E Point Perfect
Law \ Legal

Annual and Semi-Annual Encryption Reports due to BIS by February 1, 2023


As a reminder to our readers, the annual encryption self-classification report and semi-annual sales report for certain encryption items are due to be filed by February 1, 2023. 

Annual Self-Classification Report

The self-classification report covers less sensitive items covered under BIS’ License Exception ENC (b)(1) (i.e., 15 C.F.R. § 740.17(b)(1)).  Depending on the level of encryption, this may include wireless local area network software and equipment (WLAN), certain disk/drive encryption devices, and many mass market consumer and mobile app items.  Exporters may export items described under this License Exception without a license, but are required to take either of two additional steps:

  1. They may self-classify their items as eligible and submit an annual self-classification report. This annual report must be submitted to the Department of Commerce’s Bureau of Industry and Security (BIS) by February 1 of each year. It must provide details on encryption commodities, software and components exported or reexported during the prior calendar year (i.e., January 1, 2022 through December 31, 2022).
  2. They may choose to obtain a CCATS for their items and are then no longer required to submit the annual report.

In filing an annual report, the report must include the information outlined in Supplement No. 8 to 15 C.F.R. Part 742.  BIS requires that each identified product be reported as it is typically distinguished in inventory, catalogs, marketing brochures and other promotional materials. Volume and details of actual exports are not required to be included in the report.  If no information has changed since the previous annual report, exporters must still send an email stating that nothing has changed since the previous report; or submit a copy of the previous report.  No self-classification report is required if no exports or reexports of covered encryption items occurred during the prior calendar year.  For more information and details on this annual report, see Thompson Hine Update of January 5, 2021.

Semi-Annual Sales Reports

BIS also requires semi-annual reports for exports to all destinations other than Canada, and for reexports from Canada, for items described under 15 C.F.R. § 740.17 paragraphs (b)(2) and (b)(3)(iii).  For exports occurring between January 1 and June 30, a report is due no later than August 1 of each year. For exports occurring between July 1 and December 31, a report is due no later than February 1 the following year. 

For these semi-annual reports, BIS requires the reporting of the Commodity Classification Automated Tracking System (CCATS) number and the name of the item(s) exported (or reexported from Canada), and the following information: (i) for sales to distributors or resellers, the identity of the distributor or reseller, the item and the quantity exported or reexported and, if collected, the end user’s name and address; (ii) if a direct sale, the name and address of the recipient, the item, and the quantity exported; or (iii) for export to a foreign developer or manufacturer headquartered in specified countries, the names and addresses of the manufacturers using these encryption items and, if known, when the product is made available for commercial sale, a non-proprietary technical description of the foreign products for which these encryption items are being used.

How to Report

These reports are filed with both the Department of Commerce’s Bureau of Industry and Security (BIS) and the ENC Encryption Request Coordinator. 

Submissions of the annual self-classification report via email should be sent to BIS at crypt-supp8@bis.doc.gov and to the ENC Encryption Request Coordinator at enc@nsa.gov, as an attachment to an email. Submissions of the semi-annual sales report via email should be sent to BIS at crypt@bis.doc.gov and to the ENC Encryption Request Coordinator at enc@nsa.gov.

Submissions by email are preferred, but submissions may be made by disk or CD and sent to the following addresses:

Department of Commerce, Bureau of Industry and Security, Office of National Security and Technology Transfer Controls, 14th Street and Pennsylvania Ave. NW., Room 2099B, Washington, DC 20230, Attn: Encryption Reports, and

Attn: ENC Encryption Request Coordinator, 9800 Savage Road, Suite 6940, Ft. Meade, MD 20755-6000.

If you have questions as to whether you are subject to the self-classification reporting requirements or need assistance in preparing and filing your annual self-classification report, please contact a member of our team.


Source link

Related posts

How to Contest Inventorship of Patented Subject Matter Through Derivation Proceedings

Attorney General’s Guidance On “Best Practices” For CEQA Analysis Of And Mitigation For Wildfire-Related Impacts Is Long On Litigation And Policy Advocacy, Short On Neutral Legal Analysis

New York City’s Victims of Gender-Motivated Protection Law to Provide a Two-Year Lookback Window – What Employers and Entities Can Do Now to Prepare for Possible Litigation

Court Holds that Design and Manufacture of Allegedly Injurious Product is Only One Occurrence, In Win for Policyholders

CFPB considering changes to semi-annual credit card survey

Patient count continues to increase among people who ate Daily Harvest product