ExportLawBlog » Clif Burns

Author Archive

Feb

8

Once More Unto the Breach

Posted by Clif Burns at 8:35 pm on February 8, 2011

The Bureau of Industry and Security (“BIS”) previously did battle with cloud computing in an advisory opinion it released in January 2009. Almost two years later BIS charges into battle yet again, and yet again there is no clear victor.

In the 2009 advisory opinion, BIS noted that the provider of cloud computing services was only providing a service and was not exporting data or technology. Only the customer of the service could be the exporter, and only the customer of the service would be in export hot water if the data or technology was transferred in violation of the Export Administration Regulations. This logic seemed a bit at odds with the normal concept that providing access to technical data to foreign nationals was an export, but let’s not trouble ourselves here with minor details. A sly little sentence dropped at the end of the opinion also reminded everyone that the Office of Foreign Assets Control (“OFAC”) might have concerns with the provision of cloud computing services to blocked persons or embargoed destinations even if BIS did not.

Now, two years later, BIS confronts the related and more difficult question of what cloud computing service provides ought to do about their own foreign national IT staff who might have access to controlled technology placed on the cloud by the service’s customers. Not to worry, says the opinion, because the cloud computing service provider isn’t an exporter and thus can’t be a deemed exporter:

Because the service provider is not an “exporter,” [it] would not be making a “deemed export” if a foreign national network administrator monitored or screened, as described above, user-generated technology subject to the EAR.

But the problem with this logic is that the person who gives a foreign national access to controlled technology is a deemed exporter even if he isn’t an exporter. That’s why they call it a “deemed” export.

Of course, none of this addresses the 900-pound gorilla in the room which is, of course, the user of the cloud service and its liability for using a cloud service where foreign IT personnel have access to the controlled data that the user may have placed on the cloud. And don’t think the problem starts and ends with cloud computing. The Internet, is also a cloud of sorts linking various servers together to permit transit of data to its final destination. Any of those servers may have foreign network administrators who could use packet sniffers to see controlled technical data. Worse yet, the routing servers may be located in foreign countries even when the sender and the receiver are both located in the United States.

What I think we’d like to hear is what BIS and DDTC think about this. Or maybe not.

Permalink

Comments (2)

Feb

7

Time For Your Kid To Have An Export Compliance Program

Posted by Clif Burns at 8:50 pm on February 7, 2011

Category: General

Shuttle Tile As the Space Shuttle is headed for the mothballs, NASA wants to pass out parts of the shuttle as souvenirs. Asbestos-laden tiles as souvenirs. To school kids. ITAR? Oh, don’t bother us with petty little details.

Needless to say, the tiles are in Category XV(e) of the United States Munitions List (“USML”), and giving access to those tiles to anyone who is not a U.S. citizen or permanent resident is a rather big no-no. Not to thumb its nose completely at the ITAR, NASA lawyers have come up with a document for the teacher to sign acknowledging “that all artifacts are subject to Export Control requirements” and further acknowledging “my responsibility for these controls at time of transfer of the artifact.”

Well, I’m glad we’ve taken care of that! I’m sure that most school teachers are intimately acquainted with the ITAR and will make sure that all exchange students are banished from the classroom when the shuttle tile is brought out for show and tell. Oh, and let’s hope we don’t have any kids in the room from China or everybody is going to jail.

Permalink

Comments (6)

Feb

2

DDTC Changes Requirements for Certain Electronic Agreement Filings

Posted by Clif Burns at 9:16 pm on February 2, 2011

Category: DDTC

State Department One of the jobs of this blog is to inform our faithful readers about changes that DDTC makes in its rules and guidelines but, for whatever reason, decides that it should keep secret. Currently Section 13.2(a)(3) of the Guidelines for Preparing Electronic Agreements (7 Oct 2009), requires applicants to attach to proviso reconsideration requests a separate scanned pdf copy of the DSP-5 Agreement approval. It also requires that the 9-digit DSP-5 number be referenced in blocks A and C of the continuation to Block 8.

