The Export Control Reform Act and Possible New Controls on Emerging and Foundational Technologies

by Akin Gump Strauss Hauer & Feld LLP
Contact

Akin Gump Strauss Hauer & Feld LLP

Key Points

  • ECRA became law on August 13, 2018. It is the permanent statutory authority for the EAR, which is administered by the U.S. Department of Commerce’s BIS. The new law codifies long-standing BIS policies and does not require changes to the EAR, such as to its country-specific licensing requirements.
  • However, as part of the larger effort to reform the authorities governing CFIUS, the law effectively requires BIS to lead an interagency, regular order process to identify and add to the EAR controls on “emerging” and “foundational” technologies that are “essential to the national security of the United States.”
  • Although the types of emerging and foundational technologies to be identified are not yet publicly known, anyone involved in emerging and foundational technology areas, such as artificial intelligence, driverless vehicle technology, advanced computing, additive manufacturing or microelectronics, should begin preparing comments on possible new controls in line with the standards in the new law. Commerce will likely soon publish a notice seeking such comments, and the formal comment period will likely be short relative to the complexity and the significance of the issue. The submission of thoughtful and well-supported industry comments will be absolutely critical to the creation of properly scoped and clearly described controls that are consistent with the statutory standards.

I. Introduction

The Export Control Reform Act of 2018 (ECRA) and the Foreign Investment Risk Review Modernization Act of 2018 (FIRRMA) became law on August 13, 2018, as part of the John S. McCain National Defense Authorization Act for Fiscal Year 2019 (NDAA). One of the primary policy motivations behind both acts was the need to enhance U.S. export and investment controls to address concerns regarding the release of critical technologies to end uses, end users and destinations of concern, primarily China. (FIRRMA is described in a prior alert.)

Another motive behind ECRA was the creation of permanent statutory authority for the Export Administration Regulations (EAR). The EAR primarily control the export, reexport, and transfer of commercial, dual-use and less sensitive military items to end users, end uses and destinations of concern. They also include the antiboycott regulations that the Bureau of Industry and Security (BIS) administers. Part I of ECRA is titled “Export Controls Act of 2018” (ECA) and is the authority for the administration of the export controls that BIS administers. Part II of ECRA is titled “Anti-Boycott Act of 2018” and is the authority for the antiboycott regulations that BIS administers.

For most of the last two decades, the statutory authority for the EAR—the Export Administration Act of 1979—has been defunct. The EAR have been kept in effect through Executive Orders and an emergency declaration issued under the authority of the International Emergency Economic Powers Act (IEEPA) that was renewed by annual presidential notices. (A description of this issue, the export control system generally and the issues motivating the introduction of the legislation can be found in the March 2018 testimony of Kevin Wolf before the House Foreign Affairs Committee.)

The new law essentially codifies existing written and unwritten BIS practices, policies and definitions as they have evolved since 1979. It also gives BIS enforcement officials more authority to investigate possible violations of the EAR. Because the new law essentially preserves the status quo from an exporter’s perspective and does not, for example, change any country-specific licensing policies, it is primarily of interest to export control practitioners. It, however, includes one section, Section 1758, that should be of particular interest to those who do not normally consider themselves affected by the EAR (i.e., those involved in the development or export of emerging and foundational technologies that are not now identified in the EAR or other export control regulations).

II. ECA Section 1758 Requires the Administration to Identify and Control in the Export Control Regulations Emerging and Foundational Technologies of Concern

BIS has always had the authority to impose unilateral controls on items for national security and foreign policy reasons. (Unilateral controls are those that only the United States imposes, as opposed to controls that BIS publishes to implement agreements of the multilateral export control regimes.) In 2012, BIS provided more structure around the process of identifying and imposing unilateral controls when it created the “0Y521” series. As further described in this notice, BIS has the authority to impose controls over the export of any previously uncontrolled commodity, software or technology that provides the United States with at least a significant military or intelligence advantage, or for any foreign policy reason, so long as the government works to make the controls multilateral within three years (i.e., to get our regime allies to control the same item). The 2012 notice stated that such items are “typically emerging technologies.”

Section 1758 of the ECA essentially codifies this regulatory process and gives the administration a statutory mandate to make the effort a priority. This statutory instruction evolved in response to concerns about a key element of the Committee on Foreign Investment in the United States (CFIUS) reform legislation, FIRRMA, which, as introduced, would have given CFIUS jurisdiction over outbound investments, such as overseas joint ventures, by U.S. critical technology companies that would involve the transfer of intellectual property and associated support. The sponsors’ policy objective with this provision was to give the U.S. government the opportunity to determine and, if necessary, alter or block such outbound investments if they could result in the release of critical emerging or foundational technologies not controlled by the export control system. (More detail about this issue can be found here.)

Over the course of many congressional hearings and other discussions, a consensus emerged that addressing the concern through CFIUS would result in both over-controls and under-controls. The approach would have been an over-control because many benign outbound investments would become subject to CFIUS jurisdiction, which would have placed unnecessary burdens on CFIUS and U.S. industry, and would likely have discouraged welcome foreign investments. It would have been an under-control because it would have regulated only the transfer of the newly identified critical technologies in connection with a covered investment, meaning that the identical technologies could have been legally transferred without government oversight to a foreign person as part of any other type of transaction, such as a simple purchase-and-sale arrangement. The solution was to require the already existing dual-use export control system to put more effort into identifying emerging and foundational technologies of concern and to control their export to end uses, end users and destinations of concern regardless of the nature of the underlying investment.

