ExportLawBlog » 2010

Archive for April, 2010

Apr

21

OFAC Licenses Exports of Anti-Censorship Software to Iran

Posted by Clif Burns at 10:27 pm on April 21, 2010

Iranian Web Censorship Last week the Censorship Research Center issued a press release announcing that the Office of Foreign Assets Control (“OFAC”) issued a license authorizing the export of the Center’s Haystack software to Iran. That software permits Internet surfers in Iran to circumvent controls by the Iranian government which prohibit access to certain Internet sites within Iran.

The software functions by using encryption to hide an Iranian user’s connection to Haystack’s servers by encrypting the communications with that server within innocuous communications to unblocked sites. According to Haystack, the only way for Iran to counter Haystack would be to block all Internet access.

Two things are interesting here. First, the issuance of this specific license indicates that the general license issued by OFAC back in March for “software incident to the exchange of personal communications over the Internet” is not unlimited. The Haystack software is not personal communications software although it does enable other personal communications software to operate in Iran.

Second, although the exact strength or method of encryption isn’t revealed, it has to be assumed to be fairly strong. The company describes its encryption as follows:

even if our methods were compromised, our users’ communications would be secure. We use state-of-the-art elliptic curve cryptography to ensure that these communications cannot be read. This cryptography is strong enough that the NSA trusts it to secure top-secret data, and we consider our users’ privacy to be just as important.

Chances are good based on this description that export of this software to private end-users in countries other than Iran would have required filing a request for review with the Department of Commerce and, potentially, a waiting period prior to export. The authorization of this export indicates that the current administration believes that facilitation of internet communication in Iran is sufficient to override concerns that would otherwise be present due to the software’s use of encryption.

Permalink

Comments (2)

Apr

21

Website Updates

Posted by Clif Burns at 7:01 am on

Category: General

As you may have noticed, we have recently made a few changes to Export Law Blog. First, we’ve spiffed up the visual design of the site a bit, having been more or less forced to redesign the look of the site when an update to WordPress nuked our old design.

Second, after many requests, we’ve added a search tool in the column on the right. The search bar uses a custom Google search. After some testing the custom Google search bar appeared to provide search results that were better than the native search engine supplied by WordPress.

In the subscriptions section, again in the right-hand column, in addition to the email and RSS options for subscribing, there is now a Twitter icon which, if clicked, will take you to our new Twitter page. Each new post will be, er, tweeted, which would allow you to receive notification on your mobile device, if you’d like, either by SMS or through the Twitter app available for iPhone and Blackberry smart phones. (Not that I’d imagine that anyone really needs to get updates from here with that much urgency!) Not to worry, there will never be a Facebook fan page for this blog.

Finally, some readers have reported that their email notifications have stopped working. It appears that some notifications are being trapped in certain spam filters. I’m working on some adjustments to the email notification program that may prevent that. In the meantime, please ask your IT department to white list “clif atsymbol exportlawblog period com,” which is the address from which these notifications originate. Also, if anyone is still having problems with the notifications, please let me know so I can continue to make sure that this function operates properly.

Permalink

Comments (3)

Apr

20

One List to Rule Them All, One Agency to Find Them (UPDATED)

Posted by Clif Burns at 5:10 pm on April 20, 2010

Secretary Gates The speech given this morning by Secretary of Defense Robert Gates to a business group detailing the administration’s plan for export reform is now posted on the Department of Defense website and can be found here. It is an ambitious and laudable proposal and one that, unfortunately, will likely die a slow and painful death on the floor of the dead-locked Senate.

Significantly, Gates proposed that the United States treat exports in the way that almost all of our allies do — with one unified list administered by one agency. The only real downside here would be the possibility that the employees of the two rival agencies — the Directorate of Defense Trade Controls (“DDTC”) at State and the Bureau of Industry and Security (“BIS”) at Commerce — would still not be able to play nicely with each other even when under the same roof. Gates alluded to the inability of the two agencies to get along when he mentioned an inter-agency struggle between BIS and DDTC with respect to jurisdiction over millimeter wave scanning machines. This squabble delayed the placement of these high-tech passenger screening machines in foreign airports and needlessly endangered U.S. citizens and others flying through those airports while the issue was being resolved. (BIS ultimately won that battle.)

