UNITED STATES EXPORT CONTROLS

A BRIEF PRIMER -- WITH A FOCUS ON

THE INTERNATIONAL TRAFFIC IN ARMS REGULATIONS
AND ITS EXTRATERRITORIAL REACH

September 2009

Kerry T. Scarlott, Esq.

Ian H. Moss, Esq.
Posternak Blankstein & Lund LLP

INTRODUCTION

In the wake following the tragic events of September 11, 2001, U.S. businesses

and individuals must confront increasingly stringent regulatory controls on the export of

products, technical data, and services. In some cases, an actual “export” in the traditional

sense (i.e., a physical transfer of a product to a foreign territory) is not required to trigger

U.S. export control regulatory issues. More surprising to many, both within the U.S. and

abroad, is the fact that U.S. export control laws and regulations can extend well beyond

U.S. shores. In many cases, jurisdiction attaches to, and follows, U.S. origin products,

technical data, and services wherever they may be located or utilized around the globe.

As a consequence, any foreign person or entity that deals with U.S. origin products,

technical data, or services is potentially subject to these export control regimes, and

should be concerned with compliance. In today’s regulatory environment, it’s what you

don’t know that will hurt you.

U.S. government agencies charged with export regulation and enforcement – the

Departments of Commerce, State, Treasury, and Justice – have all stepped up their

investigation and enforcement efforts both domestically and abroad. While the core U.S.

© Posternak Blankstein & Lund LLP 2009 Page 1 of 10

export control regulations have existed for decades, the importance of compliance has

grown since 9/11 as the U.S. Congress has significantly increased penalties for non-

compliance. It is, therefore, incumbent upon all individuals and entities, both domestic

or foreign, that deal with U.S. origin products, technical data, or services, to understand

their obligations under U.S. export control regulations and take all necessary measures to

ensure compliance.

The first step in complying with U.S. export control laws and regulations is to

determine which regulatory regime impacts your business. This paper summarizes the

primary U.S. export control regimes. For a variety of reasons, this paper then focuses on

regulations affecting the defense trade, including (1) the widespread misperception that

the defense trade is limited to major defense contractors building major defense systems,

as opposed to the reality that the defense trade now involves all levels of players dealing

in simple to exceedingly complex technology, (2) the rampant nature of non-compliance

with applicable U.S. export controls, and (3) the particularly far-reaching extraterritorial

nature of applicable U.S. export controls.

THE THREE PRIMARY U.S. EXPORT CONTROL REGIMES

The three primary export control regimes under U.S. law are (1) the Export

Administration Regulations (“EAR”) (15 CFR Parts 730-774);1 (2) the International

Traffic in Arms Regulations (“ITAR”) (22 CFR Parts 120-130);2 and (3) sanction and

1
The statutory basis for the EAR is the Export Administration Act, 50 USCA §2401, et seq. (“EAA”).
While the EAA itself has expired, its provisions and the resulting regulations continue pursuant to
Executive Order.
2
The statutory basis for the ITAR is the Arms Export Control Act, 22 USCA §2751, et seq. (“AECA”).

© Posternak Blankstein & Lund LLP 2009 Page 2 of 10

ID # 594770v03/5555-1
embargo regulations (“OFAC Regulations”) (31 CFR Parts 500-595, and various

Executive Orders).3

The Export Administration Regulations

The EAR’s coverage is extremely broad. Administered by the U.S. Department

of Commerce, Bureau of Industry and Security (“BIS”), it applies to all products and

technologies created in the U.S. or by U.S. persons (wherever located), as well as foreign

products that move through the U.S. stream of commerce or incorporate more than a

minimal (“de minimus”) amount of U.S. parts, materials, or technologies. The EAR

covers all products and technologies that are purely commercial in nature, as well as

products and technologies that are “dual use” (i.e., items that have both a commercial and

a military application and that were not, at their genesis or at later stages, designed or

modified specifically for a military application – see further discussion of the ITAR

below).4 Stated otherwise, the EAR controls all products and technologies that are not

regulated by the ITAR. Despite the EAR’s broad sweep, many items governed by this

particular regulatory regime may be exported and reexported without a U.S. government

license issued by the BIS. Nevertheless, even items that are exported without a BIS

license are subject to certain end use and end user based controls.5 When a license from

the BIS is required under the EAR, it is typically due to national security or foreign

policy concerns, or because of end-user concerns in areas such as nuclear proliferation,

terrorism, and crime control.

