New dual-use regulation
The European Council has recently adopted a new dual-use regulation. The new dual-use regulation is a reworking of the present dual-use regulation and aims, among other things, at updating European export control in a number of areas. The regulation applies in all EU Member States and is expected to enter into force in 2021. In this Insight, Plesner's export control specialists seek to provide an overview of the material changes that follow from the new dual-use regulation.
The new, long-awaited dual-use regulation (the "Regulation") has been on its way since 2011 where the Commission published a green book to commence a revision of the EU's export control rules and adapt it to the rapidly changing circumstances of the modern world.
Upon signature by the European Parliament and the European Council, the Regulation will be published in the Official Journal of the European Union, which is expected to take place shortly. The Regulation will enter into force 90 days after its publication in the Official Journal of the European Union. The Regulation will replace the current dual-use regulation (Regulation no 428/2009 with later amendments).
The Regulation seeks to update the EU export control regime by implementing the regulation of certain trends and growth areas, including (i) rapid scientific and technological development (e.g. cloud computing) and the growing availability of cyber-surveillance items as well as information and communication technologies which may be used in violation of human rights, (ii) developments within certain areas of foreign policy as well as security risks, including growing challenges in connection with the proliferation of weapons of mass destruction and unchecked access to biological and chemical weapon materials in certain conflict zones, and (iii) the lack of uniformity in the application of the export control rules at EU Member State level as well as inadequate sharing of information between the EU Member States.
The main changes in the European export control under the Regulation are touched upon in the following.
Update of control provisions
Based on experience gained under the current dual-use regulation, and in order to address new trends of development, the following provisions of the Regulation are specified, simplified and improved:
- The definition of "dual-use items" is specified to include all items that can be used to design, develop, manufacture or employ nuclear, chemical or biological weapons or their means of delivery
- The definition of "exporter" is amended to specify the exercise of control by physical persons who may be "exporters", including in particular the transfer of software or technology
- A definition of "technical assistance" is introduced and the control of such technical assistance is harmonised
- A definition of "Internal Compliance Programmes" or "ICP" is introduced. Implementation of an ICP is made a condition for obtaining a global export license
- The definition of "broker" and "brokering services" is expanded to include legal persons and partnerships not resident or established in a Member State who provide brokering services from EU territory
- The rules applying to transit control of non-listed dual-use items and military end-use are harmonised
Control with the export of cyber-surveillance items
The Regulation introduces a new definition of "cyber-surveillance items" as well as new provisions regarding a catch-all control of cyber-surveillance items not on the control list in Annex I to the Regulation in order to harmonise export control in this area.
In order to secure an effective control of the area, the Member States are obliged to share information between themselves as well as with the European Commission, including, in particular, the technological development of cyber-surveillance items.
Optimisation of export authorisations
In order to reduce the administrative workload in connection with the various authorisation regimes, the procedures for issuing authorisations will be harmonised via the following overall changes:
- The various types of authorisation, as well as common approval criteria for the respective authorisation types, are defined, including e.g. the determination of certain validity periods, as well as a stipulation of the fact that as a starting point, an export authorisation will require the prior implementation of an Internal Compliance Programme (ICP)
- A definition of "authorisation for large projects" is introduced, which allows an adaptation of the duration of the validity periods for individual or global export authorisations in relation to large-scale projects
- New, general EU export authorisations (EUGEA) for encryption and intra-group transmission of software and technology, respectively, are introduced
- The competence to change destinations or items comprised by EUGEAs is delegated to the EU Commission in order to ensure the enhanced flexibility of the Regulation as well as an ability to respond to technological or financial development
Modernisation of the work of the authorities
The legislative framework for the work of the authorities is improved in order to promote a more consistent and effective export control.
The amendments include, among other things, increased access to exchange of information between the competent, national authorities and the Commission, to render the authorisation procedures more efficient for all competent, national authorities as well as to strengthen the authorities' access to control, including in relation to the export of technology to third countries.