Repeating the maxim often credited to Frederick the Great — “He who defends everything, defends nothing” — Gates also proposed that the unified list be tiered, with the “crown jewels” requiring the most stringent controls at the top and less sensitive technologies requiring fewer controls be placed in lower tiers. The unification push would also apply to the various lists of prohibited end users, which Gates proposed be consolidated into a single list.

Finally, Secretary Gates touched on an area near and dear to most exporters’ hearts — the impossibly narrow exemptions and license exceptions relating to exports of parts and components for items that have already been legally exported:

[M]any parts and components of a major piece of defense equipment â€“ such as a combat vehicle or aircraft â€“ require their own export licenses. It makes little sense to use the same lengthy process to control the export of every latch, wire, and lug nut for a piece of equipment like the F-16, when we have already approved the export of the whole aircraft.

Under DDTC rules an exemption — found in section 123.16(b)(2) of the ITAR — is only available for shipments worth less than $500 (and only 24 shipments per year are permitted.) BIS provides a license exception for parts and components, but only for one-to-one replacement. Parts being shipped to inventory require a license. A unified exemption with a higher shipment value limit and without the one-to-one replacement requirement would be a reform welcomed by most, if not all, exporters.

Rounding out in Gates speech what Defense Department officials referred to in a prior briefing as the “four singles” were the last two: one enforcement agency to bring them all and in one IT system bind them. Of course, Gates refrained from the Tolkien paraphrase that I couldn’t resist.

Regarding a unified IT system, here’s a question for Export Law Blog readers. As between DDTC’s D-Trade electronic licensing system and BIS’s SNAP-R electronic licensing system, which would you like to see survive and why? Or should they both be trashed and replaced with an entirely new system? Please share your thoughts on these questions in the comment section.

UPDATE: This White House fact sheet explains that the proposed reform will be implemented in three phases, with only the last phase requiring action by Congress. The second phase is set to be completed by the end of this year and will include the initial restructuring of the USML and CCL into tiered lists.

Permalink

Comments (9)

Apr

15

Sanctions on Somalia Announced

Posted by Clif Burns at 8:33 pm on April 15, 2010

Category: OFAC • Somalia Sanctions

Mogadishu It is not only birds that return in springtime. Calmer weather on the Indian Ocean guarantees a springtime efflorescence of Somali pirate skiffs and attacks on commercial shipping off the coast of Somalia. Pirates have already grabbed a supertanker (with $170 million of crude oil) and some profoundly stupid Somali pirates attacked a Navy cruiser last week. (Buh-bye, little pirate boats!)

Whether or not the timing of yesterday’s announcement of new smart sanctions on Somalia was prompted by the recent uptick in piracy or whether the timing was coincidental is impossible to say. In any event, the White House issued Executive Order 13536, which imposed new blocking sanctions on eleven Somali militants. The militants had so many aliases that the new designations led to 211 new entries on the Specially Designated Nationals (“SDN”) list. And the Executive Order authorizes future designations by the Treasury Department’s Office of Foreign Assets Control (“OFAC”) of anyone that threatens the security and stability of Somalia by, inter alia, delivering arms to Somalia or interfering with the Djibouti Agreement, peacekeeping missions in Somalia (such as AMISOM), or the delivery of humanitarian aid in Somalia.

The Executive Order additionally allows designations of parties engaged in piracy off the coast of Somalia on the grounds that these activities also threaten the security and stability of Somalia. This has led some reputable sources, such as Business Week, to speculate that the Executive Order prohibits the payment of ransoms to Somalia pirates.

