Protection of IP Assets

The United States federal laws restricting exports of goods and technology have been in existence in one form or another since the 1940s. Currently, the laws are implemented by the US Department of Commerce through its Export Administration Regulations (EAR), the US Department of State through its International Traffic in Arms Regulations (ITAR), and the US Department of Treasure through its Office of Foreign Assets Control (OFAC).

The US export control laws and regulations have several purposes: to restrict exports of goods and technology that could contribute to the military potential of US international adversaries; to prevent the proliferation of weapons of mass destruction; to advance US foreign policy goals; and to protect the US economy and promote trade goals. Attention to export controls has increased due to recent heightened concerns about national and homeland security as well as the need to prevent proliferation of weapons of mass destruction and terrorism and leaks of technology to US economic competitors.

The EAR and ITAR apply to the transfer of specific physical items and information and the provision of specific services to persons and entities outside the United States (exports) and to the disclosure of specific information and the provision of specific types of services to foreign nationals inside the United States (deemed exports). When the activities of the company involve the export of those specified things, information, or services outside the United States and the disclosure or transmission of those specified things, information, or services to foreign nationals inside the United States, the activities become subject to export control laws and regulations. In some instances, those regulations will require that the company obtain a special license from the Commerce, State, or Treasury Department. Violations of these regulations may result in criminal penalties (including fines and/or prison sentences for individuals) and civil sanctions. US domestic security protection requirements include physical security, personnel security, information assurance (Clinger-Cohen Act), and industrial security (DD-254). Foreign National considerations refer to non-US citizen, non-US owned, or non-US chartered persons or organizations related to any form of business including, but not limited to, industry, contractor, government, military, and/or academia. It is important to recognize that US-entities may be working for foreign entities, and foreign entities may be working for US-entities.

Data disclosure and security are issues that impact scenarios in both domestic and foreign providers. It is critical to keep in mind that security procedures must be addressed with similar vigilance in either case. Most of the security procedures are the same for both scenarios, with the exception of additional data disclosure, facility access, and visitor request procedures that impact foreign nationals.

Executive Order 12958, April 17, 1995, sets US Government policy for classifying national security information that must be protected from unauthorized disclosure (http://www.dss.mil/seclib/eo12958.htm). Information is classified in one of two ways -- originally or derivatively. Classified Military Information (CMI) may be oral, visual, or material in form. The classification levels are Confidential, Secret, and Top Secret. Note that there are different access levels within the classification management process. These include Sensitive Compartmented Information (SCI) and Special Access Programs (SAP).

Subject to US government regulations, ITAR and EAR require companies to comply with associated export laws and provide documents of compliance to the respective government agencies (Department of State) as well as provide procedures to audit compliance. Since data objects in the ENOVIA PLM environment may be subject to ITAR and/or EAR compliance, the environment should provide the necessary mechanisms to manage the data access restrictions and permit auditing/logging/report as required.

Other countries have implemented export controls with similar goals as ITAR and EAR to block the proliferation of Weapons of Mass Destruction. Their processes are similar, but may contain different, specific exceptions, watch lists, as ITAR or EAR.

From the European Commission, Bulletin EU 12-2006 Common commercial policy (7/22): 1.28.7. Communication from the Commission to the Council on the review of the EC regime of controls of exports of dual-use items and technology.

References:

Council Regulation (EC) No 1334/2000 setting up a Community regime for the control of exports of dual-use items and technology: OJ L 159, 30.6.2000; Bull. 6-2000, point 1.6.26, as last amended by Council Regulation (EC) No 1504/2004: OJ L 281, 31.8.2004; Bull. 7/8-2004, point 1.5.29

Proposal for a Council regulation establishing an EC regime of controls of exports of dual-use items and technology: COM(2006) 829; point 1.28.8 of this Bulletin Adopted on 18 December. Controls of exports of dual-use items and technology played a key role in the fight against the proliferation of weapons of mass destruction. Although controls of these exports have a security objective, they are carried out through trade policy measures that impose constraints on the activity of EU manufacturers and exporters, which should be limited to the minimum necessary in order to promote their international competitiveness. The Commission's proposals aimed at reinforcing the effectiveness of export controls, at introducing more clarity in the EU export control regime, at ensuring a more consistent and homogeneous application of the EU export control regulation and at facilitating trade within the internal market. The Commission also drew the attention of the Council to the need for a more effective and better coordinated EU position in the international export control regimes.[ COM(2006) 828 ]