ExportLawBlog

Sep

17

ZTE and Huawei Proclaim Innocence During House Hearings

Posted by Clif Burns at 5:38 pm on September 17, 2012

Huawei HQ Last Thursday the House Intelligence Committee held hearings into whether or not two giant Chinese telcom equipment companies — ZTE and Huawei — had shipped U.S. origin goods to Iran in violation of the U.S. economic sanctions on Iran. ZTE told the committee that it had never sold equipment to the “Iranian government,” apparently feeling that this was some defense to sales that it apparently made to state-owned telecom companies in Iran.

More interestingly, and more surprisingly, Huawei offered this novel interpretation of U.S. sanctions on Iran:

Charles Ding, a senior vice president of Huawei, also testified Thursday. He said the only equipment his company has sold to Iran was for â€œcommercial, civilianâ€ use.

Of course, U.S. sanctions also cover sales of items for “commercial, civilian” use.

The report on the hearing in the Washington Post, linked above, tries unsuccessfully to give Ding the benefit of the doubt and, in so doing, commits a howler of its own.

Legal experts said it is unclear whether that would violate U.S. sanctions barring sales to Iran … . Although foreign companies have the ability to do business with Iran, federal law bars involvement by U.S. subsidiaries or the sale of goods made in the United States without special permission.

Apparently the reporter is trying to suggest that if these sales were made by Huawei, and not one of its U.S. subsidiaries, everything would be hunky dory. Uh, no. If the items had more than 10 percent U.S.-origin content, then even foreign companies are not permitted to sell those items to Iran. You have to wonder what legal “experts” the Post reporter consulted.

Permalink

Comments (1)

Copyright © 2012 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)

Sep

13

Trial Begins for Man Indicted for Taking His Laptop to China

Posted by Clif Burns at 3:55 pm on September 13, 2012

Category: Criminal Penalties

Chinese Flag Back in September 2011 this blog reported on charges brought against Sixing “Steve” Liu, a U.S. ~~citizen~~ permanent resident working as an engineer on naval defense systems, arising from his traveling to China with a laptop on which he had allegedly saved work material that was export controlled. Opening statements were heard yesterday in Liu’s trial.

No allegations were made in Liu’s indictment that this material was actually disclosed to anyone in China because simply taking the data to China is considered an export, whether disclosed or not. Of course, even if taking the laptop to China constituted an export of the data on the laptop, Mr. Liu would not have committed a criminal offense unless he had the requisite criminal intent, that is, unless he knew that taking his laptop to China with that data on it, even if the data was never disclosed to anyone in China, was a violation of law.

Not surprisingly, the opening statement by Liu’s attorney focused on the absence of criminal intent by Liu and argued that Liu was unaware that taking his laptop to China with export-controlled data was illegal:

Liu’s training in the laws governing the export of defense materials consisted of 15 minutes on his first day of work, between sessions on employee benefits and sexual harassment guidelines, [Liu’s lawyer] said.

If true, I think I would agree that this was probably not enough time for export training and that the company involved might find itself in hot water for its own export violations if this were known by the export agencies.

Permalink

Comments (5)

Copyright © 2012 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)

Sep

12

UK Uses Encryption Controls To Prevent Export of FinSpy Trojan

Posted by Clif Burns at 6:33 pm on September 12, 2012

ABOVE: Gamma International
headquarters in Andover, UK

Bloomberg News reported yesterday that the U.K. has imposed export controls on Gamma International’s FinFisher software. FinFisher is commercial trojan software that can take over computers and mobile phones and which the company has marketed to foreign governments anxious to keep really, really close tabs on political dissidents. Reporters and privacy groups have uncovered evidence recently that the nice folks in Bahrain were using this software against political dissidents in that country.

Of particular interest is the rational used by the U.K. to assert export controls over the software. According to a letter sent by the U.K. government, the software required an export license because it uses cryptographic functionality covered by Category 5, Part 2 of the E.U.’s Dual Use Control List:

The Secretary of State, having carried out an assessment of the FinSpy system to which your letter specifically refers, has advised Gamma International that the system does require a licence to export to all destinations outside the EU under Category 5, Part 2 (â€˜Information Securityâ€™) of Annex I to the Dual-Use Regulation. This is because it is designed to use controlled cryptography and therefore falls within the scope of Annex I to the Dual-Use Regulation. The Secretary of State also understands that other products in the Finfisher [sic] portfolio could be controlled for export in the same way.

Of course, the interesting question here is whether the similar controls placed on encryption in Category 5, Part 2 of the Commerce Control List would require an export license if a U.S. company wanted to export similar trojan software for surveillance purposes. More particularly, the issue is whether under License Exception ENC a U.S. company could self-classify the item and export it without license if it had previously registered and received an Encryption Registration Number. It seems to me that it could not because the software at issue falls within 740.17(b)(2)(i)(C)(3) which excludes from self-classification items that have been designed for government end users. It is abundantly clear that Gamma International only sells this trojan software to government end users. Nevertheless, items in this category can be exported immediately upon filing a classification request to countries outside those listed in Supplement 3 to Part 740, e.g., most NATO countries as well as Japan, Switzerland, Malta, Australia and New Zealand. Licenses would be required, however, for exporting the software to countries outside those listed in Supplement 3. The U.K. will apparently require licenses to all destinations.

