By: Chad Wolfe
Intevac, Inc. settled in February for several violations of the EAR stemming from the illegal export of controlled technical data. Over the course of 5 years (from May 2005-July 2010), Intevac provided controlled technical data, classified ECCN 3E001, to foreign nationals within the United States and to its subsidiary in China. Specifically, Intevac provided access to the company mainframe to foreign nationals of Russia and China. In both instances, the transaction required authorization from BIS. (See the charging letter for details.)
At the heart of this violation and subsequent fine are the common pitfalls of engaging with foreign nationals with controlled technical data and deemed export rules. The fact that Intevac did voluntarily Self-Disclose the violation and still received a fine and potential debarment gives you an idea of how seriously DOC is taking violations post-reform.
Deemed Exports can be difficult to wrap your head around, but remember to separate the person and his or her nationality. That is not Larry the engineer; he is the foreign national that works in your engineering department. Having foreign nationals working in the U.S. as full time regular employees is becoming more and more common, and will put you and your company at an increased risk.
Some tips on how not to end up like Intevac:
- Know what nationalities are working at your facility and understand what requirements are needed to share information. Unfortunately, there isn’t a “one size fits all” approach to this; 3E001 is NLR to Canada, but requires a license to every other country.
- Don’t fall into the “we’re out of time” excuse and make a bad decision. Not providing the technical data may cause a deadline to slip, but I imagine things are moving awfully slow at Intevac these days. Making sure everything is in place might add time to the process, but being found guilty of violating the EAR will absolutely add time to the process. Rest assured that someone within your organization knew the particulars about this project long before you were in the loop, so don’t let them pressure you now or blame you for the slippage, because you are doing the right thing.
Some reasons things went so badly for Intevac:
- They knew their technical data was controlled. They had the good sense to create a secure location for their technical data. Unfortunately, they provided the credentials needed to gain access to foreign nationals. At some point in May of 2005, someone within Intevac must have realized this was a licensable activity, and they applied for authorization to cover the initial deemed export to Russia, but apparently BIS was taking too long, so at the end of June, they went ahead and exported more data via the same means as before.
- Lastly, and more damaging, they acted with knowledge, and-for all those keeping track at home-this is the kind of thing that will get you hammered by DOC. Honest mistakes are one thing; acting with knowledge will get you a fine and potential debarment almost every time. As if that weren’t enough, in May of 2010 (not sure what happens at this place in May, but that doesn’t seem to be their month), Intevac exported the same type of technical data to its subsidiary in China-you guessed it-without a license. Once again, the foreign national was provided login information from the U.S. arm to gain access to the data.
Deemed Exports happen every day and are nearly impossible to stop. You must train your teams and your management so that they understand that this is a violation and that any perception of time savings is just not real. The EAR and ITAR clearly explain that providing technical data to a foreign national constitutes an export. Know your data and know your recipient and avoid ending up in articles like this one.