On September 20, 2016, the United States made life a little
easier for companies exporting products containing certain types of
encryption. The U.S. Department of Commerce, Bureau of Industry and
Security ("BIS") amended the Export Administration
Regulations ("EAR") to, among other things, update the
rules associated with exports and re-exports of encryption items.
The amendments implement changes to which the member countries of
the Wassenaar Arrangement on Export Controls for Conventional Arms
and Dual-Use Goods and Technologies agreed in December 2015.
Some of the more important changes to those rules are briefly
Changes to Category 5, Part 2
The amendments split out the various subparagraphs of the main
category of encryption items (those in Export Control
Classification Number ("ECCN") 5A002) into three
subsections. The three new subsections are as follows: (i) items
for cryptographic information security (ECCN 5A002); (ii) items for
non-cryptographic information security (ECCN 5A003); and (iii)
items for defeating, weakening, or bypassing information security
(ECCN 5A004). Conforming changes also were made to ECCNs 5D002 and
5E002. In addition, BIS revised ECCNs 5A992 and 5D992 to include
only encryption items that qualify for mass market treatment under
the EAR. The amendments removed 5E992 in its entirety.
Encryption Registration No Longer Required
Companies are no longer required to submit an encryption
registration and obtain an encryption registration number. This
change is intended to create a more streamlined and efficient
Companies that self-classify encryption products under Section
740.17(b)(1) must continue to file annual self-classification
reports. Such reports, which are due February 1 of each year, must
contain basic information regarding the company and product(s).
Certain information previously provided in connection with the
encryption registration process will now be part of the annual
self-classification reports. Companies that receive a commodity
classification determination from BIS for products that are
eligible for the self-classification provisions of License
Exception ENC are not required to include those products in annual
Movement of Mass Market Provisions to Section 740.17 of the
The encryption mass market provisions have been moved from
Section 742.15 to Section 740.17 of the EAR. These changes were
intended to delete duplicative text and consolidate the
Restrictions on Publicly Available Encryption Source Code
Encryption source code classified under ECCN 5D002 that is made
publicly available no longer is considered subject to the EAR after
an email notification is submitted to BIS and the National Security
Agency's ENC encryption request coordinator. This notification
requirement, which is now set forth in Section 742.15(b) of the
EAR, previously was under License Exception TSU (Section 740.13(e))
of the EAR.
Expansion of Authorization for Intra-Company Transfers
A new exception to Section 740.17(a)(1) authorizes exports,
re-exports, and transfers (in-country) among related parties for
internal use when the parent company is headquartered in a country
listed in Supplement No. 3 to Part 740 of the EAR and certain other
conditions are met. No classification or reporting is required for
such exports, re-exports, or transfers (in-country). Previously,
exports, re-exports, and transfers (in-country) authorized under
Section 740.17(a)(1) were limited to the internal development or
production of new products.
U.S. and non-U.S. companies that export, re-export, or
manufacture encryption items subject to the EAR should analyze how
these changes may affect their business and ensure that their
existing policies and procedures are appropriately updated to take
into account these amendments to the EAR.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
On 23 January, President Donald Trump signed an executive order to withdraw the United States from the Trans Pacific Partnership. What's left for those companies interested in doing business in the country? Our local expert explains.
In the fourth quarter of 2016 and continuing up to the eve of Inauguration Day in January, the Obama Administration continued to pursue its policies, lifting the economic and financial sanctions against Burma and Sudan.
As every individual and entity concerned was also made the subject of secondary sanctions, the crucial effect is that both U.S. and non-U.S. companies and individuals can be penalized and sanctioned for dealing with the designated parties.
On January 31, 2017, Acting Chairman of the SEC, Michael S. Piwowar, issued two statements calling for comments on the SEC's enforcement of the conflict minerals reporting requirements of the Dodd-Frank Act.
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).