An additional control on such software in the United States could be found in ECCN 5D980 which controls software “primarily useful for the surreptitious interception of wire, oral, and electronic communications.” However, at least under current policy licenses to export such software to government agencies in countries other than Cuba, Iran, North Korea, Sudan, and Syria are generally approved. Whether that policy will hold given the current publicity over the use of FinFisher by oppressive regimes is another matter.

Permalink

Comments (2)

Copyright © 2012 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)

Sep

6

U.S. Sanctions on Iran Hit Health Care

Posted by Clif Burns at 6:06 pm on September 6, 2012

Category: Iran Sanctions • OFAC

ABOVE: Pharmacy in Iran

The Washington Post reprinted on Tuesday a Financial Times report that indicated that U.S. sanctions on Iran were making it difficult for Iranian doctors and hospitals to provide health care to sick patients.

The tightening of U.S. banking sanctions against Iran over its nuclear program has had an impact on all sectors of the economy but is increasingly hitting vulnerable medical patients as deliveries of medicine and raw materials for Iranian pharmaceutical companies are either stopped or delayed, according to medical experts.

But, but, you ask, how can that be? Doesn’t U.S. law permit exports of medicine to Iran even under the new sanctions? Well, yes, in theory, but in practice, maybe not. The article points out difficulty in delivering raw materials to pharmaceutical factories in Iran as one factor, but U.S. law has only permitted exports of medicines, not raw products for medicines, so there’s nothing new here.

Perhaps it’s this:

â€œWe hold a license from the OFAC, but our imports have dropped by more than half while we pay much more than before,â€ one importer said.

â€œThe exemption of medicine from sanctions is only in theory,â€ said another. â€œInternational banks do not accept Iranâ€™s money for fear of facing U.S. punishment.â€

It seems reasonable to conclude that U.S. sanctions have a chilling effect which extends beyond their actual scope. Even if banks might be permitted under General License A to deal with certain Iranian financial institutions in connection with exports of medicine, banks may well decide that parsing the General License, and the risk of punishment if mistakes are made, makes the enterprise more trouble than it’s worth. Not to mention, of course, that this General License would only cover licensed exports of medicine from the U.S. to Iran and not exports of medicine to Iran from other destinations.

And even if the sanctions that can be imposed on foreign banks under the Comprehensive Iran Sanctions, Accountability and Divestment Act of 2010 (“CISADA”) seem limited to specific situations that don’t involve financing medical exports, the recent action by OFAC in blocking two foreign banks for their dealings with Iran may make banks worry about the risk. In that instance, OFAC appeared to be saying that transactions in the petroleum sector could be seen as aiding Iran’s nuclear program, which is one of the bases for imposing CISADA sanctions. By that logic, all transactions with Iran might be seen as aiding the nuclear program, so what bank is going to want to run the risk of financing any exports to Iran?

Permalink

Sep

5

What an Uncool Thing To Do!

Posted by Clif Burns at 6:58 pm on September 5, 2012

Category: BIS • CCL • DDTC • USML

Sonel Uncooled Thermal Imager According to an article last week in Bloomberg Businessweek, the Pentagon is seeking to add uncooled thermal imaging devices to the United States Munitions List. Putting that technology on the USML, as opposed to the Commerce Control List administered by the Bureau of Industry and Security (“BIS”), would require licenses for all exports of such technology and would prohibit exports to countries, such as China, subject to U.S. arms embargos.

Thermal imaging devices typically have to be cooled to prevent them from being “blinded” by their own internal circuitry. This results in more expensive devices as well as devices that need to warm up (or more accurately cool down) before they can function. Uncooled thermal imaging, while offering lower resolution under current technology than cooled thermal sensors, are less expensive and easier to operate. Uncooled thermal imaging has a number of non-military applications, such as collision-avoidance cameras used in new automobiles and investigation of heat leaks in homes. A contractor investigating leaks from exterior walls into my house used one. (Useless application: the camera viewfinder showed thermal paw prints left by my dog several minutes earlier!)

As the Bloomberg article points out, uncooled thermal imaging devices are produced by companies outside the United States, including Ulis in France; SemiConductor Devices in Israel; NEC Avio Infrared Technologies Co. in Japan; and Zhejiang Dali Technology Co. in China. The uncooled thermal imaging camera used by my contractor was made by Sonel in Poland (a similar model of which is pictured at right.)

The proposal to add uncooled thermal imaging to the USML is currently undergoing interagency review. A revised USML including that technology could appear as early as this month according to an anonymous DOD source cited by the Bloomberg Businessweek report.

Permalink

« Previous posts | Next posts »