​

LOW-TECH ELECTRICAL SWITCHES used in hospital equipment—called triggered spark gaps— have another, more sinister use: nuclear-weapon detonators. A government investigation detected a batch of these switches that had been sent from the U.S. to India and Pakistan under the guise of medical use, when in fact their real purpose was for use as nuclear technology.

That probe by the U.S. Commerce Department’s Office of Export Enforcement (OEE) and other federal agencies in 2005 found the shipments of the switches had violated American export restrictions on goods controlled for nuclear nonproliferation reasons. South African businessman Asher Karni, who arranged the exports, is currently serving a three-year prison term.

These types of dual-use items that are commercially exportable, yet present a possible threat to national security, are the focus of a new initiative put into play by the OEE, an arm of the Commerce Department’s Bureau of Industry and Security.

Through this initiative, called the Deemed Export Compliance program, OEE intends to work with industry to control the release of sensitive technical data to foreign nationals in the United States. Audits of licenses held by certain exporters will be conducted to ensure that they have internal technology-security plans so that key information is not released to, or accessed by, unauthorized personnel.

Mike Turner, the director of OEE, says the program was born of consistent warnings about theft of sensitive information by foreign interests. The “program springs from FBI and intelligence community reports about the level of acquisition efforts by the Chinese and others to acquire sensitive U.S. technical and proprietary data,” says Turner. Iran and North Korea are suspected of trying to filch information for their nuclear programs, while China is looking for ways to boost its military modernization, he says.

Through this compliance program OEE will audit select exporters. Of the 17,000 export licenses issued by the Commerce Department last year, some 1,500 pertained to situations in which technical data were released to foreign nationals. Of those, the OEE plans each year on auditing between 15 and 25 exporters who pose the greatest risk.

“We want to make sure that in those instances where we’ve actually authorized a technology transfer, the conditions of our license are being complied with and that there are adequate internal and security controls in place to ensure there are no unauthorized releases of data,” says Turner.

Commerce Department export licenses come free, but they pack a lot of requirements, including technical specifications of the items to be sent, and their destination. The OEE’s audits will zero in on exporters of semiconductors, dual-use medical equipment, advanced avionics, missile and space technology, test equipment with nuclear weapon production applications, and others.

Six-month pilot audits have already been completed on four companies, three of which are in the semiconductor field. Turner says the test audits served to refine the OEE’s protocols and procedures for conducting reviews. They also revealed a few kinks in the program.

One glitch was inconsistent communications between export compliance officials and security management professionals at various companies. “We want to ensure greater communications between those two groups—not only to control information, but to identify potential information breaches,” says Turner. Likewise, Turner says another issue to be rectified was a lack of direct contact between his office and company security management officials.

Companies will be encouraged to cooperate with the OEE’s new program to maintain their competitiveness in foreign markets. “If they want to get engaged in these types of technologies in a commercial transaction, they need to do it under the terms of a license. Knowing the requirement helps their competitiveness,” says Turner. Participation also serves national security, he adds.