Technology: Navigating the export control maze
As a U.S. business grows into a global enterprise, it must pay attention to export regulations impacting the shipment (or transmission) of items and technology outside the U.S.
January 11, 2013 at 04:00 AM
5 minute read
The original version of this story was published on Law.com
As a U.S. business grows into a global enterprise, it must pay attention to export regulations impacting the shipment (or transmission) of items and technology outside the U.S. Unfortunately, export control regulations are incredible complex. Below are a few hypothetical situations that provide a sense of the breadth and complexity of these regulations:
- Mundus Corp. (MC) is an expanding global business with primary operations in the U.S. In connection with the opening of MC's new Russian office, it has engaged Natar Ltd. (NL), an Asia-based technology outsourcing firm. NL will enhance an MC-developed information security software application, MC Lock, used to assist with customer database security. MC intends to electronically transmit MC Lock source code (the computer language programmers use) to one of NL's Asian offices. NL will use such code to enhance MC Lock.
- NL plans to send some of its Asia-based employees to MC's U.S. offices. While there, these NL employees will access MC's technology, including the source code to MC Secure.
- MC's CIO is planning a trip to Russia to visit MC's new office. The chief information officer will bring a company-issued laptop with her. Her laptop's hard drive will be encrypted (using standard “off-the-shelf” software).
Export control laws
The MC legal and compliance team will need to spend some time analyzing each of the scenarios above to make sure that MC remains in compliance with export (and import) control laws.
Some examples of these U.S. export regulations include:
- The Export Administration Regulations (EAR) administered by the Commerce Department's Bureau of Industry and Security (BIS). The EAR addresses the export of “dual use” items (i.e., items that have both commercial and military uses).
- The International Traffic in Arms Regulations (ITAR) administered by the State Department. ITAR deals with the export of military and space-related technology.
- The Office of Foreign Asset Control (OFAC) regime managed by the Treasury Department. OFAC restricts exporting items to certain countries (e.g., Iran, Cuba and the Sudan) and persons or entities (e.g., Hamas) subject to embargoes and trade sanctions.
The EAR
The EAR is the regulatory framework most applicable to our hypotheticals. The EAR controls the “shipment or transmission” of EAR-covered items outside of the U.S. It controls exports based on factors such the nature of the exported item, its destination, the end user and the purpose for which the exported item will be used.
In order to lawfully export an item subject to the EAR, the exporter must obtain a license from BIS or there must be an available license exception or exemption.
Analyzing hypothetical 1: Exporting software
An electronic transfer of source code to NL's foreign office will be an export under the EAR. MC will have to undertake a somewhat complicated analysis to determine whether there is an EAR export classification control number (ECCN) applicable to MC Lock, and if so, whether there are any restrictions on exporting items associated with that ECCN to the Asian country in which NL's office is located.
If MC is lucky, there will be no restrictions to exporting the MC Lock software to NL's Asian office (or to NL). Even if there are restrictions associated with MC's intended export, it is quite possible that there are available exemptions to the EAR license requirement.
Analyzing hypothetical 2: Deemed exports
It is tempting (but wrong) to think that the EAR will not apply to the second hypothetical. The EAR governs not only actual exports but also “deemed” exports. Under the EAR, a deemed export occurs when there is a release of covered technology (including source code) to a foreigner. That release is considered an export to the foreign national's home country. MC must determine whether there is an EAR license required to transmit the exposed technology to the home countries of the NL employees.
Analyzing hypothetical 3: Short trips to foreign countries
If MC's CIO takes her company-issued laptop to Russia, that act will constitute an export subject to the EAR. The good news is that the EAR does provide a limited license exemption that will allow her to bring the laptop with her so long as the trip is for less than a year, she keeps the device in her control and the software (including the encryption software) is, for the most part, standard commercially available software. Of course, certain countries—such as Russia—may still require users to obtain a license if they import encryption related software on their laptop.
