What Happens in the Cloud Stays in the Cloud: BIS Reinforces Export Control Insulation for Cloud-Based Computing and Processing

December 30th, 2014 by Brooke Driver

By: T.M. deButts (Source: DLA Piper)

The US Department of Commerce, Bureau of Industry and Security (BIS) recently released a redacted Advisory Opinion dated November 13, 2014 that confirms for cloud-based software vendors (or Software as a Service providers) that allowing access to export controlled software for use only in the cloud (or on servers) does not constitute an export of that software to the user.

This completes the picture of how SaaS providers can legally deliver cloud-based computing and storage services to parties outside the borders of the country where the servers are located without triggering export authorization requirements.

This is the third Advisory Opinion from BIS clarifying the application of the Export Administration Regulations (EAR) to SaaS providers and cloud-based service and storage solution providers. These opinions include the following:

January 13, 2009: Application of the EAR to Grid and Cloud Computing Services

- Grid and cloud computing services, including the provision of computational capacity, are not themselves subject to the EAR as long the service provider does not actually export controlled software or technology.

- The service provider is not the exporter of any transfers of technology or software that are initiated by the user of the grid and cloud computing services. This means the SaaS provider does not have to police the activity that is occurring on its servers; however, it will still be held to the “knowledge” that it does have.

January 11, 2011: Cloud Computing and Deemed Exports

- Building on the above opinion, BIS confirmed that permitting a foreign national to monitor and maintain a cloud service provider’s servers and software does not constitute a “deemed export” to the foreign national of the customer/user content present on the cloud servers.

- Access by a foreign national to controlled software or technology (“deemed export”) other than the user content would still be subject to the EAR and could require an export license.

November 13, 2014: Cloud-based Storefronts

- This opinion confirms the concept that providing user access to SaaS services, where the user of the services does not download executable software, but merely operates the software as a service “in the cloud” or on a server, does not constitute an export of the software to the user.

- BIS confirmed that “[b]ecause there is no export of software, there is no basis for a license requirement.”

These interpretations offer cloud computing and SaaS providers an effective safe harbor in which to conduct activities without export licenses for the software provided for use to customers or for the content that users may export from its servers. Cloud computing and SaaS providers still must screen the parties with which they do business and ensure that they are not making exports on their own account (“deemed” or otherwise) without a license when required.

The above summary is greatly simplified to convey a general understanding of the EAR and agency interpretations. Specific application of these interpretations to a service provider should incorporate careful analysis of the EAR and the advisory opinions in light of the specific activities contemplated.

State Department Amends ITAR to Allow Certain Defense Exports to Vietnam

December 30th, 2014 by Brooke Driver

By: Brooke Driver

Effective November 10, 2014, DDTC has revised the International Traffic in Arms Regulations to allow for case-by-case exports of lethal defense articles and services to Vietnam when in support of maritime security and domain awareness. The text of 22 CFR Part 126 has been revised accordingly:   (l) Vietnam. It is the policy of the United States to deny licenses or other approvals for exports or imports of defense articles and defense services destined for or originating in Vietnam, except that a license or other approval may be issued, on a case-by-case basis, for:

(l) Vietnam. It is the policy of the United States to deny licenses or other approvals for exports or imports of defense articles and defense services destined for or originating in Vietnam, except that a license or other approval may be issued, on a case-by-case basis, for:

(1) Lethal defense articles and defense services to enhance maritime security capabilities and domain awareness;

(2) Non-lethal defense articles and defense services; or,

(3) Non-lethal, safety-of-use defense articles (e.g., cartridge actuated devices, propellant actuated devices and technical manuals for military aircraft for purposes of enhancing the safety of the aircraft crew) for lethal end-items.

Note to paragraph (l). For non-lethal defense end-items, no distinction will be made between Vietnam’s existing and new inventory.

Senate Bill Extends U.S. Sanctions against Russia to Include Non-U.S. Persons

December 30th, 2014 by Brooke Driver

By: Brooke Driver

On December 2, 2014, U.S. Senator Bob Corker introduced Senate Floor Amendment No. 3966 to S. 2828 Ukraine Freedom Support Act of 2014. If imposed, the amendment would significantly expand the scope of U.S. sanctions against Russia; the current sanctions only affect U.S. entities or shipments consisting of a certain amount of U.S. content, but the proposed amendment would alter them to impose severe sanctions on foreign persons if the President of the United States “determines that the foreign person knowingly makes a significant investment in a special Russian crude oil project.” The only comparable U.S. sanctions currently are those imposed against non-U.S. banks and companies participating in transactions with Iran.

