August 1, 2017, is the deadline for submitting semi-annual reports for certain ENC Restricted encryption items exported or re-exported between January 1 and June 30, 2017, pursuant to paragraphs (b)(2) and (b)(3)(iii) of License Exception ENC (15 CFR 740.17). The encryption items subject to the semi-annual reporting requirement include, but are not limited to, network infrastructure items, items with an open cryptographic interface, certain encryption source code, and encryption items performing vulnerability or forensic analyses.
Certain “network infrastructure” items (including WAN, MAN, VPN, backhaul or long-haul equipment, certain satellite infrastructure, media gateways and terrestrial wireless infrastructure) may no longer be subject to the semi-annual reporting requirement due to recent changes to the encryption controls under the US Export Administration Regulations (“EAR”), effective September 20, 2016. In addition, “network infrastructure” items no longer require a license for export to “less-sensitive government end-users” in any country (other than the designated terrorist-supporting countries or countries/territories subject to US economic embargoes (currently, Cuba, Iran, North Korea, Sudan, Syria and the Crimea region of Ukraine). “Less-sensitive government end-users” include local, municipal and provincial governments, and federal government agencies responsible for civil public works; civil service human resources administration; public health; energy regulation and administration, including oil, gas and mining sectors; and economic and business development functions.
If you would like assistance determining whether the EAR’s encryption controls or semi-annual reporting requirement apply to your products, please contact a member of our team.