Conclusion
Export laws are complex. If a company is engaged in the business of exporting equipment, technology or other items (or if it grants foreign workers access to controlled items in the U.S.), it should develop a compliance program to ensure that it is undertaking such exports in conformity with export control regulations.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View All
Lawyers Drowning in Cases Are Embracing AI Fastest—and Say It's Yielding Better Outcomes for Clients
GC Conference Takeaways: Picking AI Vendors 'a Bit of a Crap Shoot,' Beware of Internal Investigation 'Scope Creep'
8 minute read
Why ACLU's New Legal Director Says It's a 'Good Time to Take the Reins'
Trending Stories
- 1'Largest Retail Data Breach in History'? Hot Topic and Affiliated Brands Sued for Alleged Failure to Prevent Data Breach Linked to Snowflake Software
- 2Former President of New York State Bar, and the New York Bar Foundation, Dies As He Entered 70th Year as Attorney
- 3Legal Advocates in Uproar Upon Release of Footage Showing CO's Beat Black Inmate Before His Death
- 4Longtime Baker & Hostetler Partner, Former White House Counsel David Rivkin Dies at 68
- 5Court System Seeks Public Comment on E-Filing for Annual Report
Who Got The Work
Michael G. Bongiorno, Andrew Scott Dulberg and Elizabeth E. Driscoll from Wilmer Cutler Pickering Hale and Dorr have stepped in to represent Symbotic Inc., an A.I.-enabled technology platform that focuses on increasing supply chain efficiency, and other defendants in a pending shareholder derivative lawsuit. The case, filed Oct. 2 in Massachusetts District Court by the Brown Law Firm on behalf of Stephen Austen, accuses certain officers and directors of misleading investors in regard to Symbotic's potential for margin growth by failing to disclose that the company was not equipped to timely deploy its systems or manage expenses through project delays. The case, assigned to U.S. District Judge Nathaniel M. Gorton, is 1:24-cv-12522, Austen v. Cohen et al.
Who Got The Work
Edmund Polubinski and Marie Killmond of Davis Polk & Wardwell have entered appearances for data platform software development company MongoDB and other defendants in a pending shareholder derivative lawsuit. The action, filed Oct. 7 in New York Southern District Court by the Brown Law Firm, accuses the company's directors and/or officers of falsely expressing confidence in the company’s restructuring of its sales incentive plan and downplaying the severity of decreases in its upfront commitments. The case is 1:24-cv-07594, Roy v. Ittycheria et al.
Who Got The Work
Amy O. Bruchs and Kurt F. Ellison of Michael Best & Friedrich have entered appearances for Epic Systems Corp. in a pending employment discrimination lawsuit. The suit was filed Sept. 7 in Wisconsin Western District Court by Levine Eisberner LLC and Siri & Glimstad on behalf of a project manager who claims that he was wrongfully terminated after applying for a religious exemption to the defendant's COVID-19 vaccine mandate. The case, assigned to U.S. Magistrate Judge Anita Marie Boor, is 3:24-cv-00630, Secker, Nathan v. Epic Systems Corporation.
Who Got The Work
David X. Sullivan, Thomas J. Finn and Gregory A. Hall from McCarter & English have entered appearances for Sunrun Installation Services in a pending civil rights lawsuit. The complaint was filed Sept. 4 in Connecticut District Court by attorney Robert M. Berke on behalf of former employee George Edward Steins, who was arrested and charged with employing an unregistered home improvement salesperson. The complaint alleges that had Sunrun informed the Connecticut Department of Consumer Protection that the plaintiff's employment had ended in 2017 and that he no longer held Sunrun's home improvement contractor license, he would not have been hit with charges, which were dismissed in May 2024. The case, assigned to U.S. District Judge Jeffrey A. Meyer, is 3:24-cv-01423, Steins v. Sunrun, Inc. et al.
Who Got The Work
Greenberg Traurig shareholder Joshua L. Raskin has entered an appearance for boohoo.com UK Ltd. in a pending patent infringement lawsuit. The suit, filed Sept. 3 in Texas Eastern District Court by Rozier Hardt McDonough on behalf of Alto Dynamics, asserts five patents related to an online shopping platform. The case, assigned to U.S. District Judge Rodney Gilstrap, is 2:24-cv-00719, Alto Dynamics, LLC v. boohoo.com UK Limited.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250
