On October 6, 2020, the U.S. Commerce Department’s Bureau of Industry and Security (“BIS”) promulgated a newly expanded licensing policy relating to human rights under the Export Administration Regulations (“EAR”). We believe this is an area of increasing regulatory interest on the part of the U.S. government, including the U.S. Congress, and we would expect to see more developments like this in the near future.
On the one hand, the immediate practical impact of this new licensing policy may be limited. First, it only informs the factors that the U.S. government must consider when deciding whether or not to issue a license under the EAR – it does not impose any new restrictions or licensing obligations in cases when a license previously was not required. Second, even when the licensing process is triggered, we believe human rights considerations would have often been taken into account before this rule took effect, though perhaps less formally. On the other hand, this policy change may be more significant for what it says about the direction in which U.S. export controls are heading, and it may come into play in significant ways in certain types of license applications.
There has long been a human rights licensing policy under the EAR for items controlled for “Crime Control and Detection” (“CC”) reasons, but that policy applied only to a narrow set of products (e.g., certain law enforcement tools and firearms). This pre-existing licensing policy in Section 742.7(b) of the EAR provided as follows:
Applications for items controlled under this section will generally be considered favorably on a case-by-case basis unless there is civil disorder in the country or region or unless there is evidence that the government of the importing country may have violated internationally recognized human rights. The judicious use of export controls is intended to deter the development of a consistent pattern of human rights abuses, distance the United States from such abuses and avoid contributing to civil disorder in a country or region. (emphasis added)
In the October 6 rule, BIS has expanded this pre-existing licensing policy applicable to CC-controlled items in order to:
. . . enable BIS and other reviewing agencies to consider (1) violations or abuses of human rights by individuals or entities other than the government of the importing country and (2) abuses of human rights by the government in addition to violations of internationally recognized human rights.
This newly expanded human rights licensing policy reads as follows:
Applications for items controlled under this section will generally be considered favorably on a case-by-case basis, unless there is civil disorder in the country or region or unless there is a risk that the items will be used to violate or abuse human rights. The judicious use of export controls is intended to deter human rights violations and abuses, distance the United States from such violations and abuses, and avoid contributing to civil disorder in a country or region. (emphasis added)
This new wording points to a broader consideration of human rights issues in the licensing process under the EAR.
In addition to broadening the scope of this licensing policy as applied to CC-controlled items, BIS is expanding its consideration of human rights issues beyond CC-controlled items to include items controlled under the EAR for any other reason (except “short supply” reasons, a relatively narrow and rarely-used set of controls), when an item “could be used by the recipient Government or other end user specifically to violate or abuse human rights.” BIS noted in particular that these human rights considerations will be taken into account in licensing decisions relating to “certain telecommunications and information security and sensors.”
BIS has explained this policy change as follows:
This revision is necessary to clarify to the exporting community that licensing decisions are based in part upon U.S. Government assessments of whether items may be used to engage in, or enable violations or abuses of, human rights including those involving censorship, surveillance, detention, or excessive use of force.
This change of policy is noteworthy for what it says more generally about the direction of U.S. export controls. As discussed above, these human rights concerns had previously only been a factor in licensing decisions for CC-controlled items. The EAR’s CC controls are unilateral on the part of the United States. By expanding consideration of these human rights issues into licensing decisions for other types of items, BIS has changed some of the longstanding licensing policies that apply to items regulated under the export control provisions that are based on multilateral agreements, such as under the auspices of the Wassenaar Arrangement. Other jurisdictions also maintain unilateral export controls for human rights reasons, but there is not currently a broad consensus on this issue at a multilateral level. The Wassenaar Arrangement, most notably, remains focused primarily on international and regional security issues, including destabilizing accumulations of dual-use and military products, and preventing transfers of such products to terrorist groups. Civil society organizations and others have been critical of this narrow approach by these multilateral bodies for several years, and have encouraged the adoption of more robust and targeted multilateral human rights export controls.
The Wassenaar Arrangement did try to take a significant step into the human rights arena at its December 2013 plenary meeting, at which it proposed new export controls on cybersecurity items, such as “intrusion software” tools and IP network communications surveillance systems. These proposals were triggered by concerns about autocratic governments using cyber tools for purposes of extrajudicial surveillance and other conduct inconsistent with prevailing international views of privacy and the rule of law. Ultimately, after strong resistance by industry and other stakeholders, such as the Coalition for Responsible Cybersecurity that Steptoe helped organize, these rules were not implemented by all participating states at the Wassenaar Arrangement. Even after these proposed controls were amended at the Wassenaar Arrangement, the U.S. in particular has still not implemented them.
BIS has been applying export controls in the human rights context in other ways. For example, in October 2019, BIS designated on the Entity List a number of Chinese technology companies for being “implicated in human rights violations and abuses in the implementation of China’s campaign of repression, mass arbitrary detention, and high-technology surveillance against Uighurs, Kazakhs, and other members of Muslim minority groups in” western China.
More recently, BIS issued a Notice of Inquiry seeking comments from industry and other stakeholders about the possibility of adopting new export controls on “advanced surveillance systems and other items of human rights concern” (as well as modifying some of its longstanding CC controls) . BIS expressed “particular interest” in “facial recognition software and other biometric systems for surveillance, nonlethal visual disruption lasers, and long-range acoustic devices and their components, software, and technologies.” This initiative, along with BIS’s statutory mandate to continue to consider new and expanded export controls on “emerging and foundational technologies” could lead to the adoption of new regulations in these areas in the future.
The EU has been even more active in trying to implement export controls based on human rights concerns. EU Member States’ competent authorities are already required to take into account the human rights situation in the country of final destination as well as compliance by that country with international be exported might be used for internal repression they shall deny the export license (Article 12(1)(c) EU Dual-Use Regulation in connection with Article 2(2) Council Common Position 2008/944/CFSP).
In the context of the review of the EU Dual-Use Regulation, the European Commission and the European Parliament proposed stricter controls of cyber-surveillance technology, including (1) expanding the definition of “dual-use items” to include “cyber-surveillance technologies” and (2) introducing an EU autonomous list of specific cyber-surveillance technologies of concern to be subject to controls. Germany has already introduced controls on the export of surveillance technologies that go beyond controls at EU level. Moreover, the European Parliament suggested to include a “catch-all” provision that would require prior authorization for the export of non-listed cyber-surveillance (dual-use) items which could facilitate human rights violations.
While stakeholder concerns and opposition from the Council of the EU have delayed the review of the EU Dual-Use Regulation, the Council of the EU and the European Parliament seem to have almost reached a political agreement on the most important elements of the reform. Moreover, the , the future scope of the revised dual-use regime would remain aligned with the Wassenaar Arrangement but would go beyond by introducing additional EU unilateral controls on cyber-surveillance technology and emerging technologies (yet to be defined), for the sake of human rights protection.
While it is too soon to say that the U.S. and EU are converging on a consensus about export controls relating to human rights, they are pursuing parallel initiatives in this area that we believe both sides will likely try to reconcile and agree upon at the multilateral level. But given the differing approaches to these issues in the U.S. and EU, such a consensus may be some years off. In the meantime, industry and other stakeholders should prepare themselves for a more complex patchwork of unilateral controls.