Pre-Conference Workshops

Fundamentals of U.S. Encryption Rules: Update on Legal and Compliance Issues and the Key Components of an Effective Compliance Program

Mar 23, 2020 9:00am – 12:30pm

Speakers

Jocelyn Brown
Senior Manager Global Export
Cisco Systems (San Francisco, CA)

Tammie Rostant
Global Trade Compliance Manager
McAfee (Plano, TX)

Marwa Hassoun
Partner
Arent Fox (Los Angeles, LA)

Cloud Computing 101: A Comprehensive Guide to Export Controls, Compliance Issues and More

Mar 23, 2020 1:30pm – 5:00pm

Speakers

Lillian Norwood
Manager Government & Regulatory Affairs, Export Regulation Office
IBM (Washington, DC)

Dan Fisher-Owens
Partner
Berliner Corcoran & Rowe (San Francisco, CA)

Day 1 - Tuesday, March 24, 2020

8:00
Registration and Continental Breakfast
9:00
Co-Chairs Opening Remarks
9:15

KEYNOTE ADDRESS

Export Control Reform Act Implementation: Emerging and Foundational Technologies
10:15
Due Diligence Considerations for Supply Chain Security and New 5G Technology
11:00
Networking Break
11:15
Understanding the Enforcement Landscape: When Criminal Prosecutions, Civil and Administrative Proceeding, and Sanctions Intersect with Trade Negotiations, What Must You Do?
12:15
Networking Luncheon
1:15
Decoding China’s Vague New Encryption and Cybersecurity Laws and Coping with Uncertainty
2:15
Wassenaar Arrangement: Dramatic Expansion of Export Controls on Cyber Tools and Cyber Warfare
3:00
Networking Break
3:15
Asia Focus: Japan and India
4:15
Compliance Program Best Practices: How to Update Your Program in Accordance with Your Organization’s Risk Profile
5:15
Champagne Roundtables
5:45
End of Day One

Day 2 - Wednesday, March 25, 2020

8:50
Co-Chairs’ Opening Remarks
9:00

KEYNOTE ADDRESS

How the U.S. Government is Assessing the Threat from China and Leading the Response?
9:45
Implications of Emerging and Foundational Technology Controls for Industry and Academia
10:30
Networking Break
10:45
How Export Controls Violations Resulted in Human Rights Abuses Forcing Government to Act
11:45
State Department New Guidelines: Tools for Implementing the State Department’s New Guidelines – How Industry and NGOs Can Be Partners in Compliance
12:45
Networking Lunch
1:45
Cloud-Based Export Controls: Compliance Considerations
2:30
Dual-Use: Wassenar Mandate to Reform The Encryption Controls
3:15
Networking Break
3:30
Focus on the European Union: New Regulations to be Aware of
4:30
Future Trends: What to Expect in 2020 and Beyond
5:00
Conference Adjourns

Day 1 - Tuesday, March 24, 2020

8:00
Registration and Continental Breakfast
9:00
Co-Chairs Opening Remarks

Magnus Nordeus
Group Head of Trade Compliance
Ericsson (Sweden)

Roszel Thomsen
Partner
Thomsen & Burke (Baltimore, MD)

9:15

KEYNOTE ADDRESS

Export Control Reform Act Implementation: Emerging and Foundational Technologies

Deborah Curtis
Chief Counsel for Industry and Security
U.S. Department of Commerce

  • Identify and assess critical risks associated with infrastructure, digital economy and people
  • Understanding the importance of the proposed rule to safeguard the Information and Communications Technology Supply Chain
  • Evaluating the requirements for the ICTS transactions to avoid any prohibition or mitigation
  • Determining the exceptions to the proposed rule

10:15
Due Diligence Considerations for Supply Chain Security and New 5G Technology

Bryan Schromsky
Director of Federal Government Mobile and Connected Solutions
Verizon (Washington, DC)

Bill Maheu
Senior Director Strategy
Qualcomm (San Diego, CA)

Richard Spearman
Corporate Security Director
Vodafone (United Kingdom)

  • How the U.S. and the UK differ in their approaches to 5G supply chain security?
  • Must we learn to live with “dirty” networks?
  • Potential decoupling of Western and Chinese 5G networks and standards
  • Status of U.S. efforts to convince other countries to prohibit the use of technology from Huawei and ZTE

11:00
Networking Break
11:15
Understanding the Enforcement Landscape: When Criminal Prosecutions, Civil and Administrative Proceeding, and Sanctions Intersect with Trade Negotiations, What Must You Do?

