Export 101

The definition of “export” differs depending on which set of laws you look at (EAR or ITAR) but it generally consists of any of the following activities:

1. Shipment of physical items out of the country, or in the case of certain defense articles, providing them to a foreign person, regardless of their location.
2. Shipment of technical data out of the country. This can occur by email, facsimile, phone call, and even by traveling with a hard disk or document containing controlled technical data.
3. Disclosure of controlled technical data to a foreign person in any location. This disclosure can include verbal, written, electronic and visual disclosure. Export laws define “foreign person” as anyone who is not a US Citizen or Permanent Resident.

You’ll see the term “controlled data” tossed around throughout this website. This is the million-dollar question and if it were easy to answer, there probably wouldn’t be a need for an Export Compliance Office. Yet, understanding what data is controlled is the key to avoiding an unauthorized "deemed export". Let’s start by looking at the definition of “technical data”. The definitions for ITAR components and EAR components are similar but the ITAR definition is the most broad: information […] which is required for the design, development, production, manufacture, assembly, operation, repair, testing, maintenance or modification of a defense article (22 CFR Part 120.10). Note that the items are separated by an “or” meaning that data with any one of those components could meet the definition of technical data.

So if you have data that meets the definition above, that doesn’t necessarily mean it’s controlled. There are two things to look at before we can determine if we are dealing with “controlled technical data”.

1. Both the EAR and ITAR exclude data in the “public domain” from control. The ITAR provides a detailed definition of “public domain” in 22 CFR Part 120.11. Note that there are inclusions for information resulting from “fundamental research” which is a term used to described research conducted at US institutions of higher learning where the results are “ordinarily published and shared broadly within the scientific community.” Not included in this definition is research where the results are restricted by the sponsor for proprietary reasons or US Government “access and dissemination controls”. The EAR definition of “public domain” is shorter but similar to the ITAR: see 15 CFR Part 772.1. If the technology is “public domain” as described above, we can assume it is not “controlled technical data”. If not, we need to proceed to step two to figure out whether the technology is actually controlled by either the ITAR or EAR.
2. The ITAR and EAR contain special lists of all technology that is controlled. The ITAR list is called the US Munitions List (USML) and can be found at 22 CFR Part 121.1 THE EAR list is called the Commerce Control List (CCL) and can be found at 15 CFR Part 774.1. The ECO will provide assistance to any department or researcher attempting to determine whether their technology is controlled. Generally, the first place we would look is to the source of the data which could be a sponsor or a vendor to see if they can confirm the classification of the data. When this is not possible, the ECO has a subscription index of the USML and CCL and will work with the department to “self-classify” the data. In some cases, it may even be necessary to submit a request to either the Department of State or the Department of Commerce to get an official determination on the classification of the technology.

Occasionally, it is necessary for researchers to access controlled data. The rules for handling controlled data vary depending on what category of ITAR or CCL the item falls within. The ECO will work with the researcher to identify the applicable set of rules and set up a Technology Control Plan (TCP) to insure the technology is properly handled. Generally, a TCP will identify the individual researchers who are allowed access, how the data will be stored, and how the researchers will access and use the data. The ECO will provide training to each individual included in the TCP.

It is common for our labs to have hardware that is controlled under the CCL and generally not an issue for our foreign students and researchers to access this hardware. On the other hand, if the hardware is ITAR controlled, access needs to be restricted to US persons in order to prevent a “deemed export”. The ECO needs to be notified prior to bringing any ITAR hardware on campus. The ECO will work with the PI to determine whether it is possible to handle this hardware in a manner that is compliant with ITAR rules.

Anytime material is shipped out of country (including by hand carry) it is considered an export. Depending on the nature of the item, an export license may be required to ship to certain locations. The ECO will assist departments that need to ship material to foreign locations for research purposes. The International Shipping tab contains further instructions. Keep in mind, export licenses can take several months so it is critical to provide the ECO with as much advanced notice as possible to prevent project delays.

• I need to ship items internationally.
• I need to travel to Cuba, Iran, N. Korea, Syria, or Sudan.
• I want to collaborate with a researcher or an institution from outside the United States.
• My sponsor has requested that my research results be kept proprietary or has requested to review my results prior to publication.
• My sponsor has requested that only US persons work on the project, or, has requested the name and citizenship status of my researchers.
• I have received or need to receive export-controlled data from a sponsor, collaborator, or vendor.
• I have received or plan to receive hardware that the sponsor or vendor has designated “ITAR”.
• I have invented a new technology having an obvious military application.