By: Holly Thorne
Introduction
1. This Table sets out a number of questions put to and answered by the US Department of State (DoS) (Director of Policy, Directorate of Defense Trade Controls) by HM Government (HMG) and UK industry, concerning this rule change which alters the way in which access by Dual and Third Country Nationals (DTCN) employees of importing (non-US) entities to ITAR-controlled material is controlled. The effective date of the rule was 15th August 2011.
2. This UK-specific Questions and Answers Matrix has been agreed by DoS to help UK End Users and Consignees comply with the rule change requirements and complements the Technology Security Plan (TSP) that HMG has also agreed with DoS. The information suggested in this document is for guidance only and made without any endorsement, representation or warranty. It is not intended to provide legal or professional advice, and any party seeking to rely on it should ensure that it has obtained its own legal advice to ensure that it is applied in accordance with UK law.
|
Clarification Question |
DoS Clarification |
|
| 1. Is ITAR 124.16 still available for use as an alternative to ITAR 126.18 in TAA and MLA?
|
Yes ITAR 124.16 is still available. | |
| 2. Does the new rule change offer two genuine alternatives to compliance by foreign consignees/end users; as employers they either obtain formal Government security clearance for their affected employees, or subject them to bespoke screening?
|
There are two genuine alternatives, ITAR 126.18(c)(1) and ITAR 124.18 (c)(2). The screening procedures and associated requirement only apply to the second, and not the first which is solely concerned with security clearance of employees. | |
| 3. What level of a formal Government Security clearance will suffice to meet the requirements of ITAR 126.18(c)(1)?
|
Any security clearance approved by the host Government of the end user/consignee is sufficient to meet these requirements. In the UK, Security Check (SC) clearance meets these requirements. | |
| 4. Does the new rule apply to the export of UNCLASSIFIED ITAR-controlled material only? What then is the position in relation to the export of classified material? | The ITAR 126.18 exemption is only available for UNCLASSIFIED US ITAR-controlled exports (below US CONFIDENTIAL). The US-UK Exchange of Notes (EoN) makes it clear that classified exports are to be dealt with separately under the UK-US General Security Agreement | |
| 5. Does the new rule extend to all ITAR-controlled exports, or only to those governed by TAAs and MLAs? | The new rule applies to the export of all ITAR-controlled material and hence all forms of US arms export licence. DoS has recently published guidance on how to implement the new rule for licenses and Warehouse and Distribution Agreements.
|
|
| 6. Why does the scope of the new rule include technical data but exclude “defense services”, even though both are encompassed by TAA/MLA?
|
“Defense services” cannot be retransferred as such. “Defense services” do however remain a feature of retained ITAR 124.16 (amended) for MLA/TAA. | |
| 7. How does the new rule treat sub-licensees and how do sub-licensing provisions work in relation to hardware licensing?
|
The new rule applies equally to sub-licensees as it does to licensees. It has no bearing on formal applications for re-transfer. For hardware licensing see 5 above. | |
| 8. Does conflict exist between ITAR 126.18 and ITAR 126.1(a), if so how will this be dealt with?
|
No conflict exists, because of the insertion of the phrase “notwithstanding any other provision of this part” into ITAR 126.18. “Part” here means Part 126. Hence the exemption applies to 126.1(a) nationals and dual nationals who have undergone the UK’s Baseline Personnel Security Standard (BPSS).
|
|
| 9. How does the new rule apply to end users and foreign consignees? Is there a distinction?
|
The new rule applies equally to end users and foreign consignees wherever they operate. | |
| 10. Does the ITAR 126.18 requirement for NDAs (for employers with non-security cleared employees) apply to employers, employees or both?
How will this requirement work in relation to foreign governments and international organisations (NATO, EDA etc?) |
Only the employer itself needs to enter into an NDA on a self-certification basis. Individual employees need not do so. This does not prohibit use of employee NDAs to support employer NDAs, but this is not an ITAR requirement and is a matter for the end user/consignee.
End users and consignees should note that the NDA required for the purpose of this rule change is not the same as the NDA referred to under existing Dept of State/DDTC Agreements Guidelines (Tab 11 refers).
HMG may follow the same process.