Notwithstanding Section 13.2(a)(3), DDTC has not been requiring scanned copies of the approved DSP-5 be submitted with the proviso request, presumably because the 9-digit DSP-5 number permits licensing officers to access the agreement approvals in the D-Trade system itself. In a recent email to an exporter, the DDTC recently confirmed that the scanned copy is no longer necessary in proviso reconsideration requests. It also noted that amendment requests did not require the inclusion of a scanned copy of the license approving the agreement in question. Apparently, this change in processing requirements will be made public when DDTC gets around to issuing a new version of these guidelines.

The change of procedure with respect to agreement amendments poses a bit of a problem, which the DDTC email acknowledged. Under the guidelines, if the last amendment/basic agreement was submitted electronically, the exporter must use the 9-digit DSP-5 number to identify the case. Otherwise, the exporter must use the 6-digit DA/MA/TA number to identify previous paper cases. But if the DA/MA/TA number is used, the people at the Defense Technology Security Administration (“DTSA”), which uses the electronic U.S. Export System, can’t get access to those prior agreements. Whether this has slowed down DTSA’s approval of these requests is not known.

The U.S. Export System is supposed to become the unified electronic filing and processing system for all exports. Whether the new guideline permitting the exporter to omit a scanned copy of the license will survive when and if the unified system goes into place is also not known.

Permalink

Comments (1)

Jan

31

Khartoum Calls for U.S. to End Sanctions

Posted by Clif Burns at 9:13 pm on January 31, 2011

Category: Sudan

Sudan Referendum Yesterday provisional results were announced in the referendum on whether southern Sudan should be allowed to secede from Sudan and become an independent nation. The provisional results indicate that the vote was nearly unanimous in favor of secession, which means, more likely than not, that Southern Sudan will become an independent nation on July 9 of this year.

The current government in Khartoum was quick to make the most of these results and called for the U.S. to lift its sanctions on Sudan, noting that the U.S. had declared the peaceful conduct of the secession referendum as an important priority. The United States, however, declined this invitation noting its lingering concerns about continuing violence in Darfur. Other issues relative to the secession vote also remain to be resolved including the division of oil revenues between the two countries after independence and the ownership of the Abeyi region.

Permalink

Comments (1)

Jan

26

Wanna Bomb a Taliban? There’s an App for That!

Posted by Clif Burns at 7:16 pm on January 26, 2011

Category: ITAR

Tactical Nav app You may think that the only really military application for your iPhone involves using a slingshot to launch some irritated birds at shelters harboring egg-stealing pigs, but you’d be wrong. Army Captain Jonathan Springer used $26,000 of his own funds to develop Tactical Nav, an iPhone app designed to assist soldiers on the field of battle to determine and relay accurate coordinates to other soldiers, whether for the purpose of accurately targeting a nest of Taliban fighters or in order to send medical aid to wounded U.S. forces.

Explaining Tactical Nav’s functions, Springer said it allows soldiers to map, plot and photograph navigational points on a battleground and coordinate efforts with supporting units. Another feature includes a night mode, which turns the screen to red for easier visibility.

Springer tested each of these features for accuracy, using a combination of military vehicles, remote observation posts and harsh combat conditions.

Pleased with the outcome of his efforts, Springer said, â€œWe took it from paper to what it is now â€¦ we’re very blessed and fortunate that is seems a good asset.â€

Springer expects the app to be in the iTunes store for sale in February.

So here’s the question. Will Apple get a visit from the folks at DDTC if someone who is not a U.S. citizen or permanent resident or who is not in the United States downloads this app? After all, it was specifically designed for battlefield use and was tested with battlefield equipment.

I haven’t fully thought through this issue, but my initial view is that the software may not be an ITAR-controlled item. Obviously, being designed or modified military use is not alone sufficient for an item to be on the United States Munitions List. The item must still be in a category set forth in the USML. Section 120.10 of the ITAR defines “technical data” to include software but only if “directly related to defense articles.” The iPhone itself isn’t a defense article. The only other time I see software called out specifically in the USML is category XIII for military cryptography, also not relevant to this app.

I haven’t fully analyzed this, so I could be wrong. Share your thoughts in the comments section.

Permalink

Comments (14)