Today, the Bureau of Industry & Security (BIS) is amending the Export Administration Regulations (EAR) to eliminate most reporting requirements related to open source encryption software and certain "mass market" encryption items. Today's rule also revises the Commerce Control List (CCL) to implement updates from the December 2019 Wassenaar Arrangement (WA) Plenary meeting.
Open source software changes
Previously, software source code published online that called, contained, or used encryption functionality often remained subject to the EAR (and its licensing requirements) until the author of the code submitted an email notification report to the U.S. government. Today's amendment eliminates the reporting requirement for source code that uses standard cryptography, releasing source code from the EAR's licensing requirements once the code is published online. Under the new rules, only source code that implements proprietary or unpublished encryption must be reported to the U.S. government before being formally released from control under the EAR. The change should substantially reduce the reporting burden for companies that frequently publish open source software online.
Changes to "mass market" reporting and classification requirements
Today's amendment eliminates the requirement that exporters submit an annual report to BIS for most "mass market" encryption items (e.g., software and other items generally available for sale to the public). Under the revised rules, annual reports will only be required for a limited set of mass market items described in § 740.17(e)(3). These items, including certain chips, chipsets, electronic assemblies, field programmable logic devices, and associated executable software, previously required the submission of a formal classification request to BIS before they could be exported as mass market items. Pursuant to today's updates, these items will be eligible for export following self-classification, but will be subject to an annual reporting requirement.
Wassenaar Arrangement updates
Also included in today's amendments are technical updates to the CCL agreed to at the December 2019 WA Plenary meeting. The amendments modify about two dozen Export Control Classification Numbers (ECCNs) in CCL Categories 0-3, 5 (Part 2), 6, and 9. Exporters should examine these updates to determine whether the changes alert the classification of their products.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
We operate a free-to-view policy, asking only that you register in order to read all of our content. Please login or register to view the rest of this article.