The NDA requirement does not apply to international organisations such as NATO and EDA.
|
|
| 11. What form should the NDA take? | A model NDA is to be found in the TSP and has been endorsed by DoS. This forms part of the agreed TSP for the UK and meets the NDA requirements for all exports. DoS have also confirmed that the NDA process will involve self-certification without any need for delivery to DoS. | |
| 12. Does the new rule permit transfers to employees outside of “the physical territories of the country where the end-user is located or the consignee operates”?
|
The transfer of defense articles pursuant to this section must take place completely within the physical territory of the country where the end-user is located, where the governmental entity or international organization conducts official business, or where the consignee operates, and be within the scope of an approved export license, other export authorization, or license exemption. | |
| 13. How does the rule apply to personnel within the UK’s Armed Forces? Are these to be treated as “bona fide, regular employees, directly employed by the….foreign government entity” (ITAR 126.18 (a) refers)? | HM Armed Forces personnel are to be treated by the rule in the same way as other employees.
|
|
| 14. Will the new rule require or imply the use of certification by end users/foreign consignees to exporters, that they have screened their affected employees for risk of diversion?
|
No certification is required. Indeed certification should not be requested by exporters.
|
|
| 15. Does the rule require the disclosure of personnel records of employees of UK employers to DoS? | DoS understands that any disclosure must be in accordance with UK law. The EoN between the US and UK Governments recognises this and acknowledges the existence of previously agreed bilateral arrangements between the two Governments. Any disclosure requests by DoS or its agents will be made via HMG. | |
| 16. ITAR 126.1 cross-reference – Is it accepted that employees can travel for business, family and personal reasons? | Yes. | |
| 17. What about current employees who don’t have Baseline Personnel Security Standard (BPSS) clearance? | Those affected employees already handling ITAR controlled materiel should already be covered under existing licences. Other employees will be covered when the consignee has a BPSS process in place. | |
| 18. Under ITAR 127.1(b), compliance obligations fall to the licensor. Is this still the case with ITAR 126.18? | This is not specifically addressed in the final rule change, but the answer is no. DoS guidance on their website makes it clear that licensors have no obligation to obtain written statements or certifications from foreign companies with regard to 126.18.
|
|
| 19. What about supply chains? How are UK primes to ensure compliance by their sub-contractors, including those across the EU? | There is no requirement to flow down ITAR 126.18 requirements to suppliers (sub-licensees). Each supplier must take responsibility for complying with ITAR 126.18 etc. Prior DDTC consent is still required for retransfers to third country suppliers.
|
|
| 20. To what extent, if any, could S 2(3)(B) of the Protection of Trading Interests Act 1980 render any discovery type activity by US authorities inadmissible? | There is no restriction on the UK Secretary of State’s powers under the 1980 Act. The EoN makes it clear that exchange of information must adhere to applicable agreed bilateral US UK protocols. It will not therefore be necessary to invoke the PTIA. | |
| 21. Is HMG content there are no conflicts with national regulations on employment law, privacy law etc? | It is for each end user/consignee to ensure that their implementation of the rule change is effected in a manner which complies with UK law. The TSP, model NDA and this Q&A Matrix are provided as guidance to assist end users/consignees in this exercise, but in the event of specific issues end users/consignees should obtain their own legal advice.
|
|
| 22. Will Non-Disclosure Agreements (NDAs) still be required even if a company has BPSS in place?
|
Yes. A model NDA can be found in the TSP. | |
| 23. Will there be legal conflicts if employers have to screen certain employees for substantive contacts with ITAR prohibited nations (for e.g. Syria)?
|
Dept of State has confirmed that adopting the BPSS will meet the screening requirements. Those UK end users/consignees who decide not to adopt the BPSS will have to introduce their own screening arrangements in order to comply with the rule change. | |
| 24. Will employers have to disclose private information to the US Dept of State about employees who are deemed as ‘diversion risks’? | If an end user/consignee decides not to use BPSS to meet the screening requirements of the rule change then they may follow the guidance issued by DoS on their website dated 31 August 2011.
|
|
| 25. Will employers need to refuse or remove an employee to work on a project on the basis of a risk of diversion?