A. Technologies Likely to Be Considered “Emerging” or “Foundational”

Congress did not define the terms “emerging” or “foundational” technologies “essential to national security,” but the public debate over the legislation provided hints as to the general areas of concern. During the discussions about CFIUS and export control reform bills, and related public discussions about CFIUS cases and China’s plans to acquire technologies pursuant to its “Made in China 2025” plan, emerging and foundational technologies, such as the following, were informally cited as warranting consideration for possible new controls:

  • artificial intelligence and machine learning
  • augmented reality
  • automated machine tools
  • additive manufacturing
  • autonomous vehicles
  • advanced battery technology
  • “big data”
  • biotechnology
  • gene editing
  • high-temperature superconducting technology
  • hydrogen and fuel cells
  • integrated circuits, semiconductors and microelectronics
  • intelligent mobile terminals
  • nanotechnology
  • robotics

Neither Congress nor the administration has published any sort of list of technologies that are under review or that should be studied. BIS, however, is likely to publish a notice soon, seeking information from the public about broad categories of technologies that potentially warrant control and how the controls could be worded to satisfy the requirements of Section 1758. Consistent with past BIS practice, this notice would not be a proposed rule. Rather, it would be a formal tool for the government to solicit industry input as part of its efforts to identify what technologies should and should not be the subject of possible new controls in a proposed rule to be published later. Industry’s role in this process is critical. Thoughtful and well-supported comments will likely have a positive influence on the government’s efforts to identify which emerging and foundational technologies are and are not essential to our national security and otherwise within the scope of Section 1758.

B. Questions to Answer for Comments to Be Provided to the Administration

Given the complexity of the issues associated with such technologies, any formal comment period will be, or will seem, short relative to the complexity and the significance of the issues. Because, as discussed below, Section 1758 foreshadows the questions that will likely be asked in such a notice, those potentially affected by new controls do not need to wait for the notice to be published before internally answering the following questions:

  • Which of the company’s technologies that are not now identified on an export control list (a) are essential to national security or (b) might be deemed so by the administration, particularly in light of the debate over FIRRMA?
  • Which such technologies are and are not being developed outside the United States?
  • Would research on, and development of, such technologies in the United States be affected if the government were to impose unilateral export controls on such technologies, including on their release to foreign persons in the United States?
  • Would unilateral controls on the release of such technologies to foreign persons in the United States or to foreign countries be effective at deterring their transfer to countries of concern?
  • Would export control regime allies, such as those in Europe, likely eventually agree to impose controls on the release of such technologies from their countries?

Answers to these questions, and supporting documentation and analyses, will be vital to the preparation of quality comments filed in response to a notice.

III. Elements of Section 1758 – the ECA’s Emerging and Foundational Technologies Provision

A. The process for identifying technologies must be an interagency process.

Some of the ideas floated during the FIRRMA debate would have given CFIUS or individual agencies, such as the Department of Defense, the authority to nominate and have controlled emerging and foundational technologies. The ECA requires the President to establish an interagency process to do so that involves the departments of Commerce, Defense, Energy and State, and any other necessary department or agency. The motive behind this provision was to ensure that the equities and expertise of all relevant agencies would be considered when identifying such technologies. Because BIS’s mission includes coordinating such interagency efforts, and because any new controls would be published in the EAR, which BIS administers, BIS has the lead role in the identification effort.

B. The interagency emerging and foundational technology identification process must be a “regular, ongoing” effort.

This reference in the provision makes it clear that the identification and addition of new controls over emerging and foundational technologies is not just a one-time event. It is now, as a statutory matter, rather than just a standard interagency practice, a regular part of the U.S. export control system. The technologies at issue are, by definition, emerging. They are not what the export control system has a history of controlling and analyzing. They are not technologies that have been specially designed for military or intelligence applications because such technologies are already controlled by either the EAR or the International Traffic in Arms Regulations (ITAR). Thus, BIS and the other agencies are likely setting up more formal processes to regularly search for and, as needed, amend the export controls over commercial technologies of concern as they emerge.

C. The emerging and foundational technologies to be identified are limited to those “essential to the national security of the United States.”

During the debates over the CFIUS and export control reform bills, there was some discussion about whether controls should be imposed on such technologies for purely economic reasons, such as for use as part of protectionist or industrial policy efforts. Export control statutes dating back to the Export Control Act of 1949 have expressly limited the reasons for control to national security, foreign policy and short supply. Although an administration has broad authority to define what constitutes a national security concern, the law conspicuously limits the scope of any new controls to not only those that would address “national security” concerns, but also to those that are “essential” to our national security.

D. The emerging and foundational technologies to be identified must not include technologies that are already subject to export controls or that become subject to controls under other authorities.

This means that any technologies that are already identified in the export control regulations, primarily the EAR and the ITAR, or that would be added to such regulations later under other authorities, must not be part of the process described in Section 1758. The government thus still has extraordinary discretion to identify items for control, and none of that discretion is affected by this provision, which is focused on resolving a specific policy issue raised during the debate over FIRRMA. If Section 1758 were not included in the law, the administration would have the same authority to do what is required under Section 1758. The only difference is that Congress is requiring the administration to conduct the special effort and setting standards for how to do so.

