Export Control Guidance (A-Z)

This page is intended to provide guidance regarding activities subject to export controls and typically overseen by the Export Control Compliance Program (ECCP). Topics and definitions are arranged alphabetically from A-Z. If you are unable to find an answer to your questions, please contact the ECCP at exportcontrol@unl.edu, or 402-472-6965.

As a reminder, your research or activities may be subject to export controls if you:

List of Topics

Commerce Control List (CCL)

Controlled Unclassified Information, Covered Defense Information, & Office 365 US Government

DD 2345 Form

Deemed Export

Dual Use

EAR 99

Educational Information

Export

Export Administration Regulations (EAR)

Export Control Classification Number (ECCN)

Export Controls

Export License

Export License Exception

Foreign National

Fundamental Research Exclusion (FRE)

International Shipping

International Travel

International Traffic in Arms Regulations (ITAR)

Open & Closed Meetings

Participation in Research by Foreign Nationals

Published Information Exclusion

Purchasing & Export Controls Guidance

Re-export

Restrictions on Publication

Military or Space Related Research

Research Related to Nuclear, Chemical, Biological Weaponry, Missiles, or Unmanned Vehicles

Research Related to Encryption Technologies

Research Involving Select Agents or Other Pathogens

Restricted Party Screening (RPS)

Technical Data

Commerce Control List (CCL), ECCNs, & EAR 99

A key in determining whether an export license is needed or applicable in controlling a particular item, from the Department of Commerce, is knowing whether the item you intend to export has a specific Export Control Classification Number (ECCN). The ECCN is an alpha-numeric code, (which may look something like this: 3A001) and that describes the item and indicates licensing requirements. All ECCNs are listed in the Commerce Control List (CCL) (Supplement No. 1 to Part 774 of the EAR) which is available on the Government Printing Office website. The CCL is divided into the following ten broad categories, and each category is further subdivided into five product groups.

0 Nuclear & Miscellaneous
1 Materials, Chemicals, Microorganisms and Toxins
2 Materials Processing
3 Electronics
4 Computers
5 Part 1 Telecommunications
5 Part 2 Information Security
6 Sensors and Lasers
7 Navigation and Avionics
8 Marine
9 Aerospace and Propulsion
A Systems, Equipment and Components
B Test, Inspection and Production Equipment
C Material
D Software
E Technology

If your item falls under U.S. Department of Commerce jurisdiction but is not listed on the CCL, it is designated as EAR99.

EAR99 is the general “catch-all” classification number assigned to any item that is subject to the EAR but that does not have a specific export control classification number listed in the Commerce Control list. EAR99 items generally consist of low-technology consumer goods and do not require a license in many situations. However, if you plan to export an EAR99 item to an embargoed country, to an end-user of concern, or in support of a prohibited end-use, you may be required to obtain a license and should check with ECCP staff prior to making any export decisions.

Controlled Unclassified Information, Covered Defense Information, and Office 365 US Government

This information is intended to provide guidance to the UNL campus regarding applicability of Controlled Unclassified Information (CUI) and Covered Defense Information (CDI) in research and securing controlled information via Office 365 US Government.

CUI is federal non-classified information the U.S. Government creates or possesses, or that a non-federal entity (i.e. the University of Nebraska-Lincoln) receives, possesses, or creates for, or on behalf of, the U.S Government, that requires information security controls to safeguard or disseminate.

CDI is used to describe information that requires protection under the DFARS Clause 252.204-7012. It is defined as unclassified controlled technical information (CTI) or other information, as described in the Controlled Unclassified Information (CUI) Registry, that requires safeguarding or dissemination controls pursuant to and consistent with law, regulations, and Government-wide policies, that resides on the contractor’s information system, government wide policy, and is:

  1. Marked or otherwise identified in the contract, task order, or delivery order and provided to the contractor by or on behalf of DoD in support of the performance of the contract; or
  2. Collected, developed, received, transmitted, used, or stored by or on behalf of the contractor in support of the performance of the contract.

