Where Industry and Security Intersect
What's New | Sitemap | Search
The Deemed Export Advisory Committee (DEAC) met in open session on June 19, 2007, from 9:30 a.m.-12:30 p.m. in Building 10-250 at the Massachusetts Institute of Technology (MIT), 77 Massachusetts Avenue, Cambridge, MA 02139-4307. The Meeting was called to order at 9:30 a.m.
The DEAC is a Federal Advisory Committee set up under the requirements of the Federal Advisory Committee Act. It is tasked to advise the Secretary of Commerce on deemed export policy. There were approximately 67 members of the public in attendance.
DEAC Members Present:
Mr. Norm Augustine, Chairman
Dr. Ruth David, Co-Vice Chair
The Honorable Sean O’Keefe, Co-Vice Chair
Dr. Albert Carnesale
The Honorable John Engler
Dr. Anthony A. Frank
General John A. Gordon
Dr. Eva J. Pell
Dr. James N. Siedow
Dr. William A. Wulf
DEAC Member Not Present:
Mr. Mike Splinter
Note: The text that appears below each speaker’s name is a summary of that individual’s remarks or statement.
Chairman’s Opening Remarks: Mr. Augustine expressed appreciation for the hospitality put forth by MIT and thanked Claude Canizares and all those involved. He spoke of how the current U.S. export policy is dated and how the security threats of the past are not the same as the terrorist threats of today. He closed by stating that the Committee had yet to pull together more than a boiler plate of portions of its report and that they were still collecting additional data, discussing various issues and topics, the results of which will form the basis of their recommendations to the Secretary of Commerce.
Host’s Opening Remarks:
Dr. Rafael Reif, Provost of MIT, welcomed the DEAC. He remarked that the world has become an interconnected, interdependent global environment, and that the leaders of universities, industries and government must work hand-in-hand in developing and shaping the economy of the future. MIT is committed to addressing knowledge-based concerns and hopes that the presentations received this day help promote the resolution of those concerns.
Designated Federal Official’s Opening Remarks:
Mr. Bernie Kritzer Director, Office of National Security and Technology Transfer Controls, Bureau of Industry and Security, U.S. Department of Commerce, (and the DEAC’s Designated Federal Official) thanked MIT for making the facility available and all others in attendance. He restated the mission of the DEAC and discussed the basis of the deemed export rule. He stated that the dialogue the Committee has had thus far with businesses and universities was very positive. Mr. Kritzer then encouraged everyone to look at the new “China Rule” that was published that morning in the Federal Register related to commercial exports to the People’s Republic of China (PRC). The new PRC Rule provides revisions and clarification of export and reexport controls and contains a new provision (never before tried) for a validated end-user to which specified items may be exported or reexported without a license. He thought that the China Rule was on the right path for today’s U.S. economic interests and had a bright future when it comes to revising and clarifying global licensing requirements.
SCHEDULED PRESENTERS:
Dr. Claude Canizares, Vice President of Research and Associate Provost, MIT
Remarks: Dr. Canizares expressed his sincere appreciation to the DEAC and the Department of Commerce on the task of initiating this review process and engaging in a very constructive dialogue concerning the topic of deemed exports. He stated that MIT takes a very serious role in contributing to the nation’s security as well as educating future leaders in science and engineering. He stressed three points which he felt would help to retain the maximum degree of openness in a university setting:
1. Openness in research and deemed export controls contribute to both national security and the national well-being, but they are competing goals and must be balanced carefully and thoughtfully.
2. Wholesale application of deemed export restrictions on campus would be very detrimental to the progress of fundamental research. Settling the “Use” technology definition set forth in the Export Administration Regulations (EAR) is a step in the right direction, but it is not sufficient.
3. Any restrictions should focus on only the most compelling risks, and then only through the control of a limited category of technical information. Controls should be straight- forward to implement, and should provide for identification close to the source of the information, not the end-user community.
One-third of MIT’s graduate students come from outside of the United States; one-third of the University’s faculty is also foreign-born. MIT conducts roughly $1.2 billion of sponsored research per year; half is conducted on campus and the other half at MIT’s Lincoln Laboratory, a secure facility focused on technology for national security. All of the on-campus research meets the definition of “fundamental research” and the University does not accept publication restrictions for this type of research. MIT operates in an open environment in which all faculty and students have equivalent access to all of their laboratories, which contain close to 100,000 pieces of equipment. The current difficulty is based on an interpretation of fundamental research as it is defined in National Security Decision Directive (NSDD) 189. The Bureau of Industry and Security (BIS) applies NSDD 189 such that the exemption does not apply to the conduct of the research. MIT, as well as other universities, operate with the understanding that based on the EAR, the “fundamental research exemption” largely covers the conduct – as well as the products of research.