The proposed amendment does not specify what “significant” or “investment” mean, and, if passed, would grant the President a great deal of control in determining the meaning of these terms and in doling out corresponding punishments, which could include:

  • Revocation of Export-Import Bank Assistance: The President could demand that the Export-Import Bank of the United States not approve any transaction with the foreign person.
  • Procurement Sanction: The President may prohibit the head of any executive agency from doing business with the foreign person.
  • Arms Export Prohibition: The President may prohibit the issuance of any export license or suspend any license for the foreign person.
  • Property Transactions: The President may prohibit the foreign person from
  1. acquiring, holding, withholding, using, transferring, withdrawing, transporting, or exporting any property that is subject to the jurisdiction of the United States and with respect to which the foreign person has any interest;
  2. dealing in or exercising any right, power, or privilege with respect to such property; or
  3. conducting any transaction involving such property.
  • Banking Transactions: The President may prohibit any transfers of credit or payments between financial institutions or by, through, or to any financial institution, to the extent that such transfers or payments are subject to the jurisdiction of the United States and involve any interest of the foreign person.
  • Prohibition on Investment in Equity or Debt of a Sanctioned Person: The President may  prohibit any U.S. person from transacting in, providing financing for or otherwise dealing in debt:
  1. of longer than 30 days’ maturity of a foreign person, with respect to which sanctions are imposed under subsection (a) or of longer than 90 days’ maturity of a foreign person, with respect to which sanctions are imposed under subsection (b); and
  2. issued on or after the date on which such sanctions are imposed with respect to the foreign person.
  3. equity of the foreign person issued on or after that date.
  • Exclusion from the United States and Revocation of Visa or Other Documentation: In the case of a foreign person who is an individual, the President may direct the Secretary of State to deny a visa to, and the Secretary of Homeland Security to exclude from the United States, the foreign person, subject to regulatory exceptions to permit the United States to comply with the agreement regarding the headquarters of the United Nations, signed at Lake Success on June 26, 1947 and entered into force on November 21, 1947, between the United Nations and the United States, or other applicable international obligations.
  • Sanctions on Principal Executive Officers: In the case of a foreign person that is an entity, the President may impose on the principal executive officer or officers of the foreign person, or on individuals performing similar functions and with similar authorities as such officer or officers, any of the sanctions described in this subsection applicable to individuals.

Currently, there is no scheduled vote for the amendment, but if the House and Senate do not vote on the proposed legislation before the lame duck session of Congress ends, it will likely be reintroduced for a vote in the new Republican-weighted Congress in January 2015.

BIS Alters Standard Language on Licenses

December 30th, 2014 by Brooke Driver

By: Brooke Driver

As of December 8, 2014, BIS has begun to include a new notice on validated licenses that reads:

“Unless limited by a condition set forth below, the export, reexport or transfer (in-country) authorized by this license is for the item(s), end-use(s), and parties described in the license application and any letters of explanation. The applicant is responsible for informing the other parties identified on the license, such as ultimate consignees and end-users, of the license’s scope and of the specific conditions applicable to them. BIS has granted this license in reliance on representations the applicant made in the license application, letters of explanation, and other documents submitted.”

The purpose of this is to make clear that the authorization on a license is equal to, as broad as, and limited by the information provided in the application and all attachments to the application.

BIS said that this change of language on approved licenses is meant to further “rationalize and make more consistent the use of conditions on BIS licenses.” The new text is also designed to exclude general EAR requirements and conditions, as BIS states that the EAR is general knowledge and that exporters should be aware of these restrictions.