These controls must be compliant with the below federal regulations:

CUI – 32 CFR Part 2002: Issued by the Federal Information Security Oversight Office (ISOO) to establish policy for agencies on designating, safeguarding, disseminating, marking, decontrolling, and disposing of CUI, self-inspection and oversight requirements. The rule affects Federal executive branch agencies that handle CUI and all organizations (sources) that handle, possess, use, share, or receive CUI—or which operate, use, or have access to Federal information and information systems on behalf of an agency.

CDI – DFARS 252.204.7012 Safeguarding Covered Defense Information & Cyber Incident Reporting. This clause is found in DOD Contracts, which addresses the requirements of safeguarding CUI and other sensitive information and reporting breaches. This clause defines CDI to include four different categories: (1) covered technical information (“CTI”); (2) operations security; (3) export controlled information; and (4) any other information, marked or otherwise identified in the contract, that requires safeguarding or dissemination controls pursuant to and consistent with law, regulations, and government-wide policies.

CUI/CDI – NIST SP 800-171: “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations,” provides requirements for protecting the confidentiality of Controlled Unclassified Information (CUI). The requirements apply to all components of nonfederal information systems and organizations that process, store, or transmit CUI, or provide security protection for such components. The CUI requirements are intended for use by federal agencies in contractual vehicles or other agreements established between those agencies and nonfederal organizations.

-NIST SP 800-171 identifies 110 unique requirements that apply to University information systems that process, store, or transmit CUI. The 110 requirements are organized into the following 14 families: access control (22 controls); awareness and training (3 controls); audit and accountability (9 controls); configuration management (9 controls); identification and authentication (11 controls); incident response (3 controls); maintenance (6 controls); media protection (9 controls); personnel security (2 controls); physical security (6 controls); risk assessment (3 controls); security assessment (4 controls); system and communications protection (16 controls); and system and information integrity (7 controls).

CUI is divided into multiple organizational groups and categories, please reference the full list here. The following is provided as an example of some of the organizational groups and categories that may be applicable at UNL.

Please be sure to reference the full list linked above to view all of the organizational groups and categories.

Organizational Index Group CUI Categories
Export Control Export Controlled
Export Controlled Research
Organizational Index Group CUI Categories
Privacy Contract Use
Genetic Information
Health Information (HIPAA)
Student Records (FERPA)

Key Information:

If your project requires adherence to CUI or CDI requirements, please be aware that there is a cost associated with receiving access to use the secure Microsoft 365 US Government platform. Please ensure you are consulting with RCS/OSP/ITS regarding planning for this cost during the proposal stage if your research project will require this type of security. 

If CUI or CDI compliance is required for a research project, RCS and/or OSP will work with the Principal Investigator and Information Technology Services (ITS) to:

Questions to Consider:

The covered contractor’s information system shall be subject to the security requirements in National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171, “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations” (available via the internet at http://dx.doi.org/10.6028/NIST.SP.800-171) in effect at the time the solicitation is issued or as authorized by the Contracting Officer.

Additional Resources:

National Archives and Record Administration

CUI Training Tools

DD2345 Form

The DD 2345 Militarily Critical Technical Data Agreement is a certification required by U.S. contractors (universities) that wish to obtain access to unclassified technical data disclosing militarily critical technology with military or space application. This data is under the control of, or in the possession of, the U.S. Department of Defense (DoD).

The University of Nebraska-Lincoln (UNL) holds one general DD2345 certification. As per guidelines regarding these certifications, Institutions of Higher Education are supposed to hold only one certification (i.e. to avoid multiple researchers or PI’s applying and utilizing separate or inaccurate certifications). The ECCP staff and empowered official serve as the data custodians for this certification. Those outside of the ECCP shall not hold or apply separately for another DD2345 without communication and/or agreement from the UNL empowered official.

In order to access UNL’s DD 2345 form information, please read and complete the Request for Use Form.

Deemed Export

In addition to the shipment of a commodity (e.g. a product) from the United States to a foreign country, the Export Administration Regulations state that the release of controlled technology to foreign persons in the U.S. are “deemed” to be an export to the person’s country or countries of nationality and is found in 734.2(b) of the EAR.

Note: Those organizations having persons with permanent residence status, U.S. citizenship, and persons granted status as “protected individual,” are exempt from the deemed export rule.