E. The interagency process must be informed by multiple sources of information, including (i) publicly available information, (ii) classified information, (iii) information developed during the CFIUS process and (iv) information developed by BIS’s technical advisory committees.

The export control system has always drawn upon such information sources when considering which technologies to control, but not always as part of a formal process. The provision is also a subtle congressional reminder to export control officials to ensure that they expand their technology review horizons over what are, by definition, novel, emerging technologies to get the benefit of those who may have contact with such technologies before they do. Thus, for example, it effectively requires export control officials to reach out to industry and academic experts who may not otherwise interact with the government. It also indirectly emphasizes the need for the intelligence community to commit resources to analyzing emerging technology issues and to provide its work product to export control officials for consideration.

The provision requires that technology issues generated during the review of CFIUS fillings be formally fed back into the export control system for broader consideration. The export control agencies are core members of CFIUS, and there is a long history of their considering whether issues developed during CFIUS cases warrant changes to export controls. The only difference now is that this practice is a formal, statutory requirement. Finally, the provision reconfirms the need for industry experts on BIS’s multiple technical advisory committees to provide their input to export control officials about emerging and foundational technologies. Indeed, BIS is in the process of creating an additional technical advisory committee to focus on such issues, as described here. For those with significant expertise in the emerging and foundational technologies at issue, participating in the new, or in any of the existing, technical advisory committees is a significantly important way to contribute to the quality of the controls.

F. Before imposing new controls on an emerging or foundational technology, the government must consider whether comparable technologies are being developed outside the United States.

This provision does not prohibit the imposition of controls on technologies being developed outside the United States. When read with other parts of Section 1758, however, foreign availability is clearly an important variable the government must consider when deciding whether technologies should become subject to the new controls. Thus, when responding to BIS’s notices asking for comments on new technologies to control, those potentially affected should provide information about which comparable technologies are and are not being developed outside the United States. Such commercial information, which often is not available to the government, should be as specific as possible if it is to be effective. That is, conclusory comments, such as “This technology is widely available in many countries outside the United States” will not be helpful. Comments such as “This technology is available from Company A in Country X (brochures and specifications attached),” on the other hand, are what the government needs to see in order to make a sensible judgment about whether to impose new controls.

G. Before imposing new controls on an emerging or foundational technology, the government must consider the effect that the imposition of a unilateral export control “may have on the development of such technologies in the United States.”

As a matter of logic, expectations and history, unilateral controls tend to discourage research and investment in the United States in the affected technologies. Indeed, the ECA states that “[e]xport controls applied unilaterally to items widely available from foreign sources generally are less effective in preventing end-users from acquiring those items. Application of unilateral export controls should be limited for purposes of protecting specific United States national security and foreign policy interests.” This does not mean that unilateral controls are per se prohibited or ineffective, only that this standard is a high bar for the government when deciding whether to propose a new unilateral control. Those in potentially affected industries will thus want to provide in their public comments a thoughtful analysis of whether—and how—a unilateral control over a specific emerging or foundational technology is or is not likely to harm the domestic development of such technologies.

H. Before imposing new controls on an emerging or foundational technology, the government must consider whether they would be effective in “limiting the proliferation of emerging and foundational technologies to foreign countries.”

This standard is basically a corollary to the other provisions above, but it nonetheless emphasizes the point that imposing controls on technologies being developed outside the United States or with the substantial assistance in the U.S. of foreign scientists and engineers will not likely accomplish the objectives of this section. If commenters have any other reasons that a proposed new control would or would not be effective, then this is the statutory provision to cite in support of why it should or should not be imposed.

I. Before any new controls may be imposed, the government must provide the public with a notice and an opportunity to comment.

This is the most critical step for industry to comment formally on actual regulatory text and whether the proposed controls do or do not meet the standards in Section 1758. Based on the experience of the Obama administration’s export control reform effort, which involved the publication of dozens of proposed rules for public comment, career staff at the agencies are likely to take well-supported, thoughtful comments seriously.

J. The new controls will be published as amendments to the EAR.

Earlier versions of the CFIUS and the export control reform bills were unclear about whether or, if so, where new investment or export controls on emerging and foundational technologies would be published. Section 1758 effectively requires that they will be identified in the EAR’s Commerce Control List (CCL).

K. BIS has broad authority to decide when, and under what circumstances, licenses or other types of authorizations will be required to export identified emerging and foundational technology.

Criteria that BIS, in coordination with the other agencies, must consider when imposing controls include whether the destination is subject to U.S. arms and other embargoes, as well as the potential end uses and end users of such technology. The group of countries subject to such embargoes includes China, Russia and Iran.

L. Commerce is not required to impose licensing requirements on finished items that are destined to regular customers or on technology when the acquisition would not give the foreign recipient the ability to produce critical technologies.

This exception reflects the provision’s emphasis on emerging and foundational technologies, rather than finished products, that can be used to enhance the indigenous manufacturing capability outside the United States of items essential to U.S. national security.

M. The Secretary of State, in coordination with the other export control agencies, is required to propose each year for three years any new controls to the relevant multilateral export control regimes for control.