One curious aspect of the present BIS interpretation is that it seeks to control “old” technology, already in the marketplace, while excluding new results that emerge from cutting-edge research. Dr. Canizares stated that he hoped the DEAC could take a broader view and determine what would be the best way to truly address U.S. security by permitting as much openness as possible so that universities such as MIT can advance technology as rapidly as possible, while limiting access to only the smallest set of truly critical information.
Recommendations:
--The DEAC should replace the broad deemed export provisions of the EAR, at least in the domain of fundamental research, with a much narrower set of controls on specific technologies. The scope of those controls and the categories should, as much as possible, be threat-based and not hypothetical.
--The DEAC and BIS should formulate a process that involves a government-industry-university team to make a drastic reduction in the number and nature of these narrowly controlled items. This would ideally be set up to work closely with DoD and other agencies to achieve commonality between civilian and military lists. The outcome should not control information that is readily available in or outside of the United States.
--The results of the DEAC’s findings should not place the primary burden of identifying what is and what is not controlled at the end-user level. End-user determinations are neither efficient nor likely to be effective.
Ms. Sheila Widnall, Distinguished Professor at MIT (and former Secretary of the Air Force)
Remarks: MIT operates by means of a consensus between the faculty and the administration based on shared values. This consensus is operationalized through the work of a faculty committee charged with making recommendations on specific issues. The Committee on Access to and Disclosure of Scientific Information was convened in Dec. 2001 and first reported in June 2002. Its report, “In the Public Interest”, is available on the MIT website. In the conclusion section of this report, the Committee stated that the community values held dear were openness to express its academic mission and in doing so, it wanted to dynamically and effectively advance the scientific frontier. The University’s desire is to educate the next generation of scientists and engineers. MIT has a public service mission to the nation through Lincoln Labs and Draper Labs and through faculty involvement in national security issues. The well-being of the nation may ultimately be damaged if education, science and technology suffer as a result of practices that indiscriminately discourage or limit the open exchange of ideas. Peer evaluation of research, methods, and findings, based upon sharing and debate within the scientific community, is necessary to ensure the continued quality and progress of science.
Recommendation:
--Classified research should not be conducted on the MIT campus, and thesis research should not be conducted or carried out in areas requiring access to classified materials.
Mr. Steve Kott, Manager, Global Trade, Advanced Micro Devices (AMD)
Remarks: At Advanced Micro Devices (AMD), there are currently no personnel from any of the D-1 countries as categorized in the EAR. Therefore, the licensing approach should be different in this kind of environment. One way is to create a “Master/Super License” by company, facility, or a combination of the two. As part of this concept, any licensed company would need to create a “Corporate Global Approach” for technology controls. AMD is attempting to unilaterally do this and is about 1 to 2 years out for completion.
AMD protects its inner-corporate technology through server protection and password access. Application protection is also server controlled and is cross-functionally teamed and security driven. Passwords are changed often and there is lock-out ability. This setup is done for its inner-corporate design and streamlined wafer process, the company’s most precious secrets. From AMD’s perspective, this sort of setup provides scalability and can be implemented worldwide in its technology development centers. The concern is that these controls stay in the right hands.
AMD controls the company’s industrial proprietary technology through the processes just described. This is more than just security with high walls. AMD always needs to be vigilant and secure in its internal and external screenings for those parties with whom it is doing business. There are, however, very few walls in university settings, especially when compared with the information technology industry. Universities do not have good control on who has what. They utilize brain trust and brain power, and they do not have significantly strong controls over their technology.
AMD would like to establish a better relationship with the oversight organization where information technology lies. The company needs to come to a consensus with various industries so government can develop methods to keep threats away.
Recommendation:
--AMD is looking for a different, much broader scope for export licensing on a global scale.
Jon Goding, Principal Engineering Fellow, Raytheon Corporation, Florida Operations
Remarks: U.S. government regulations deeply influence Raytheon’s business and the company spends millions per year educating its workforce on EEOC, financial accounting rules, security, counter-espionage, and export control regulations.
Raytheon views the U.S. government as its customer and its partner. Cryptography is a part of nearly every system Raytheon delivers, with the U.S. government being its biggest customer. The company has a global presence which relies more and more on commercial technology, including cryptography. Most of Raytheon’s current exports are governed by the ITAR, so the company is accustomed to even longer approval times than EAR licenses. Even though they may take some time, Raytheon’s export requests are almost always approved. However, the company’s international business is growing, with substantial growth potential in systems employing commercial information technology. Raytheon feels that the EAR hampers the company’s competitiveness by inhibiting interaction with foreign customers, companies and researchers. This slows the company’s response time to customer requests and adds cost, complexity, and risk to a challenging business environment. Given this environment, foreign companies developing encryption products sometimes fill the gap created by U.S. export restrictions.
