Export Compliance

The UFIT Research Computing center maintains compliance with U.S. Export Controls that are designed to protect items and information important to the United States. These are rules and regulations that govern the transfer of the following items to non-U.S. entities or individuals, regardless of where or how the transfer takes place:

  • Goods (systems, components, equipment, or materials)
  • Technologies (technical data, information, or assistance)
  • Software/Codes (commercial or custom)

Noncompliance could result in suspension of UFIT Research Computing's current or future licensing privileges, and could also result in administrative or criminal penalties for the center and/or individual employees.

WHAT IS AN EXPORT?

Deemed Export
Any transfer to a citizen or permanent resident of a foreign country, regardless of where the transfer occurs, is deemed by the U.S. government to be an export to that country. Exceptions of who can receive a transfer are permanent U.S. residents–that is, foreign nationals holding a so-called “green card”–or “protected individuals,” i.e., foreign nationals with political asylum in the U.S.

Generally speaking, any delivery or exposure of U.S. hardware, software, or technical data or assistance outside of the U.S. is considered an export and is potentially subject to being controlled. In addition, certain deliveries or exposure occurring entirely within the U.S. may be considered “Deemed Exports.” More specifically, the Department of Commerce in its export control regulations defines an export as:

  • Any shipment, transfer, or transmission out of the United States by any means (including hand-carrying) of any:
    • Goods (equipment, hardware, or materials)
    • Technology (technical data, information, or assistance)
    • Software/Codes (commercial or custom)
  • Any transfer to any person or entity of goods, technology, or software by physical, electronic, oral, or visual means with the knowledge or intent that the item(s) will be shipped, transferred, or transmitted to a non-U.S. entity or individual.
  • Any disclosure of technical data or information to a foreign entity or individual, by any means, inside or outside of the United States. This includes interactions with foreign persons visiting or on assignment to the University of Florida or while university personnel are on foreign travel.
  • Any transfer of goods, technology, or software, by any means, to a foreign embassy or affiliate.
    Only exports defined by the U.S. government to be sensitive are actually impacted by export controls. Such export control sensitivity usually arises for any or all of the following reasons:
  • The nature of the export itself.
  • Concerns about the destination country, organization, or individual.
  • Concerns about the declared or suspected end use and/or end user of the export (e.g., an individual, an entity such as a laboratory or other organization, or a country).

NON-FUNDAMENTAL RESEARCH AND EXPORT CONTROL

The following materials and range of activities might pose potential export control concerns. As you can see, exporting is not limited to transferring a document or a piece of equipment.

  • Direct exports; Cooperative Research and Development Agreements (CRADA); certain contracts; and donations, sales, or transfers of surplus equipment.
  • International and domestic collaborations and technical exchange programs, including lab-to-lab programs.
  • Publications, such as conference papers, abstracts, and journal articles.
  • Written materials in general, ranging from memos and letters to trip reports and work notes.
  • Presentations at conferences and other public meetings, both domestic and foreign.
  • Visits and assignments by foreign nationals.
  • Specifications included in proposals or requests for quotations.
  • Other types of communication such as telephone calls, faxes, emails, and the placement of materials on the World Wide Web.

FUNDAMENTAL RESEARCH AND EXPORT CONTROL

The Export Administration Regulations (EAR) have certain exemptions that apply to “Fundamental Research,” i.e., research that is ordinarily published in the open literature. These exceptions are formulated as follows:

  • Publicly available technologies and software (except for certain software that is controlled for other reasons under the EAR):
  • Research that is already published or will be published in a journal or presented at an open conference , which is defined as “a conference open to all qualified scientists.” It may be by invitation only, although it may not be a meeting where attendees may not take notes.
  • Technology and software arising from Fundamental Research, which is defined as “basic and applied research that can be distinguished from proprietary research or industrial development.”
  • Educational information, which is defined as information released in the course of instruction at an academic institution. However, encryption software, hardware, firmware and source code is specifically excluded from this exemption.

Research conducted at a university (university is defined as “any accredited institution of higher education located in the U.S.”) is usually considered to be Fundamental Research. Certain corporate-sponsored research may not qualify. In a CRADA or Work For Others agreement, the sponsor may have rights to the results of the research. This would make the research proprietary, and thus not within the definition of Fundamental Research.

WHO CONTROLS EXPORTS?

As noted earlier, a number of different government agencies have export control responsibilities, each agency having jurisdiction over specific types of technology or restricted trade. Those most relevant to the Laboratory are: the Department of State, the Department of Energy, the Nuclear Regulatory Commission, and the Department of Commerce.

The Department of State controls the export of “defense articles and defense services” under the International Traffic in Arms Regulations (ITAR). Items in this category to be export controlled are placed on the U.S. Munitions List, which is maintained by the State Department in conjunction with the Department of Defense.

The U.S. Munitions List includes such obvious things as firearms, ammunition, and explosives. It also includes all military vehicles (land, air, and sea); spacecraft (including nonmilitary); military and space electronics; protective personnel equipment; guidance and control equipment; and components, auxiliary equipment, and miscellaneous articles related to military equipment. Export of any item or technology on the U.S. Munitions List requires specific authorization from the State Department.

The Department of Energy controls the export of Special Nuclear Material production technologies and specific nuclear reactor and nuclear weapons technologies under the Atomic Energy Act of 1954 and various nonproliferation mandates.