Many of the licenses for deemed exports involve those conducting scientific research. Note that under 734.8 of the EAR, fundamental research is defined as “basic and applied research in science and engineering where the resulting information is ordinarily published and shared broadly within the scientific community” and, as such, is exempt from EAR licensing 5 requirements. Research conducted using publically available information is also exempt from any license requirements.

In addition, Per Part 772 of the Export Administration Regulations (EAR), “technology” is specific information necessary for the “development,” “production,” or “use” of a product. The General Technology Note states that the “export of technology,” is controlled according to the provisions of each Category.” It further states that “technology required for the development, production, or use of a controlled product remains controlled even when applicable to a product controlled at a lower level.” Please note that the terms “required,” “development,” “production,” “use,” and “technology” are all defined in Part 772 of the EAR. Controlled technology is that which is listed on the Commerce Control List.“Use”. (All categories and General Technology Note)

Operation, installation (including on site installation), maintenance (checking), repair, overhaul and refurbishing. “Development”. (General Technology Note)“Development” is related to all stages prior to serial production, such as: design, design research, design analyses, design concepts, assembly and testing of prototypes, pilot production schemes, design data, process of transforming design data into a product, configuration design, integration design, layouts.“Production”. (General Technology Note) (All Categories) Means all production stages, such as: product engineering, manufacture, integration, assembly (mounting), inspection, testing, and quality assurance.

Note: In general, it is difficult for a deemed export to occur under the “use” definition of equipment in the EAR because it must meet all of the above noted categories of use. A foreign person involved in the “development” or “production” of a dual use item, is more likely to meet the deemed export parameters, in which case a deemed export license may be required.

Dual Use

Dual use describes tangible items, software, and/or technology that have both a potential civilian and military use. Determining whether or not an item could fall under the dual use definition should be made in consultation by the ECCP staff as the details of the item can have significant impact in understanding whether or not it is dual use.

Note: For example, an iPad can be used in a classroom (civilian use) and also function as a weapons control system (military use).

Educational Information

Information not subject to the EAR if it is released by instruction in catalog courses and associated teaching laboratories of academic institutions. Certain types of information related to encryption software cannot be considered “educational information” and therefore are subject to the EAR even if they are released “by instruction in catalog courses and associated teaching laboratories of academic institutions.”

Information that is normally taught or released by the university as part of the normal instruction in a catalog course or in an associated teaching laboratory is considered Educational Information and, as provided for under the federal regulations (15 CFR§734.3(b)(iii), is NOT subject to export controls.

Export 

To send or take controlled tangible items, software or technology out of the United States in any manner, to transfer ownership or control of controlled tangible items, software or technology to a foreign person, or to disclose information about controlled items, software or information to a foreign government or foreign person. The controlled tangible item, software or technology being sent or taken out of the United States is also referred to as an “export.”

Export Administration Regulations (EAR)

Federal regulations that regulate the export and re-export of most commercial items. These items can range anywhere from a simple pencil to large equipment. UNL faculty, staff, and students must be cognizant in understanding whether or not their items are controlled via an ECCN or if it is categorized as the lowest set of controls via EAR 99.

See also the guidance topic on Commerce Control List, ECCNs, & EAR 99.

Export Controls

Federal regulations that restrict the release of certain items, information and software to foreign nationals in the United States and abroad. Those regulations are the Export Administration Regulations (EAR) and International Traffic in Arms Regulations (ITAR), as well as regulations administered by the Office of Foreign Assets Control (OFAC).

Export License

An export license is formal approval from a federal regulatory agency to export a controlled item to a specific person in a specific place for a specific purpose. Either the BIS or the DDTC, depending on whether the item is specified on the Commerce Control List or United States Munitions List, respectively, issues export licenses for most controlled items.

When the recipient of an intended export is located in a country subject to a comprehensive embargo, special approval needs to be obtained from OFAC (in addition to any approval required by other agencies). Countries subject to comprehensive embargoes include Cuba, Iran, North Korea, (North) Sudan and Syria. Several other countries are subject to less stringent embargoes, but may still require a license for travel and other transactions.