JoAnne Davis
Director, Global Trade Compliance
Spirent Communications (Calabasas, CA)

Josephine Aiello LeBeau
Partner
Wilson Sonsini (Washington, DC)

Matt Bell
Senior Managing Director, Practice Leader Export Controls & Sanctions
FTI Consulting (Houston, TX)

  • Business risks of dealing with Huawei
  • Why the Huawei entity listing is not ‘ZTE Redux’ from a U.S. perspective?
  • How the arrest of Huawei’s CFO in Canada changes the calculus and industry’s response?
  • What is the view of the entity list and unreliable supplier list from a Chinese perspective?
  • Huawei’s temporary general license – success or failure?
  • Enforcement risks for non-US companies

12:15
Networking Luncheon
1:15
Decoding China’s Vague New Encryption and Cybersecurity Laws and Coping with Uncertainty

Brian Falbo
Director, PG and Global Operations
Dell (Austin, TX)

Xiang Wang
Asia Managing Partner
Orrick Herington Sutcliffe (China)

  • Three Month Update on China’s Encryption Law, which became effective January 1, 2020
  • The intersection of the New Encryption Law with China’s Cybersecurity Law and Vulnerability Disclosure Requirements
  • Results of the Phase 1 trade agreement with China and prospects for further agreement

2:15
Wassenaar Arrangement: Dramatic Expansion of Export Controls on Cyber Tools and Cyber Warfare

Dave Aitel
Chief Security Technical Officer
Cyxtera (Miami, FL)

  • Assessment of existing controls on IMSI Catchers, Intrusion Software and IP Network Surveillance Systems
  • Expansion of controls in 2020, including digital forensics, communications monitoring, and cyber warfare software and technology
  • Overlap with controls on Encryption technology on the dual-use list – recommendations on license exceptions in the U.S. and general licenses in the EU

3:00
Networking Break
3:15
Asia Focus: Japan and India

Wataru Okhi
Manager Export Control Division Systems& Services Business Division
Hitachi (Japan)

Jay Gullish
Senior Director, Digital Economy, Media, and Entertainment, U.S.-India Business Council
U.S. Chamber of Commerce (Washington, DC)

Rohit Jain
Partner
Economic Laws Practice (India)

  • The relationship between METI, CISTEC and the export community in Japan
  • Japanese parameter sheets – What are they, and why are they important?
  • Japan’s enhanced controls on exports of three semiconductor materials, including hydrogen fluoride, to South Korea and removal of South Korea from its list of trusted trade partners qualified for preferential treatment in export procedures – background and implications
  • India’s SCOMET regulations and new Intra-Company Transfer exemption – problems solved, and problems remaining

4:15
Compliance Program Best Practices: How to Update Your Program in Accordance with Your Organization’s Risk Profile

Joseph Kim
Senior Director, Global Trade Compliance and Global Corporate Compliance
Xilinx (San Jose, CA)

Steve Bird
Manager, Global Trade Compliance
Veritas Technologies (San Francisco, CA)

Alexis Farris Wetzler
Government and Regulatory Affairs Executive, Export Regulations Office
IBM (Washington, DC)

Melissa Duffy
Partner
Dechert (Washington, DC)

  • Critical components of an effective program
  • Industry-specific challenges
  • How to conduct a risk assessment as part of your compliance program?
  • Lessons learned from Apple’s OFAC settlement

5:15
Champagne Roundtables
5:45
End of Day One

Day 2 - Wednesday, March 25, 2020

8:50
Co-Chairs’ Opening Remarks
9:00

KEYNOTE ADDRESS

How the U.S. Government is Assessing the Threat from China and Leading the Response?

Honorable Nazak Nikakhtar
Assistant Secretary for Industry and Analysis, International Trade Administration
U.S. Department of Commerce

9:45
Implications of Emerging and Foundational Technology Controls for Industry and Academia

Neil Martin
Senior Export Compliance Counsel
Google (Mountain View, CA)

Alexandra Haney
Counsel, Global Trade Compliance
Facebook (San Francisco, CA)

Shiva Aminian
Partner
Akin Gump Strauss Hauer & Feld LLP (San Francisco, CA)

Every industry is being affected by advances in technology including artificial intelligence, robotics and the Internet of Things — and the export controls sectors are no exception. Join this think-tank of industry insiders as they discuss the latest progress, initiatives and developments with the use of emerging and foundational technologies. They will also focus on why there is a sudden increase in these technologies in export control. Gain valuable insights on which of the technologies will be forefront in the coming years.

  • Quantum computing, post quantum cryptography and artificial intelligence
  • Foundational Technologies: Definitional considerations, foreign availability and effectiveness of unilateral controls
  • Fundamental Research and Emerging and Foundational Technology Nexus: The Challenge for University Export Control Officers, and their Government and Industry Partners

10:30
Networking Break
10:45
How Export Controls Violations Resulted in Human Rights Abuses Forcing Government to Act

John Scott-Railton
Senior Researcher
The Citizen Lab, University of Toronto's Munk School (Canada)

Roger Dingledine
President, Founder, and Research Director
The Tor Project (New York, NY)

  • Investigating digital espionage against civil society
  • Documenting Internet filtering and other technologies and practices that impact freedom of expression online
  • Analyzing privacy, security, and information controls of popular applications
  • Protecting yourself online with Tor

11:45
State Department New Guidelines: Tools for Implementing the State Department’s New Guidelines – How Industry and NGOs Can Be Partners in Compliance

Chanan Weissman
Section Lead for Internet Freedom and Business & Human Rights
U.S. Department of State

