are controlled under the 600 Series were formerly on the US Munitions List or under the Wassenaar Arrangement Munitions List (WAML) and were moved to the CCL list.  The 600 Series includes items that formerly were on the ECCN list in this series and ended in -018.  Thus, 600 Series includes munitions that are now on the CCL.  Examples may include certain aircraft, gas turbine engines, vessels of war, tanks/military vehicles, submersible vessels, etc.

Export License – The approval documentation issued by an export agency authority authorizing the recipient to proceed with the export, re-export, or other regulated activity as specified on the application.

Foreign National – The EAR uses, but does not define, “foreign national”. “National” is defined in 8 USC 1101(a) (20) as “a person owing permanent allegiance to a state”. The net effect of EAR is comparable to the ITAR “foreign person”: the deemed export rule, for instance, applies to “foreign nationals,” but excludes permanent residents and protected individuals.

Foreign Person – Under ITAR, a natural person who is neither a lawful permanent resident (green card holder) nor a protected individual (citizen or national of the U.S., special agricultural worker, admitted refugee, or person granted asylum), a foreign entity (corporations, business associations, partnerships, etc.) not incorporated or organized to do business in the U.S., an international organization, a foreign government or an agency or subdivision of a foreign government. See 22 CFR §120.16; Person means a natural person as well as a corporation, business association, partnership, society, trust, or any other entity, organization or group, including governmental entities. If a provision under ITAR does not refer exclusively to a foreign person (§120.16) or U.S. person (§120.15), then it refers to both. 

Fundamental Research – (basic or applied) research in science, engineering, or mathematics, where the resulting information is ordinarily published and shared broadly in the scientific/research community and for which the researchers have not accepted restrictions on publication for proprietary or national security reasons, is excluded from export controls.

  • FRE under EAR (15 CFR §734.8), university research normally will be considered Fundamental Research, unless the university or its researchers accept sponsor restrictions on the publication of scientific and technical information resulting from the project or activity. Research at companies or outside the US can qualify as Fundamental Research when there are no restrictions on publishing the results. The EAR specifically permits limited prepublication reviews by research sponsors to prevent the inadvertent divulging of proprietary information provided to the researcher by the sponsor or to ensure that publication will not compromise the patent rights of the sponsor.
  • FRE under ITAR (22 CFR §120.11(8)), only research at accredited institutions of higher learning in the U.S. can qualify as “fundamental”.  University research will not qualify as Fundamental Research if: (1) the information is not generally published and shared broadly within the scientific community (e.g., the university or its researchers accept any restrictions on the publication of scientific and technical information resulting from the project or activity); or (2) the research is federally-funded and specific access and dissemination controls protecting information resulting from the research have been accepted by the university or the researcher.

Generally Authorized – DoE’s 10 CFR 810 and OFAC’s sanctions programs identify activities which are in the scope of the controls, but are already determined to be acceptable and can be conducted without additional approval as “generally authorized”. The DoE regulations require the use of a general license to be reported.

Import(s) means all goods physically brought into the United States, including: (1) Goods of foreign origin, and (2) Goods of domestic origin returned to the United States without substantial transformation affecting a change in tariff classification under an applicable rule of origin.  See Trade Definitions at the U.S. Census Bureau.

International Trafficking in Arms Regulations (ITAR) – The International Trafficking in Arms Regulations (ITAR), 22 CFR §120-130, promulgated by the Department of State, control the export of articles, services, and related technical data whose predominant application is defense, as determined by the State Department. These “defense articles,” “defense services,” and related “technical data” are listed on the United States Munitions List (USML).  Satellites and spacecraft are subject to ITAR (since 1999), regardless of application. In November 2014, satellites and spacecraft not providing capabilities listed on the USML moved to EAR control, although under new, more restricted, “500 series” classifications, and still requires analyses.

Jurisdiction means the power or authority an agency (or department of the U.S. government) maintains in determining what is allowable under the laws of the U.S. constitution or under statutes enacted by the U.S. Congress.

License refers to a government (agency) document or approval authorizing the export of specific items (including technology) in specific quantities to a particular destination(s).  A license may be required for most or all exports to some countries, while other countries may only require licenses to export items/technology under special circumstances.

Mass Market typically means available widely and at storefronts, through the internet, or otherwise.  The Mass Market Exemption means that the technology, product, or services qualify for Mass Market status as defined by the Cryptography Note of the CCL.  However, some restrictions still exist on cryptography products, especially regarding certain nations or denied persons. Where the product qualifies and there are no other limitations of end-use/user, no further license in respect to EAR is required.  Note the first time that the request is made to BIS must be requested through a SNAP-R filing.   (Wassenaar formally approved the exemption for use regarding hardware components.)

Military end use means incorporation into a military item described on the U.S. Munitions List (USML) (ITAR, 22 CFR part 121); incorporation into a military item described on the Wassenaar Arrangement Munitions List (at http://www.wassenaar.org); incorporation into items classified under ECCNs ending in “A018” or under “600 series” ECCNs; or for the “use,” “development,” or “production” of military items described on the USML or the Wassenaar Arrangement Munitions List, or items classified under ECCNs ending in “A018” or under “600 series” ECCNs. ‘Military end use’ also means deployment of items classified under ECCN 9A991 as set forth in supplement no. 2 to part 744.  15 CFR 744.21(f.)   