|
The end user/foreign consignee must assess the risk and act reasonably and proportionately in accordance UK law.
|
|
| 26. Currently the use of 124.16 permits the exchange of defence articles with DTCN employees of the approved sub-licensees provided they are nationals of countries that are members of NATO, the European Union, Australia, Japan, New Zealand, and Switzerland, without the need to sign a personal Non-Disclosure Agreement. Where this does not apply or cannot be used 126.18 to provide a mechanism for approval for DTCNs outside of the exempt 124.16 countries. Currently this approval is satisfied using 124.8(5) which must be specifically approved within the MLA/TAA agreement. Subsequently approved individuals are obliged to sign personal NDA’s before access to defence articles is permitted. The issue with the current approach, with many European countries, is the conflict with anti-discrimination, human rights and data protection laws when requesting an employee’s place of birth or nationality.
|
The new rule provides additional flexibility which avoids the issues pertaining to the current approach. It is potentially a simpler process provided risks of diversion are accounted for. It provides a choice – end users/foreign consignees could use either approach. Whether adoption of 126.18 clearance or screening procedures in other countries is practical or consistent with their domestic law is a matter for them. | |
| 27. Section 124.8(5) will now direct DTCN approvals through 124.16 and 126.18. Does this mean 124.8(5) can no longer be used to approve nationals from countries outside of 124.16? | No. Licensing can still be used pursuant | |
| 28. Will existing agreements remain valid but require amendment to incorporate the appropriate 126.18 wording? | DoS have issued updated guidance on this transitional matter through their website.
|
|
| 29. As agreements are amended for other reasons will it be mandatory for the new 124.8(5) clause to be incorporated in place of the old one?
|
Yes. | |
| 30. Can the use of 124.16 and 124.8(5) still be used to approve employees access to defence articles in new agreements or must the provision at 126.18 be used?
|
DoS have confirmed that end users/consignees have a choice. | |
| 31. Who determines if a end user/consignees screening process is robust enough to meet the rule change requirements? Will the TSP only need to be provided at the request of the Dept of State or DDTC or its agents for civil and criminal law enforcement purposes? | If a company uses the standard UK TSP agreed with DoS, there is no requirement in the new rule to have an individual company’s security plan endorsed by DoS. Guidance is provided by DoS if a company wishes to pursue or develop its own TSP. The TSP only needs to be provided for civil and criminal law enforcement purposes and DoS understands any disclosure must be in accordance with UK law.
|
|
| 32. Do the screening results need to be provided to the US agreement holder? | No.
|
|
| 33. Is there any requirement for the foreign consignee to maintain records of its sub-licensee DN/TCN approvals? | No. | |
| 34. What responsibility does the foreign consignee have towards its sub-licensees? | None. The sub-licensee must ensure that it is compliant with the rule change. The foreign consignee may report its sub-licensees’ compliance preferences to the UK exporter. | |
| 35. ‘Regular Employees’ as defined in new 120.39 – that is permanent direct employees plus individuals ‘in a long term contractual relationship’ with the employer.
(i) Please confirm that sublicensees and contract employees, except those meeting the above criteria are not covered? (ii) What does “long term” mean?
|
(i) This is correct.
(ii) Per 120.39, Dept of State has confirmed that a regular employee generally includes individuals working under the direction and control of the company, working full time and exclusively for the company and where the staffing agency has no role in the work the individual performs. This excludes sub-licensees and those working under short term contracts less than a year in length. |
|
| 36. Can ‘temporary staff’ be taken to be ‘contract employees’ as defined in para 3.9b of the DDTC’s Agreement Guidelines, i.e. will contract employees with a UK Government BPSS clearance be covered by the 126.18 (c) (2) exemption?
|
Probably, but HMG is awaiting final guidance from DoS. | |
| 37 The provisions of this rule apply explicitly to governments / end users. Is it the intention of government end users to comply with them?
|
Dept of State understands HM Government will follow the TSP guidance, at its discretion and in accordance with UK law. | |
| 38. Do the four key elements of the BPSS fully meet the screening requirements of 126.18 (c) (2)? | Yes – the EoN agreed between the US Government and HMG on 11 August states that the BPSS meets the screening requirements of the rule change. | |