Sherry Sabol
Section Chief Special Assistant to the General Counsel
Federal Bureau of Investigation (Washington, DC)

  • What the new State Department Guidelines Do (and Don’t) affect your global supply chain?
  • Surreptitious Listing Controls – An Interagency Perspective

12:45
Networking Lunch
1:45
Cloud-Based Export Controls: Compliance Considerations

Anne Marie Griffin
Director Regulatory Affairs
Microsoft Worldwide Tax & Trade (Redmond, WA)

Winnie Luk
Senior Trade Compliance Manager
Oracle (San Francisco, CA)

Lillian Norwood
Manager Government & Regulatory Affairs, Export Regulation Office
IBM (Washington, DC)

  • EAR/ITAR End-to-End Encryption rule review
  • Is there an export when using the cloud: applying Section 734.18 of the EAR?
  • Compliance with export control requirements with cloud-based services
  • Who is responsible for export controls: the cloud provider or user?

2:30
Dual-Use: Wassenar Mandate to Reform The Encryption Controls

Karthik Laggisetty
Director, Global Trade Compliance
Hitachi Vantara Corporation (NY, NY)

Torbjorn Gustavsson
Crypto Mathematician
National Defence Radio Establishment (Sweden)

  • There is confusion relating to the dual-use list: will this have a bigger role in trade?
  • Plenary mandate to revise category 5, part 2 of the dual-use list
  • Product, marketing, functional decontrols and cryptographic “activation”
  • Practical suggestions for clarity and consistency

3:15
Networking Break
3:30
Focus on the European Union: New Regulations to be Aware of

Mahmut Sen
Head of Rules & Regulations Legal & Compliance
Siemens Healthineers (Germany)

Kay Peter Höft
Attorney at Law
Kanzlei für Aussenwirtschaftsrecht (Germany)

Jasper Helder
Partner
Akin Gump Strauss Hauer & Feld (London, UK)

  • How does the EU dual use regulation control telecommunication goods, information security and “Cyber tools”?
  • How do the German export control laws control these goods?
  • EU dual use reform 2020 and Cyber surveillance?
  • What is the practical perception on these rules in the telecom and intelligence industry?
  • Cloud computing rules and GDPR data requirements

4:30
Future Trends: What to Expect in 2020 and Beyond

Roszel Thomsen
Partner
Thomsen & Burke (Baltimore, MD)

  • Priorities for governments to implement effective export controls
  • Industry’s new challenges navigating a multi-polar world
  • Engaging with the academic community and civil society

5:00
Conference Adjourns

Fundamentals of U.S. Encryption Rules: Update on Legal and Compliance Issues and the Key Components of an Effective Compliance Program

Mar 23, 2020 9:00am – 12:30pm

Jocelyn Brown
Senior Manager Global Export
Cisco Systems (San Francisco, CA)

Tammie Rostant
Global Trade Compliance Manager
McAfee (Plano, TX)

Marwa Hassoun
Partner
Arent Fox (Los Angeles, LA)

What is it about?

This session is designed both for attendees new to encryption controls and for those who would like an in-depth refresher before the more advanced discussions of the main program. Take part in this practical and interactive working group as experts discuss the current state of U.S. Encryption Controls—with a focus on building and maintaining strong protocols to ensure compliance.

Topics include:

  • What is symmetrical and asymmetrical encryption?
  • Technical details of the history and current state of encryption
  • Nuances of U.S. Export Control laws for encryption technologies, cloud computing, and cyber export controls
    • What is an encryption item and how does the EAR treat them differently?
    • The De Minimis Rule for encryption items
    • Publicly available encryption software and technology
  • Summary of recent regulatory changes and impact on legacy classifications/controls
  • Licensing and License Exceptions
    • License Exception ENC
    • When you need an encryption licensing arrangement (ELA) vs. an individual license?
  • Strategies and best practices for developing and maintaining an effective export compliance program with respect to encryption items

Cloud Computing 101: A Comprehensive Guide to Export Controls, Compliance Issues and More

Mar 23, 2020 1:30pm – 5:00pm

Lillian Norwood
Manager Government & Regulatory Affairs, Export Regulation Office
IBM (Washington, DC)

Dan Fisher-Owens
Partner
Berliner Corcoran & Rowe (San Francisco, CA)

What is it about?

This working group provides a comprehensive review of export compliance obligations in the cloud. Experts will review the export controls and sanctions approach to cloud computing in the U.S. and several other countries. This workshop is ideal for export controls, engineering and technology professionals seeking clarity on how to dovetail export controls and the cloud. Topics include:

  • A complete review of BIS, DDTC, and OFAC rules on cloud computing, including advisory opinions
  • Impact and implications: DDTC’s new update related to encrypted technical data and software
  • How U.S. export control rules intersect with DoD cybersecurity rules
  • Tailoring cloud computing policies to the needs of your specific technology and existing business processes
  • Controlling cloud access, internally and externally: Third parties, affiliates, vendors and customers
  • Cloud computing risk assessments: How to identify and mitigate weaknesses in your existing control plan