DDTC Waives Requirement for CBP to Decrement DSP-73 for Some Government Furnished Equipment

December 30th, 2014 by Brooke Driver

By: John Black

DDTC announced on its website that in many cases it is waiving the requirement for exporters to present DSP-73 temporary export licenses to U.S. Customs and Border Protection (CBP) to record (“decrement”) the export when “Government Furnished Equipment” is being exported for use by U.S. companies to equip personnel with certain defense articles for overseas deployment to support U.S. Government missions. This should facilitate export clearance, and should be particularly helpful for travelers carrying defense articles, because they do not have to go find a CBP officer, who typically are not close to the airline ticket counter, to decrement the DSP-73.

DDTC created specific procedures that exporters must use to take advantage of this waiver. One key aspect of the new procedure is that the application for such DSP-73s must include a specified cover letter, a copy of the pertinent government contract and a copy of the DDTC website announcement. (You may ask why you need to send to DDTC a copy of its own website announcement. The answer is if you do not do it, you do not qualify for the special procedure. Go to your room!) In addition, travelers carrying defense articles should have a copy of the DSP-73 and a copy of “the hand receipt for the equipment.” After each deployment or redeployment the traveler has 15 days to upload a special report to D-Trade regarding the use of the DSP-73.

Here is the DDTC Notice (in case it is dropped from the DDTC website and neither you nor DDTC has a copy to support your license application):

Government Furnished Equipment (GFE) For Use by Contractors:

Pursuant to §126.3 of the ITAR and only for the export of Government Furnished Equipment hand carried out of the United States for use in service of a U.S. government contract, the Deputy Assistant Secretary for Defense Trade Controls has waived the provision in §123.22(a)(2) which requires Customs and Border Protection (CBP) to decrement DSP-73 temporary export licenses under certain circumstances. This will serve as a temporary solution addressing the need for U.S. companies to equip personnel with certain defense articles when deploying overseas in support of U.S. government missions. DDTC has worked out this arrangement with CBP in order to ease the overseas transit of contract personnel to and from military facilities which do not have a regular CBP presence. Under this new policy, companies will be required to obtain a DSP-73 for all of the defense articles to be carried abroad by their personnel. CBP may review the documents as they see fit, but for DSP-73s issued under this policy CBP will not be required to decrement the license at the time of export or import. The license holder will need to account for exported equipment with regular updates to the license case in D-Trade. This policy will cover any defense articles approved under the DSP-73 and carried by the company personnel into or out of any U.S. Port of Entry.

Please remember that any export of defense articles not authorized on a license or claimed under an exemption with the required electronic filing with CBP is a violation of the ITAR and the reporting requirement in section 38(i) of the Arms Export Control Act (22 U.S.C. §2778(i)). In reviewing the scenarios for this policy, the §123.17(f) exemption did not allow for all of the equipment that was needed, and the §126.4 exemptions were not applicable to the majority of the transactions taking place.

PROCEDURE (http://1.usa.gov/1pp9Tad):

 (1) Your company must be registered with DDTC in order to apply for a DSP-73 via DTrade and to use this procedure.

 (2) Your company should estimate your projected deployment needs and allow for more items than personnel to prevent situations that would make an export in a short notice situation impossible. The DSP-73 should overestimate your needs (within a reasonable amount) to allow for the missions to be completed and the personnel deployed.

 (3) Apply for a DSP-73 as normal with the following supporting documentation.

           a. A cover letter explaining that you are supporting a U.S. government contract that requires personnel to carry defense articles issued by the U.S. Government.

 b. A copy of your service contract.

 c. A copy of this web notice.

 (4) Once the DSP-73 is approved, please read and adhere to any provisos. At the time of export, ensure that the company personnel have a copy of the license under which the equipment issued to them will be exported, in addition to a copy of the hand receipt for the equipment. (Please remember that internet access may be limited and having paper copies to present to CBP if requested will be the most expeditious way to clear Customs).

 (5) Ensure that the defense articles to be exported by the company personnel are identified on your license. Equipment that is not subject to Department of State jurisdiction will not be approved for export under these licenses. Defense articles not identified on the DSP-73 will not be authorized by this policy and may require separate licensing or authorization.

 (6) After each deployment or re-deployment you must upload additional information (within 15 days) to the license case in D-Trade. This updated information must identify the date of transaction, equipment description, and number of items that have been exported or returned.

 (7) Ensure that prior to re-deployment, your personnel are in possession of their DSP-73 and their hand receipt. This will expedite the process upon return.

