One of the most frequently misunderstood concepts in US export control law is the deemed export. The intuitive understanding of an export is the physical shipment of goods or technology across a national border. But under both the International Traffic in Arms Regulations (ITAR) and the Export Administration Regulations (EAR), an export can occur without any physical movement of goods at all: the release of controlled technology or technical data to a foreign national within the United States is deemed to be an export to the foreign national’s country of citizenship. This concept — the deemed export — has profound implications for any US company, university, research institution, or other organization that employs, hosts, or works with foreign nationals. It means that a US employer who gives a foreign national employee or visitor access to controlled technology may be conducting an export, and may need an export license, even though the information never leaves US soil.

The deemed export rules reflect a fundamental regulatory insight: that the technology itself is what must be controlled, not merely its physical carrier. A blueprint for a defense article that is handed to a foreign national in a US office is just as much an export as a blueprint physically mailed to a foreign address. A technical briefing delivered to a foreign national at a US conference is an export of the information shared. Access to a controlled server or database is an export of the technology on that server. The delivery mechanism — oral discussion, written document, electronic transmission, visual inspection — is irrelevant to the export control analysis. What matters is whether controlled technology was made available to a foreign national.

The ITAR Deemed Export Rule

Under ITAR (22 CFR 120.50), an export includes the release or transfer of technical data to a foreign person in the United States. The term ‘foreign person’ under ITAR means any natural person who is not a lawful permanent resident of the United States and is not a US citizen or national, and also includes foreign entities such as corporations, businesses, and organizations organized under the law of a foreign state. A foreign national employee who is an H-1B visa holder, an F-1 student visa holder, a J-1 exchange visitor, or who holds any other temporary immigration status is a foreign person for ITAR purposes, regardless of how long they have been in the United States.

Lawful permanent residents — holders of a ‘green card’ — are treated as US persons under ITAR and do not trigger the deemed export analysis. Similarly, naturalized US citizens are US persons. However, ITAR includes a ‘national security controls’ provision that can require special screening even for permanent residents who are nationals of certain embargoed countries (Cuba, Iran, North Korea, Syria, and the Crimea region of Ukraine), because the ITAR country-based embargoes may still apply depending on the nature of the technology and the specific transaction. This is an area of particular complexity that requires case-by-case analysis.

The ITAR deemed export rule means that a US defense contractor who allows a foreign national employee to access the company’s ITAR-controlled technical data — design drawings, specifications, test data, manufacturing processes — is making an export of that data to the employee’s country of citizenship. If the export of that data to the employee’s country would require a license, then allowing the employee to access the data also requires a license or a qualifying exemption. Companies must therefore screen the nationalities of foreign national employees and assess whether access to specific controlled technical data requires a license before that access is granted.

The EAR Deemed Export Rule

The EAR deemed export rule, codified at 15 CFR 734.13, is similar in concept to the ITAR rule but has some important differences. Under the EAR, an export includes the release of technology to a foreign national within the United States. ‘Technology’ under the EAR means information necessary for the development, production, or use of items on the Commerce Control List (CCL), in the form of technical data or software. The EAR deemed export rule applies when the release of technology would require a license for export to the foreign national’s home country. Thus, the analysis requires three steps: first, is the technology controlled under the EAR? Second, is the recipient a foreign national? Third, would export of the technology to the foreign national’s country of citizenship require a license?

Unlike ITAR, the EAR grants US person status to lawful permanent residents for deemed export purposes. This means that green card holders do not trigger the EAR deemed export analysis. However, temporary visa holders — including H-1B, L-1, O-1, F-1, J-1, and TN visa holders — are foreign nationals for EAR purposes, regardless of the duration of their US residence or employment. The EAR deemed export rule is particularly significant for technology companies, semiconductor firms, pharmaceutical and biotechnology companies, and research universities, all of which routinely employ foreign nationals and share controlled technology with them in the ordinary course of business.

The EAR also contains a ‘deemed re-export’ concept: if a foreign national who received controlled technology while in the US then returns to their home country or travels to another country, they may be ‘re-exporting’ the technology by taking their knowledge with them. While this concept is addressed in BIS guidance, its practical enforcement is acknowledged to be complex.

License Requirements and Exceptions

Where a deemed export requires a license, the company must obtain a license from DDTC (for ITAR) or BIS (for EAR) before providing the foreign national access to the controlled technology. For ITAR, the applicable license is typically a DSP-5 export license (permanent export of unclassified defense articles and technical data) or a Technical Assistance Agreement (TAA) or Manufacturing License Agreement (MLA). For EAR, the applicable license is an individual export license submitted to BIS through the SNAP-R system.

Several exceptions to the deemed export license requirement may be available. Under the EAR, the License Exception TMP (temporary), License Exception RPL (parts and equipment), and License Exception STA (strategic trade authorization) may be available in specific circumstances. Of particular importance for employers and research institutions is the EAR’s exclusion for ‘publicly available’ technology: technology that is published and generally accessible to the public — in textbooks, journals, public-domain software, and similar sources — is not controlled under the EAR and is not subject to the deemed export rule. Similarly, fundamental research — basic and applied research at an accredited institution of higher learning where the resulting information is ordinarily published and shared broadly within the scientific community, and where no proprietary restrictions apply — is excluded from EAR technology controls under the fundamental research exclusion.

Under ITAR, the corresponding exception is the ‘public domain’ exception — information that has been made available to the general public without restriction is not subject to deemed export controls. However, ITAR’s public domain exclusion is interpreted more narrowly than the EAR’s publicly available exclusion, and the fundamental research exclusion under ITAR applies only to basic research at accredited institutions that does not result in the transfer of export-controlled items and that was not subject to any restriction. Companies and universities must be careful not to assume that work that appears academic or publicly available necessarily falls within the ITAR public domain exclusion.

Employer Obligations: Screening and Compliance

Employers who employ or host foreign nationals must implement a deemed export compliance program that systematically identifies which positions and which technologies at the company are export-controlled, screens all candidates for positions that involve access to controlled technology for citizenship and immigration status, determines whether the specific access required for the role would trigger a deemed export license requirement, and either obtains the required license before access is granted or structures the role to avoid access to controlled technology. This process must be conducted for every foreign national employee, intern, contractor, visitor, and collaborator who will have access to controlled technology, and it must be repeated when the employee’s access or immigration status changes.

The deemed export screening process must be handled with care under US immigration and employment law. The Immigration and Nationality Act (INA) prohibits employers from discriminating in hiring, firing, or recruitment based on citizenship status or national origin for I-9 purposes. However, the law explicitly permits employers to condition employment or access to controlled technology on the employee’s ability to be authorized for such access — which for export control purposes means being a US person or holding the required license. Employers must apply these screening criteria consistently and document their process carefully to demonstrate both ITAR/EAR compliance and compliance with anti-discrimination requirements. The EEOC and DOJ’s Office of Special Counsel have provided guidance on how employers can satisfy both sets of obligations simultaneously, and employers should consult experienced counsel to design a compliant process.

Companies that fail to manage their deemed export obligations face the same penalties as companies that make unauthorized physical exports: civil penalties up to $1.3 million per ITAR violation and criminal penalties for willful violations, plus significant reputational and contractual consequences. The US government has brought enforcement actions against technology companies, defense contractors, and universities for deemed export violations, and the volume of such enforcement is expected to increase as DDTC and BIS devote more resources to screening foreign national access to controlled technology in the national security context.