Sep
Sep
Sep
 
ITAR’s Dual/Third Country National Rule is Amended – What Does it Mean? By Adv. Gil Remeny
 
On May 16, 2011, the United States Department of State amended the U.S.  International Traffic in Arms Regulations ("ITAR") in connection with the dual/third country national rules. These rules have caused plenty of problems for non-U.S. defense contractors around the world engaged in U.S. related defense work. The amendment will come into effect on August 15, 2011 and will have major consequences for non-U.S. defense contractors. So is the change good or bad?

In very basic terms, U.S. companies are prohibited from exporting certain types of technical information and services related to military products unless they have received appropriate export approval from the Directorate of Defense Trade Controls ("DDTC"), which is the office within the State Department responsible for the implementation of the ITAR. In its present form, the ITAR then prohibits the non-U.S. recipient (the “Authorized Foreign Recipient” )** from sharing this ITAR controlled information with certain employees known as dual and third country nationals unless they are permitted to do so in the export approval obtained by the U.S. exporter. For most nationalities, the approval is provided on “nationality” basis, i.e., Russia is named in the export approval and then all employees with Russian nationality may have access to the ITAR controlled information received on the program. Employees who are nationals of countries that the U.S. has determined to be persona non-grata for ITAR business - such as Iran, Iraq, Afghanistan, Syria, North Korea, Belarus – known as Proscribed Countries must be approved individually by name, following a more complex and intrusive application process. 

A dual national is an individual that holds nationality from the country of the Authorized Foreign Recipient and one or more additional foreign countries. A third country national is an individual that holds nationality from a country or countries other than the country of the Authorized Foreign Recipient. DDTC has a long-standing policy of taking into account place of birth as well as formally held citizenships, regardless of when the individual left the country of birth and whether or not they still formally hold citizenship from that country.

The upshot of the present dual/third country national rule is that:

  • Non-U.S. contractors need to initiate a certain amount of administrative forward planning that they would not normally need in order to determine for which employees they need to receive special permission to provide access to ITAR controlled information.
  • If approval for a certain dual/third country national is not obtained, a contractor may find that it cannot employ its most qualified employee on a particular program.
  • Bringing a dual/third country national employee into an ITAR affected program in the middle is problematic if the applicable nationality is not yet approved, as approvals will need to be amended. Thus a relatively straight forward management decision suddenly requires a disproportionate use of legal and administrative resources.
  • Authorized Foreign Recipients working under a variety of different export approvals must have complex procedures in place to enable them to track which dual/third country national employees may have access to ITAR controlled information under each export approval. Firewalls must be implemented to prevent any kind of unauthorized access of ITAR controlled information, which is tricky when an employee may be authorized to certain ITAR controlled information received under one form of export approval, but not under another.
  • Many countries have labor, anti-discrimination and privacy laws that are aimed at protecting local workforce from discrimination based on issues like place of birth and aimed at protecting the privacy of individuals. Defense contractors from those countries need to ensure that when complying with the ITAR, they do not break their own country’s laws and this is not an easy task.

The change in the dual/third country national rule is intended to remove any need to distinguish between a Foreign Authorized Person’s dual/third country national employees once they have been “cleared” as being no risk of causing unauthorized leakage of ITAR controlled information. One way dual/third country nationals may be considered as appropriately “cleared”, is by providing them “a security clearance approved by the host nation government for its employees” [emphasis added].

Therefore, once the amendment to the dual/third country national rule comes into effect on August 15, U.S. exporters and their foreign partners will not need to obtain DDTC approval for specific nationalities, nor will there be any special approval required for dual/third country nationals of Proscribed Countries. The actual definition of dual/third country national remains unchanged.

Certainly in Israel, a country with a large immigrant population, the media has latched onto the fact that immigrants from Proscribed Countries will be able to work more easily on U.S. defense projects so long as they have Israeli security clearance as a good news story. However, a closer look reveals that things may not be quite as rosy as some may hope. While most big defense contractors have security clearances from their governments, many smaller companies do not necessarily have security clearances.
 
The ITAR amendment requires those contractors to implement a "technology/security screening plan" for their dual/third country national employees to determine if they have "substantive contacts" with Proscribed Countries. Factors that DDTC will consider in assessing whether any "substantive contact" with a Proscribed Country exists include: "regular travel to such countries, recent or continuing contact with agents, brokers, and nationals of such countries, continue demonstrated allegiance to such countries, maintenance of business relationships with persons from such countries, maintenance of a residence in such countries, receiving salary or other continuing monetary compensation from such countries, or acts otherwise indicating a risk of diversion [of ITAR controlled material to those countries]."
 
The revised ITAR also states that “Although nationality does not, in and of itself, prohibit access to... [ITAR controlled articles]… an employee who has substantive contacts with persons from… [proscribed countries]… shall be presumed to raise a risk of diversion, unless DDTC determines otherwise.” The new section 126.18 of the ITAR also requires non-U.S. contractors to keep screening records for 5 years and to make them “available to DDTC or its agents for civil and criminal law enforcement purposes upon request.”

DDTC has not yet provided any guidance on how it will interpret and implement the amended dual/third country national rule. Therefore, presently non-U.S. defense contractors have no way of knowing what DDTC will consider as an acceptable “technology/security screening program” – and they only have a couple of months to devise such a plan and put it into operation. Defense contractors do not know what it will mean if they find even one of the above listed indicators of “substantive contacts” in respect of an employee. As there was opposition to the rule change on Capital Hill, it is quite conceivable that DDTC’s application of the new rule will not necessarily make life any easier than it is now. In any case, under the new ITAR wording, non-U.S. defense contractors will still be forced to discriminate against employees due to their nationality and place of birth. Contractors will also need to invade their employee’s privacy in a way that, for many countries like Israel, will be in breach of their local laws. 

To conclude, while far reaching changes to the dual/third country national rule in the ITAR were long overdue and the U.S. Government’s decision to deal with this issue certainly welcome, presently no non-U.S. defense contractor can have any certainty as to how the implementation of the rule change, once it comes into effect on August 15, 2011, will affect them. Accordingly, contractors must rely on educated guesswork at present as to the kind of measures they will need to take in order to ensure that they are not found by DDTC to be in breach of the ITAR when providing their dual/third country nationals with access to ITAR controlled information. Furthermore, it is very unlikely that companies without security clearances from many different countries will be able to comply with the new rule without breaching their own country’s anti-discrimination and privacy laws and companies will need to find a creative approach to this problem. All of which will leave defense contractors with plenty of unease and uncertainty once the initial euphoria dissipates.

The author of this article is qualified to practice law in the U.K. and Israel and has garnered several years of experience advising Israeli defense contractors on ITAR compliance.

**Note that the term “Authorized Foreign Recipient” is used for convenience in this article and is not a term defined or otherwise used in the ITAR.

Sign up for our e-Newsleter