Archive for the ‘China’ Category


Jun

21

Package Forwarder Coughs Up $60K For Export Violations


Posted by at 10:18 pm on June 21, 2016
Category: BISChina

Fulfill Your Packages HQ via Google Maps https://goo.gl/maps/gJ8z3G3j2gm [Fair Use]
ABOVE: Fulfill Your Packages HQ

The Bureau of Industry and Security (“BIS”) issued settlement documents last week indicating that a California company called Fulfill Your Packages agreed to pay a $250,000 fine, of which $190,000 was suspended if the company behaves itself for the next two years and commits no further export violations. At least from the facts recited by BIS, it’s a very odd case.

Fulfill Your Packages is apparently a company that agrees to serve as a local address for Chinese companies. Those companies order products from U.S. companies which Fulfill Your Packages dutiful re-packages and ships to China. Frankly, a better name for the company might be Ginormous Export Red Flag, Inc., but I suppose Fulfill Your Packages sounds better.

The violation arose from an unnamed Chinese company ordering an export controlled FLIR thermal imaging camera from an unnamed U.S. company which then shipped the camera to Fulfill Your Packages’ address in Portland, Oregon. The Google Street View of that address reveals a large warehouse. Google itself further reveals that the address is used by several logistics companies and, oddly, a liquor store.

When Fulfill Your Packages received the package, it dutifully repackaged the FLIR system and arranged for the USPS to pick up the package. For reasons that aren’t clear, Fulfill Your Packages described the item on shipping documents as “metal parts” even though its own order system described the item as an “infrared webcam/surveillance installation kit.” It also stated the value as $255 even though the distributor’s invoice for the camera received with the package listed the value at $2,617. It’s not clear at all why the company, for the small fee it was receiving, would falsify the export documents. It didn’t really have a dog in the race. Of course, it could be simple incompetence. Or perhaps it was some conspiracy with the Chinese purchaser for a large sum. There’s no way to tell.

But what about the distributor that shipped a FLIR system to a warehouse in Oregon for a Chinese customer? Don’t they bear some responsibility here? They didn’t ignore red flags, they ignored red banners the size of a skyscraper. Or maybe not. The BIS documents suggest that BIS thwarted the shipment before the USPS arrived to pick up the package. What likely happened here is that the distributor did do its job, did consult the all-knowing wizard of Google while evaluating the order, smelled a rat and called BIS.

The lesson here is that the Internet is your friend and that orders for export controlled items should not be fulfilled without doing the research that is now, literally, at your fingertips.

Permalink Comments (2)

Bookmark and Share


Copyright © 2016 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)

Apr

25

Woman Indicted for Failure to File Electronic Export Information Forms


Posted by at 11:19 am on April 25, 2016
Category: BISChinaCriminal Penalties

Harbin Engineering University via http://english.hrbeu.edu.cn/skin/default/images/officer_r8_c61.jpg [Fair Use]
ABOVE: Harbin Engineering
University


Amin Yu bought things for Harbin Engineering University (“HEU”) in China — all EAR99 items, none of which required an export license. She listed an incorrect value for the items on documents that she gave to UPS, FedEx and various freight forwarders. As a result, none of them filed Export Electronic Information forms for the shipments. The federal government has now indicted Yu, accusing her of being a Chinese spy and indicting her for failure to file the required EEIs. This is the first and only indictment of anyone for failing to file EEIs for EAR99 items. It’s rather like accusing someone who put the wrong postage on a letter with being a terrorist.

The first count of the indictment (in case newspaper crime reporters get bored and don’t read the whole thing) is for failure to register as a foreign agent under the Foreign Agents Registration Act (“FARA”). This is catnip for reporters who quiver with excitement each and every time they can give their editors a story with the word “spy” in it. Even the once venerable Newsweek fell for this ploy, referring to Yu in its headline as a “Chinese Spy.”

These FARA counts are also, as we’ve seen before, a sure sign that the government has a lousy case that it can only win with a generous dollop of press-induced hysteria about the defendant.

The problem with these bogus FARA “spy” counts is that it is not illegal to buy stuff for foreign governments (or foreign government-run universities as was the case here.) A significant exclusion is set forth in section 3(d) of the act for certain “non-political” activities, including “engaging … in private and nonpolitical activities in furtherance of the bona fide trade or commerce of such foreign principal.” In other words, acting as a commercial agent for foreign governments, foreign companies and foreign individuals by buying stuff for them does not make the person engaged in that activity a foreign agent required to register under the act. (The requirement that the trade be bona fide is to prevent the foreign principal from trying to spread influence in the United States by having its agents buy items that it doesn’t need.) And when you read the indictment that is all that Yu did: she bought things for HEU.

