7 minute read
EXPERT INSTRUCTORS
Government Faculty:
Dilan Wickrema
Foreign Affairs Officer
Directorate of Defense Trade Controls (DDTC)
Learn from Expert Instructors with Verified Subject-Matter Expertise and Proven Track Records:
Michael Mellen
Director, International Trade Compliance
Sikorsky, a Lockheed Martin Company
Andrew K. McAllister Partner Holland & Knight LLP
D. Grayson Yeargin
Partner
Jones Day
Brent Missimer Corporate International Trade Compliance Attorney Leidos
Chris Stagg Counsel
Miller & Chevalier Chartered
Iliyana (Hristev) Dwivedi
Senior Director, Global Export Compliance Oracle
Christopher H. Skinner Partner
Williams Mullen
Alexis Farris Wetzler
Assistant General Counsel, Export Compliance Honeywell
Jahna Hartwig
Senior Counsel
Wilson Sonsini Goodrich & Rosati PC
Kelly McCorkle
Senior Trade Advisor Schulz Trade Law PLLC
Darren Riley Partner
Riley Trade Law PLLC
Kimberly A. Strosnider Partner
Covington & Burling LLP
Denise Lester
Manager, International Trade Compliance Northrop Grumman
Olga Torres
Founder and Managing Member Torres Trade Law, LLC
Jack Hayes Of Counsel Steptoe & Johnson LLP
Compliance Roadmap & Classification
Calendar-alt Tuesday, October 17, 2023 Clock 1:00 p.m.–4:30 p.m. (ET)
Michael Mellen
Andrew K. McAllister Partner Holland &
D. Grayson Yeargin Partner Jones Day
Your U.S. Export Controls Roadmap: A Review of Key Concepts, Agencies, Their Jurisdictions and Roles — and Who to Contact for What
As a primer for the day ahead, speakers will review key agencies for ITAR and other export-controlled goods and technologies, their roles, and key tips for staying on their “good sides.”
• Jurisdiction: ITAR vs. EAR
• What is covered by the U.S. Munitions List (USML)
• BIS, DDTC, DTSA, OFAC, DOJ, and HSI: Which agency does what?
• What is an "export" and "re-export"?
The Essentials of Classification for "Defense Articles", "Technical Data" and "Defense Services": Key Pitfalls and Lessons Learned
• Identifying when foreign commercial products and technology can become ITAR-controlled
• Considerations for classification of sensitive technologies that are not on the USML
I. Defense Articles
• Definition of “defense articles”
• Clarifying ITAR application to commercial and “dual-use” items
• How original design intent, government funding, specifications, underlying technology, and intended market can affect jurisdiction
II. Technical Data
• Defining “technical data” and “export” of technical data under the ITAR
• Determining whether technical data is in the “public domain” under 120.11
• Identifying whether technical data is ITAR-controlled
III. Defense Services
• What are “defense services” under the ITAR? Common examples and pitfalls to avoid
• How the broad definition of “defense services” affects commercial business
• Definition of “public domain” and of ITAR’s “See Through” rule
• Integrating commercial and defense technologies
• Recent DDTC guidance on how to control technical data
• Reducing the risk of technical data export violations
• Complying with restrictions governing “technical” discussions
• How U.S. persons can engage in ITAR-controlled “defense services” by simply providing public domain information
• How “defense services” can cover technical data related to ITAR-controlled items
ITAR Parts 120 & 121: The “Specially Designed” Definition: Where Exporters Have Gone Right and Wrong in Determining ITAR Jurisdiction
• What is the “specially designed or modified” reach of the ITAR?
• What are the qualifiers for a “specially designed” designation?
• A review of the most common mistakes by industry when making this determination
• The do’s and don’ts for self-classifying items as “specially designed”
• How to ensure adequate documentation to support your position
WEEK 1 MODULE 1 | PART 2
The “How To” of ITAR Classification
Calendar-alt Thursday, October 19, 2023 Clock 1:00 p.m.–4:30 p.m. (ET)
Brent Missimer Corporate International Trade Compliance Attorney Leidos
Chris Stagg Counsel Miller & Chevalier Chartered
Classification/Re-Classification in Practice: A Step-by-Step Guide to Structuring Your Classification Approach, and the Most Common Missteps to Avoid
• The fundamental importance of jurisdiction and classification
• Ensuring self-classification follows a proper analysis through the order of review and uses essential sources
• What is the approach to take for self-classification, compared with writing a Commodity Jurisdiction (CJ) request?
• Handling situations where an item meets the control criteria of multiple entries by determining the correct classification
• Understand how to approach self-classifications for hardware, technical data, software, and services
• How do companies design and maintain jurisdiction and classification systems (e.g., creating databases to store the classifications, creating bucket classification groups)?
• How to create defendable self-classification assessments, especially when it is determined the item is not subject to the ITAR
• The use of engineers and other subject-matter experts to perform selfclassifications
• What to do if there is an error in self-classification? Does it mean there is a violation?
• ITAR jurisdiction and classification issues concerning foreign made products
• Addressing the ITAR see-thru rule and other important rules
• Relying on supplier and manufacturer self-classifications
• When to revisit previous self-classifications
ITAR Sections 120.3 and 120.4 – When to Use the Commodity Jurisdiction Process, and How to Draft a CJ Request
Through a review of best practices and common pitfalls, you will gain comprehensive guidance for preparing CJ requests- and deciding when to file a CJ instead of conducting a self-determination. You will also benefit from insight on how DDTC and DTSA review CJ requests, and recent trends in jurisdictional determinations..