At UNL, the Export Control staff and empowered official have sole authority to determine whether a particular transaction requires an export license. They also have sole authority to apply for export licenses on behalf of UNL faculty, students, and staff.

Export licenses require very specific answers to the following questions:

  1. What are you exporting?
  2. Where are you exporting it to?
  3. Who will receive it?
  4. How will they use it?

License applications typically take about 60-90 days to process, so you should plan to contact the Export Control staff as early as possible to determine whether a license is required and begin gathering the necessary information.

Export License Exception

An Export License Exception is a special authorization that allows you to export or re-export, under very specific conditions, items that would otherwise require an export license. Export License Exceptions are detailed in EAR§740.

See Educational Information, Fundamental Research Exclusion, and Published Information Exclusion

Foreign National or Foreign Person

Anyone who is not a “U.S. person.” A “U.S. person” is any one of the following:

Anyone who doesn’t fit into one of these categories is considered a “foreign person.” This means that faculty, staff, and students at UNL with work or student visas are considered “foreign persons” for the purposes of export controls.

More detailed information about the agencies’ respective regulations can be found on the Regulatory Information page.

Depending on the details of a project that a foreign national may be planning to work on, or their country(ies) of citizenship and that country’s current status under U.S. government regulations, some foreign nationals may not be eligible to work on certain projects. ECCP staff can assist in clarifying when this may or may not be applicable.

See also the guidance on Participation in Research by Foreign Nationals.

Note: Any foreign entity not incorporated or organized to do business in the United States falls within the definition of a foreign national. This includes any branch of a foreign government and also can include universities and research laboratories in other countries.

Fundamental Research Exclusion (FRE)

Sometimes, a research project may produce information that would normally be subject to export controls and require an export license in order to be shared with colleagues in or from other countries. However, the results of “fundamental research” projects are specifically excluded from these licensing requirements in most circumstances.

Keep in mind that even if the fundamental research exclusion applies, it applies only to the results of the research. If the conduct of the research includes activities subject to export controls, a license must be obtained before any foreign nationals can participate in those activities.

“Fundamental research” is defined as basic and applied research in science and engineering, where the resulting information is ordinarily published and shared broadly within the scientific community. Under the State Department‘s narrower interpretation, “fundamental research” can only describe information and technology that already is in existence and in the public domain. In order for research data to qualify for the “fundamental research” exclusion from the licensing requirements, it must meet two criteria:

  1. Research results must be freely publishable; and
  2. There must be no limitations on access to or dissemination of research results on the basis of national origin.

If either condition is not met, this exception is destroyed and dissemination of the data may require a license. For example, certain terms in a statement of work or research agreement might prevent a project from qualifying for the fundamental research exclusion. These include terms that:

UNL’s Export Control staff and empowered official are the only persons authorized to determine whether a research project at UNL qualifies as fundamental research.

International Shipping

In addition to any environmental and biosafety guidelines, all shipments of tangible items to foreign countries are subject to export controls. Sometimes the university must obtain an export license from the Commerce Department or State Department for the shipment. Certain documentation must also be filed with the government before any shipments can be made. Failure to do so may constitute an export violation that could result in severe fines and/or other penalties. Please contact the Export Control Staff prior to negotiating any material transfer agreements (MTAs) or packing any materials for international shipments. The Export Control Staff can help you be certain your shipment meets export and sanction laws.

Click here for an example of the shipping invoice

Related Definitions:

End-use – a detailed description of how the ultimate consignee intends to use the commodities being exported.

End-user – a person abroad that receives and ultimately uses the exported or re-exported items. The end-user is not a forwarding agent or intermediary, but may be the purchaser or ultimate consignee.

International Travel

When traveling abroad, faculty, staff and students at UNL should be familiar with the impact of export control regulations. Researchers need to make sure that any information discussed or items taken out of the U.S. are either not controlled, or if controlled, the proper licenses are in place. University personnel, as individuals, can be held liable for improperly transferring controlled technology. Thus, it is important to review and understand that federal requirements are civil and criminal sanctions, with the ability to assess fines and/or invoke prison sentences for individuals violating the export control and embargo laws. These fines or sentencing consequences are substantial and apply to university personnel as well as the University as an institution.