This element of the control reflects Congress’ view that multilateral controls are more effective than unilateral controls. If the regimes do not accept a new control, then Commerce must decide whether national security concerns warrant the continuation of unilateral controls with respect to the technology at issue. Another part of ECA commits the U.S. government to “carry out obligations and commitments under international agreements and arrangements, including multilateral export control regimes.” The most relevant such regime to this issue is the Wassenaar Arrangement, which was “established in order to contribute to regional and international security and stability, by promoting transparency and greater responsibility in transfers of conventional arms and dual-use goods and technologies, thus preventing destabilizing accumulations. The aim is also to prevent the acquisition of these items by terrorists. Participating States seek, through their national policies, to ensure that transfers of these items do not contribute to the development or enhancement of military capabilities which undermine these goals, and are not diverted to support such capabilities.” Thus, to remain consistent with its obligations under ECA, the administration should propose only new controls on emerging or foundational technologies that meet this standard or one of the corresponding standards in the other multilateral regimes (i.e., those pertaining to controlling the proliferation of missiles, nuclear items, and chemical or biological weapons, and related items).

N. Commerce must report to CFIUS and Congress every 180 days of the actions that it and the other agencies have taken to implement this section.

Normally, congressional reporting requirements do not get much public attention, but this regular obligation to show progress likely will keep the process for identifying and controlling emerging and foundational technologies high on the list of priorities for this and subsequent administrations. This fact further reinforces the need for industry to stay engaged with the government with respect to identifying emerging and foundational technologies that are and are not essential to the national security of the United States.

O. BIS has broad authority to impose “interim controls” on exports and reexports of emerging or foundational technologies by specific persons.

The EAR contain multiple “is informed” provisions allowing BIS to inform parties that, to address a specific national security or foreign policy concern, a license is required to export an item that would not normally require a license. Section 1758 explicitly gives BIS the authority to create any form of interim controls, such as through the use of similar “is informed” actions imposing licensing requirements on the export by specific persons of specific technologies in a particular transaction, before regulations controlling such technologies are promulgated and made generally effective.

Used properly, this new authority could be a way for BIS to surgically address policy concerns about the transfer of specific kinds of technology in unique circumstances without imposing controls on entire types of technologies or destinations. Thus, for example, if BIS has information that a specific foreign entity plans to use a specific type of EAR99 technology deemed to be “emerging” or “foundational” that would be released during a joint venture for an activity contrary to U.S. national security interests, BIS could prohibit the technology transfer without having to sanction the foreign entity (such as by using the entity list process) or imposing an across-the-board control on the same technology for all exports. In a way, this new omnibus “is informed” authority, which is tucked into a parenthetical in Section 1758, is the broad authority that the proponents of the original FIRRMA bill contemplated when they sought to give CFIUS jurisdiction over outbound investments by critical technology companies. They wanted the U.S. government to have the authority to block otherwise uncontrolled technology transfers in specific circumstances on case-by-cases bases. Such authority now exists, but within BIS (rather than CFIUS) pursuant to Section 1758.

IV. The Statement of Policy Codifies Long-Standing BIS Policies—and Provides the Administration with Considerable Discretion in Administering the System

Section 1752 contains a lengthy statement of policy that may seem new to some, but fairly accurately reflects the written and unwritten licensing and other export control policies that have evolved within BIS since the Export Administration Act was passed in 1979. Some provisions may seem contradictory, but they are examples of the difficult choices that BIS and its interagency colleagues make daily when deciding which dual-use and other items to control, how to control them and when to approve, condition or deny their export.

For example, the section states that export controls should be used only after consideration of their impact on the U.S. economy and only to the extent necessary to advance the national security and foreign policy interests of the United States. These interests require regulations to control the proliferation of items for use in weapons of mass destruction; acts of terrorism; or military programs that could threaten the United States or its allies, or that could disrupt critical infrastructure. They must also, for example, simultaneously (i) preserve the military superiority of the United States; (ii) promote human rights; (iii) carry out our commitments to the multilateral regimes; (iv) facilitate interoperability with our NATO and other close allies; (v) be focused on core technologies of concern; (vi) maintain U.S. leadership in science, engineering, manufacturing and technology, including foundational technologies; (vii) be enforced aggressively and consistently; (viii) be administered in a way that is able to be easily understood; and (ix) be transparent, predictable, timely and flexible.

V. The Authority to Control Activities by U.S. Persons Is Codified and Slightly Expanded

Unlike the ITAR, the EAR does not have general controls over services provided by U.S. persons, except in connection with violations of the EAR—“General Prohibition 10.” Most of the EAR are focused on regulating the export, reexport and transfer by U.S. and foreign persons of commodities, software and technology subject to the EAR. EAR Part 744 has long regulated the activities of U.S. persons, regardless of whether any technology is transferred, if they relate to weapons of mass destruction or foreign maritime nuclear projects. Section 1753 adds specific authority for the EAR to regulate services by U.S. persons, wherever located, if they are related to “specific foreign military intelligence services.” It remains to be seen how, or whether, BIS will implement this new authority in the EAR.

