Regulations, Penalties, & Exclusions

The Department of State Directorate of Defense Trade Controls (DDTC) administers export control of defense items under the International Traffic in Arms Regulations (ITAR), 22 CFR 120-130, pursuant to the Arms Export Control Act (AECA). Almost any item that contains any ITAR-controlled components is also controlled under the ITAR. Three terms are used to designate export-controlled ITAR items: “defense articles,” “technical data,” and “defense services.”

• Defense Article means any piece of equipment (or component or part thereof), or technical data (as defined below), that is listed on the USML. (22 CFR 120.31)
• Technical Data means any information required for the design, development, assembly, production, operation, repair, testing, maintenance, or modification of a defense article. Technical data may include drawings, assembly instructions, operations and maintenance manuals, and email or telephone exchanges where such information is discussed. However, technical data does not include general scientific, mathematical, or engineering principles commonly taught in universities, information in the public domain, general system descriptions, or basic marketing information on function or purpose. (22 CFR 120.33)
• Defense Services means:

1. 1. The furnishing of assistance (including training) to foreign persons, whether in the United States or abroad, in the design, development, engineering, manufacture, production, assembly, testing, repair, maintenance, modification, operation, demilitarization, destruction, processing, or use of defense articles;
   2. The furnishing to foreign persons of any technical data controlled under the ITAR, whether in the United States or abroad; or
   3. Military training of foreign units and forces, regular and irregular, including formal or informal instruction of foreign persons in the United States or abroad or by correspondence courses, technical, educational, or information publications, and media of all kinds, training aids, orientation, training exercises, and military advice. (22 CFR 120.32)

Identification, Receipt, and Tracking of ITAR Controlled Items and Controlled Technology

An Access Control Plan (ACP) or Technology Control Plan (TCP) is required to track and monitor compliance when projects involving ITAR-controlled items or export-controlled technical data are identified. The DIEC is responsible for oversight and licensing, including technical assistance agreements, of all projects in which defense articles are Export Control & International Trade Compliance Program Guidelines 9manufactured. This would include projects involving chemical or biological agents covered under USML Category XIV. Absent a DDTC license, any ACP/TCP for ITAR-controlled items MUST bar access by all foreign persons (unless a bonafide exception is available), as there is no country-by-country analysis as in the EAR regulatory framework. As a general policy, UMassD conducts research under the Fundamental Research Exemption whenever possible and does not accept ITAR controlled research projects. Any research groups who propose to have ITAR-controlled activities and/or equipment at UMassD must contact the OIEC and must always have TCPs in place to protect and secure such activities and equipment.

Export Under ITAR (22 CFR 120.50):

The ITAR defines the term “export” broadly. It applies not only to exports of tangible items from the U.S. but also to transfers of intangibles, such as technology or information. The ITAR includes the release of controlled technical data to foreign nationals, even in the U.S.

Authorization to Export:

Any U.S. person or entity that manufactures, brokers, or exports defense articles or defense services must register with the DDTC and secure a license prior to any export. The OGC annually registers the University with DDTC.

NOTE: UMassD does not engage in ITAR work or accept ITAR-controlled research projects.

The Department of Commerce’s Bureau of Industry and Security (BIS) regulates the export of most products, software, and technology under the Export Administration Regulations (EAR), 15 CFR §§ 730-774. The EAR covers a wide range of commodities and technology. The commodity classification process is highly technical, and most importantly, the need for a license depends on: (1) the commodity or technology, (2) its end use, (3) its end user, (4) its final destination. Generally, most items of U.S. origin, or physically located in the U.S., are subject to the EAR. U.S. items overseas, and items produced overseas using U.S.-origin components or made using U.S. technology, may still be subject to the EAR. Additionally, certain activities of U.S. persons overseas may also be subject to these regulations. Foreign-manufactured goods are generally exempt from the EAR re-export requirements if they contain less than a de minimus level of U.S. content by value. The EAR requires a license for the export of a wide range of items with potential “dual” commercial and military uses, or which are otherwise of strategic value to the U.S. Items listed on the Commerce Control List (CCL) generally require a license prior to export, but the final determination will depend upon where, for what purpose, and to whom the technology or item is being sent. The items on the CCL are designated by Export Control Classification Numbers (ECCNs). Items which have not been assigned an ECCN are designated as “EAR99” and can generally be exported without a license, unless the export is to an embargoed country, or to a prohibited person or prohibited end-use. ECCNs have five-character alpha-numeric designations (example: 3A001). An ECCN categorizes items based on the nature of the product, i.e. type of commodity, software, or technology and its respective technical parameters. The first character of the ECCN represents the Commerce Control List’s Category designation (0-9). The second character of the ECCN represents the item’s product group. The CCL has 5 product groups as follows:

1. Systems, Equipment and Components mean finished or unfinished goods ranging from high-end microprocessors, to airplanes, to ball bearings.
2. Test, Inspection and Production Equipment includes equipment specifically for manufacturing or testing controlled commodities, as well as certain generic machines, such as computer numerically controlled manufacturing and test equipment.
3. Material includes certain alloys and chemical compounds.
4. Software includes software specifically associated with particular commodities or manufacturing equipment, as well as any software containing encryption and the applicable source code.
5. Technology means information required for the development, production, or use of a Good, and takes the form of technical data and technical assistance.

For some ECCNs, there may be a distinction between the types and levels of technology controlled. For Export Administration Regulations and items subject to the EAR, visit the Bureau of Industry and Security (BIS) website.

Using the CCL - ECCN and Licensing Determinations:

Classifications under the CCL, ECCNs, and licensing determinations are highly technical and complicated. OIEC strongly recommends that researchers request assistance when determining whether their items or activities are subject to the EAR. To determine whether you may export an EAR-controlled item, consider the following steps:

1. Review the Commerce Control List (CCL) and inquire with OIEC for assistance.
2. Check for any license exceptions.
3. Consult the Country Chart.
4. Verify the end use of the technology or item.
5. Confirm the end user of the technology or item.

In classifications of an entire system, consider the nature of the entire assembled system rather than the classification of individual components (except for information technology or encryption software). By comparison, under the ITAR, a component that contains one single ITAR-controlled item would normally make the entire assembled system controlled.

The U.S. Department of the Treasury administers and enforces economic and trade sanctions based on U.S. foreign policy and national security goals against targeted foreign countries, regimes, terrorists, international narcotics traffickers, those engaged in activities related to the proliferation of weapons of mass destruction, and other threats to the national security, foreign policy, or economy of the United States. OFAC administers a number of different sanctions programs. The sanctions can be either comprehensive or selective, using the blocking of assets and trade restrictions to accomplish foreign policy and national security goals. Restricted Party Screening (RPS) is necessary for compliance. Treasury regulations limit or prohibit the provision of services to those impacted individuals, entities, and/or countries.

When is an Export License Required?

Most exports do not require government licenses. Barring a prohibited end use or user, only certain commodities, software, and technologies require license for export. An export license is usually required for one of the following reasons:

• The export has actual or potential military applications or economic protection issues.
• Government concerns about the destination country, organization, or individual.
• Government concerns about the declared or suspected end use or the end user of the export.

Even if an item or technology appears on a list of controlled items, there may be exemptions, exclusions. or exceptions that apply. The Departments of Commerce, State, and Treasury publish various lists of parties with various export control and trade sanction restrictions and prohibitions. The lists are notice to the public not to engage in any proscribed transaction(s) with listed entities. The campus uses restricted party screening software to conduct screening and due diligence on third-parties (e.g., suppliers, research sponsors, and international visitors, and collaborators).

Presidential memorandums often supplement or direct the implementation of the aforementioned regulations, particularly with respect to national security and foreign relations. These documents may set the tone for broader policy changes or directives affecting U.S. export controls, sanctions, and international relations. For example, memorandums may:

• Modify the scope or application of specific trade sanctions.
• Provide guidance on the interpretation of regulations like ITAR or EAR in light of current geopolitical situations.
• Impact security-based export restrictions, including adjustments related to foreign policy or national defense strategies.
• Address cross-agency cooperation and policy alignment on international trade and defense technologies.