Military end use (EAR, 15 CFR 744.21) the following applies:

  • “use” means operation, installation (including on-site installation), maintenance (checking), repair, overhaul and refurbishing; 
  • “development” is related to all stages prior to serial production, such as: design, design research, design analyses, design concepts, assembly and testing of prototypes, pilot production schemes, design data, process of transforming design data into a product, configuration design, integration design, layouts; and 
  • “production” means all production stages, such as: product engineering, manufacturing, integration, assembly (mounting), inspection, testing, and quality assurance.
  • “operation” means to cause to function as intended; 
  • “installation” means to make ready for use, and includes connecting, integrating, incorporating, loading software, and testing; 
  • “maintenance” means performing work to bring an item to its original or designed capacity and efficiency for its intended purpose, and includes testing, measuring, adjusting, inspecting, replacing parts, restoring, calibrating, overhauling; and 
  • “deployment” means placing in battle formation or appropriate strategic position.

Military end user means the national armed services (army, navy, marine, air force, or coast guard), as well as the national guard and national police, government intelligence or reconnaissance organizations, or any person or entity whose actions or functions are intended to support ‘military end uses’ as defined in paragraph (f) of this section.  See 744.21(g)

Office of Foreign Assets Control (OFAC) – A part of the U.S. Department of Treasury that administers and enforces economic embargoes and trade sanctions based on U.S. foreign policy and national security goals against targeted foreign countries, terrorists, international narcotics traffickers, and those engaged in activities related to the proliferation of weapons of mass destruction. OFAC acts under presidential wartime and national emergency powers, as well as authority granted by specific legislation, to impose controls on transactions and freeze foreign assets under U.S. jurisdiction.  

Public Domain – Under ITAR (§120.11), public domain means information that is published and that is generally accessible or available to the public through/at the following:

  1. sales at newsstands and bookstores;
  2. subscriptions that are available without restriction to any individual who desires to obtain or purchase the published information;
  3. mailing privileges (second-class) granted by the U.S. government;
  4. libraries open to the public or from which the public may obtain documents, including most university libraries;
  5. published patents;
  6. unlimited distribution at a conference, meeting, seminar, trade show, or exhibition, generally accessible to the public, in the United States;
  7. public release in any form after approval by the cognizant U.S. government department or agency; and
  8. fundamental research in science, engineering, and mathematics at accredited institutions of higher learning in the United States where the resulting information is ordinarily published and shared broadly in the scientific community. Public domain information is excluded from ITAR technical data controls.

(Public domain information is excluded from control as ITAR technical data.)  Open Source is not “public domain” as referenced in intellectual property (IP) rights, because an owner provides the software or technology, although available publicly and generally accessible, it is still only provided under a grant of rights (license).  Thus, it cannot be “public domain”

Publicly Available –under the EAR, refers to “publicly available technology and software” and does not use the expression “public domain.”  To be Publicly Available, and generally excluded from EAR controls, the 

  • software and technology (with limited exception) that (i) are, or will be, published; (ii) arise during, or result from, fundamental research; (iii) are educational; or (iv) are included in certain patent applications.  (Publicly available software and technology are excluded from EAR controls, however published 5D002 encryption software remains subject to the EAR; some publicly available 5D002 encryption object code may be publicly available when the corresponding source code is publicly available.) For software and technology in the scope of the EAR, it may be made publicly available by a person with the right to do so without further authorization from the Commerce Department (except 5D002 encryption software). See 15 CFR Part 734.3(b)(3).
  • Information is generally accessible to the interested public in any form and thus not subject to the EAR.  See 15 CFR Part 732.

Published – Under the EAR, information is “published” when it becomes generally accessible to the interested public in any form, including:

  1. periodicals, books, print, electronic, or any other media available for general distribution to any member of the public or to a community of persons interested in the subject matter, such as those in a scientific or engineering discipline, either free or at a price that does not exceed the cost of reproduction and distribution;
  2. ready availability at libraries open to the public or at university libraries;
  3. patents and open (published) patent applications available at any patent office; and
  4. Release at an open conference, meeting, seminar, trade show, or other open gathering.
  5. Software and information is published when either it is available for general distribution free or at a price that does not exceed the cost of reproduction and distribution.

(Note: published 5D002 encryption software remains subject to the EAR, except publicly available 5D002 encryption object code when the corresponding source code is publicly available.

Re-export or Re-transfer– Under EAR a re-export refers to an actual shipment or the transmission of items subject to export regulations from one foreign country to another foreign country. For the purposes of the EAR, the export or re-export of items that will transit through a country or countries to a new country, or that are intended for re-export to the new country, are deemed to be Exports to the new country. See 15 CFR §730.5.  The transfer of items subject to ITAR jurisdiction between two foreign countries is an export/re-export/re-transfer of defense articles or defense services to an end-use, end-user, or destination not previously authorized by license, written approval or exemption.  (Any movement of a defense article between two foreign countries is a “re-export” and requires authorization.) See 22 CFR 120.19.