 (8) This policy in no way alleviates you from any other CBP regulations, documentation, or inspections requirements.

DDTC Amends USML Category XV

December 30th, 2014 by Brooke Driver

By: John Black

Effective November 10, 2014, DDTC published various changes to the ITAR to adjust its previous Export Control Reform list shift changes for USML Category XV.   Depending on how you count, the rule made 10 – 15 changes to Category XV.  The rule also revised Category XIII.

In addition, DDTC revised Supplement No. 1 to Part 126 which, among other things, identifies the items excluded from the ITAR exemptions for Canada, the UK, and Australia.  One of the revisions to Supp. 1 to 126 is Note 17 clarifying the availability of the exemptions for activities requiring Congressional Notification.

Please read the rule here: http://www.pmddtc.state.gov/FR/2014/79FR66608.pdf

BIS Clarifies/Corrects Its Spacecraft Systems Rules and Allows Use of ITAR Destination Control Statements

December 30th, 2014 by Brooke Driver

By: John Black

On November 12, 2014, BIS published a final rule to clarify and correct its May 13th interim final rule that shifted many spacecraft and related items from the USML to the CCL and to clarify when the ITAR destination control statement may be used for EAR items.  Some of the key aspects of the new rule are:

  • 9A515 has a new paragraph f. to control certain “pressure suits (i.e., space suits),” and a new Related Controls warning to check 9A610 for pressure suits for high altitude aircraft.
  • EAR 758.6 says that if a shipment contains both EAR controlled items and ITAR controlled items, you may use the ITAR destination control statement, as required in ITAR 123.9(b), to satisfy the EAR destination control statement requirement for the EAR controlled items.
  • Voluminous text clarifying the meaning of notes that relate to 9Exxx ECCNs.

For more information, visit the Federal Register.

Adding Injury to Insult: Forfeiture of Merchandise for Export Violations

December 22nd, 2014 by Brooke Driver

By: Stephen Wagner

You are a manufacturer of precision-engineered machinery.  Several weeks ago, a shipment of very expensive merchandise was detained by Customs as your freight forwarder was exporting it from the country.  It seems that you were late filing your commodity data in your EEI and one of the machines actually required a license for export, which you didn’t have at that time.  You are working to obtain the proper license and you understand you may be fined by CBP for the AES violation.

In today’s mail, however, you received a notice of seizure from Customs stating that they have seized the machine for “attempting to export” the merchandise “contrary to law.”  The machine is valued at over $100,000.  This seems like an extreme sanction for what really amounts to a paperwork violation.

Can the Government do this?  And what can you do about it?

The power of the federal Government – by and through U.S. Customs and Border Protection (CBP) – to detain and inspect merchandise arriving at the border of the United States for export (or import) is almost without limitation.  CBP also has the authority under numerous federal statutes to seize and forfeit merchandise that violates certain laws.  For example, Title 22 of the United States Code (U.S.C.), Section 401, “Illegal exportation of war materials,” states:

Whenever an attempt is made to export … articles in violation of law, or whenever it is known or there shall be probable cause to believe that any … articles are intended to be or are being or have been exported or removed from the United States in violation of law, [CBP] may seize and detain such … articles.  (22 U.S.C. § 401 (a).)

This forfeiture provision is used primarily in the ITAR context.  For merchandise falling under the Export Administration Regulations (EAR), CBP has a similar authority under 19 U.S.C. § 1595a(d):

Merchandise exported or sent from the United States or attempted to be exported or sent from the United States contrary to law … shall be seized and forfeited to the United States.

CBP exercises this power pursuant to Title 19 (U.S.C.) as the agency at the border charged with enforcing the laws of numerous agencies including DDTC, BIS and OFAC.  Recently, all of these enforcement agencies have been using their power to seize and forfeit merchandise with fervor.  In the Government’s fiscal year ending September 30, 2013, the Bureau of Industry and Security reported that forfeitures had increased to more than $18 million, up from approximately $5 million in Fiscal Year 2012.

In the case described above, the late filing of the Electronic Export Information (EEI) in the Automated Export System (AES) subjects the entire shipment to seizure.  Also, failing to have the proper license for the machine at the time of its export subjects that machine to seizure.

