As a U.S. business grows into a global enterprise, it must pay attention to export regulations impacting the shipment (or transmission) of items and technology outside the U.S. Unfortunately, export control regulations are incredible complex. Below are a few hypothetical situations that provide a sense of the breadth and complexity of these regulations:
- Mundus Corp. (MC) is an expanding global business with primary operations in the U.S. In connection with the opening of MC’s new Russian office, it has engaged Natar Ltd. (NL), an Asia-based technology outsourcing firm. NL will enhance an MC-developed information security software application, MC Lock, used to assist with customer database security. MC intends to electronically transmit MC Lock source code (the computer language programmers use) to one of NL’s Asian offices. NL will use such code to enhance MC Lock.
- NL plans to send some of its Asia-based employees to MC’s U.S. offices. While there, these NL employees will access MC’s technology, including the source code to MC Secure.
- MC’s CIO is planning a trip to Russia to visit MC’s new office. The chief information officer will bring a company-issued laptop with her. Her laptop’s hard drive will be encrypted (using standard “off-the-shelf” software).
Export control laws
Analyzing hypothetical 1: Exporting software
An electronic transfer of source code to NL’s foreign office will be an export under the EAR. MC will have to undertake a somewhat complicated analysis to determine whether there is an EAR export classification control number (ECCN) applicable to MC Lock, and if so, whether there are any restrictions on exporting items associated with that ECCN to the Asian country in which NL’s office is located.