Export Control Measures
The Technology Control Plan (TCP) for research activity and projects at the UW applies to projects or activities that:
- Involve receipt of export controlled information from an outside party or sponsor, such as a nondisclosure agreement or sponsored research agreement;
- Use equipment or software that was developed for military or space applications;
- Require a foreign national to know how a high-tech piece of equipment is manufactured, designed or repaired;
- Are not considered Fundamental Research; or
- Involve technology and software associated with export-controlled equipment.
Technology Control Plan (TCP) Components
PI or Activity Director of a project/activity completes the TCP components which must be approved by the Research Security Team. TCP Components:
The Security Control Measures contains specific information, personnel, and physical security requirements. At a minimum these requirements include:
- UW Privacy Assurance and Systems Security (PASS) Council’s Minimum Data Security Standards and the Minimum Computer Security Standards.
- UW Administrative Policy Statement 2.5.
Details of your specific project or activity may require heightened and customized security measures, assessed by the Research Security Team. Any control measures above and beyond the standard University requirements are integrated into the Security Control Measures form before it is approved.
Initiating a Security Control Measures Plan
A Security Control Measures Plan (SCMP) can be implemented at any time during a project or activity. Most often, this happens when an award is received for a research project that involves export controlled information.
Circumstances for review and implementation of an SCMP :
- Restriction in award terms related to participation, publication, or government restrictions on the project results or information being shared on the project with the research team.
- Answers to eGC1 Compliance questions indicate collaboration with foreign parties and handling or development of export controlled information
- Third party or side agreements, such as a confidentiality agreement, indicate there will be information, technology or software used on the project that is proprietary and includes restrictions on sharing technology, for national security purposes.
- Equipment will be developed or purchased on the project and the equipment is export-controlled.
At time of award, your Office of Sponsored Programs (OSP) reviewer or Research Security Specialist will reach out for more information to assist in implementing necessary security measures.
If you believe your project involves export controlled information, contact firstname.lastname@example.org to request a review of your project.
Commodity Jurisdiction Request
As part of the export control review, the Empowered Official may need to submit a Commodity Jurisdiction (CJ) request to the Department of State, Directorate of Defense Trade Controls (DDTC). DDTC will determine if the information is subject to the Export Administration Regulations (EAR) or the International Traffic in Arms (ITAR) regulations.
These CJ requests are ONLY submitted by the Empowered Official; contact email@example.com.
Export Control Licensing
Before undergoing a research activity, you may need an export control license. Review when a license is required.
At time of award, if the eGC1 compliance question indicated a transfer or shipment of export-controlled information or items to a foreign national or abroad, the award will be award set up will be held for review. The Research Security Specialist or Empowered Official will review these awards and if an export control license is needed, the license application will be submitted to the appropriate agency (BIS or DDTC) by the Empowered Official. They will follow up with you.