The “deemed export” rule under the Export Administration Regulations (EAR) presents unique compliance challenges for universities, R&D centers, and any number of companies and organizations involved in high-tech fields.
In short, under the EAR, the release of export controlled technology to a foreign national is deemed to be an export to the country of which the foreign national is a citizen. A “release” includes giving a foreign national access to the controlled technology. The deemed export rule applies to foreign national employees who may be authorized to work in the U.S. under an H1-B, O, L-1 or other visa, as well as foreign national visitors, those employed by business partners, graduate assistants and other researchers and student interns. The deemed export rule does not apply, however, to foreign nationals who have become naturalized U.S. citizens; those who are legal permanent residents of the U.S. (have “green cards”). The rule applies equally to organizations with overseas operations, such as subsidiaries, JVs, affiliates, and other partners.
The sharing of or giving access to controlled technology, blue prints, formulations and the like with a foreign national during a meeting in a conference room, in an email or text message, in a Skype or phone call, are all considered to be a release under the deemed export rule. Therefore, just as an exporter of a commodity must determine whether its export controlled item is subject to licensing requirements or if it chooses to rely on an applicable export license exception, organizations that have controlled technology must similarly analyze whether a release of that technology, in whatever format and via whatever media, must also carefully analyze whether a deemed export license may be required before the release to the foreign national colleague can occur.
This week, a civil penalty settlement announcement made by the U.S. Department of Commerce, Bureau of Industry and Security (BIS), Office of Export Enforcement (OEE) gave organizations with controlled technology another reminder (perhaps a jolt for some) that violations of the deemed export rule are detectable and costly. In a press release, BIS announced that it reached a $115,000 civil settlement with a Santa Clara, California company resulting from five violations of the EAR’s deemed export rule.
The company’s violations included the unauthorized release of export controlled manufacturing technology to a Russian national engineer working at its U.S. headquarters. This occurred in 2007. The unauthorized release involved drawings and blueprints for parts, identification numbers for parts, and development and production technology. The information is used for a product in hard disk drive manufacturing. The controlled technology was stored on a server at the company’s headquarters. (Best Practice Tip: store controlled technology on U.S. servers only, not abroad and not in the cloud). The company “released” the controlled technology to its Russian national engineer by providing the employee with a login ID and password “that enabled him to view, print, and create attachments.” After that occurred, the company applied for a deemed export license from BIS, but continued to store controlled technology on its server and failed to take steps to deny access of the technology to its Russian national while the license application was pending. This resulted in charges of knowingly violating the EAR on three occasions. Apparently, those applying for the license failed to inform the IT department to disable the engineer’s login or otherwise deny access to the controlled technology. In 2010, a similar release violation occurred when a Chinese national working in the company’s Shenzhen, China subsidiary accessed similar controlled technology on the company’s server in California using a login ID and password to open an attachment containing the technology.
The company voluntarily disclosed its violations to BIS. But it should be recalled that for many visa categories used to employee foreign nationals in the U.S. Part 6 of the I-129 requires the applicant to certify compliance with the EAR (and ITAR), including obtaining an export license when necessary and not releasing or giving access to the controlled technology to the foreign national employee. In other words, BIS and U.S. Citizenship and Immigration Services (USCIS) have information available to help detect and penalize deemed export violations in addition to information provided to BIS through a voluntary self-disclosure (VSD).
In announcing the penalty, BIS stated that the company’s failure to prevent access while the deemed export license was pending was considered to be an aggravating factor in determining the penalty. There can be no doubt that BIS is serious about protecting U.S. technology that is subject to export controls, enforcing the deemed export rule, and penalizing violators. “Deemed export compliance is a top priority for the Bureau of Industry and Security,” said David W. Mills, Assistant Secretary of Commerce for Export Enforcement. “Today’s settlement highlights the need for companies to be vigilant to prevent the unauthorized release of U.S. technology and data.”
The BIS case documents can be accessed here, http://1.usa.gov/1jCWCEk.
For assistance with understanding and complying with the deemed export rule, sections of the Export Administration Regulations (EAR) or other export controls and economic sanctions, as well as representation before BIS in investigations, civil penalty, and voluntary self-disclosure matters, please contact Jon P. Yormick, Esq., firstname.lastname@example.org or by calling +1.866.967.6425 (Toll free in Canada & U.S.) or +1.216.928.3474.