On September 9, 2022, the US Department of Commerce’s Bureau of Industry and Security (“BIS”) published an interim final rule (the “2022 IFR”) revising the Export Administration Regulations (“EAR”) to authorize the release of certain technology and software in the context of “standards-related activity” involving entities listed on the Entity List.  Comments on the impact of this action on participation in “standards-related activity” must be submitted to BIS no later than November 8, 2022. 

By way of background, BIS published an earlier related interim final rule (“2020 IFR”) on June 18, 2020, amending the scope of applicable license requirements for certain releases of technology and software subject to the EAR to Huawei and its affiliates listed on the Entity List in connection with exchanges of technology in a standards organization environment (the “Standards Authorization”).  Comments received in response to the 2020 IFR, indicated lingering uncertainty on the part of US industry regarding EAR compliance obligations in respect of participation in standards organizations that included Entity List parties.  The 2022 IFR is intended to address these concerns with respect to the release of low-level technology and software for in the context of “standards-related activity” involving entities listed on the Entity List.

With a stated goal of seeking to preserve the leadership and participation of US companies in national and international “standards-related activities,” the 2022 IFR revises the Standards Authorization by: 1) expanding the scope of the Standards Authorization to all entities listed on the Entity List; 2) expanding the scope of the Standards Authorization to include certain software and additional technology; and 3) clarifying the scope of standards activities covered by the Standards Authorization.

1)   Expanding the scope of the Standards Authorization to all entities listed on the Entity List
  • The 2022 IFR expands the scope of the Standards Authorization to all entities on the Entity List (the 2020 IFR only applied to Huawei and its affiliates on the Entity List in their capacity as members of a standards organization).
2)   Expanding the scope of the Standards Authorization to include certain software and additional technology
  • The 2022 IFR expands the scope of the Standards Authorization to include EAR99 or AT-only controlled “software” in addition to EAR99 or AT-only controlled “technology” (the 2020 IFR only included EAR99 or AT-only controlled “technology”). 
  • The 2022 IFR further expands the scope of the Standards Authorization to include certain “software” and “technology” classified under 5D002.b and c.1 and 5E002, respectively, when specifically for the “development,” “production,” and “use” of cryptographic functionality.  The specific “software” and “technology” authorized includes only cryptographic functions needed to assist the development of security in a 5G network, not to develop 5G products or capacity.  No other cryptanalytic items or products that use cryptographic techniques are included in the Standards Authorization.
3)   Clarifying the scope of standards activities covered by the Standards Authorization
  • The 2022 IFR removes the definitions of “standards” and “standards organization” from the EAR.  The scope of the Standards Authorization now reflects activities as defined and in the context of a “standards-related activity.”
  • “Standards-related activity” is defined to include “the development, adoption, or application of a standard (i.e., any document or other writing that provides, for common and repeated use, rules, guidelines, technical or other characteristics for products or related processes and production methods, with which compliance is not mandatory), including but not limited to conformity assessment procedures, with the intent that the resulting standard will be “published.”  A “standards-related activity” includes an action taken for the purpose of developing, promulgating, revising, amending, reissuing, interpreting, implementing or otherwise maintaining or applying such a standard.”

The Standards Authorization only overcomes EAR license requirements imposed as a result of an entity’s listing on the Entity List.  Other EAR licensing requirements may still apply, such as additional end-use or end-user based licensing requirements.

If you wish to submit a comment on the interim final rule or have any questions, please contact any member of our Outbound Trade Compliance team.

Author

Paul Amberg is a partner in Baker McKenzie’s Madrid office, where he handles international trade and compliance issues. He advises multinational companies on export controls, trade sanctions, antiboycott rules, customs laws, anticorruption laws, and commercial law matters. Paul helps clients assess and address compliance risks presented by export controls, trade sanctions, antiboycott rules, customs laws, and anticorruption laws. His practice especially focuses on internal reviews, voluntary disclosure filings, and enforcement actions brought by, the US Government in relation to the Export Administration Regulations (EAR), International Traffic in Arms Regulations (ITAR), trade and economic sanctions programs, and US customs laws.

Author

Ms. Test advices clients on issues relating to licensing, regulatory interpretations, enforcement actions, internal investigations and compliance audits, as well as the design, implementation and administration of compliance programs. She also advises clients on the extra-territorial application of trade compliance-related regulations in cross-border transactions.

Author

Caroline focuses on all aspects of International Trade law, particularly compliance with US export controls, trade and economic sanctions, and US foreign investment restrictions. She represents clients in national security reviews before the Committee on Foreign Investment in the United States (CFIUS), including CFIUS-related due diligence, risk assessment, and representation before the CFIUS agencies.