â€œThe wording could definitely be construed to make payments of ransoms illegal,â€ [a New York lawyer] who negotiated a ransom payment with Somali pirates for a U.S. owned ship hijacked in 2008 said in a telephone interview. â€œThe wording is just vague enough to give the Treasury some flexibility in how they apply it.â€

Er, no. Absolutely not. The order only covers payments to persons who have been specifically designated by OFAC on the basis of a determination that those persons have previously engaged in piracy. Paying ransom to an undesignated pirate isn’t covered or prohibited by the order. The language here not only is not vague but also it follows the well-established pattern of similar orders which only cover individuals after they have been designated by OFAC and placed on the SDN list.

What is the chance that Treasury would issue such a designation between the time that a ship was hijacked and a ransom was paid? I think it is quite small. OFAC’s goal here seems to be more to prevent Somali pirates from using their ill-gained assets once obtained rather than to risk destruction or loss of commercial vessels by interdicting the ransom payment in the first place.

Permalink

Comments Off

Apr

14

Iran Continues to Play the Name Game

Posted by Clif Burns at 5:43 pm on April 14, 2010

Category: Iran Sanctions

Fifth Ocean Renamed Back in March 2009, this blog reported that Iran was skirting sanctions imposed by the Office of Foreign Assets Control (“OFAC”) on Iran’s state shipping line, the Islamic Republic of Iran Shipping Lines (“IRISL”). OFAC had sanctioned all 123 of the IRISL’s vessels, and Iran almost immediately thereafter got busy changing the names of each of its vessels. As of March 2009 the names of 45 ships had been changed.

According to this report from the Wisconsin Project on Nuclear Arms Control released on April 9, Iran continued to change the names of IRISL vessels as fast as it could paint them over, and by March of this year IRISL had changed the names of 35 more vessels, making a total of 80 re-christened, so to speak, vessels. In addition, the IRISL has been changing nominal ownership of these ships to shell companies in Malta, Germany and Hong Kong. And to further distance itself from these ships, a new management company — Soroush Sarzamin Asatir SSA — now manages the ships in IRISL’s stead.

Of course, the OFAC designation listed the unique identifiers assigned to these boats by the International Maritime Organization, and these identifying numbers can’t be changed. Still, the Wisconsin Project report frets that it may be difficult for U.S. exporters to comply now with the sanctions because the IMO number isn’t always listed in the cargo documents, the letters of credit or other associated shipping documents. Apparently, the folks at the Wisconsin Project aren’t terribly familiar with this new-fangled thing called the Internet, because a quick Google search brought me to the sight of Vesseltracker.com, where entry of one of the new names, like “Decker” for example, quickly brings up the correct IMO number, which then can be searched against OFAC’s list.

The money line from the IRISL report, however, was this:

Iran has made more of an effort to circumvent the sanctions imposed on IRISL than the United States has made to enforce them.

Ouch.

The next day, in a Wall Street Journal article on the Wisconsin Project’s report, Adam Szubin, the director of OFAC, tried to ease the sting of the Wisconsin Project’s allegations with this not very convincing response:

Szubin said his agency “deliberates carefully about the timing of its public designations,” adding, “We may choose to delay a public identification to allow for additional surveillance or to secure cooperation with foreign allies.”

Mr. Szubin also said the Iranian company’s actions signaled the sanctions were having an effect. “Since its designation [by the Treasury], IRISL has taken a number of steps to mask its commercial activities and disguise the ownership of its ships. IRISL’s attempts to deceive third parties are consistent with its past practices, and a measure of the impact that U.S. sanctions have had.”

I don’t see how additional time for surveillance comes into play here since the name changes are a matter of public record. Less convincing still is the spin that the IRISL’s evasion of the sanctions is some kind of proof of their effectiveness. It’s rather like saying that when a criminal goes fugitive it is proof that law enforcement is doing its job. But irrespective of when and how quickly OFAC gets around to getting the correct names on its list, exporters should determine and search the IMO numbers for each vessel they use to export their goods.

Permalink

Comments (5)