The Nuclear Regulatory Commission controls the export of certain nuclear technologies, equipment, and materials under the Atomic Energy Act and the Non-Proliferation Act.

The Department of Commerce controls the export of all goods, technologies, and software not regulated by another government agency. This is done through the Department’s Bureau of Industry and Security (BIS), which maintains the Export Administration Regulations (EAR). An important component of the EAR is the Commerce Control List, a section of the regulations that lists specific technologies and the countries to which those technologies may or may not be exported, along with any special restrictions or exceptions that may apply.

Since UFIT Research Computing is not a DOE Defense Programs laboratory, the export controls of most relevance are those administered by the Department of Commerce. Outside the areas of military technology (missiles, weapons of mass destruction) and nuclear materials, the Department of Commerce, through the Bureau of Industry and Security (BIS), has primary jurisdiction over exports and publishes the EAR. The Bureau regulates by the following criteria: the identity of the goods or technology to be exported; the destination of the items (or in the case of Deemed Export, the nationality of the end-user); the end use to be made of the export; and the identity of the organization or individual that will receive the export.

IS YOUR RESEARCH SUBJECT TO EXPORT CONTROL?

Employees can use the following checklist to determine if their work is subject to export control:

  1. Is the export subject to EAR?
    As mentioned, publicly available technology and software (except encryption software) are not subject to the EAR.
    However, as mentioned above , nuclear or military items may be controlled even though not subject to the EAR, for example, exports controlled under the International Traffic in Arms Regulations (ITAR).
  2. Is the item classified under an ECCN (export classification control number) on the Commerce Control List (CCL)?
    If not, you may export as “NLR” (no license required) unless a general prohibition applies. For example, a database may not come within an ECCN, and thus be exported as NLR.There are 10 categories under which commodities and technologies are classified in the CCL:

     

    1. Nuclear materials, facilities, and equipment
    2. Materials, chemicals, microorganisms, and toxins
    3. Materials processing
    4. Electronics
    5. Computers
    6. Telecommunications and information security
    7. Lasers and sensors
    8. Navigation and avionics
    9. Marine Equipment
    10. Propulsion systems, space vehicles, and related equipment
  3. Does a general prohibition apply?
    If so, no export is permitted without a license. (See 15 CFR 736.) There are 10 general prohibitions. They include prohibitions of export of controlled items (i.e., items assigned an ECCN) to listed countries with restrictions; export to Denied Persons (15 CFR Part 764, Supp 2); Prohibited End Uses (15 CFR Part 744) or Prohibited End Users (15 CFR Part 744, Supp 4); and Embargoed Destinations [administered by the Treasury Dept. Office of Foreign Asset Control (OFAC) pursuant to 31 CFR Chapter V].Current lists of Denied Persons and Prohibited End Uses and Users may be found on the BIS web site (http://www.bis.doc.gov).
  4. If your work or product is controlled, is a license exception available?
    These exceptions are so-called “list-based” exceptions, because in order to determine if such an exception applies, one needs to find the item in question on the CCL. Each item on the CCL is identified by a reason for control, e.g., “NS” national security, “AT” anti-terrorism, etc. If the exception applies, it will be noted in the description of the item. The exception must be tied to the reason for control; many exceptions are limited to items with very few controls, and all exceptions are subject to detailed qualifications set forth in the regulations (15 CFR Part 740). Exceptions include: certain limited value shipments; Group B destinations; civil end-users; technology and software restricted for national security only; computers [this exception is extremely detailed and expressed in terms of computing capabilities (Maximum Theoretical Operations per Second, or MTOPS)]; temporary exports; replacement parts; exports to government agencies; humanitarian donations; technology and software for operating systems.
  5. If no exemption applies, no exception is available, or a prohibition does apply, a license application is required.
    If for any reason you believe a license application is required, or you have any question about the applicability of an exception to the requirement for an export control license, please contact the UF Research Compliance department.

KNOW YOUR CUSTOMER

U.S. export control policy places considerable responsibility on the exporter for ensuring that the end-use and end-user of an export complies with U.S. export laws. Even uncontrolled items (i.e., items that normally do not require an export license) may require a license or other special approval if the transaction raises proliferation concerns (e.g., weapons of mass destruction, missile technology, nuclear propulsion, and encryption). In fact, exporters can lose their export privileges and be fined or criminally prosecuted if they ship, without prior authorization, normally uncontrolled items to destinations that violate end-use or end-user policy.

In other words, it is your responsibility to “know your customer.” As the person most knowledgeable about your work, you must stay alert for any irregularities or abnormal circumstances that might indicate an export is destined for an inappropriate end use, end user, or destination.

If you notice something suspicious, inquire further. You are responsible for making sure that any suspicious circumstances are properly checked out. In any case, do not “self-blind” yourself. That is, do not go out of your way to not learn something for fear that the knowledge might jeopardize your project. If there is a problem, such avoidance will not insulate you or the Laboratory from liability, and could be considered an aggravating factor in enforcement proceedings.

If you ever have a doubt or suspicion about an export or export-control situation, contact the University of Florida, Office of Research, Division of Research Compliance & Global Support for assistance. The BIS web site (https://www.bis.doc.gov) also provides some helpful guidelines to follow and red flags to watch out for in “knowing your customer”.

MORE INFORMATION

For more information, please see the University of Florida Office of Research Compliance webpage.