Export Control Agencies Seeing ‘a Lot’ of Misclassification Issues, Illegal Data Exports
The State and Commerce departments are frequently seeing illegal exports of controlled items, including technical data, by companies that aren’t classifying their products correctly and may not realize they need a license.
Jae Shin, acting head of the State Department’s Directorate of Defense Trade Controls, said DDTC received over 600 voluntary disclosures last year and directed 60 additional disclosures, with a “big portion of those” involving unauthorized exports of hardware and technical data. In some of those cases, Shin said companies sent their data to other U.S. firms that then forwarded the data to overseas companies that produce or procure the required parts and components.
But because the data wasn’t properly classified as an export controlled by the owner, it's “sent without a license, which is resulting in export violations,” Shin said during the ComDef 2023 defense industry conference last week. “And we're seeing quite a few cases that are like that.”
Misclassification of export controlled items is also “one that comes up a lot” in voluntary disclosures submitted to the Bureau of Industry and Security, said Eric Longnecker, director of the agency’s Office of Strategic Industries and Economic Security. “Either somebody thinks something is EAR99,” which are items that generally don’t require a license under the Export Administration Regulations, “and they realize afterwards it's actually controlled, or they think it's license-exception eligible and it isn’t.”
Longnecker said misclassification of technical data is an especially common issue with deemed export requirements, which restricts U.S. parties from sharing certain controlled technology or software with people from certain foreign countries when both parties are on U.S. soil. He said he sees companies share technical data with "foreign nationals inside the United States without really understanding the need for a deemed export license. Those are the things that I think we see more often.”
Both agencies have penalized companies in recent months for illegal data exports. DDTC, BIS and DOJ fined an American 3D printing company more than $25 million earlier this year after it illegally sent controlled design documents and data to Germany, among other violations (see 2302270078). In another case, BIS issued a temporary denial order against three U.S. companies last year for illegally exporting technical drawings and blueprints to China to outsource the 3D printing of controlled defense and space prototypes (see 2206080068).
“If you don't classify your items well, you are going to run into issues later on,” Shin said. “We have settled violations with some major companies.”
Shin also said DDTC is commonly seeing violations of the terms and provisos of export licenses. Those violations sometimes stem from a company’s “complicated” compliance procedures for handling a license, Shin said, adding that companies should write their procedures in a way that’s understandable to everyone dealing with the item.
“Especially in business development, engineering and procurement, where you often interact with your foreign partners, these guys need to have a really good understanding of your [International Traffic in Arms Regulation] procedures,” he said. If those procedures are “practical,” then “they know how to comply with the regulations,” Shin said. “Your export control personnel should educate and work with your engineers to really understand” the license “to make sure you don't go beyond what was authorized.”