3
The statutory basis underpinning the OFAC regulations is complex. The primary statute is the
International Emergency Economic Powers Act, 50 USCA §1701, et seq. (“IEEPA”).
4
“Dual Use” items are defined under the EAR, in relevant part, as items that “can be used in both military
and other strategic uses (e.g. nuclear) [as well as] commercial applications.” 15 CFR §730.3.
5
For example, even the export and subsequent reexport of wholly benign products such as plumbing
fixtures are subject to the so-called “General Prohibitions” as embodied in Part 736 of the EAR.

© Posternak Blankstein & Lund LLP 2009 Page 3 of 10

ID # 594770v03/5555-1
 The International Traffic in Arms Regulations

In contrast, the ITAR is more narrowly focused on articles, technical data, and

services that have been developed, manufactured, or modified specifically for military or

space applications. The ITAR is administered by the U.S. Department of State,

Directorate of Defense Trade Controls (“DDTC”). Almost all exports and reexports of

ITAR-designated articles (and related technical data and services) requires an export

license or some other form of approval issued by the DDTC, such as a pre-approved

agreement in which the U.S. party provides defense services or technical data to a foreign

party.6 The ITAR requires advance licenses and approvals in almost every export and

subsequent reexport scenario, even when dealing with the U.S.’s closest allies. Further, it

imposes an embargo on exchanges of ITAR-controlled articles, technical data, and

services with a number of countries, including China.7

The Office of Foreign Assets Control Regulations

The OFAC Regulations are the most limited in scope. Administered by the U.S.

Department of Treasury’s Office of Foreign Assets Control, they govern financial

transactions, imports, and exports involving countries that are subject to comprehensive

trade sanctions or embargoes against designated countries (e.g., Iran, North Korea and

Cuba). They also provide comprehensive regulatory procedures for blocking assets of

certain designated nationals, terrorist-supporting individuals and groups, and narcotics

traffickers. Individual U.S. persons, as well as entities formed under U.S. law and even

6
Such agreements, referred to in the ITAR as Technical Assistance Agreements or Manufacturing License
Agreements, can be used for a variety of purposes, including researching, developing, and manufacturing
defense articles both domestically and abroad.
7
A detailed discussion of embargo provisions currently embodied in the ITAR is beyond the scope of this
paper. It is important to understand, however, that the ITAR currently includes an absolute prohibition
against allowing any Chinese national within the U.S. or abroad to access U.S. origin defense articles or
related technical data or services.

© Posternak Blankstein & Lund LLP 2009 Page 4 of 10

ID # 594770v03/5555-1
foreign entities that are owned or controlled by U.S. persons, are subject to the OFAC

Regulations wherever they are located. For instance, it is a violation of the OFAC

Regulations for a U.S. citizen director of a foreign corporation to facilitate a transaction

between the foreign corporation and an Iranian corporation.

FOCUS ON THE ITAR

Contrary to popular belief, the ITAR governs much more than guns and bullets. It

governs the development, manufacture, export, and subsequent reexport of a wide range

of wholly benign (non-lethal) articles, as well as related technical data8 and services.9

ITAR compliance begins with an understanding that any article (and associated technical

data) of U.S. origin or entering U.S. commerce that has been specifically designed,

modified or configured for a military purpose or application constitutes a defense article,

and is therefore subject to ITAR control. In some cases, this includes articles that have a

long-standing commercial sales history. By way of example, ubiquitous commercial-off-

the-shelf (COTS) products such as laser diodes, crystal oscillators, sensors, electronics

cabinets, vibration shock mounts, and even headphones can become subject to control

under the ITAR if they undergo a simple modification for use in a military application or

to serve as a component, part, attachment or accessory to a defense article. Even a simple

metal screw, with threads designed for an ITAR-controlled article, can itself become

subject to the ITAR.

8
The ITAR defines “technical data,” in relevant part, as: “Information which is required for the design,
development, production, manufacture, assembly, operation, repair, testing, maintenance, or modification
of defense articles. This includes information in the form of blueprints, drawings, photographs, plans,
instructions, or documentation….” 22 CFR §120.10(a)(1).
9
The ITAR defines “defense service,” in relevant part, as: “(1) the furnishing of assistance (including
training) to foreign persons, whether in the United States or abroad, in the design, development,
engineering, manufacture, production, assembly, testing, repair, maintenance, modification, operation,
demilitarization, destruction, processing, or use of defense articles; [and] (2) the furnishing to foreign
persons of technical data controlled under this subchapter…, whether in the United States or abroad ….” 22
CFR §120.9(a)(1)-(2).