• Preparing a CJ request: What you need to submit, what supporting material to include and other key elements
• DDTC Guidelines for preparing CJ requests: What the State Department expects
• Who should prepare CJ requests and when
• Key factors affecting CJ determinations: Recent trends in rulings and lessons learned
Hypothetical Exercises, Q&A and Review
• How to interpret CJ determinations, and what you can do with them
• The consequences of filing a CJ determination: Pre-filing, while awaiting a decision, and afterwards
• Strategic uses of the commodity jurisdiction procedure
• Alternatives to using the commodity jurisdiction process
Toward solidifying your understanding of this session, the instructors will take you through a series of hypothetical scenarios, sample license applications, and how to put the “rubber to the road.” Ample time will be left for Q&A. As a closing segment, instructors will provide additional clarification and guidance, and take your questions.
WEEK 2 MODULE 2 | PART 1
Foreign, Dual and Third Country Nationals, and Technology Transfers
Calendar-alt Tuesday, October 24, 2023 Clock 1:00 p.m.–4:30 p.m. (ET)
Iliyana (Hristev) Dwivedi Senior Director, Global Export Compliance Oracle
Christopher H. Skinner Partner Williams Mullen
ITAR Sections 120.10, 120.17, 124.1, 125.2, 125.3 and 126.18 – How to Comply with Foreign, Dual and Third Country National Rules
• How DDTC defines “foreign national”, “dual national”, “third country national”, “U.S. person” and “access”: Impact of dual and third country national requirements under 126.18, and available exemptions
• How the ITAR addresses the sharing of technology with foreign persons inside and outside the U.S.
• Screening and interviewing foreign nationals without discriminating on the basis of national origin: Reconciling the ITAR with EU, Australian and Canadian human rights and privacy laws
Technology Transfers Under the ITAR
• How to define “technology transfer”
• Special considerations for IT access: Key ITAR risks associated with your networks, servers, cloud applications, mobile devices and social media activity
Hypothetical Exercises, Q&A and Review
• Incorporating export controls language into your offer letters, employment agreements and using non-disclosure agreements (NDAs)
• Assigning foreign persons to ITAR sensitive areas: Avoiding deemed export/re-export violations, and to how to badge non-U.S. persons
• Flagging R&D and engineering that can pose ITAR compliance risks
• Examples of technology transfers in the cloud, on social media and via email
Toward solidifying your understanding of this session, the instructors will take you through a series of hypothetical scenarios, sample license applications, and how to put the “rubber to the road.” Ample time will be left for Q&A. As a closing segment, instructors will provide additional clarification and guidance, and take your questions.
WEEK 2 MODULE 2 | PART 2
Foreign, Dual & Third Country Nationals, and Technology Transfers
Calendar-alt Thursday, October 26, 2023 Clock 1:00 p.m.–4:30 p.m. (ET)
Alexis Farris Wetzler Assistant General Counsel, Export Compliance Honeywell
Jahna Hartwig Senior Counsel Wilson Sonsini Goodrich & Rosati PC
A Deep Dive into Required Technology Controls: Managing Visitor and IT Access to ITAR-Controlled Technical Data
• Controlling foreign nationals’ access to ITAR-controlled data: When a password, absolute lockdown and/or email controls are required
• Managing access risks posed by offshore IT support, cloud computing and e-rooms for electronic collaboration
• Protecting U.S. origin data on laptops and servers
• Managing email transfers of technical data: Tracking and marking sensitive communications, and designating emails
• Protecting hardware and servers: When to create separate servers for controlled information and/or partition drives
• Cloud computing do’s and don’ts
• Requirements for recordkeeping, storage, data maintenance, preservation and retrieval procedures
• Working with your IT Department, and conducting reviews of your IT program
• Controlling visitor access to restricted areas and physical access to your facility
Special Considerations for Laptops, E-Mails, Mobile Devices and Employee Travel
• How to use IT security software such as DLP to pull data back onto U.S. servers
• Which countries have import/use restrictions on encryption items?
• Concerns about accessing company networks and downloading while abroad
• Reconciling BIS and ITAR license exemptions
• Practical examples of travel procedures and clean device requirements
Due Diligence of Cloud Service Providers, ITAR-Controlled Data and Your Compliance Plan: How Far You Need to Go
• Key ITAR compliance risks in the cloud
• Traversing considerations for infrastructure as a service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS)
• Reconciling Commercial vs. Government Cloud
• DFARS, National Institute of Standards & Technology (NIST) 800-171, and U.S. Export Controls
• Practical examples of how companies are navigating compliance with these types of solutions
The Nuts and Bolts of TCPs & TTCPs: Your Step-by-Step Checklist
Through a review of sample TCPs and TTCPs, the speakers will take you through the essentials and address, among other issues:
• How to control access by foreign nationals and other unauthorized persons to controlled data
• How to “right size” compliance for your organization
• Identifying tailored facility concerns for your organization (e.g., screening visitors, requiring sign-in, badges and accompanied hosts, etc.)
Hypothetical Exercises, Q&A and Review
• Best practices for IT controls and network access rights
• Tips for Facility Management and Technology Control Plans
Toward solidifying your understanding of this session, the instructors will take you through a series of hypothetical scenarios, sample license applications, and how to put the “rubber to the road.” Ample time will be left for Q&A. As a closing segment, instructors will provide additional clarification and guidance, and take your questions.
WEEK 3 MODULE 3 | PART 1
