Don't Forget About The Deemed Export Rule: BIS Imposes $115,000 Penalty for Deemed Export Violations
By Doug Jacobson and Michael Burton, Jacobson Burton PLLC
The Bureau of Industry and Security (BIS) announced today that it had recently entered into a $115,000 civil penalty settlement agreement with Intevac, Inc., a California-based manufacturer of equipment used in the hard disk drive, solar, and photonics industries for several alleged violations of the Export Administration Regulations (EAR).
Four of the allegations involved violations of the "deemed export" rule involving a Russian national employee in the U.S. The fifth violation involved the unlicensed release of national security-controlled technology to the company's Chinese subsidiary.
This is one of the very few deemed export enforcement cases that have been brought by BIS and is an important reminder of the importance of complying with the deemed export rule.
The alleged violations were voluntarily disclosed by Intevac to BIS.
As indicated in the charging letter and settlement agreement (found here) BIS alleged that the company released technology classified under ECCN 3E001 to a Russian national engineer who was employed at the company’s U.S. headquarters by providing the employee with access to the drawings and related production technology by granting him a login identification code and password.
Under section 734.2(b)(2)(ii) of the EAR an export of "technology" or source code is "deemed" to take place when it is released to a foreign national within the United States. A license from BIS must be obtained to transfer export controlled technology to a foreign national in the U.S. if the transfer of the same technology to the foreign national's home country would require an export license.
Technology classified in ECCN 3E001 includes technology for the development and production of a wide variety of electronics components and equipment and is controlled for National Security (NS), Missile Technology (MT), Nuclear Proliferation (NP) and Anti-Terrorism (AT) reasons. Because the export of technology classified as ECCN 3E001 to Russia would require a BIS license, the transfer of that same technology to a Russian national working in the U.S. would require a deemed export license.
In this case Intevac actually applied to BIS for a deemed export license after the initial releases of technology to the Russian national engineer occurred. However, the company failed to prevent additional releases on three additional occasions by providing the Russian national employee with login credentials and a password that allowed him to view, print and create attachments involving the controlled technology to its server while the deemed export application was pending. That led to the three “acting with knowledge” charges and was treated as an aggravating factor. BIS subsequently granted the deemed export license. BIS did not parse the initial releases, which occurred over the course of several months, into separate counts.
A separate charge alleged that Intevac exported technology controlled under ECCN 3E001 to a Chinese national who was working at its subsidiary in Shenzen, China. BIS stated that the Chinese national was provided login credentials and a password that allowed the person to access to a server containing the export controlled information located at the company’s U.S. headquarters.
According to David Mills, Assistant Secretary of Commerce for Export Enforcement, "Deemed export compliance is a top priority for the Bureau of Industry and Security. Today’s settlement highlights the need for companies to be vigilant to prevent the unauthorized release of U.S. technology and data."
Since February 2011 U.S. companies hiring foreign national employees entering the U.S. on certain visas (H-1, L-1, O-1A) must make a "deemed export" certification on the worker's I-129 petition. The employer must certify that they have reviewed the EAR and the International Traffic in Arms Regulations (ITAR) and determined whether a license is required to release export controlled technology or technical data to the foreign national during the course of their employment. This deemed export certification requirement has increased the visibility of the need for an employer to determine the applicable licensing requirements before a foreign national is hired or will have access to export controlled information.
The voluntarily disclosure by the company led to a significant reduction in the total penalty amount, which could have been a maximum of $1.25 million (up to $250,000 for each of the five violations).