To ensure you do not run the risk of exporting sensitive information or technology when traveling abroad, or dealing with sanctioned countries, entities or individuals, keep in mind that presentations and discussions must be limited to topics that are not related to controlled items or technologies, unless that information is already published or otherwise in the public domain.

Before sharing technology or information, verify that it falls into one or more of the following categories prior to traveling:

Depending on your international destination(s), an export license or other government approval may be required for your laptop computer, software or other equipment. There are exceptions for “tools of the trade,” but these exceptions depend on the equipment and the country of your destination. Encryption software in particular is subject to special regulations and more stringent license requirements.

Fortunately, most international travel does not raise any export control concerns. However, there are denied entities in almost every country. The checklist is designed to provide UNL travelers information on applicable export control regulations they will need to follow based on the nature of their activities while traveling as well as verifying any export control restrictions for your foreign destination.

For additional information, please visit our FAQ and caution information page.

International Travel Services
For travel outside the U.S., UNL requires all international travelers to file an electronic travel authorization and use Travel & Transport for flight arrangements. Please visit the University of Nebraska International Travel Resources page for additional information and details about foreign travel policies.

Once you have filed your electronic travel authorization through Concur, you will also receive a notification from NuRamp. If you are traveling to a country with risks, sanctions, embargoes, or concerns, you will need to complete our export control travel checklist. If you are traveling to a country with no identified risks, sanctions etc, you will simply receive an informational email and asked to contact Export Control staff if you are traveling with certain items or have plans that should be reviewed for export control concerns.

Visa Support
UNL faculty and staff traveling abroad can use the International Engagement Visa Support Webpage to find details about how to secure a visa, and enroll in the US State Department Smart Traveler Enrollment Program (STEP).

Evacuation Coverage for UNL Personnel Traveling Abroad
On February 1, 2015, the University of Nebraska – Lincoln secured blanket international travel coverage for all faculty and staff who travel outside the country on UNL business with the correct visa. Faculty and staff no longer need to purchase this insurance individually. Additional information can be found on the University of Nebraska International Travel site.

International Traffic in Arms Regulations (ITAR)

International Traffic in Arms Regulations (ITAR) are administered by the U.S. Department of State and ITAR places strict controls on the export of “defense articles” and “defense services.” These Federal regulations are used primarily to control the import and export of defense articles and defense services. Similar to ECCNs and EAR 99, another key way in determining whether or not your items/information fall under export control regulations is to understand whether or not they fall under any of the ITAR categories.

These categories are enumerated under the Unites States Munitions List (USML).  USML categories are organized by paragraphs and subparagraphs and identified alphanumerically (e.g. Category IX.10 refers to infrared scene generators, and Category XII.3 refers to laser spot trackers or laser spot detection…”) . The categories usually start by enumerating or otherwise describing end-items, followed by major systems and equipment; parts, components, accessories, and attachments; and technical data and defense services directly related to the defense articles of that USML category.

Open & Closed Meetings

Open meetings are conferences, seminars or other gatherings where all technically qualified members of the public are eligible to attend and attendees are permitted to take notes or otherwise make a personal record of the proceedings and presentations.

This is in contrast to a closed meeting in which not all technically qualified members of the public may attend and often notes or recording of the proceedings or presentations may be prohibited. This is typically due to the nature of the information that will be presented or discussed.

It is particularly important to disclose that you plan on attending a closed meeting if you are traveling internationally or if you will be presenting or provided access to any information that will be export controlled. You should contact ECCP staff prior to participating in a closed meeting, so that they can review whether or not certain security parameters should be put into place regarding your attendance at such a meet.

Participation in Research by Foreign Nationals

Foreign nationals are persons who are not U.S. citizens or lawful permanent residents (those who have green cards). A foreign national also means any foreign corporation, business association, partnership or any other entity or group that is not incorporated to do business in the U.S.

The university campus is open to students and faculty from many different countries. However, access to restricted or export-controlled technology, commodities, defense articles and defense services by an unauthorized foreign person could result in severe criminal or civil penalties for the university and the university employee making the export.