VI. Licensing Considerations Regarding the Defense Industrial Base

Section 1756(d) requires BIS to deny an application if the proposed export would have a “significant negative impact” on the defense industrial base, which is defined as including (i) a reduction in the availability of an item produced in the United States that is likely to be acquired by the U.S. government for the advancement of U.S. national security, (ii) a reduction in the production in the United States of an item that is the result of federally funded research and development, or (iii) a reduction in the employment of U.S. persons whose knowledge and skills are necessary for the continued production in the United States of an item that is likely to be acquired by the U.S. government for the advancement of U.S. national security. To help make this determination, BIS may seek information from the applicant regarding, for example, why the proposed export would be in the national interest and what the impact would be on the relative capabilities of U.S. and foreign militaries. Although previous administrations took such considerations into account when making licensing decisions, this section describes the standard in a novel, formal way consistent with the underlying policy motivations behind FIRRMA.

VII. Required Review of Licensing Policies Regarding Exports to Countries Subject to Arms Embargoes, Such as China

Although the ECA does not change any country-specific licensing policies, it does require BIS, in coordination with the other export control agencies, to “review license requirements relating to countries subject to a comprehensive arms embargo.” The section does not refer expressly to China or any other country, but it is clearly focused on requiring an evaluation of whether (i) the EAR’s China “Military End Use” rule should be expanded to also apply to “military end users” in China or additional items on the control list not now captured by the rule, and (ii) additional low-end items controlled for “anti-terrorism” reasons to only Iran and other comprehensively embargoed destinations should also be controlled for export to China. BIS must implement any recommended changes before early May 2019. Such changes are likely to occur.

VIII. Penalties and Enforcement

Section 1760 of the ECA codifies civil and criminal penalties that were established under the International Emergency Economic Powers Act (IEEPA). The maximum criminal penalties for willful violations will continue to be $1 million and, for individuals, imprisonment of up to 20 years. Maximum civil penalties will be slightly higher than the current inflation-adjusted penalties under IEEPA—$300,000 or twice the value of the applicable transaction, whichever is greater. Other penalties, such as denying a party the ability to export, remain the same.

Section 1761 of the ECA enhances BIS’s enforcement authorities, which are now on par with other enforcement agencies, such as the Department of Homeland Security and the Federal Bureau of Investigation. For example, a violation of ECRA, which includes both the export control and antiboycott provisions, is now a predicate offense that can be cited to justify a wiretap. ECA also gives BIS enforcement officials the authority to conduct investigations “outside the United States consistent with applicable law.” There are broader issues about the authority of the U.S. government to conduct investigations abroad that are beyond the scope of this alert, but ECA, unlike previous authorities, does not limit BIS to conducting investigations in only the United States. In addition, ECA gives BIS the authority to spend funds or engage in other financial transactions (such as leasing space) to conduct undercover investigations. Finally, ECA expands the bases upon which BIS enforcement can impose denial orders. Previously, BIS’s authority to impose denial orders was limited to situations where the person was convicted of a criminal violation of export control and other national security statutes. ECA expands the authority for BIS to issue denial orders when someone is convicted of criminal violations of conspiracy, smuggling or false-statements laws.

IX. Industry-Friendly Provisions

Consistent with long-standing BIS policies and practices, ECA requires that “licensing decisions are to be made in an expeditious manner [ideally, within 30 days of a request], with transparency to applicants on the status of license and other authorization processing and the reason for denying any license or request for authorization.” As under the Export Administration Act of 1979, no fees may be charged in connection with any license or other request made in connection with the EAR. In addition, BIS is required to continue helping U.S. persons, particularly including small- and medium-sized companies, comply with the EAR through training and other outreach.

X. Coordination of Export Control and Sanctions Authorities

One of the key unrealized aspirations of the Obama administration’s export control officials was the creation of a single export control licensing agency that administered a single set of export control regulations in order to accomplish the national security and foreign policy objectives of the controls with significantly fewer regulatory burdens. Although the ECA does not suggest or require any organizational changes within the export control system, it does require the President to coordinate the export controls and sanctions administered by the departments of Commerce, State, Treasury and Energy. The ECA goes on to state that, in order to achieve such effective coordination, Congress believes that these agencies:

  • “should regularly work to reduce complexity in the system, including complexity caused merely by the existence of structural, definitional, and other non-policy based differences between and among different export control and sanctions systems” and
  • “should coordinate controls on items exported, reexported, or in-country transferred in connection with a foreign military sale [administered by the Department of State’s Office of Regional Stability and Arms Transfers (RSAT)]. . . or a commercial sale [of defense articles administered by the Department of State’s Directorate of Defense Trade Controls (DDTC)] to reduce as much unnecessary administrative burden as possible that is a result of differences between the exercise of those two authorities.”

Examples of how such coordination could be enhanced (but that are not described in ECA) include (i) continued efforts to harmonize definitions of terms in, and organizational structures of, the EAR, the ITAR and the sanctions regulations; (ii) the creation of a single online portal with a single common license application for submissions to BIS, DDTC, and the Office of Foreign Assets Control (OFAC), (iii) combined BIS, DDTC and OFAC training, outreach and enforcement efforts; (iv) regularly scheduled rotations of licensing officers among the agencies for cross training; and (v) delegations of authority making it so that the reexport of military items subject to the EAR have the same requirements and prohibitions, regardless of whether the item was originally exported under a foreign military sale or a direct commercial sale.

