The US Commerce Department’s Bureau of Industry and Security (‘BIS’) says that it has ‘issued an interim final rule revising the Export Administration Regulations (EAR) to authorize the release of certain technology and software in the context of standards setting and development in standards organizations.’
BIS said that the changes ‘address concerns from U.S. industry and other stakeholders about whether BIS licenses are required to release low-level technology for legitimate standards activities to parties on the Entity List stemming from the listing of Huawei and a number of its non-U.S. affiliates.’
It explained: ‘On June 18, 2020, BIS published an interim final rule with a request for comments that authorized the release of certain items subject to the EAR to certain entities on the Entity List without a license, when that release occurs in a standards organization environment. The comments received by BIS advised that the changes promulgated in the June 18 interim final rule did not resolve the uncertainty of U.S. industry regarding participation in standards organizations that included Entity Listed entities. Uncertainty created by not knowing whether a BIS license is required to release low-level technology for legitimate standards activities undermined U.S. participation and leadership in these activities.
‘Today’s rule…amends the EAR to authorize the release of certain technology and software subject to the EAR to entities on the Entity List without a license when that release occurs in a standards-related activity with the intent that the resulting standard will be “published.” The requirement that the standard be published undermines any risk of unwanted transfer of proprietary technology.’
It also said that the rule revises the terms used in the EAR to describe the actions permissible under the authorization:
‘As a result of today’s interim final rule, the release of EAR99 and Anti-Terrorism (AT) only controlled “software” and “technology” as well as certain “software” and “technology” for specified cryptographic functionality are included in the scope of the authorization.’
It said that the term ‘standards related activity’ has also been redefined ‘to describe the actions permissible under the authorization,’ and that the rule ‘amends the scope of the authorization to apply to all entities listed in the Entity List.’