A major focus of U.S. export enforcement agencies recently has been to prevent the unauthorized export or transfer of technology. While most of us are aware that the United States controls the physical export of goods and technology from the United States [The Export Administration Regulations (15 CFR Part 732 through Part 774) or Section 38 of the Arms Export Control Act (22 U.S.C. § 2778) and the International Traffic in Arms Regulations (ITAR) (22 CFR part 121)], many may not realize that the transfer of technical information or knowledge to a recipient in a foreign country or even to a non-U.S. citizen while here in the U.S. is subject to the same type of controls. We now have enhanced penalties for export violations provided by the International Emergency Economic Powers Enhancement Act (IEEPA Enhancement Act). Under the IEEPA Enhancement Act, civil penalties for violations of the export Administration Regulations can be as much as $250,000 per occurrence.
This article will review the basic rules on the export or transfer of technology and technical data, and provide suggestions on how companies may avoid unintended technology transfers, and the fines or penalties that can result there from.
I. The "Deemed Export" Rule
--Transfers of U.S. Origin Technology And Technical Data To Foreign Nationals In The United States An "export" of U.S. origin technology or technical data can occur even in the United States simply by disclosing information or technology to a foreign national from a country other than the United States. Section 734.2(b) of the EAR provides that the release or disclosure of technology or technical data subject to the EAR to a foreign national of another country is "deemed" to be exported to the home country of the foreign national. For purposes of U.S. export controls, technology is "released" for export through:
i. Visual inspection by foreign nationals of U.S.-origin equipment and facilities;
ii. Oral exchanges of information in the United States or abroad; or
iii. The application to situations abroad of personal knowledge or technical experience acquired in the United States.
II. To Whom Does The Rule Apply?
The "deemed export" rule applies to all non-U.S. citizens, regardless of whether they are employees or visitors, except persons who have been lawfully admitted for permanent residence, or persons who are protected individuals under the Immigration and Naturalization Act (8 U.S.C. §1324b(a)(3)).
III. What Is Technical Data?
When we talk about technical data, we really mean "technology," which is broadly defined by the EAR as information necessary for the "development", "production", or "use" of a product. It can take the form of either "technical data" or "technical assistance". "Technical data" is technology that takes on the form such as blueprints, plans, diagrams, models, formulae, tables, engineering designs and specifications, manuals and instructions written or recorded on media or devices such as disk, tape, or read-only memories. Technical assistance, on the other hand, can take on the form of instructions, skills training, working knowledge, or consulting services. Oftentimes, a transfer of technical assistance includes a transfer of technical data. The export of technology that is "required" for the "development", "production", or "use" of items on the Commerce Control List is controlled according to the provisions in each Category of the Commerce Control List to which the technology belongs.
IV. Not All Transfers of Technology to Foreign Nationals Require a License Like the export or reexport of goods or technology, not all transfers of technology to a foreign national in the United States require a license. In general, whether a license will be required before a transfer of technology can occur will depend on:
a. The nature and control status of the information to be transferred, and
b. The country of citizenship of the foreign national.
The first step in determining whether a license will be required is to classify the information to be communicated to the foreign national. In most cases, this technology will fall under the jurisdiction of the U.S. Export Administration Regulations (the "EAR"), and the Commerce Control list (Supplement 1 to Part 774 of the EAR) (the "CCL"). In other cases, the technology may fall under the jurisdiction of the Arms Export Control Act (22 U.S.C. § 2778) and the International Traffic in Arms Regulations (ITAR) (22 CFR part 121). The CCL is a list of all items subject to the jurisdiction of the EAR and the Bureau of Industry and Security ("BIS") in the Department of Commerce. The coverage of the CCL includes commodities, as well as software, technology, and technical data.
A. How to Determine if Your Technology Requires a License . . . .
B. Publicly Available Technology And Technical Data; Sales Technology . . . .
C. Sales-Related Technology and License Exception TSU . . . .
D. License Exception TSR for Technology Exports . . . .
E. License Exception CIV for Technology Exports . . . .
F. License Exception APP (Computers) . . . .
A Foreign National Review ("FNR") request (see §748.8(s) of the EAR) must be submitted to BIS and approved before the release of any technology or software to a foreign national from any Tier Three computer countries,
including: China (People's Republic of), Egypt, Georgia, India, Iraq, Israel, Jordan, Kazakhstan, Kuwait, Kyrgyzstan, Laos, Lebanon, Libya, Macau, Macedonia (The Former Yugoslav Republic of), Mauritania, Moldova, Mongolia, Montenegro, Morocco, Oman, Pakistan, Qatar, Russia, Saudi Arabia, Serbia, Tajikistan, Tunisia, Turkmenistan, Ukraine, United Arab Emirates, Uzbekistan, Vanuatu, Vietnam, and Yemen. (See EAR § 740.7(d)(1) for a complete list of Tier Three computer countries.)
V. Technology Control Plans:
Avoiding The Unauthorized Transfer Of Technology Unlike hardware and physical materials, technology can leak from a company like water from a colander. Technology can be released by any number means, including phone, fax, e-mail, mail, courier, face-to-face meetings and visual tours. The only way to adequately stem the unauthorized flow of technology from a company is through education of employees and the adoption of a technology control plan (TCP). A sound TCP provides a company with a process to categorize technology and data, and to screen customers, visitors, and employees.
A. Developing A Technology Control Plan . . . .
B. Establishing Technology Control Procedures for Customers, Visitors, and Employees . . . .
Screening employees, both here in the U.S. and abroad, presents unique challenges because of issues associated with possible employment discrimination, or violation of foreign laws. A commonly voiced concern is whether U.S. anti-discrimination employment law prohibits an employer from asking employees information about their country of citizenship. Subsection 1324b(a)(1) of Title 8 of the United States Code provides that it is an unfair immigration-related employment practice for a person or other entity to discriminate against any individual with respect to the hiring or recruitment of an individual for employment, or for the discharging of the individual from employment, because of such individual's national origin. Subsection 1324b(a)(2), however, provides an exception to such practices where it is otherwise required in order to comply with a United States law, regulation, or executive order. It is, therefore, both possible and legal to require employees and potential new hires to verify citizenship information, provided the employee or potential candidate is notified in advance that the job or activity requires access to and/or disclosure of information and data subject to U.S. export control restrictions, and that one condition for consideration for the position is the issuance of a validated export license or other approval. The specifics of any program used to verify citizenship for employment-related purposes should be reviewed carefully with the company's immigration-employment law counsel before implementation.
(Source: Tuttle Law Offices, email@example.com)