As to the EEI-related counts, things are not much better with the government’s case. It appears that in some instances the EEIs weren’t filed because the amounts declared for the exported goods were too low. Whether this was anything other than an attempt to reduce Chinese import duties when the items arrived in China is unclear. In some instances, it is not clear at all why the forwarders and shipping companies did not file EEIs because the declared values where above the EEI exemption limit of $2500. The indictment also focuses on an instance where the shipping documents did not use Yu’s full name and another where the address of HEU was missing.

What appears to have gotten the DOJ all worked up here is that the items involved could be used for unmanned submersible vehicles. But so far the federal government has put no controls on these items, which at the moment are mostly being used for oceanography, deep-sea exploration, underwater oil prospecting, and meteorology. If the government doesn’t want the Chinese developing underwater submersibles with U.S. origin goods, it knows how to do it and, for some reason, hasn’t.

Photo Credit: Harbin Engineering University via http://english.hrbeu.edu.cn/skin/default/images/officer_r8_c61.jpg [Fair Use]

Permalink Comments (1)

Bookmark and Share


Copyright © 2016 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)

Oct

19

Beijing’s Review of U.S. Software Risks Export Woes for Those Who Allow It


Posted by at 10:43 pm on October 19, 2015
Category: BISChinaEncryption

140515-D-VO565-003 by Chief of Joint Chiefs of Staff via Flickr https://flic.kr/p/nkMLsf [Public Domain - Work of U.S. Government]

An article that appeared last Friday in the Wall Street Journal suggests that at least one U.S. company is providing the Chinese government with access to proprietary U.S. source code as a condition for access to the Chinese market. What could possibly go wrong with that??

Just as a burglar, who normally suspects everyone else of having his own larcenous motives, puts extra bars on his own doors and windows, the Chinese seem to be worried that U.S. software might have backdoors that allow the U.S. to hack into Chinese systems. Imagine that.

IBM has begun allowing officials from China’s Ministry of Industry and Information Technology to examine proprietary source code—the secret sauce behind its software—in a controlled space without the ability to remove it from the room, the people said. It wasn’t clear which products IBM was allowing reviews of or how much time ministry officials can spend looking at the code. The people said the practice was new and implemented recently.

The Wall Street Journal suggests that this access, which is designed to quell Chinese fears that the U.S. will do unto China what China has done unto the U.S., is largely symbolic because the Chinese are not being given sufficient time to comb through thousands of line of code looking for back doors.

The problem here, however, is that most software programs these days, particularly ones that might have “back door” entry concerns, will have encryption; and the EAR poses special restrictions on exporting certain types of encryption source code to certain government end-users. Encryption source code that is classified as ECCN 5D002 (i.e., is not mass market) and is not publicly available is classified under section 740.17(b)(2)(i)(B) of license exception ENC. Under paragraphs (1) and (2) of the Note to 740.17(b)(2), such encryption source code can, after a classification request, be immediately exported under license exception ENC to any end-user (including a government end-user) in a Supplement 3 country and to non-government end-users in countries, such as China, which are not a Supplement 3 country. However, exports of 5D002 encryption source code that is not publicly available, i.e., that is not available by download or otherwise to members of the public, can only be exported to a government end-user outside Supplement 3, such as the Chinese government, with a license from the Bureau of Industry and Security.  (A very good chart explaining the baroque complexities of  license exception ENC  can be found here.)

Now, here’s the catch. Most encryption algorithms are publicly available, but the code used by specific software to implement that algorithm is not. Indeed, if that code were publicly available, the Chinese wouldn’t need to review it, and the reviewing company would not insist that the code be examined in a “controlled space.” Indeed, you have to imagine that it is precisely the non-public code implementing the public algorithm which would be of most interest to Chinese reviewers concerned about U.S. software having back doors for Uncle Sam to come snooping.

Let me be clear: I’m not saying that IBM has broken any laws here. We don’t know whether the software being examined is 5D002 software or, if it is, that IBM hasn’t applied for and received a license. Rather my point is this: companies that consider giving source code access to the Chinese should only move ahead with a great deal of caution if the software utilizes encryption.

Permalink Comments Off on Beijing’s Review of U.S. Software Risks Export Woes for Those Who Allow It

Bookmark and Share


Copyright © 2015 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)

Apr

2

White House Fires First Salvo at Chinese Government Hacking Activities


Posted by at 12:47 pm on April 2, 2015
Category: ChinaCyber WeaponsEconomic SanctionsOFAC

By Poa Mosyuen (Own work) [CC-BY-SA-3.0 (http://creativecommons.org/licenses/by-sa/3.0)], via Wikimedia Commons http://commons.wikimedia.org/wiki/File:HK_%E7%9F%B3%E5%A1%98%E5%92%80%E5%B8%82%E6%94%BF%E5%A4%A7%E5%BB%88_Shek_Tong_Tsui_Municipal_Services_Building_%E9%9B%BB%E8%85%A6%E9%8D%B5%E7%9B%A4_Chinese_input_keyboard_Jan-2012.jpgYesterday the Office of Foreign Assets Control published an executive order and accompanying FAQs under which the White House establishes the circumstances under which it will add certain persons and entities engaged in hacking computers and networks in the United States to the Specially Designated Nationals and Blocked Persons list. U.S. persons would be prohibited from engaging in any transactions with any of the designated cyberviolaters and all property of the cyberviolaters that comes into the United States or under the control of U.S. persons would required to be blocked.

