The Commerce Department Bureau of Industry and Security (BIS) denied export privileges to ZTE for seven years. Affiliated companies previously agreed to a combined civil and criminal penalty and forfeiture of $1.19 billion and a seven-year suspended denial (see 1703290058) because of sales of telecom equipment to Iran and North Korea and misleading the U.S. government. The denial, announced Monday, is because ZTE paid bonuses to employees involved in the sales and didn't reprimand them as claimed. "If the $892 million monetary penalty paid pursuant to the March 23, 2017 order, criminal plea agreement, and settlement agreement with the Department of the Treasury did not induce ZTE to ensure it was engaging with the U.S. government truthfully, an additional monetary penalty of up to roughly a third that amount ($300 million) is unlikely to lead to the company's reform," said BIS. The company didn't comment Tuesday.
Commerce Department's Bureau of Industry and Security removed ZTE from a trade blacklist after the company pleaded guilty earlier this month to export-related violations (see 1703230038). BIS added one Chinese individual to the entity list, Shi Lirong, who was ZTE CEO when company documents that had detailed the firm's illicit export plan were signed. Those documents indicated ZTE organized a scheme to establish shell companies to Iran in violation of U.S. export control laws, BIS said in Wednesday's Federal Register.
Chinese multinational ZTE will plead guilty and pay $430.5 million to the U.S. government for illegally shipping U.S.-origin wireless and wireline infrastructure hardware to customers in Iran for almost six years, obstruction of justice, and “making a material false statement,” DOJ announced. In total, ZTE will pay the government $892.4 million, under the impending guilty plea and settlement agreements reached with the Commerce Department's Bureau of Industry and Security (BIS) and Treasury's Office of Foreign Assets Control, DOJ said. BIS suspended another $300 million in penalties, which ZTE will pay if it breaches its settlement with the agency, DOJ said. ZTE lied to federal investigators and “deceived their own counsel and internal investigators” about the illegal acts, Attorney General Jeff Sessions said in a statement. An independent corporate compliance monitor will review and report on ZTE’s export compliance program over the next three years, during which the company will remain on corporate probation, according to DOJ’s announcement. “Criminal information” filed March 7 in federal court in the Northern District of Texas charged ZTE with one count of “knowingly and willfully” conspiring to violate the International Emergency Economic Powers Act, and one count each of obstructing justice and making a material false statement. ZTE then signed a plea agreement with the government, which the court must still approve, DOJ said. BIS four times extended the original June 30, 2016, deadline for a temporary general license for ZTE that maintains normal licensing requirements for exports, re-exports and in-country transfers to ZTE and ZTE Kangxun (see 1702230001), after announcing sanctions against the two entities and two affiliated firms on March 8, 2016 (see 1603070001). The current temporary general license expires March 29.
The State Department and the Commerce Department Bureau of Industry and Security transferred items, including some satellites, from U.S. Munitions List (USML) Category XV (spacecraft systems and associated equipment) to the Commerce Control List (CCL) that no longer warrant USML control. BIS’ (here) and State’s (here) final rules build upon comments received after interim final rules were published May 13, 2014, and take effect Sunday, they said in Tuesday's Federal Register.
The federal government's interagency End-User Review Committee added Chinese telecom equipment company ZTE and three affiliated firms to the entity list after the ERC determined the trio had cooperated in a "scheme" to re-export controlled items to Iran contrary to U.S. law, the Bureau of Industry and Security said in a notice to appear in Tuesday's Federal Register. ZTE's plan allegedly involved establishing, controlling and using multiple shell companies to illicitly re-export controlled items to Iran in violation of U.S. export control laws, BIS said. ZTE didn't comment Monday.
"The path is now clear" for the U.S. to "help bring Cuban telecommunications into the [21st century]," said Jamie Barnett, a Venable cybersecurity and telecom lawyer, in an online memo, referring to a recent policy change of the Commerce Department's Bureau of Industry and Security (BIS). The bureau's policy change regarding Cuba -- from a "case-by-case" review of telecommunications license applications to a "general policy of approval" -- became effective in late January, and coincides with recently announced amendments to the Cuban Asset Control Regulations (CACR) made by the Treasury's Office of Foreign Assets Control (OFAC), Barnett said. OFAC's amendments to the CACR "further relax[ed] the restrictions on the economic activities in, and financing exports to, Cuba," he said. Barnett said OFAC took multiple, incremental steps in 2015 to open up U.S. telecom-based services in Cuba, and its most recent action in January continues that trend. "As both OFAC and BIS have made clear, the purpose of the new rules involving trade with Cuba is to engage the private sector in that country to the largest extent possible while supporting the Cuban government as little as practicable in keeping with this purpose," he said. "In the telecom field, the U.S. government appears to appreciate that major infrastructure projects will be required and that these can be accomplished only by working with the Cuban government." Although providers will need BIS licenses to "bring Cuba telecom into par with the U.S.," and U.S. companies will need to carefully negotiate the remaining OFAC sanctions, "U.S. policy is clearly to promote the modernization of Cuba's telecommunications sector."
Enactment of the Cybersecurity Act of 2015 is unlikely to reduce Congress' interest in cybersecurity issues during 2016, but it's equally unlikely that Congress will pass similarly major legislation in the coming year due in large part to the uncertain dynamics of the presidential election, cybersecurity stakeholders told us. The Cybersecurity Act was Congress' final version of conference cybersecurity information sharing legislation, after contentious negotiations over whether to favor language from the Senate-passed Cybersecurity Information Sharing Act (S-754) or two House-passed information sharing bills (see 1512160068).
The Bureau of Industry and Security penalized two Dubai-based traders and three companies operated by the pair over violations of the Export Administration Regulations, BIS said in a notice set to appear in Thursday's Federal Register. The two individuals and their companies violated the EAR by conspiring to export and re-export controlled telecom equipment to Syria without the proper U.S. authorization and through falsified documents, BIS said. The agency placed on the Denied Persons List companies including iT Wave, for four years. The five entities are collectively being charged $7 million, the order said. The BIS directed the entities to pay only $250,000 in total over an annual, staggered payment schedule. The remaining fees will be waived after two years if no further violations are committed, BIS said.
A Department of Commerce proposal for implementing changes to export control rules to comply with the multinational Wassenaar Arrangement is continuing to draw controversy amongindustry and nongovernmental organizations, with several industry officials saying at an event Friday that they're actively lobbying members of Congress, Commerce and other federal agencies on the need for changes to the proposal. A wide range of U.S. cybersecurity parties railed against the Commerce Department's Bureau of Industry and Security (BIS) Wassenaar implementation proposal in comments last week, with many saying the proposed implementation of recent changes to Wassenaar that would control the export of intrusion software and IP network surveillance systems was overly broad and would significantly affect U.S. cybersecurity companies (see 1507220082).
The Center for Democracy & Technology and Electronic Frontier Foundation were two of a coalition of pro-open-Internet groups that urged the Department of Commerce's Bureau of Industry and Security (BIS) earlier this week to reform the U.S. proposal for implementing changes to the multinational Wassenaar Arrangement on export controls related to cybersecurity and surveillance technology. CDT, EFF and the other groups jointly said that BIS should change the Wassenaar implementation proposal to clearly address human rights issues and to narrow what they view as overly broad rules that they believe could have a chilling effect on legitimate security research. More narrowly tailored rules would apply only to “transfers to government end users or for military or law enforcement purposes,” the groups said. The Wassenaar proposal should also provide “clear 'Know Your Customer' guidance,” the groups said. Cisco, BSA/The Software Alliance and Google have urged further revisions to the proposal.