Security Clearances And Technology Licenses

As practitioners, we have seen increasing examples of the interface between sensitive technologies and the procurement of visas for foreign nationals seeking to work for companies engaged in such technologies. Since 9/11, there has been greater government focus on security issues, including in the issuance of visas and in the admission of such individuals. We have also learned the lesson of advising clients well in advance of the potential significant delays at consulates in obtaining security clearances. Terms such as Visas Donkey and Visas Mantis have become part of our daily vocabulary. This article deals not only with obtaining these security clearances but focuses on the related and potentially more significant issues of obtaining required licenses from the Departments of Commerce and State (DOC & DOS). The goal behind these laws is simple - to prevent the export of controlled and classified technology or items to unapproved foreign countries or foreign nationals. In practice, the how, when and where these regulations are triggered is much more muddy. This article hopes to provide some clarity in giving the practitioner a workable approach to dealing with the acquisition of these licenses.

The Legal Sources of Technology Protection and Security in the US

Two independent sets of regulations primarily control the export of sensitive technology to other countries, or their nationals, the Export Administration Regulations (EAR) 15 CFR Parts 730-772, and the International Traffic in Arms Regulations, (ITAR) 22 CFR Parts 120-130. These regulations are administered by two different agencies, the DOC and the DOS.

The general goal of both schemes is to prevent 'export' of controlled and classified technology or items to unapproved foreign countries or foreign nationals.1

The export of technology includes a "release" to a foreign national, which is broadly defined to include such things as mere availability of the technology for visual inspection by the foreign national or oral disclosure to him/her.2

Under the EAR, any release of technology or software subject to the EAR in a foreign country, or any release of technology or source code subject to the EAR to a foreign national generally constitutes an export.3 The release of technology or software is defined as "Visual inspection by foreign nationals of U.S.-origin equipment and facilities... Oral exchanges of information in the United States or abroad...The application to situations abroad of personal knowledge or technical experience acquired in the United States."4

Relative to foreign persons, "Export" under ITAR is defined as "Disclosing (including oral or visual disclosure) or transferring technical data to a foreign person, whether in the United States or abroad; or..... Disclosing (including oral or visual disclosure) or transferring technical data to a foreign person, whether in the United States or abroad."5 Given the breadth of what may constitute an export by release, the implications for a company which operates numerous divisions or subsidiaries, some of which may involve implicated technology and some of which do not, are clear. If issues concerning internal physical, inter-division, inter-subsidiary, and computer system security are not addressed, and a compliance plan is not in place to address the risk of a foreign national in an uncontrolled area of the business coming into contact with a controlled part of the business and its data and equipment, or having discussions with co-employees over controlled technology or articles, then an employer may be deemed at substantial risk for allowing a 'release' to a foreign national even though the foreign national does not work directly on controlled articles or technology. The immigration implications of this possible "export" are discussed later, but include the risk of denial of permission to hire a foreign national, and delay or refusal of a visa for the foreign national. Apart from the immigration implications, a compliance program which identifies the U.S. and international conventions applicable to the company's business, including export regulations, and which applies those requirements to the operations of the business in a meaningful way at all pertinent levels will be dramatically better positioned to make strategic planning decisions with confidence, avoid disruption of its business, and make disclosures and credibly respond to government inquiries than a business without such a plan.

There are additional regulations and statutes which authorize other departments of the U.S. government to exercise control over much broader issues, but which also include control over trade involving protected or restricted articles and technologies. These are typically implicated in immigration situations when the visa candidate is from a country under embargo or sanctions, or involves a specifically prohibited technology or article. Examples of such regulations are those enforced by the Treasury Department's Office of Foreign Asset Control at 31 CFR Part 500, and regulations promulgated pursuant to the President's authority under the International Emergency Economic Powers Act, 50 USC sec. 1701 et seq., or relative to embargoes imposed before 1977 under the Trading with the Enemy Act, 50 USC app. Sections 1-44. Additional agencies exercising authority over specific sorts of exports are listed in supplement 3 to 15 CFR Part 730, and include the Drug Enforcement Administration (DEA), the Food and Drug Administration (FDA), the Department of Interior (DOI), the Department of Energy (DOE) and the Nuclear Regulatory Commission (NRC). DEA regulates certain chemicals and drug precursors.

The Scope of the EAR and ITAR

The scope of the articles and technologies covered by the two schemes is defined in the EAR by the Commercial Control List and Commerce Country Chart, 15 CFR Parts 774 and 738, and in ITAR by U.S. Munitions List (USML), at 22 CFR Part 121. Technology in the public domain, or which is publicly available, is not covered by the USML or the EAR6. Broadly speaking, the EAR concern themselves with "dual-use" technologies (those technologies having both civilian and military applications). In contrast, ITAR focuses on dedicated military articles and technology. Generally speaking, characteristics of the EAR make it less rigid than ITAR, but an analysis of coverage, control, and licensing requirements ought be performed for every NIV foreign national whose job requirements present the potential of a deemed export of controlled technology. A detailed step by step procedure for evaluating a given technology or item under the EAR is provided at 15 CFR Part 732. The Office of Defense Trade Control (ODTC) retains the authority to...

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT