The European Commission has published two guidance notes on the application of the EU Dual-Use Regulation, covering:

  1. the application of the definition of an “exporter” in relation to manufacturers and resellers of dual-use items; and
  2. controls of information security items and the implementation of the Cryptography note (“mass-market”) exemption.This guidance provides clarity as to the definition of an “exporter” where a reseller of dual-use items in one EU Member State contracts with a consignee in a third country, but a manufacturer in another EU Member State is responsible for sending the goods outside the EU. The “exporter” is responsible for obtaining any export licences required.The full guidance note is available here.This guidance provides answers to a number of questions in relation to information security items and the implementation of the mass-market exemption under the Cryptography note. The guidance contains the following principal points:
  3. Information security items
  4. The Commission confirms that the “exporter” will be the entity that holds the contract with the consignee in the third country and makes the decision to send the goods outside the EU. It is important to note that this may not be either the declarant, or an entity that performs logistical functions in relation to the shipment.
  5. Definition of an “exporter”
  • Self-assessment for decontrol – It is the exporter’s responsibility to determine for itself if items qualify for the mass-market exemption. However, it is advisable for an exporter to consult the competent authority, or to notify the authority of its conclusions, in order to confirm the status of the items.
  • Geographical scope of the exemption – Where an exporter has received confirmation that items are decontrolled from the competent authority in the EU Member State where it is established, it is for that competent authority to determine whether the items are controlled. However, if the exporter plans to export the items from another EU Member State, they should inform the authority that they plan to do so when submitting the request for confirmation. The authorities in the EU Member States concerned will then consult with each other.
  • Factors taken into consideration by the competent authorities – The key point taken into account by the competent authorities in assessing whether a cryptography item controlled is the nature of the item itself. However, other elements of the transaction are taken into account. It is worth noting that the decision of the authority applies to the specific exporter for a specific item.
  • Licensing procedures for category 5A2 and 5D2 items that do not qualify for the mass-market exemption – The competent authorities may grant either individual or global authorisations for items that do not qualify for an exemption. The guidance also highlights the applicability of Union General Export Authorisation EU001 to particular destinations (Australia, Canada, Japan, Liechtenstein, New Zealand, Norway and Switzerland), which permits the export of a number of dual-use items, provided that the exporter complies with the terms of the authorisation (including registration with the competent authorities).

The full guidance note is available here.