© Posternak Blankstein & Lund LLP 2009 Page 5 of 10

ID # 594770v03/5555-1
 The key to determining whether the ITAR applies in a particular circumstance is

having a precise understanding of (1) the history of the article from its genesis and, (2)

what, if any, modifications or adaptations to the article have occurred over time

(including the specific purpose of each such modification or adaptation). It can be

difficult to obtain this understanding, particularly when technology has evolved over time

— personnel with knowledge of a product’s evolutionary history may no longer be

available, records may be scarce or non-existent, and memories may fade. Even in real

time, the specific purpose for which an article is being designed, modified, or adapted is

not always clear, particularly when the design, modification, or adaptation is performed

under subcontract. It is, nevertheless, incumbent upon every party that designs and

manufactures products to understand whether or not the ITAR governs their activities on

a product-by-product basis.

U.S. businesses that manufacture defense articles, or that provide defense

services, are required to register with the DDTC (even if they never engage in an actual

export transaction). They must also obtain a license from the DDTC in connection with

nearly every export transaction. Even the act of sharing controlled technical data with a

foreign person (including foreign persons located within U.S. borders) requires a license

in most circumstances. Thus, any business that employs, contracts with, or makes sales

presentations to foreign persons must be particularly vigilant in determining whether they

are subject to the ITAR.

The Extraterritorial Reach of the ITAR

Foreign recipients of U.S. origin defense articles, related technical data, or

defense services must also be vigilant and understand the scope and jurisdictional reach

© Posternak Blankstein & Lund LLP 2009 Page 6 of 10

ID # 594770v03/5555-1
of the ITAR. While it is not uncommon for non-trade related U.S. statutes to impact

individuals and entities outside the United States, the extraterritorial reach of such

statutes is typically limited to U.S. citizens and foreign subsidiaries owned or controlled

by U.S. citizens. In contrast, the ITAR (as well as the EAR) has a far more

encompassing jurisdictional reach. Jurisdiction arises not only from the nationality of the

person or entity,10 but also by virtue of the fact that the article, technical data, or service

originated in the U.S. Because the controlled article, technical data or service retains its

U.S. origin “nationality,” the ITAR’s jurisdiction follows wherever in the world the

article, technical data or service may end up, and attaches to whomever may be in

possession. As such, a foreign person will be subject to the ITAR whenever he or she is

dealing with U.S. origin articles, technical data, or services as defined under the ITAR,

regardless as to whether the foreign person is standing on U.S. or foreign soil.

The ITAR’s impact on foreign persons (both individuals and entities) is

significant. For example, express provisions within the ITAR severely restrict the

reexport or transfer of controlled U.S. origin products or technology in the custody of a

foreign person. Specifically, pursuant to Section 127.1(a)(1) of the ITAR, it is unlawful:

[t]o export from the United States, or to reexport or transfer from

one foreign destination to another foreign destination … by
anyone … any U.S. origin defense article or technical data or to
furnish any defense service for which a license or written approval

10
The ITAR defines a “U.S. person” as “a person … who is a lawful permanent resident as defined by 8
USC 1101(a)(20) [the U.S. Immigration and Nationality Act] or who is a protected individual as defined by
8 USC 1324(b)(a)(3). It also means any corporation, business association, partnership, society, trust, or any
other entity, organization, or group that is incorporated to do business in the United States. … It does not
include any foreign person as defined in §120.16 of this part.” 22 CFR §120.15.
In contrast, the ITAR defines a “foreign person” as “any natural person who is not a lawful permanent
resident as defined by 8 USC 1101(a)(20) or who is not a protected individual as defined by 8 USC
1324(b)(a)(3). It also means any corporation, business association, partnership, society, trust, or any other
entity, organization, or group that is not incorporated or organized to do business in the United States, as
well as international organizations, foreign governments and any agency or subdivision of foreign
governments (e.g. diplomatic missions).” 22 CFR §120.16.

© Posternak Blankstein & Lund LLP 2009 Page 7 of 10

ID # 594770v03/5555-1
 is required by this subchapter without first obtaining the required
license or written approval from the Directorate of Defense Trade
Controls.

(Emphasis supplied).

Furthermore, Section 123.9(a) of the ITAR requires that:

[t]he written approval of the Directorate of Defense Trade Controls

must be obtained before reselling, transferring, transshipping, or
disposing of a defense article to any end user, end use or
destination other than as stated on the export license, or on the
Shipper’s Export Declaration in cases where an exemption is
claimed under this subchapter.

In short, when a defense article, related technical data, or defense service is of

U.S. origin, ITAR requirements apply equally whether the individual or entity in

possession constitutes a U.S. person or foreign person under the ITAR.11 If a foreign

person reexports or transfers that article, discloses related technical data, or provides a

related defense service, without first obtaining the approval of the DDTC, she is very

likely violating the ITAR.