XI. Definitions in the EAR Are Unchanged

The definitions of key terms in ECRA, such as “export” and “technology,” are consistent with the definitions revised during the Obama administration’s Export Control Reform initiative. (The definition of “U.S. Person” as proposed would have inadvertently dramatically increased the extraterritorial scope of the regulations. That issue was fixed in the final version of ECRA.) Also, ECRA does not require BIS to change EAR definitions or core concepts, such as the de minimis carveout, or the meaning of “published” information or “fundamental research.” BIS continues to have discretion to amend most of the EAR’s definitions as necessary and to create new definitions.

During the early public discussion about ECRA and the “emerging” and “foundational” technology topic, some in industry expressed concerns that the statutory definition of “technology” would sweep more information within the scope of the EAR than the EAR did. Part of the discussion revolved around the words “required” and “necessary.” Another part revolved the words “development” and “know-how.” ECRA uses the same essential elements of the definition as does the EAR. That is, it defines the term as including information “necessary” for the “development,” “production” or “use” of an “item,” which is defined the same way as the EAR in that it means “commodities,” “software” and “technology.” The main difference is that ECRA uses the word “includes” rather than “means.” This gives BIS authority to expand the scope of covered “technology.” Given this discretion, that “necessary” information is vastly broader in scope than “required” technology, and that the concepts of “emerging” and “foundational” technologies are inherently broad, industry should follow closely the evolution of the proposed new controls. Subtle differences in terminology—such as between the use of “necessary” or “required” as control parameters—can have extraordinarily large impacts on the scope of information subject to licensing or other obligations.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Akin Gump Strauss Hauer & Feld LLP | Attorney Advertising

Written by:

Akin Gump Strauss Hauer & Feld LLP
Contact
more
less

Akin Gump Strauss Hauer & Feld LLP on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide

JD Supra Privacy Policy

Updated: May 25, 2018:

JD Supra is a legal publishing service that connects experts and their content with broader audiences of professionals, journalists and associations.

This Privacy Policy describes how JD Supra, LLC ("JD Supra" or "we," "us," or "our") collects, uses and shares personal data collected from visitors to our website (located at www.jdsupra.com) (our "Website") who view only publicly-available content as well as subscribers to our services (such as our email digests or author tools)(our "Services"). By using our Website and registering for one of our Services, you are agreeing to the terms of this Privacy Policy.

Please note that if you subscribe to one of our Services, you can make choices about how we collect, use and share your information through our Privacy Center under the "My Account" dashboard (available if you are logged into your JD Supra account).

Collection of Information

Registration Information. When you register with JD Supra for our Website and Services, either as an author or as a subscriber, you will be asked to provide identifying information to create your JD Supra account ("Registration Data"), such as your:

  • Email
  • First Name
  • Last Name
  • Company Name
  • Company Industry
  • Title
  • Country

Other Information: We also collect other information you may voluntarily provide. This may include content you provide for publication. We may also receive your communications with others through our Website and Services (such as contacting an author through our Website) or communications directly with us (such as through email, feedback or other forms or social media). If you are a subscribed user, we will also collect your user preferences, such as the types of articles you would like to read.

Information from third parties (such as, from your employer or LinkedIn): We may also receive information about you from third party sources. For example, your employer may provide your information to us, such as in connection with an article submitted by your employer for publication. If you choose to use LinkedIn to subscribe to our Website and Services, we also collect information related to your LinkedIn account and profile.

Your interactions with our Website and Services: As is true of most websites, we gather certain information automatically. This information includes IP addresses, browser type, Internet service provider (ISP), referring/exit pages, operating system, date/time stamp and clickstream data. We use this information to analyze trends, to administer the Website and our Services, to improve the content and performance of our Website and Services, and to track users' movements around the site. We may also link this automatically-collected data to personal information, for example, to inform authors about who has read their articles. Some of this data is collected through information sent by your web browser. We also use cookies and other tracking technologies to collect this information. To learn more about cookies and other tracking technologies that JD Supra may use on our Website and Services please see our "Cookies Guide" page.

How do we use this information?

We use the information and data we collect principally in order to provide our Website and Services. More specifically, we may use your personal information to:

  • Operate our Website and Services and publish content;
  • Distribute content to you in accordance with your preferences as well as to provide other notifications to you (for example, updates about our policies and terms);
  • Measure readership and usage of the Website and Services;
  • Communicate with you regarding your questions and requests;
  • Authenticate users and to provide for the safety and security of our Website and Services;
  • Conduct research and similar activities to improve our Website and Services; and
  • Comply with our legal and regulatory responsibilities and to enforce our rights.

How is your information shared?

  • Content and other public information (such as an author profile) is shared on our Website and Services, including via email digests and social media feeds, and is accessible to the general public.
  • If you choose to use our Website and Services to communicate directly with a company or individual, such communication may be shared accordingly.
  • Readership information is provided to publishing law firms and authors of content to give them insight into their readership and to help them to improve their content.
  • Our Website may offer you the opportunity to share information through our Website, such as through Facebook's "Like" or Twitter's "Tweet" button. We offer this functionality to help generate interest in our Website and content and to permit you to recommend content to your contacts. You should be aware that sharing through such functionality may result in information being collected by the applicable social media network and possibly being made publicly available (for example, through a search engine). Any such information collection would be subject to such third party social media network's privacy policy.
  • Your information may also be shared to parties who support our business, such as professional advisors as well as web-hosting providers, analytics providers and other information technology providers.
  • Any court, governmental authority, law enforcement agency or other third party where we believe disclosure is necessary to comply with a legal or regulatory obligation, or otherwise to protect our rights, the rights of any third party or individuals' personal safety, or to detect, prevent, or otherwise address fraud, security or safety issues.
  • To our affiliated entities and in connection with the sale, assignment or other transfer of our company or our business.