UMassD adheres to relevant presidential memorandums by aligning with federal policy shifts as outlined in these documents, ensuring that our export control practices, international collaborations, and research activities remain compliant with both law and executive directives.

In addition to the primary export control regulations, various other federal laws and agencies regulate activities that may overlap or coincide with export-controlled activities. These laws are designed to protect national security, foreign policy, public health, and safety, and to ensure compliance with international trade and sanction regulations. While export control laws typically focus on the transfer of controlled goods, technologies, and information across borders, these additional laws may impact research, partnerships, and international collaborations in other ways. It is essential for the UMassD community to be aware of these regulations, as failure to comply with any of them may result in legal and financial penalties, as well as restrictions on future collaborations and activities. UMassD works closely with relevant offices, such as the Office of Institutional Ethics & Compliance (OIEC), to ensure adherence to all applicable laws.

Select Agents and Toxins Regulations

In addition to export control laws, select agents and toxins are regulated by the Centers for Disease Control and Prevention (CDC) and the Department of Agriculture (USDA). For more details, refer to https://www.selectagents.gov/sat/index.htm. While these materials are primarily regulated by the CDC and USDA, their release often requires an export license, even when exceptions may apply under select agent and toxin regulations. 

Nuclear Regulatory Commission (NRC)

The Nuclear Regulatory Commission (NRC) regulates activities involving nuclear materials and facilities. Compliance with NRC regulations is required for any research or activities involving nuclear substances.

Department of Energy (DOE)

The Department of Energy (DOE) regulates activities related to energy technologies, including the development and export of nuclear and energy-related materials. UMassD must comply with DOE regulations when conducting relevant research or activities.

Food and Drug Administration (FDA)

The Food and Drug Administration (FDA) regulates drugs, biological products, medical devices, and other products related to health and safety. Compliance with FDA regulations is required for research and development involving these products.

Drug Enforcement Administration (DEA)

The Drug Enforcement Administration (DEA) enforces laws related to controlled substances. Any research or activity involving controlled substances must comply with DEA regulations.

Foreign Corrupt Practices Act (FCPA)

The Foreign Corrupt Practices Act (FCPA) prohibits offering or promising anything of value to foreign government officials to gain business or secure an improper advantage. UMassD is committed to competing fairly and complying with antitrust laws and will not participate in any boycott that contradicts U.S. laws or national security.

International Emergency Economic Powers Act (IEEPA)

The International Emergency Economic Powers Act (IEEPA) provides the U.S. government with authority over international transactions that may threaten national security or foreign policy, and the Office of Foreign Assets Control (OFAC) enforces U.S. sanctions programs. These laws may intersect with export control laws, particularly when dealing with embargoed countries.

Trading with the Enemy Act (TWEA)

Similar to the IEEPA, the Trading with the Enemy Act (TWEA) authorizes the President to regulate or prohibit trade and financial transactions with countries or individuals deemed enemies during wartime or declared national emergencies. The act is part of the broader set of regulations ensuring that U.S. entities do not engage in prohibited transactions that could compromise national security.

Customs and Border Protection (CBP) Regulations

Customs and Border Protection (CBP) enforces U.S. import and export regulations, including compliance with export control laws. CBP plays a key role in preventing illegal exports and enforcing trade sanctions by overseeing the movement of goods and materials across U.S. borders. Compliance with CBP regulations is essential for ensuring that exports do not violate U.S. trade laws or export controls.

Antiboycott Regulations

Enforced by the U.S. Department of Commerce, antiboycott regulations prohibit U.S. businesses from participating in foreign boycotts against countries aligned with U.S. foreign policy. While infrequent, this problem can arise in the process of contracting with foreign entities or countries. Compliance with these regulations ensures that U.S. businesses do not indirectly support foreign efforts that could conflict with U.S. national interests. UMass will not participate in any boycott that is contrary to U.S, laws and national security.