Unlike most executive orders of this type, no parties have been designated yet under its authority; it is purely prospective in nature. This suggests that the order is, for the moment, mostly a diplomatic salvo and that its likely target is China. The numerous cyber attacks on the United States by China, including the recent Anthem breach, have been well documented and just as vociferously denied (in a clear methinks the lady doth protest too much” fashion) by the Chinese government.

Whether this will be effective in deterring China remains to be seen. One response by China to any future designation might be to double down and engage in cyber retaliation. Given the asymmetric nature of cyber warfare between the U.S. and China, due to the fact that the U.S. is more connected and more vulnerable than China, such retaliation cannot be discounted.

An additional point should be made on these new sanctions. I have seen some popular tech media and bloggers suggest that the sanctions might be applied to domestic hackers, even relatively benign ones doing things similar to what got Aaron Schwartz in trouble. It is important to remember, however, that the International Emergency Economic Powers Act, under which the executive order was issued, restricts the scope of the order to blocking “any property in which any foreign country or a national thereof has any interest,” thereby preventing purely domestic application of these sanctions. A domestic hacker would have to be working on behalf of a foreign country or foreign national to be designated under the new cyber sanctions.

Permalink Comments Off on White House Fires First Salvo at Chinese Government Hacking Activities

Bookmark and Share


Copyright © 2015 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)

Mar

19

Export Car to China: Go Directly to Jail


Posted by at 12:41 am on March 19, 2015
Category: ChinaCriminal Penalties

Porsche Panamera via http://files2.porsche.com/filestore.aspx/normal.jpg?pool=multimedia&type=image&id=rd-2014-homepage-teaser-ww-panameraturbos-kw43&lang=none&filetype=normal&version=b51309d8-552d-11e4-99aa-001a64c55f5c&s=4 [Fair Use]

Everybody knows that you can go to jail for exporting a tank to China. But did you know that you can go to jail for exporting a luxury car, classified as EAR99, to China?

Well, it appears that you can. According to an article in the Milwaukee Journal-Sentinel, Mao Peng, a resident of Kenosha, Wisconsin, and his wife were arrested in Los Angeles for exporting luxury vehicles to China and sent back to Wisconsin for trial. Only the terminated criminal proceedings in Los Angeles are in PACER at the moment. The transferred case in Wisconsin has not shown up yet in PACER, so details of the charges are somewhat hard to discern.

But it appears from a number of news sources, like this article in the New York Times, that federal prosecutors have been targeting individuals who purchase luxury vehicles in the United States and then export them to China for resale. Apparently, there is a substantial price differential between the price of luxury vehicles in the U.S. and China creating an attractive arbitrage opportunity for ambitious entrepreneurs. And the auto manufacturers have some how enlisted the DOJ to help them preserve their high margins in China.

At the behest of luxury car manufacturers, the U.S. Government has been seizing cars and bank accounts, but at least one federal judge has called foul. The opinion in that case gives some clue as to the prosecutors’ theories in the luxury car export cases. In that case, the Secret Service seized bank accounts alleged to contain funds derived from an auto broker’s export business. Because luxury auto dealers are prohibited by their manufacturers from selling cars for export, dealers require purchasers to sign, in the purchase documentation, a representation that the cars are for their own use and not for export. The export brokers pay straw purchasers to buy the vehicles for them. The government’s theory is that the brokers are conspiring with the straw purchasers to commit wire fraud in connection with the personal use representations by the straw purchasers. The district court held, relying on the “convergence” requirement, that the misrepresentation was at most a contractual violation rather than a criminal matter because the auto dealers to whom the misrepresentation were made were not injured by the misrepresentation; only the manufacturers were.

Peng’s case, which appears to be the first criminal prosecution for exporting cars to China, may be somewhat different because it appears that his straw purchasers were Native Americans and that sales taxes were therefore not paid on vehicles delivered to reservations on which they lived.   It also appears that the government is alleging that Peng was continuing to use the names of the straw purchasers for more purchases than they had agreed to and that this was some kind of identity theft.   But, according to the Journal-Sentinel article, it also appears that the government’s case is  primarily based on the non-export representations made by the straw purchasers to the auto dealers.

Permalink Comments (3)

Bookmark and Share


Copyright © 2015 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)