When planning research involving foreign countries or foreign nationals (including graduate or undergraduate research assistants), the principal investigator (PI) should understand that, depending upon the nature of the research and the status of the foreign country, obtaining export licenses can take several months. Therefore, the PI must identify any possible export control restrictions in the early planning stages of a proposal and contact the Export Control Staff for assistance in complying with applicable laws.

While UNL strives to maintain an open campus that fosters collaboration between students and faculty from many different countries, allowing unauthorized foreign persons to access controlled items or information, such as export controlled technology, commodities, defense articles, technical data, and/or defense services, can constitute a violation of one or more export control regulations. Prosecution of an export violation may result in fines of up to $1 million and/or a prison sentence of up to 20 years.

Published Information Exclusion

Information that is already published or is out in the public domain is considered public information and, as provided for under the federal regulations (15 CFR§734.7 and 15 CFR§734.11), is NOT subject to export controls. Examples of information in the public domain include:

Purchasing & Export Controls Guidance

When purchasing equipment, software or other tangible items, it is important to ensure that any export control issues are addressed prior to bringing them to campus.

The following guidance provides information for purchasing equipment, software, or other tangible items whether they are from a foreign or U.S. vendor. It also provides questions to ask of vendors when purchasing these type of items, information on anti-boycott language, international shipping for these purchases, and some examples of foreign Universities or other entities that appear on the U.S. government Restricted or Denied listings.

Purchasing & Export Controls Guidance

Re-export

According to the U.S. Bureau of Industry and Security (BIS), a reexport is “the shipment or transmission of an item subject to the Export Administration Regulations (EAR) from one foreign country to another foreign country. A reexport also occurs when there is ‘release’ of technology or software (source code) subject to the EAR in one foreign country to a national of another foreign country.”

This is important to understand if your item, technology or software requires a license before you can export it from the United States to a specific country. That same item, technology or software requires a license to be reexported from its current non-U.S. country to another non-U.S. country (e.g. You are shipping an item from UNL to a lab in France, which then will be shipping that same item to a lab in China).

Restrictions on Publication

Certain terms included in contracts or agreements might prevent a project from qualifying for the fundamental research exclusion. These include terms that:

When information generated by such a project includes these type of terms, the project would therefore be controlled under export regulations because restrictions on publications void the fundamental research exclusion. Such controls may also result in restrictions on the participation of certain foreign nationals and require licensing. Also, contractual restrictions on participation by foreign nationals might be interpreted to imply restrictions on publication, with a potential loss of the fundamental research exclusion.

Military or Space Related Research

International Traffic in Arms Regulations (ITAR) are administered by the U.S. Department of State. ITAR places strict controls on the export of “defense articles” and “defense services.” Defense articles include any item, software or technical data on the United States Munitions List (USML). Defense services include assistance (including training) or any technical data associated with a defense article furnished to foreign persons, whether or not in the United States. Any defense article, service or related technical data found to be on the USML requires an export license before it can be exported – that is, given to a foreign person, whether or not they are in the United States. Some license exemptions are available under specific circumstances, but in general you should expect to obtain an export license.

ITAR controls exports that are:

Because spacecraft and satellites are subject to export controls, UNL policy requires a determination or technology control plan (TCP) for almost every research project that studies the design or operation of these items. Certain projects funded by federal agencies, such as NASA, also prohibit the participation of certain foreign persons or entities. Contact the Export Control Staff for more information.

Research into military technologies will also generally require the implementation of a TCP. This includes studies into the design and operation of weapons, defense systems, military vehicles, and protective gear. Almost all military research projects require government approval, so please be sure to contact the Export Control Staff when applying for funding from the Defense Department, Department of Energy, NASA, or the Department of Homeland Security.

Research Related to Nuclear, Chemical, Biological Weaponry; Missiles; or Unmanned Vehicles

Exports of special nuclear material (including Pu, 233U, and 235U) are governed by the Nuclear Regulatory Commission.

Technologies related to the production and use of nuclear material for peaceful purposes, like nuclear energy, are regulated under the Export Administration Regulations and specific items can be found in Categories of the Commerce Control List.

Technologies related to the military use of nuclear energy, including weapons systems, are regulated under the International Traffic in Arms Regulations. Specific controlled technologies can be found in Categories enumerated under the United States Munitions List (USML).

