On September 10, 2020, Judge John Bates of the DC District Court issued a memorandum opinion dismissing a lawsuit against the US Department of Commerce filed by a US-based carrier in June 2019 in response to the Bureau of Industry and Security’s (BIS) decision to add a major Chinese telecommunications manufacturer and numerous affiliates to the Entity List in May 2019. The carrier argued that the BIS rule infringed on its due process rights because the carrier could be held strictly liable for violations of the Export Administration Regulations (“EAR”) caused by its customers. It also argued that BIS exceeded its authority under the Export Control Reform Act of 2018 (“ECRA”).

The Decision

Under the EAR, carriers and other intermediaries can be held liable for facilitating violations of their customers. For example, a carrier that transports US-origin goods to a person on the Entity List who is not licensed to receive those goods could violate the EAR in addition to the sender who initiated the shipment. The carrier in this case had argued that it could not know the contents of every package it transported and that holding it strictly liable for its customers’ violations would not advance US national security or foreign policy goals. It also challenged the rationality of imposing strict liability on common carriers while holding customers liable only if they “knowingly” engage in a prohibited shipment.

The carrier argued that the EAR’s strict liability standard would require the company either to cease all business operations that create a reasonable risk of violating the EAR (e.g., shipping packages to persons on the Entity List) or to “proceed with its business operations and face a substantial risk that it will violate the EAR and suffer harm.”

In granting the US government’s motion to dismiss the claims, Judge Bates found that BIS’s strict liability standard for carriers was “rationally related to a legitimate government interest” (i.e., US national security and foreign policy) and that it was reasonable for BIS to hold carriers to a higher standard because they are “repeat players with the institutional knowledge and scale to navigate the EAR.” Under prevailing case law, these findings were sufficient to reject the carrier’s due process claims.

Judge Bates also considered the carrier’s arguments that BIS could not, per the scope of its authority under ECRA, hold carriers liable for both “transferring” items in breach of the EAR and “aiding and abetting” violations of the EAR. While conceding that the language of ECRA was “inelegant,” Judge Bates found BIS had not exceeded its authority in drafting the EAR to cover both types of conduct.

Analysis

The carrier’s suit was a long shot given the high bar to challenging US agency actions. However, its arguments about liability for customers’ violations of the EAR take on added urgency given BIS’s more recent changes to the EAR. These changes include amendments to the military end-use / military end-user rule, the foreign-produced direct product rule, and expanded prohibitions under the Entity List targeting all parties to a transaction, which significantly increase the compliance burden of many transactions involving goods, technology, and software controlled under the EAR.

The focus is now on what carriers can do to comply with the EAR in a risk-based and reasonably efficient manner. The EAR does not mandate any particular compliance measures. However, as pointed out by the plaintiff in this case, failing to take steps could expose a carrier to liability if its customer is engaged in prohibited conduct.

Examples of compliance measures would include screening the names of all parties to a shipment and scrutinizing shipments involving parties on the Entity List. The EAR does not prohibit all shipments, and shipments of items that are not subject to the EAR would fall outside BIS’s jurisdiction entirely. However, a carrier would not ordinarily know the contents of a package or be in a position to evaluate whether a particular item is subject to the EAR, if the shipment originated outside the United States.

Ultimately, a carrier’s real liability will depend on how BIS goes about enforcing the EAR in the context of the Entity List. Although the plaintiff in this case has a history of EAR violations, this challenge did not relate to a specific BIS enforcement action. BIS could resolve some of the ambiguity by issuing guidance clarifying the application of the EAR to carriers. In that regard, the agency has received considerable feedback from a wide range of companies in response to recent rulemakings demanding clarifications.

In some ways, carriers are now in a similar position as financial institutions, which can also be held accountable for their customers’ violations of sanctions regulations issued by the US Treasury Department’s Office of Foreign Assets Control (“OFAC”). OFAC has alleviated some of the industry’s concerns through guidance about liability of intermediary financial institutions and expectations for due diligence. Carriers may soon look to financial institutions for models of how to build risk-based programs for compliance with the EAR.