Nor does a foreign person escape the jurisdiction of the ITAR by incorporating a

defense article into a foreign made product, even if the foreign made product is

commercial or dual use in nature. The DDTC has adopted a transparency doctrine that

looks through the foreign made product to identify the ITAR controlled defense article or

any controlled U.S. technology or services that may have been incorporated into the

article. And unlike the EAR, there is no de minimus requirement. If a foreign made

product contains any ITAR controlled component or technology, or if it was developed

using ITAR controlled defense services, however small or seemingly insignificant the

11
See, e.g., 22 CFR §120.14, which states: (“[i]f a provision in this subchapter does not refer exclusively to
a foreign person … or a U.S. person …, then it refers to both.”).

© Posternak Blankstein & Lund LLP 2009 Page 8 of 10

ID # 594770v03/5555-1
component, technology, or service may seem, the entire foreign made product becomes

subject to control under the ITAR.12

Even more controversial is the DDTC’s aggressive stance on the regulation of so-

called “brokers” of U.S. origin defense articles and related technical data. Pursuant to

Section 129.2(a) of the ITAR, a “broker” is defined as any person (U.S. or foreign):

who acts as an agent for others in negotiating or arranging

contracts, purchases, sales, or transfers of defense articles in return
for a fee, commission, or other consideration [involving defense
articles or defense services].

Section 129.2(b) of the ITAR then broadly defines “brokering activities” as:

acting as a broker as defined in §129.2(a), [which] includes the

financing, transportation, freight forwarding, or taking of any other
action that facilitates the manufacture, export, or import of a
defense article or defense services, irrespective of its origin. For
example, this includes, but is not limited to, activities by U.S.
persons who are located inside or outside of the United States or
foreign persons subject to U.S. jurisdiction involving defense
articles or defense services of U.S. or foreign origin which are
located inside or outside of the United States.

The ITAR requires brokers to register with the DDTC. In doing so, the ITAR

utilizes language that even further extends the provision’s extraterritorial reach to “any

foreign person located in the United States or otherwise subject to the jurisdiction of the

United States.” See 22 CFR §129.3(a) (emphasis supplied). The DDTC indicated

recently that it interprets the clause “otherwise subject to the jurisdiction of the United

States” to apply to anyone dealing with U.S. origin defense articles or related technical

data or services. Whether this interpretation would withstand serious judicial scrutiny

12
Indeed, the ITAR mandates that bills of lading accompanying the export of U.S. origin defense articles
and related technical data expressly inform the foreign person that “[t]hese commodities are authorized by
the U.S. Government for export only to [country of ultimate destination] for use by [end-user]. They may
not be transferred, transshipped on a non-continuous voyage, or otherwise disposed of in any country,
either in their original form or after being incorporated into other end-items, without prior written
approval of the U.S. Department of State.” 22 CFR §123.9(b) (emphasis added).

© Posternak Blankstein & Lund LLP 2009 Page 9 of 10

ID # 594770v03/5555-1
remains to be seen. However, with the possibility of civil and criminal penalties, the risk

is significant and cannot be ignored.

CONCLUSION

The ITAR and the EAR present traps and pitfalls for the unwary, both within the

United States and abroad. The regulations are both complex and broad in scope, and can

be burdensome to comply with. However, a foreign person’s or entity’s awareness of

U.S. export control regimes can prevent losses stemming from delays in obtaining

necessary licenses or authorizations, civil and criminal sanctions, and even the inability to

receive critical U.S. origin articles, technical data, and services. Compliance begins with

a firm understanding of the scope and application of U.S. export control laws and

regulations on particular business activities, both foreign and domestic. With the sharp

increase in U.S. export control enforcement since the events of 9/11, neither U.S. nor

foreign individuals and entities can afford to operate in the dark.

CONTACT THE AUTHORS

If you require assistance in complying with any of the regulations discussed in

this paper, please do not hesitate to contact either of the authors. We regularly assist

small, medium and large corporations, as well as individuals, in effectively navigating

these complex regulatory requirements.

Kerry T. Scarlott, Esq. Ian H. Moss, Esq.

Posternak Blankstein & Lund LLP Posternak Blankstein & Lund LLP
Prudential Bldg Prudential Bldg
800 Boylston Street 800 Boylston Street
Boston, MA 02199 Boston, MA 02199
T 617.973.6272 T 617.973.6146
C 617.823.9069 C 617.669.9895
F 617.722.4912 F 617.722.4989
kscarlott@pbl.com imoss@pbl.com

© Posternak Blankstein & Lund LLP 2009 Page 10 of 10

ID # 594770v03/5555-1