What can a company facing seizure and forfeiture do?

In the event of a seizure, CBP will issue a letter to the exporter and other parties known by CBP to have an interest in the seized merchandise setting forth the grounds for seizure and forfeiture and describing the alternatives that such parties have in the matter.  These alternatives include voluntarily abandoning the merchandise, filing a petition to have CBP adjudicate the matter administratively or requesting that CBP refer the matter to the United States Attorney for judicial forfeiture proceedings.

This letter, called a “Notice of Seizure,” must be read and understood very clearly by the exporter.  In particular, the notice will give a 30-day deadline for responding.  If the exporter misses this deadline, then the merchandise will be administratively forfeited to the Government, and the exporter will have relinquished its rights to contest the seizure and forfeiture.

In determining the best approach to respond to the Notice of Seizure, it is critical to consult with qualified legal counsel.  If your company’s in-house attorney is not skilled at dealing with seizures and forfeitures, the company should consult with an outside counsel who has such experience, as the laws, regulations and procedures applicable in forfeiture cases and arguments to be made in petitions and in litigation with the Government are not the standard civil litigation practice with which your general counsel or usual outside counsel may be familiar.

Options available to exporters

Depending on the facts of the case, we typically recommend that exporters facing seizure and forfeiture actions file a petition with CBP and pursue the case administratively.  In the petition, there are many arguments an exporter can make as to why the sanction of seizure and forfeiture should be mitigated and the merchandise returned by CBP.  CBP addresses many of these arguments in its Informed Compliance Publication, “Mitigation Guidelines: Fines, Penalties, Forfeitures and Liquidated Damages.”  Additional helpful information on seizures and forfeitures in general is available from CBP in its publication “Customs Administrative Enforcement Process: Fines, Penalties, Forfeitures and Liquidated Damages.”

Depending on the specific grounds for the seizure (i.e., the laws alleged to have been violated), the facts of the matter and the compliance record of the exporter, in many cases, CBP will mitigate the seizure and return the merchandise upon the payment of a penalty along with the administrative costs of the case (i.e., storage and processing charges).  Exporters typically are also asked to sign a release and hold harmless agreement.  The penalty itself can vary significantly depending on the value of the seized merchandise, the exporter’s prior compliance record and the presence of “aggravating factors,” such as criminal conviction(s) relating to the export transaction, repetitive violations of the same law or evidence of intent to violate or evade export control laws.

The benefit of seeking administrative relief from the seizure in the form of a petition to CBP is that the exporter usually will still have its judicial remedies available, in the event that CBP does not mitigate the seizure and/or return the merchandise.  In other words, if an exporter is unsatisfied with the relief offered by CBP, it can still take the case to federal court for adjudication.  It should be noted, however, that federal litigation can be very expensive and can be a very time-consuming process.  It would not be unusual for an exporter to spend $100,000 in legal fees and take 18-24 months or more for an entire judicial forfeiture case to play out in federal court.  In contrast, CBP will adjudicate most administrative petitions in no more than 3-6 months (depending on the complexity of the matter), and such processes typically cost companies only a fraction of the cost of litigation.

In the event the exporter chooses to pursue judicial review of the seizure, there are many additional arguments that could be made to contest the seizure.  In addition to all of the other arguments raised in the petition in favor of mitigation, as alluded in the letter above, a company could argue the severity of the seizure/forfeiture penalty is excessive in light of the infraction.  Under the 8th Amendment to the U.S. Constitution, “excessive fines [shall not] be imposed…”  Moreover, depending on the particular facts of the case and the value of the merchandise involved, the U.S. Attorney may not want to prosecute the forfeiture action, meaning that a favorable settlement could be reached.

Whatever course an exporter decides to take in a seizure and forfeiture action, it must act with forethought and it must act decisively.  Not only do you have only 30 days to respond to the notice of seizure, but the actions you take (including the petition you file) become part of your compliance record with CBP and the agency whose laws, regulations or requirements have been violated (e.g., BIS, DDTC and/or OFAC).

Job Opening: Export Compliance Coordinator for Mercury Systems in California

November 24th, 2014 by Brooke Driver

Source: Mercury Systems

Who We Are:

Mercury Systems (NASDAQ:MRCY) is a best-of-breed provider of commercially developed, open sensor and Big Data processing systems, software and services for critical commercial, defense and intelligence applications.