The Department of Commerce regulates and restricts the transfer and export of “dual use” technologies which are technologies or items having both commercial and military or proliferation applications. These can be found listed on the Commerce Control List (CCL).

Some examples of this research:

Research Related to Encryption Technologies

Encryption software  is software whose main task is encryption and decryption of data, usually in the form of files on hard drives and removable media, or email messages sent over computer networks or the Internet.

Sharing, shipping, transmission or transfer of almost all encryption software in either source code or object code is subject to U.S. export regulations. Even most publicly available “dual-use” encryption code requires a license or license exception to ship outside the U.S.

In addition, U.S. persons are prohibited, without prior authorization, from providing technical assistance (instruction, skills training, working knowledge and consulting services) to a foreign national with the intent to help in the overseas development or manufacture of encryption software subject to U.S. Government notification or authorization. This prohibition does NOT limit university personnel from teaching or discussing general information about cryptography or developing or sharing encryption code within the United States that arises during, or results from, fundamental research.

However, source code for most strong encryption software is subject to export controls. Projects that require access to such source code (either for the purposes of study or development) will likely be required to implement a technology control plan that specifically details information security procedures.

Research Involving Select Agents or Other Pathogens

Both the International Traffic in Arms Regulations (ITAR) and the Export Administration Regulations (EAR) have provisions for the control of pathogens and toxins. The control level depends on which regulations apply to the item.

Inside the United States any person, including foreign nationals, may purchase and use EAR export controlled pathogens and toxins for fundamental research. However, the “deemed” export rule applies to technical information about the controlled item or to the development or production of technology associated with the controlled item. For example, if a PI receives confidential, proprietary or export controlled information about the development or production of an EAR controlled biological, the PI may need a “deemed” export license to provide such information to a foreign national on campus.

Select agent regulations are separate from export control regulations, any given research project may be subject to either or both sets of regulations. This means that labs handling select agents may be required to complete both an IBC protocol and in some cases a determination or technology control plan may be required.

If a PI wishes to ship controlled pathogens or toxins outside the U.S. please Contact the Export Control Staff as an export license may be required.

Restricted Party Screening (RPS)

The United States Government prohibits U.S. persons, including educational institutions, from conducting business with persons and entities designated as restricted parties (Specially Designated Nationals and Blocked Persons – SDNs) on any federal restricted party listings. In addition, some entities may also be added to what is call the “unverified listing,” which is a listing of f0reign entities in which the U.S. government has concerns but has not yet designated them as a restricted party.

The Office of Foreign Asset Controls (OFAC) is the central repository for many of these restricted party or unverified lists.  However, the lists are also administered and enforced by several additional U.S. agencies which include but are not limited to:

The University of Nebraska-Lincoln utilizes a specialized software subscription service for screening of entities and individuals against the restricted party or unverified database listings maintained by the above listed agencies.  This software, called Visual Compliance, not only permits screening against all the federally maintained lists, but also auto-updates all prior screenings on a nightly basis in the event of changes to any of the restricted party or unverified listings. Screenings can be completed quickly and easily by ECCP staff, typically within the same day of the request. In many instances, such as export controlled research and foreign national visa reviews, ECCP staff are already completing screenings of entities and individuals. However, UNL personnel can and should request screenings be completed under additional circumstances such as:

To request a screening using the Visual Compliance software, please contact ECCP staff directly. When requesting a screening, please be prepared to provide some of the following information in order for staff to complete the screening(s):

Additional Resources

Technical data

Information governed under the ITAR and required for the design, development, production, manufacture, assembly, operation, repair, testing, maintenance or modification of defense articles. Technical data includes information in the form of blueprints, drawings, photographs, plans, instructions and documentation, as well as information covered by an invention secrecy order or certain kinds of classified information.

The term “technical data” can include software directly related to defense articles, but does not include information concerning general scientific, mathematical or engineering principles commonly taught in schools, colleges and universities. It also does not include information in the public domain or basic marketing information on function or purpose or general system descriptions.

See also the guidance on the International Traffic in Arms Regulations (ITAR).