734.2—Important EAR terms and principles.
(a) Subject to the EAR—Definition.
(1)
“Subject to the EAR” is a term used in the EAR to describe those items and activities over which BIS exercises regulatory jurisdiction under the EAR. Conversely, items and activities that are not subject to the EAR are outside the regulatory jurisdiction of the EAR and are not affected by these regulations. The items and activities subject to the EAR are described in §§ 734.2 through 734.5 of this part. You should review the Commerce Control List (CCL) and any applicable parts of the EAR to determine whether an item or activity is subject to the EAR. However, if you need help in determining whether an item or activity is subject to the EAR, see § 734.6 of this part. Publicly available technology and software not subject to the EAR are described in §§ 734.7 through 734.11 and supplement no. 1 to this part.
(2)
Items and activities subject to the EAR may also be controlled under export-related programs administered by other agencies. Items and activities subject to the EAR are not necessarily exempted from the control programs of other agencies. Although BIS and other agencies that maintain controls for national security and foreign policy reasons try to minimize overlapping jurisdiction, you should be aware that in some instances you may have to comply with more than one regulatory program.
(3)
The term “subject to the EAR” should not be confused with licensing or other requirements imposed in other parts of the EAR. Just because an item or activity is subject to the EAR does not mean that a license or other requirement automatically applies. A license or other requirement applies only in those cases where other parts of the EAR impose a licensing or other requirement on such items or activities.
(b) Export and reexport—
(1) Definition of export.
“Export” means an actual shipment or transmission of items subject to the EAR out of the United States, or release of technology or software subject to the EAR to a foreign national in the United States, as described in paragraph (b)(2)(ii) of this section. See paragraph (b)(9) of this section for the definition that applies to exports of encryption source code and object code software subject to the EAR.
(2) Export of technology or software.
(See paragraph (b)(9) for provisions that apply to encryption source code and object code software.) “Export” of technology or software, excluding encryption software subject to “EI” controls, includes:
(ii)
Any release of technology or source code subject to the EAR to a foreign national. Such release is deemed to be an export to the home country or countries of the foreign national. This deemed export rule does not apply to persons lawfully admitted for permanent residence in the United States and does not apply to persons who are protected individuals under the Immigration and Naturalization Act (8 U.S.C. 1324b(a)(3) ). Note that the release of any item to any party with knowledge a violation is about to occur is prohibited by § 736.2(b)(10) of the EAR.
(3) Definition of “release” of technology or software.
Technology or software is “released” for export through:
(iii)
The application to situations abroad of personal knowledge or technical experience acquired in the United States.
(4) Definition of reexport.
“Reexport” means an actual shipment or transmission of items subject to the EAR from one foreign country to another foreign country; or release of technology or software subject to the EAR to a foreign national outside the United States, as described in paragraph (b)(5) of this section.
(5) Reexport of technology or software.
Any release of technology or source code subject to the EAR to a foreign national of another country is a deemed reexport to the home country or countries of the foreign national. However, this deemed reexport definition does not apply to persons lawfully admitted for permanent residence. The term “release” is defined in paragraph (b)(3) of this section. Note that the release of any item to any party with knowledge or reason to know a violation is about to occur is prohibited by § 736.2(b)(10) of the EAR.
(6)
For purposes of the EAR, the export or reexport of items subject to the EAR that will transit through a country or countries or be transshipped in a country or countries to a new country or are intended for reexport to the new country, are deemed to be exports to the new country.
(7)
If a territory, possession, or department of a foreign country is not listed on the Country Chart in supplement No. 1 to part 738 of the EAR, the export or reexport of items subject to the EAR to such destination is deemed under the EAR to be an export to the foreign country. For example, a shipment to the Cayman Islands, a dependent territory of the United Kingdom, is deemed to be a shipment to the United Kingdom.
(8)
Export or reexport of items subject to the EAR does not include shipments among any of the states of the United States, the Commonwealth of Puerto Rico, or the Commonwealth of the Northern Mariana Islands or any territory, dependency, or possession of the United States. These destinations are listed in Schedule C, Classification Codes and Descriptions for U.S. Export Statistics, issued by the Bureau of the Census.
(9) Export of encryption source code and object code software.
(i)
For purposes of the EAR, the export of encryption source code and object code software means:
(A)
An actual shipment, transfer, or transmission out of the United States (see also paragraph (b)(9)(ii) of this section); or
(B)
A transfer of such software in the United States to an embassy or affiliate of a foreign country.
(ii)
The export of encryption source code and object code software controlled for “EI” reasons under ECCN 5D002 on the Commerce Control List (see supplement No. 1 to part 774 of the EAR) includes downloading, or causing the downloading of, such software to locations (including electronic bulletin boards, Internet file transfer protocol, and World Wide Web sites) outside the U.S., or making such software available for transfer outside the United States, over wire, cable, radio, electro-magnetic, photo optical, photoelectric or other comparable communications facilities accessible to persons outside the United States, including transfers from electronic bulletin boards, Internet file transfer protocol and World Wide Web sites, unless the person making the software available takes precautions adequate to prevent unauthorized transfer of such code. See § 740.13(e) of the EAR for notification requirements for exports or reexports of encryption source code and object code software considered to be publicly available consistent with the provisions of § 734.3(b)(3) of the EAR.
(iii)
Subject to the General Prohibitions described in part 736 of the EAR, such precautions for Internet transfers of products eligible for export under § 740.17 (b)(2) of the EAR (encryption software products, certain encryption source code and general purpose encryption toolkits) shall include such measures as:
(A)
The access control system, either through automated means or human intervention, checks the address of every system outside of the U.S. or Canada requesting or receiving a transfer and verifies such systems do not have a domain name or Internet address of a foreign government end-user (e.g., “.gov,” “.gouv,” “.mil” or similar addresses);
(B)
The access control system provides every requesting or receiving party with notice that the transfer includes or would include cryptographic software subject to export controls under the Export Administration Regulations, and anyone receiving such a transfer cannot export the software without a license or other authorization; and
(C)
Every party requesting or receiving a transfer of such software must acknowledge affirmatively that the software is not intended for use by a government end-user, as defined in part 772, and he or she understands the cryptographic software is subject to export controls under the Export Administration Regulations and anyone receiving the transfer cannot export the software without a license or other authorization. BIS will consider acknowledgments in electronic form provided they are adequate to assure legal undertakings similar to written acknowledgments.