We deliver innovative solutions, rapid time-to-value and world-class service and support to our prime contractor customers. Mercury Systems has worked on over 300 programs, including Aegis, Patriot, SEWIP, Gorgon Stare and Predator/Reaper.

Our innovative capabilities span three strategic areas: Mercury Commercial Electronics, Mercury Defense Systems and Mercury Intelligence Systems.

Job Description:

Ensures legal compliance and provides export administration and control within government rules and regulations, including appropriate licensing for shipments. Reviews contracts for required clauses and identifies omissions. Interfaces with internal and external customers, Global Sales Order administration, freight forwarders, customs officers and other functional areas to ensure coordination and logistics of shipments.

Works with Export Compliance Manager/Empowered Official to ensure legal compliance, preparation, submission, and tracking of ITAR and EAR export licenses. Provides export administration and control within government rules and regulations. Acts as Point of Contact for local facility in determining compliance issues.

• Exercises judgment within defined procedures and practices to determine appropriate action.

• Assists with Preparation, submission, and tracking of ITAR and EAR export licenses.

• Prepare, submit and administer records of exports under Technical Assistance Agreements

• Interact with State and Commerce Departments to track license and agreement progress and issues

• Interact with Purchasing on Import Administration and Compliance Issues

• Prepare International Invoices for Shipments of Hardware and Technical Data Against Contract Deliverables

• Review Requests for International Travel and Foreign Visitors

• Export Compliance Experience

• Familiarity with the Department of State and Department of Commerce regulations

• Knowledge of Customs and Border Processes

• Experience with DTrade and SNAP-R Systems

• Excellent Communication Skills, Accuracy and Attention to Detail Required

Qualifications:

• Bachelor’s Degree in related field or equivalent years of work experience

• 3 plus years’ experience with Export Administration, Preferably within Defense Industry

• Security Clearance (secret)

Applicants must be a U.S. citizen or a “U.S. Person”. A U.S. Person is defined as a person who is a lawful permanent resident “Green Card holder” as defined by 8 U.S.C. 1101 (a)(20) or who is a “Protected Individual” as defined by 8 U.S.C. 1324b(a)(3).

Mercury Systems is the better alternative for affordable, secure processing subsystems designed and made in the USA. These capabilities make us the first commercially based defense electronics company built to meet rapidly evolving next generation defense challenges. Specifically, we have key capabilities in three areas:

• Secure sensor/mission processing

• Digital, RF and microwave subsystems

• EW/EA subsystems and solutions

We are proud to be an EOE of Minorities/Females/Vets/Disability.

Candidates may apply directly online using the following link:

https://www4.recruitingcenter.net/Clients/Mercury/PublicJobs/controller.cfm?jbaction=JobProfile&Job_Id=11165&esid=az

BIS Adds New Controls in the CCL on Integrated Circuits, Helicopter Landing Systems Radars, Seismic Detection Systems and Technology for IR Up-Conversion Devices

November 24th, 2014 by Brooke Driver

Source: Federal Register

The Bureau of Industry and Security (BIS) amended the Export Administration Regulations (EAR) to impose foreign policy controls on read-out integrated circuits and related “software” and “technology,” radar for helicopter autonomous landing systems, seismic intrusion detection systems and related “software” and “technology”, and “technology” “required” for the “development” or “production” of specified infrared up-conversion devices.

The read-out integrated circuits and related “technology” are controlled under new Export Control Classification Numbers (ECCNs) on the Commerce Control List. An existing ECCN has been amended to control the related “software” for those items.

New paragraphs have been added to certain existing ECCNs to control radar for helicopter autonomous landing systems, seismic intrusion detection systems, and the “technology,” as mentioned, for specified infrared up-conversion devices. Specified existing “software” and “technology” ECCNs have been amended to apply to helicopter autonomous landing systems and seismic intrusion detection systems.

The items are controlled for regional stability reasons Column 1 (RS Column 1) and Column 2 (RS Column 2), and antiterrorism reasons Column 1 (AT Column 1).  For more information, go to http://www.bis.doc.gov/index.php/regulations/federal-register-notices#79fr66288.