Advanced Topics in U.S. Encryption Controls: Case Studies on How to Solve the Most Pressing Classification and Program Implementation Challenges

Mar 26, 2018 1:30pm – 5:00pm

Tammie Rostant
Global Trade Compliance Mgr, Legal
McAfee (Plano, TX)

Winnie Luk
Senior Global Trade Compliance Manager
Oracle Corporation (San Francisco, CA)

Michael Gershberg
Fried, Frank, Harris, Shriver & Jacobson LLP (Washington, DC)

Now that you are up-to-speed on the basics, learn and problem-solve alongside industry practitioners to clarify gray areas of U.S. Encryption Controls in practice. Here, our expert-level workshop leaders will shed light on how to resolve pressing, complex cryptography issues, the toughest classification challenges, the former Note 4, and more.  
  • Proprietary encryption source code and technology exports
  • EAR Jurisdiction over foreign-developed products that use US-origin encryption items
  • Non-standard cryptography
  • Communications Interception items and Surreptitious Listening controls
  • ENC (b)(2) Products –
    • When to rule products out under the “network infrastructure” definition
    • Cryptanalytic commodities in (b)(2) versus advanced network vulnerability analysis and digital forensics in (b)(3)
    • Encryption technology
  • ENC (b)(3) Products –
    • What is an encryption component
    • Cryptographic activation products
    • Intersection of ENC (b)(3) and mass market
  • Mass Market Products
    • When can products not oriented towards individual consumers still qualify for mass market treatment
    • What types of sales models could support a mass market determination
    • Navigating the mass market provision for components
  • Non-Cryptographic Information Security Classifications
    • 5A003 Systems, equipment and components, for non-cryptographic information security
    • 5A004 Systems, equipment and components for defeating, weakening or bypassing information security
  • Classification Strategies
    • When to self-classify versus requesting a voluntary CCATS under ENC (b)(1)
    • CCATS advocacy – tips for presenting your best case and how to communicate with BIS during the process
    • Best practices for preparing and documenting self-classifications
  • ITAR encryption controls