For criminal violations of the EAR, penalties can reach up to $1 million per violation for the university. Individuals involved in willful violations can face fines of up to $1 million, imprisonment for up to 20 years, or both, per violation. Civil penalties for both the university and individuals can reach up to $250,000 per violation, or five times the value of the export, whichever is greater. In addition to these fines, violators may also face a denial of export privileges and other potential collateral penalties. These penalties apply to unlawful exports or disclosures of controlled items, including both physical exports and "deemed exports" (e.g., sharing information with foreign nationals).

Criminal penalties for ITAR violations can reach up to $1 million per violation for organizations, with up to 10 years of imprisonment for individuals found guilty of willful violations. Civil penalties for ITAR violations can reach up to $500,000 per violation, which may apply to departments, agencies, and officials within the university. If a university is found in violation of ITAR regulations, it may be debarred from contracting with the U.S. government, and it may lose its export privileges. These penalties apply to violations involving military items, certain space-related technologies, and related services.

Penalties for violations of OFAC regulations vary depending on the sanction regime in question. Criminal violations by the university may incur fines up to $1 million per violation. Individuals found guilty of criminal violations can face up to $1 million in fines and up to 20 years in prison, or both. Civil penalties for OFAC violations can reach up to $250,000 per violation, or double the value of the transaction in question, whichever is greater. These penalties apply to violations of trade sanctions involving embargoed or sanctioned countries, entities, and individuals.

Additional Items to Consider

1. Administrative Penalties: In addition to criminal and civil penalties, violations of export controls may also result in administrative actions, including the suspension or revocation of export privileges, the imposition of probationary periods, or the denial of export licenses.
2. Forfeiture of Property: Property involved in the violation, such as goods or funds, may be subject to forfeiture under certain circumstances. For example, exports that violate sanctions can lead to the seizure of goods, funds, or other assets involved in the unlawful transaction.
3. Civil Litigation: Some violations, particularly in cases of fraud or misrepresentation, could result in civil lawsuits by other parties, such as businesses, individuals, or even the U.S. government. This could result in additional financial liability and reputational harm.
4. Corporate Debarment: In addition to debarment from government contracts under ITAR, organizations involved in violations of export control regulations may face additional debarment or suspension from federal grants and cooperative agreements which can have long-term impacts on a university’s ability to secure future funding.
5. National Security: In some cases, export control violations could also be classified as national security threats, which might lead to heightened scrutiny and additional penalties by national security agencies, including the FBI and Homeland Security.
6. Whistleblower Protections: Under certain regulations, employees who report export control violations may be entitled to whistleblower protections, which could protect them from retaliation or discrimination. Conversely, retaliation against a whistleblower can lead to significant penalties for the organization.

In addition to the specific penalties outlined above, individuals and organizations found in violation of export control laws or trade sanctions may face reputational damage, loss of government contracts, and restrictions on future business opportunities. These violations can also result in the suspension or revocation of export licenses and participation in research or international collaborations.

Compliance and Reporting Violations

Any suspected violations of, or solicitations to violate, corruption or antitrust laws should be immediately reported to the OIEC via email to export.control@umssd.edu.

The term "fundamental research" refers to basic or applied research in science and engineering, the results of which are typically published and shared broadly within the scientific community. Fundamental research is distinct from proprietary research and from industrial development, design, production, and product utilization, where the results are often restricted due to proprietary or national security concerns. Both the ITAR and the EAR specify that information resulting from fundamental research is exempt from export controls, this exemption is referred to as the Fundamental Research Exclusion (FRE).

Under the EAR, the FRE applies as long as the university and its researchers do not accept any restrictions on the publication of scientific and technical information or impose personnel access restrictions. The EAR does allow customary prepublication reviews by sponsors to prevent the inadvertent disclosure of proprietary information or to safeguard patent rights. The EAR citation is 15 CFR § 734.8.

In contrast, the ITAR specifies that research will not be considered fundamental research if:

1. The university or its researchers accept any restrictions on the publication of scientific and technical information resulting from the project or activity, or
2. The research is federally funded and specific access and dissemination controls protecting the information have been agreed upon by the university or the researcher. The ITAR citation is 22 CFR § 120.34(a)(8).