How We Protect Your Information

JD Supra takes reasonable and appropriate precautions to insure that user information is protected from loss, misuse and unauthorized access, disclosure, alteration and destruction. We restrict access to user information to those individuals who reasonably need access to perform their job functions, such as our third party email service, customer service personnel and technical staff. You should keep in mind that no Internet transmission is ever 100% secure or error-free. Where you use log-in credentials (usernames, passwords) on our Website, please remember that it is your responsibility to safeguard them. If you believe that your log-in credentials have been compromised, please contact us at privacy@jdsupra.com.

Children's Information

Our Website and Services are not directed at children under the age of 16 and we do not knowingly collect personal information from children under the age of 16 through our Website and/or Services. If you have reason to believe that a child under the age of 16 has provided personal information to us, please contact us, and we will endeavor to delete that information from our databases.

Links to Other Websites

Our Website and Services may contain links to other websites. The operators of such other websites may collect information about you, including through cookies or other technologies. If you are using our Website or Services and click a link to another site, you will leave our Website and this Policy will not apply to your use of and activity on those other sites. We encourage you to read the legal notices posted on those sites, including their privacy policies. We are not responsible for the data collection and use practices of such other sites. This Policy applies solely to the information collected in connection with your use of our Website and Services and does not apply to any practices conducted offline or in connection with any other websites.

Information for EU and Swiss Residents

JD Supra's principal place of business is in the United States. By subscribing to our website, you expressly consent to your information being processed in the United States.

  • Our Legal Basis for Processing: Generally, we rely on our legitimate interests in order to process your personal information. For example, we rely on this legal ground if we use your personal information to manage your Registration Data and administer our relationship with you; to deliver our Website and Services; understand and improve our Website and Services; report reader analytics to our authors; to personalize your experience on our Website and Services; and where necessary to protect or defend our or another's rights or property, or to detect, prevent, or otherwise address fraud, security, safety or privacy issues. Please see Article 6(1)(f) of the E.U. General Data Protection Regulation ("GDPR") In addition, there may be other situations where other grounds for processing may exist, such as where processing is a result of legal requirements (GDPR Article 6(1)(c)) or for reasons of public interest (GDPR Article 6(1)(e)). Please see the "Your Rights" section of this Privacy Policy immediately below for more information about how you may request that we limit or refrain from processing your personal information.
  • Your Rights
    • Right of Access/Portability: You can ask to review details about the information we hold about you and how that information has been used and disclosed. Note that we may request to verify your identification before fulfilling your request. You can also request that your personal information is provided to you in a commonly used electronic format so that you can share it with other organizations.
    • Right to Correct Information: You may ask that we make corrections to any information we hold, if you believe such correction to be necessary.
    • Right to Restrict Our Processing or Erasure of Information: You also have the right in certain circumstances to ask us to restrict processing of your personal information or to erase your personal information. Where you have consented to our use of your personal information, you can withdraw your consent at any time.

You can make a request to exercise any of these rights by emailing us at privacy@jdsupra.com or by writing to us at:

Privacy Officer
JD Supra, LLC
10 Liberty Ship Way, Suite 300
Sausalito, California 94965

You can also manage your profile and subscriptions through our Privacy Center under the "My Account" dashboard.

We will make all practical efforts to respect your wishes. There may be times, however, where we are not able to fulfill your request, for example, if applicable law prohibits our compliance. Please note that JD Supra does not use "automatic decision making" or "profiling" as those terms are defined in the GDPR.

  • Timeframe for retaining your personal information: We will retain your personal information in a form that identifies you only for as long as it serves the purpose(s) for which it was initially collected as stated in this Privacy Policy, or subsequently authorized. We may continue processing your personal information for longer periods, but only for the time and to the extent such processing reasonably serves the purposes of archiving in the public interest, journalism, literature and art, scientific or historical research and statistical analysis, and subject to the protection of this Privacy Policy. For example, if you are an author, your personal information may continue to be published in connection with your article indefinitely. When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
  • Onward Transfer to Third Parties: As noted in the "How We Share Your Data" Section above, JD Supra may share your information with third parties. When JD Supra discloses your personal information to third parties, we have ensured that such third parties have either certified under the EU-U.S. or Swiss Privacy Shield Framework and will process all personal data received from EU member states/Switzerland in reliance on the applicable Privacy Shield Framework or that they have been subjected to strict contractual provisions in their contract with us to guarantee an adequate level of data protection for your data.

California Privacy Rights

Pursuant to Section 1798.83 of the California Civil Code, our customers who are California residents have the right to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes.

You can make a request for this information by emailing us at privacy@jdsupra.com or by writing to us at:

Privacy Officer
JD Supra, LLC
10 Liberty Ship Way, Suite 300
Sausalito, California 94965

Some browsers have incorporated a Do Not Track (DNT) feature. These features, when turned on, send a signal that you prefer that the website you are visiting not collect and use data regarding your online searching and browsing activities. As there is not yet a common understanding on how to interpret the DNT signal, we currently do not respond to DNT signals on our site.