Recommendations:
--Establish a joint industry and academia board to review the EAR with respect to encryption and make recommendations to the Secretary of Commerce.
--Keep any future processes simple in nature for whatever recommendations and findings the DEAC puts forth in its report. Use a “model process” or a set of case studies to study for guidance.
--Avoid a product list. If there needs to be a restrictive product list, items should have an expiration date.
John Barker, Arnold and Porter LLP
Remarks: As the country looks forward to protecting national security in a research environment, it is important to strive to have principles to guide policy development and to have options for new strategic directions. In order to have the principles to guide policy development, security from all perspectives should be considered. The DEAC should also take into consideration that eroding the research base risks long-term harm to the innovation that enhances security. It should be acknowledged that equipment access is crucial to fundamental research, and in supporting fundamental research researchers should have access to research tools. Counter-espionage concerns should be addressed by looking for spies and not Export Control Classification Numbers (ECCNs). It is important to acknowledge that research universities are different than national labs.
The USG should strive for new strategic options that take into account foreign availability and that permit access to equipment. It is also vital that the visa process be leveraged to accomplish national security objectives given that the current visa process demands rigorous initial screenings. The visa process should be used as a critical piece in determining the level of participation in research.
Recommendations:
--Export regulations should utilize university resources and list reviews. Government officials are not aware of growing developments when it comes to technical advancements abroad. Therefore, if they do not know what is developing abroad, it is difficult for them to keep up with research not yet reflected in equipment or technology.
--Take advantage of university expertise early in the process to improve U.S. national security. By knowing what is happening at home and abroad, the United States’ ability to convince other countries to control the most sensitive and dangerous technologies increases. It also would provide input and rationale for not wasting resources on controlling what is uncontrollable.
--The current CCL should be scrutinized by a panel picked by the U.S. government and funded to provide the proper agencies with trained personnel for the list reviews.
--One step forward would also be to enhance university espionage training. This might be challenging, but it would be better than restricting all fundamental research.
Carrie Wolinetz,PHD., Federation of American Societies for Experimental Biology (FASEB)
Remarks: Science thrives in an open environment, with free exchange of knowledge. Science is dynamic and not static; it is constantly morphing and evolving. Therefore, it is not possible to predict the advance of certain technologies. Science and research contribute greatly to national security and the quality of life. It is not feasible to regulate and define that which has not yet been researched. Biology could be “dual-use” technology depending on how the user decides to apply it. Their intent and purpose would ultimately work out to motivate for either good or bad. The dual-use nature of research is not typically clear at outset.
Security controls should be sensible and should not serve to inhibit information exchange that could be used for not only the advancement of science, but for the world. A robust research enterprise is critical for national and international security, but it is sensitive information. How does one know how to address something if the researchers have never been exposed to this type of science before?
Dialogue and involvement with the academic research community should continue here and abroad. There should be a unified globalized front for the well-being of all mankind as a hallmark for all nations to follow suit. The United States should set the example. In biology, scientific progress may happen on a global scale, without an economic component integrated.
Recommendation:
--Increase awareness and compliance and utilize expertise in an advisory capacity as a nation.
--The visa process should be point of control for foreign nationals.
--The United States should maintain unambiguous fundamental research exclusions as called for in NSDD 189.
Jonathan Wise, ISTAC Chair and Export Classification Manager, Agilent Technologies
Remarks: ISTAC has a large industrial membership and its members are most affected by categories 3, 4, and 5 (electronics, computers, and telecommunications and information security, respectively). ISTAC represent a wide range of technologies with a wide level of interest in and exposure to deemed exports. There are various and diverse opinions on the inherit sensitivity of these technologies within the ISTAC. The TAC’s three main concerns are:
- Uncertainty of license approval
- License Conditions
- Perceived inadequate guidance on required documentation for license applications
With regard to uncertainty of license approval, the entire licensing process is too risky for many hiring managers and the result is to preclude pools of excellent job candidates because company’s make license approval a condition of employment.
Employers want to make full/maximum use of employees and want to be able to use them in any job (to be cross-functional). Separation of individuals is difficult and expensive. We question the rationale for license conditions of next generation(s) technology.
Recommendations:
--Provide for a “business-model” deemed export license.
-- Tighten deemed export requirement to only certain ECCNs.
--Provide analogous guidance for deemed export licenses, such as a foreign national review for CCL items dealing with applied peak performance.