Release under EAR covers activities that disclose information to foreign persons.  See 15 CFR 734.15.  Under ITAR (22 CFR 120.50), activities allowing a foreign person to “inspect” a defense article in a way that reveals technical data to that person and oral/written exchanges of technical data are “releases” and thus under export control laws.  (This excludes simple size or weight information, and simple attributes.)  

Technical data is Released (under ITAR) through: (1) Visual or other inspection by foreign persons of a defense article that reveals technical data to a foreign person; or (2) Oral or written exchanges with foreign persons of technical data in the United States or abroad.

 A foreign person (under EAR) having theoretical or potential access to technology or software is similarly not a “release” because such access, by definition, does not reveal technology or software.

Restricted Parties – Individuals and entities with whom the university and its employees may be prohibited by law, or that require a license or other government approval, to export to or engage in controlled transactions. These include the Denied Persons List, Entity List, and Unverified List (Dept. of Commerce); the Debarred Parties Lists (Department of State); and the Specially Designated Nationals (SDN) and Blocked Persons List (Department of Treasury).

Restricted Research – Defined as university research, development, or testing subject to: (i) publication restrictions; (ii) access and dissemination controls; (iii) federally funded research with contract-specific national security restrictions; (iv) accepting third-party controlled items or information; or (v) providing access to, or defense services on, a defense article. Restricted research is subject to EAR and ITAR regulations, and a license or other government approval may be required for foreign national participation.

Sanctioned Countries – Countries designated by OFAC as having limited or comprehensive trade sanctions imposed by the United States for reasons of anti-terrorism, non-proliferation, narcotics trafficking, or other reasons

Significant Military Equipment (SME) means articles for which special export controls are warranted because of their capacity for substantial military utility or capability. (ITAR)

Specially designed – Some items are subject to the ITAR or the EAR if they have properties, as a result of development, that meet or exceed the criteria in the US Munitions List (ITAR) or the Commerce Control List (EAR) — this is the “catch” — and are not a fastener or other low-control item — this is the “release”. There are web tools for the ITAR and the EAR to help determine whether an item is “specially designed”.

Statutory means enacted, regulated, or authorized by statute.  E.g., when a government action is required by law, the action is statutory if passed by Congress and signed into law by the President.

Technical Assistance – Under the EAR, instruction, skills training, working knowledge, and consulting services, which may involve the transfer of technical data, may be technical assistance This is similar to the ITAR’s “defense service” definition and under ITAR there can be Technical Assistance Agreements, which authorize transferring technical data and providing defense services.

Technical Data – (22 CFR §120.10) Refers to information required for the design, development, production, manufacture, assembly, operation, repair, testing, maintenance, or modification of controlled articles. This includes information in the form of blueprints, drawings, plans, instructions, diagrams, photographs, etc. It may take forms such as blueprints, plans, diagrams, models, formulae, tables, engineering designs and specifications, and manuals and instructions written or recorded on other media or devices such as disk, tape, or read-only memories. The ITAR definition does not include information concerning general scientific, mathematical, or engineering principles commonly taught in schools, colleges, and universities, or information in the public domain.

Technology – Any specific information and know-how (whether in tangible form, such as models, prototypes, drawings, sketches, diagrams, blueprints, manuals, or software—or in intangible form, such as training or technical services) that is required for the development, production, or use of a good, but not the good itself.

Transfer – Under ITAR, a “Re-transfer” occurs when there is a change in the item’s end user or end use within the same country. Authorization will still be required to provide a defense article to a subcontractor or intermediate consignees in the same country (unless previously authorized, e.g., via TAA), as that would constitute a change in end user and end use. Certain activities, such as disclosures of technical data to a foreign national abroad, may be covered by the new definitions of both “reexport” and “retransfer.”

U.S. Munitions List (USML) – (22 CFR §121.1) The USML includes articles, services, and related technical data designated as defense articles and defense services pursuant to the Arms Export Control Act (AECA).

U.S. Person – Under the ITAR, a natural person who is a lawful permanent resident (green card holder) or a protected individual (citizen or national of the U.S., special agricultural worker, admitted refugee or person granted asylum); or any entity (corporation, business association, partnership, etc.) incorporated in the U.S., or any federal, state, or local governmental entity. The EAR is effectively the same, although without explicit definition: the deemed export rule, for instance, applies to “foreign nationals,” but excludes permanent residents and protected individuals. (Note that for the purpose of §744.6 Restrictions on Certain Activities of U.S. Persons, the EAR adds “any person in the United States”.) [Usage note: this website uses “non-U.S. person” as an objective counterpart to “foreign person” for clarity when being read by people of all nationalities.]

Visual Compliance refers to the software package that Mines utilizes to review persons or entities that may be on the Denied Persons list as collected from Department of Commerce and other agencies.  Contact ORA for questions or access to this tool.