Access/Correct/Update/Delete Personal Information

For non-EU/Swiss residents, if you would like to know what personal information we have about you, you can send an e-mail to privacy@jdsupra.com. We will be in contact with you (by mail or otherwise) to verify your identity and provide you the information you request. We will respond within 30 days to your request for access to your personal information. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why. If you would like to correct or update your personal information, you can manage your profile and subscriptions through our Privacy Center under the "My Account" dashboard. If you would like to delete your account or remove your information from our Website and Services, send an e-mail to privacy@jdsupra.com.

Changes in Our Privacy Policy

We reserve the right to change this Privacy Policy at any time. Please refer to the date at the top of this page to determine when this Policy was last revised. Any changes to our Privacy Policy will become effective upon posting of the revised policy on the Website. By continuing to use our Website and Services following such changes, you will be deemed to have agreed to such changes.

Contacting JD Supra

If you have any questions about this Privacy Policy, the practices of this site, your dealings with our Website or Services, or if you would like to change any of the information you have provided to us, please contact us at: privacy@jdsupra.com.

JD Supra Cookie Guide

As with many websites, JD Supra's website (located at www.jdsupra.com) (our "Website") and our services (such as our email article digests)(our "Services") use a standard technology called a "cookie" and other similar technologies (such as, pixels and web beacons), which are small data files that are transferred to your computer when you use our Website and Services. These technologies automatically identify your browser whenever you interact with our Website and Services.

How We Use Cookies and Other Tracking Technologies

We use cookies and other tracking technologies to:

  1. Improve the user experience on our Website and Services;
  2. Store the authorization token that users receive when they login to the private areas of our Website. This token is specific to a user's login session and requires a valid username and password to obtain. It is required to access the user's profile information, subscriptions, and analytics;
  3. Track anonymous site usage; and
  4. Permit connectivity with social media networks to permit content sharing.

There are different types of cookies and other technologies used our Website, notably:

  • "Session cookies" - These cookies only last as long as your online session, and disappear from your computer or device when you close your browser (like Internet Explorer, Google Chrome or Safari).
  • "Persistent cookies" - These cookies stay on your computer or device after your browser has been closed and last for a time specified in the cookie. We use persistent cookies when we need to know who you are for more than one browsing session. For example, we use them to remember your preferences for the next time you visit.
  • "Web Beacons/Pixels" - Some of our web pages and emails may also contain small electronic images known as web beacons, clear GIFs or single-pixel GIFs. These images are placed on a web page or email and typically work in conjunction with cookies to collect data. We use these images to identify our users and user behavior, such as counting the number of users who have visited a web page or acted upon one of our email digests.

JD Supra Cookies. We place our own cookies on your computer to track certain information about you while you are using our Website and Services. For example, we place a session cookie on your computer each time you visit our Website. We use these cookies to allow you to log-in to your subscriber account. In addition, through these cookies we are able to collect information about how you use the Website, including what browser you may be using, your IP address, and the URL address you came from upon visiting our Website and the URL you next visit (even if those URLs are not on our Website). We also utilize email web beacons to monitor whether our emails are being delivered and read. We also use these tools to help deliver reader analytics to our authors to give them insight into their readership and help them to improve their content, so that it is most useful for our users.

Analytics/Performance Cookies. JD Supra also uses the following analytic tools to help us analyze the performance of our Website and Services as well as how visitors use our Website and Services:

  • HubSpot - For more information about HubSpot cookies, please visit legal.hubspot.com/privacy-policy.
  • New Relic - For more information on New Relic cookies, please visit www.newrelic.com/privacy.
  • Google Analytics - For more information on Google Analytics cookies, visit www.google.com/policies. To opt-out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout. This will allow you to download and install a Google Analytics cookie-free web browser.

Facebook, Twitter and other Social Network Cookies. Our content pages allow you to share content appearing on our Website and Services to your social media accounts through the "Like," "Tweet," or similar buttons displayed on such pages. To accomplish this Service, we embed code that such third party social networks provide and that we do not control. These buttons know that you are logged in to your social network account and therefore such social networks could also know that you are viewing the JD Supra Website.

Controlling and Deleting Cookies

If you would like to change how a browser uses cookies, including blocking or deleting cookies from the JD Supra Website and Services you can do so by changing the settings in your web browser. To control cookies, most browsers allow you to either accept or reject all cookies, only accept certain types of cookies, or prompt you every time a site wishes to save a cookie. It's also easy to delete cookies that are already saved on your device by a browser.

The processes for controlling and deleting cookies vary depending on which browser you use. To find out how to do so with a particular browser, you can use your browser's "Help" function or alternatively, you can visit http://www.aboutcookies.org which explains, step-by-step, how to control and delete cookies in most browsers.

Updates to This Policy

We may update this cookie policy and our Privacy Policy from time-to-time, particularly as technology changes. You can always check this page for the latest version. We may also notify you of changes to our privacy policy by email.

Contacting JD Supra

If you have any questions about how we use cookies and other tracking technologies, please contact us at: privacy@jdsupra.com.

- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.