Public Comments: Lawrence K. Disenhof, Group Director, Export Compliance, Cadence Design Systems Inc (Chairman of the EEA Technologies Export Committee):
Remarks: Candence Design Systems is the largest electronic design automation firm. This type of technology is what engineers use to build equipment. The organization’s technologies are controlled for anti-terrorism (AT) reasons and deemed export as well as ITAR licenses are obtained.
The topic of discussion will focus on a provisional or transportable deemed export license. As an example, Disenhof recently had an Iranian student talk to him at a university after a presentation. The student indicated that he could not get anyone to talk to him because he was Iranian. He asked if he could get an export license himself. Disenhof told him he could not because the process looks at both the person and the technology.
It takes too long to get a provisional background check from the FBI, CIA, etc. If a person leaves one firm and goes to another (because companies are competitive), the worker should be able to get started where his last job was in the cue for the background check to be done. It should follow the person in question, but the current process does not.
Recently, Cadence hired an Iranian foreign national; he was a doctorate student at UT. It took five months for his background check, and three days to do the back end stuff to get the license. Cadence looks at applicants and there is a need to hire these individuals, but managers can’t wait to hire that long because of the lengthy background check. Luckily for this person, it worked out for him in the end.
Recommendation:
--Background checks of foreign nationals should be made easier, and the length for one person to be investigated by all interoperable agencies could become shorter.
Public Comment: Geoffrey (Jeff) E. Grant, Vice President for Research Administration, Partners HealthCare
Remarks: The following comments are related to research in the community, not just at universities, but federally-funded research labs such as NIH, FDC, CDC, and FDA, both large and small. Many research agencies have a stake in this game not just because they are important sponsors, but they are running research labs themselves. There are many players in these environments – and they are all trying to make sense of the deemed export rule (particularly the smaller labs that are fully engaged in research and still trying to manage the administrative deemed exports regulatory burden).
Finally, a comment on deemed exports in general. Do we really need this approach to protect our national security? Other countries do not have a deemed export rule or anything like it. Also, what is going into the government’s decision process black box? What are the criteria for approval if the approval rate is over ninety percent or more of all license applications, not all solely from one country? If individuals are being controlled, the visa system should be used, and if technologies are being controlled, the classification system should be used. A master plan, a master license, or a super license to manage the individuals of concern so that the technologies about which the USG is concerned can be managed should be considered. Federal agencies who are concerned with these issues should invoke the proper and necessary requirements and restraints to help make sense and help build the U.S. economy today.
Recommendations:
--The DEAC needs to consider the inputs from the various Technical Advisory Committees run by BIS that have intimate knowledge of their respective areas. These kinds of input and public advice should continue to work with some standing advisory committee to BIS whose tender will not end.
--The DEAC should seek to simplify the deemed export process. Organizations cannot afford to train sufficient numbers of individuals to understand all the possible scenarios and applications of the deemed export rule in institutional settings. Both large and small enterprises and labs should not have to guess. There should be a website or some publicly-available information source where people can go and simplify the process.
--There should only be a short list of controlled technologies.
Public Comment: Catherine Robinson, The National Association of Manufacturers
Recommendations:
Change the laws and regulations, or create a new system so that U.S. companies can compete with other companies abroad and have the same competitive edge and timeliness as do all the other countries from around the globe. Allow U.S. companies to become technology innovators in specific areas. National security then is not compromised, but rather enhanced by these efforts for the following three reasons:
First, it is imperative that companies protect their intra-corporate proprietary information because this is the life blood of the company. So, it is within their interest to have a strict compliance program so that they do not lose this information about their products or their technology.
Second, this helps build a secure nation. If there was a strictly controlled compliance program that was intra-corporate enforced on a global scale, it would help companies establish a controlled environment to its stateside branch head as well as its satellites elsewhere and would help control the validated end-user program. This then proposes a more controlled environment by having a company-wide security system in place on a global scale, even with third party interests to help deal with and control technology better and their proprietary information and national security for the United States. This allows for a check and balance within the United States, and there is a check and balance within the company. Employment would then allow intra-company transfers to take place, new ideas to be introduced, and production and technology to climb.
Third, it is important that limited resources are utilized in the most efficient manner. This would lower transaction risks without much stress. It would also not constrain businesses and universities whose professional resources are impacted by all of this. At the same time, it would allow new and innovative technologies that are not sensitive and pose no threat to national security to proceed more rapidly. This would allow U.S. businesses and industry as a whole to grow and better compete globally.
The open session adjourned at about 12:30 p.m.
The DEAC then met in a closed session on Tuesday, June 19, 2007, from 1:30 – 4:00 p.m.