Contributing Lawyers


Cyndee Todgham Cherniak

United States

Susan Kohn Ross


Andrew Hudson

Update – Positive Change, But Is it Enough?

Originally published in the Journal of Commerce On-Line edition in September 2010

On August 11, 2010, the Dept. of State published a proposal in the Federal Register to change the rules relative to dual nationals and third-country nationals, i.e., those employed by end-users who were born in a country other than where the end-user is geographically located. The proposal itself can be found at:


In summary, the change would be that nationality alone is no longer an automatic disqualifier for an individual to be allowed access to controlled goods or technical data. By way of illustration, the issue might arise with a Canadian company that is awarded a contract for a U.S. Munitions List controlled project and then needs to vet its staff to determine eligible employees. The automatic disqualifier in 22 C.F.R. § 126.1 lists the following countries: Belarus, Burma/Myanmar, China, Cote d'Ivoire, Cuba, Congo, Eritrea, Iraq, Iran, Lebanon, Liberia, North Korea, Sierra Leone, Somalia, Sudan, Syria, and Venezuela and goes on to state a policy to deny export licenses extends to Afghanistan, Haiti, Somalia, Sri Lanka and Vietnam, with articulated exceptions. These limitations do not change. In the past, in order to accept the contract, the hypothetical Canadian company would be forced to either bar workers born in certain countries from working on a given project or outright fire them, which led to a series of widely reported cases brought by terminated workers in which the Quebec (Canada), Ontario (Canada) and Queensland (Australia) Human Rights Commissions all fined the former employers finding discrimination was based strictly on national origin or nationality. The EU Charter on Human Rights would likely mandate a similar outcome. At the same time, Commerce’s standard is country of last allegiance/significant ties, while Defense generally ignores nationality.


What State now proposes to do is eliminate the nationality bar. Instead, national origin would now be tied to national security. Recognizing that most diversions do not arise from approved end users, State is attempting to make things easier for industry, while also acknowledging the current regime is causing more problems than it is solving. While defense services are not specifically mentioned, controlled goods and technical data remain subject to a license requirement, unless steps are taken to prevent possible diversion, but these proposed changes are limited to regular employees only. So, companies which rely for staffing on agencies will still be required to obtain licenses if they wish to have contract staffers work on a controlled project. Further, the transfer may only take place "completely within the physical territories of the country where the end-user is located or the consignee operates," and, of course, be within the scope of an approved export license.


In the future, by this State proposal, end users will be able to rely on a security clearance approved by the host nation government for its own employees or have in place a screening process for its employees, who must also execute a Non-Disclosure Agreement which provides satisfactory assurances the employee will not make improper transfers of controlled goods or technical data unless specifically authorized to do so by the end user or consignee. While the screening program is not specifically delineated in the Federal Register notice, State’s proposal does require end users to screen for "substantive contacts with restricted or prohibited countries listed in §126.1" and goes on to define substantive contacts to "include, but are not limited to, recent or regular travel to such countries, recent or continuing contact with agents and nationals of such countries, continued allegiance to such countries, or acts otherwise indicating a risk of diversion." If the employee has substantive contacts with persons from one of the §126.1 countries, he or she is presumed to raise a risk of diversion, "unless DDTC determines otherwise." At the same time, end users and consignees are expected to maintain a technology security/clearance plan which details the company’s employee screening efforts and is to be made available to DDTC "or its agents upon request."


Given that the compliance burden is shifting from the American exporter to the foreign buyer, there are a number of questions which remain. Hopefully State can overcome the discord within the Administration and in Congress to work these and others out; such as,


1) Were defense services intentionally omitted? Why?

2) A person is disqualified and made subject to the need for a license if that person has substantive contacts with foreign nationals of the §126.1 listed countries. Presumably this means more than simply having contact with one’s family members, but does it?

3) What does an acceptable technology security/clearance plan look like? Will DDTC set up a procedure whereby companies are permitted to submit requests for approval of their programs? Will DDTC issue a standardized format which companies can adapt?

4) Does the substantive contacts criteria now mean that companies will have to insist their employees advise them about each and every person they meet with, even casually, while on a trip? How does this square with the rights of privacy granted in the U.S., the end-user’s country and the country where those contacts took place?

5) Since the end-user’s responsibility includes identifying possible diversion risks, may the end-user rely strictly on the security clearance granted by the host country or will further screening be necessary? If so, in what form?

6) The proposal talks in terms of foreign companies, governments and international organizations? Does this mean an American company is not permitted to deal directly with an authorized individual but only through the end-user?

7) Some countries have industrial security regimes. Will compliance with such a regime be sufficient in lieu of a security clearance?

8) 22 C.F.R. § 124.16 remains in effect. It authorizes retransfer for unclassified technical data and defense services to members of NATO, the European Union, Australia, Japan, New Zealand, and Switzerland provided the employer is a signatory to a TAA/MLA or has executed an NDA. Such retransfers are approved to sub-licensees. Why not expand this proposal to include sub-licensees?

9) These new provisions apply only to "bona fide, regular employees, directly employed" by the end-user. It is likely the exclusion of contract employees was a compromise to gain approval for the proposal to go forward. However, if industry is going to be able to maximize its use of these reforms, they should apply to all employees, i.e., whether they are full time, part-time or contract employees.


Since it is the end-user’s responsibility is to identify possible diversion risks, even with this latest State proposal, do we not end up where we began – meaning end users will still need to collect information about the country of birth of their employees – which is exactly what caused the human rights headaches which created such divisions with our trading partners? The comment period has closed. However, while this proposal is a good first step, to make it truly workable for industry, further fine-tuning is needed.

Leave a Reply

remember my information