BIS Removing Canadian Tech Firm From Entity List After Compliance Reforms
The Bureau of Industry and Security will soon remove Sandvine Inc., a Canada-headquartered technology software company, from the Entity List after BIS said it took “significant steps” to improve its compliance controls and stop its technology from being used for human rights breaches.
Sign up for a free preview to unlock the rest of this article
Communications Daily is required reading for senior executives at top telecom corporations, law firms, lobbying organizations, associations and government agencies (including the FCC). Join them today!
BIS made the decision, outlined in a final rule released Oct. 21 and effective Oct. 23, after Sandvine underwent “significant reforms to address and prevent the misuse of its technology in ways that undermine democracy and abuse human rights.”
The company, which also has offices in India, Japan, Malaysia, Sweden and the United Arab Emirates, was added to the list in February after being accused by BIS of supplying “deep packet inspection technology” to the Egyptian government. BIS said Egypt was using the tool to block internet access to news and target political actors and human rights activists (see 2402260014).
In the past few months, Sandvine has “overhauled its corporate structure, leadership, and business model,” pivoting to focus on “servicing democracies committed to the protection of human rights,” BIS said. The company left the markets of 32 “non-democratic countries” and plans to leave another 24 markets, the agency said, adding it has also formed “deeper relationships with civil society" and set aside profits toward human rights protection efforts.
It also now vets business decisions through a newly created “Business Ethics Committee," monitors for misuse of technology in the countries where it still does business and added human rights experts to its new leadership team, BIS said. In a September news release, Sandvine said it planned to hire a new senior adviser to directly report to the company’s board of directors. The person will also report to the board’s new “Human Rights Subcommittee,” which will oversee the company’s human rights controls “and ensure export control compliance.”
The Entity List removal shows Sandvine's "commitment to transparency, ethical business practices, and the protection of digital rights," the company said in an Oct. 21 news release. "The Company is transitioning to a model where its technology will only be sold in democratic countries, and in connection with this realignment, the Company intends to reestablish itself as an industry trailblazer underscored by new ownership, leadership, and a reoriented business model dedicated to supporting digital rights across the world," it said.
Sandvine added that these measures were "done in consultation with the U.S. Department of Commerce, U.S. Department of State, and other key stakeholders."
BIS said the Commerce and State departments will “closely monitor Sandvine's implementation of its commitments.”
“Recognizing when a company has changed its behavior to protect national security and human rights is just as critical as restricting trade with parties of concern,” said Matthew Borman, the BIS principal deputy assistant secretary for export administration. “Sandvine’s delisting is a clear example of how the Entity List may be used to shape corporate behavior in favor of human rights and digital safety.”
The U.S. “won’t hesitate to use all available tools -- including export controls, sanctions, and others -- to promote accountability and advance human rights,” said Deputy Assistant Secretary of State Christopher Le Mon. He said Sandvine’s delisting shows those tools also help “in driving reform and strengthening human rights due diligence."