To ensure compliance with FRE, the ORA carefully reviews proposed research projects. Proposals identified with concerning language are forwarded to the OIEC for review, the OEIC evaluates the scope of work to ensure that the research qualifies for FRE and reviews contractual and grant language to ensure the university is not agreeing to terms that invalidate the FRE. If necessary, OIEC works to complete the export control analysis with the technical assistance of the PI.

FRE Limitations:

• Publication and Personnel Restrictions: Verbal or written agreements between a PI and a sponsor that include provisions to forgo publication will invalidate the FRE and violate university policies that mandate research to be conducted openly without restrictions on dissemination of results.
• Physical Shipment of Goods: Even if no publication or personnel restrictions apply, the FRE does not apply to the physical shipment of goods.
• Proprietary Information: Sponsor or third-party trade secrets or other proprietary information used in a research project, which are subject to confidentiality agreements, continue to be subject to export controls, even if the research itself falls under the FRE.
• Deemed Exports: A deemed export may occur if information not otherwise publicly available about the development, production, or use of controlled technology is shared with a foreign national. This can occur when instructions on the use of controlled materials are based on non-public information. For example, a publicly available manual would not trigger export control regulations.

FRE is inapplicable if any of the following occur:

• A contract clause forbids the participation of foreign persons,
• A sponsor gains control over research publications or the dissemination of research results,
• A contract restricts participation in research and/or access to and disclosure of research results.

Note: Oral or written "side deals" between a PI and a sponsor that impose such restrictions also invalidate the FRE and may violate university policies on openness in research.

One of the most important exclusions from export controls that applies to universities is the Educational Information Exclusion. Under the EAR, information and software taught in course catalog courses and in teaching laboratories associated with these courses are not subject to export controls (certain encrypted software is an exception). See 15 CFR 734.3(b)(3).

Under the ITAR, information or software concerning general scientific, mathematical, or engineering principles commonly taught in universities, or information already in the public domain, is also not subject to export controls. See 22 CFR 120.33(b) & 120.34.

These exclusions include instruction in UMassD courses and general scientific, mathematical, or engineering principles commonly taught in colleges and universities without a license from the department of Commerce or State. Export control issues may arise when activities involve teaching or training foreign students on campus or foreign colleagues abroad using information which is not publicly available, for consultation or further information please email export.control@umassd.edu.

All publicly known information is not subject to export controls, with certain exceptions (e.g., certain encryption software). Under the ITAR, publicly published information is in the "public domain" and not subject to export controls. Examples include:

1. Sales at newsstands and bookstores,
2. Subscriptions available to any individual who wishes to obtain or purchase the information,
3. Second class mailing privileges granted by the U.S. government;
4. Libraries open to the public or from which the public can obtain documents;
5. Published patent applications and issued patents;
6. Unlimited distribution at conferences, meetings, seminars, trade shows, or exhibitions are generally accessible to the public;
7. Public release approved by the U.S. government;
8. Fundamental research in science and engineering at accredited institutions of higher learning in the U.S. where the resulting information is ordinarily published and shared broadly in the scientific community;

Publicly Available Information (EAR) vs. Public Domain Information (ITAR):

Research involving information that has been published or is made generally accessible to the public. The definitions of "publicly available" (EAR) and "public domain" (ITAR) vary slightly, but both exclusions apply to research that is published or made available to the public in specific ways, such as at conferences. The EAR uses the term "publicly available" instead of "public domain." Information can become “published” or considered as “ordinarily published” when it is generally accessible to the interested public through a variety of ways, including publication in periodicals, books, print, electronic or other media available for general distribution to any member of the public. The EAR definition of publicly available includes releases at open conferences, meetings, or seminars in the U.S. or abroad, while ITAR’s definition of “in the public domain” restricts the exemption to releases at U.S. conferences. Certain encryption software is not considered publicly available under EAR or ITAR. See 15 CFR 734.7.