“Dual-Use Reform: Enabling & Securing European Exports of Technologies, Software & Semiconductors”

On October 19th, SME EUROPE of the EPP in cooperation with the the European Semiconductor Industry Association (ESIA) & DIGITALEUROPE, hosted a Working Breakfast event in the European Parliament considering the following thematic: “Dual-Use Reform: Enabling & Securing European Exports of Technologies, Software & Semiconductor”. The event featured the following speakers: Klaus Buchner MEP, Rapporteur on “Union regime for the control of exports, transfer, brokering, technical assistance and transit of dual-use items”, Member of INTA Committee, Marietje Schaake MEP, Opinion Rapporteur on” Union regime for the control of exports, transfer, brokering, technical assistance and transit of dual-use items”, Member of INTA Committee; Stéphane Chardon, Head of Sector for Strategic Export Controls, at DG Trade, European Commission, Stefano Pedretti, Trade Compliance Governance & Regional TC EMEA at STMicroelectronics: The Dual Use Reform – towards a global level playing field for the export of semiconductors, challenges and opportunities, Mark Smitham, Senior Manager of Cybersecurity Policy at Microsoft EMEA: Export control – making the rules fit for the digital world, Sophie Windisch, Advisor, Austrian Federal Economic Chamber.

Marietje Schaake MEP opened with an overview of the Dual Use Regulation and the effort she used to update it in the past 6 years. Furthermore, she mentioned 2 goals she is hoping to implement in the future. Ready-made Surveillance tools have become more accessible and cheaper in recent years which may lead to a drastic outcome not only from a security point of view but also for possible Human Rights violations. The goals are to Update the current Dual Use regulation and to create a new Human Rights approach. They have also made exceptions to the Regulation like weakening control of cryptographic items which is especially important for SMEs. However she also highlighted the biggest differences of the Dual Use Regulation Draft between the Commission and the Parliament. The EP sharpened definitions and proposed to differentiate between “so called traditional Dual Use Items and Dual Use Items that are in the category of Cyber Surveillance”. Because there are specific Human Rights concerns in relation to Cyber Surveillance. Ms. Schaake was interested by Mr. Pedrettis approach for a global Dual Use Regulation and pointed out that the European Union should show leadership in this matter. Although she mentioned possible problems which would rise the urge for companies to leave the single European market.

Stephane Chardon was directly pointing out the role of SMEs in the process of modernization. Nevertheless he was also willing to share some data us. He put into consideration that the discrepancy between the total value of application for licenses in 2015 (latest data) in the Member States were 44 Billion Euro which equal 2.5 % of total EU export. When on the other hand only 0.1% of total exports got denied for application. Mr. Chardon made it clear that the SME dimension was recognized in the assessment process. The data allowed Mr. Chardon to draw two conclusions. First of all that many SMEs are involved in the Dual Use area, for most in the IT and Cyber sector. However, the overall conclusion is that it is necessary to find more Data which allows to provide consistent implementation. 99.9 percent of Dual Use operations are in a multinational spectrum which also explains the desire of SMEs to have global approaches. Nevertheless, the proposal is firmly maintaining the EU jurisdiction. One reason for that is the possible administrative burden that may come with a global Dual Use regulation. An important aspect is the general export authorization which needs harmonized requirements and conditions. Only with these we will be able to collect consistent data and to monitor the implementation which allow to report the outcome to the EP and the public. The last point mentioned by Mr. Chardon was the obligation of clarifying Due Diligence regulations for companies but at the same time the should be aware that leaving the single European market automatically is a risk.

Prof. Dr. Klaus Buchner MEP explained the serious reason why it Is so important to renew the Dual Use regulation which was especially the Arab Spring where European technology was used to torture people and commit many other Human Right violations. Although it is a long and complicated process to implement a Dual Use Regulation. Due to the incredibly fast development of technology it is nearly impossible to create a complete Regulation. Therefore, it is highly important to create a regulation that catches all the technologies and is independent to the fast development process. Still it is important to Prof. Dr. Buchner to limit the scope of the catch all clause to something easy and accessible. His goals are to clarify uncertainties and to simplify bureaucratic burdens for companies. Companies need clear definitions for example for Cyber-surveillance or for due-diligence. Prof. Dr. Buchner agrees with Ms. Schaake that it is necessary to distinguish between conventual and Cyber surveillance and Dual Use goods. Companies want a global approach and therefore it is important that EU takes leadership in this matter and does not wait for international treaties. It should be a goal that the EU Legislation will be adapted globally. He also took into account that necessity of simplification of the Dual Use Regulation which would benefit all participating parties. The inter-company transfer is also a key factor which has to be stopped in order to have a successful regulation. In terms of harmonization it will be important to achieve similar penalties for all Member States which currently vastly vary in the EU. Prof. Dr. Buchner closed his presentation of his report with appeal to companies to pursue the already existing rules and duties they are facing as an export orientated businessю

Stefano Pedretti, Trade Compliance Governance & Regional TC EMEA at STMicroelectronics, representing the EISIA opinion, opened his Keynote Address with stating that the ESIA strongly supports an EU Export Control reform, in particular the two European Export Authorizations, first the one on intercompany transfer and secondly the one on encryption, which are deemed necessary. They address the current lack of a global level playing field, and improve the overall efficiency. The use of encryption algorithms in our everyday life makes it necessary to have facilities for handling the so called “mass market for commercial encryption” which probably will be achieved by the new Regulation. For Mr. Pedretti the de-controlling of commercial encryption is a smart and logical step in the right direction. And therefore, it is considered a target from ESIA, even if a long-term target. About Human Rights violations Mr. Pedretti stressed ESIAs view that an Export Control can work at best if it is implemented on a global scale and makes an appeal to government that it is not the task of the industry to identify the responsibles for possible Huan Rights violations, but “the Governments should provide such a list”. Nevertheless, in the case of Due Diligence he asks for clear guidelines which will serve as key parameters defining the needed compliance checks. These should be published at the same time as the Regulation. Mr. Pedretti closes his Keynote speech with a summary of his speech and with saying that there should be a clear separation for the term of Dual-Use items and Cyber-Surveillance items.

Mark Smitham, Senior Manager of Cybersecurity Policy at Microsoft EMEA as a representative from outside the EU believes that Export Control will possibly affect companies outside of the European single market. In that context it will also influence the competitiveness of European companies to operate outside the EU and on the other hand companies outside of the EU which want to act inside the EU. A key objective for Mr. Smitham is to protect citizens all over the world and therefore it is important that the EU “ends up as a leading player to project views for the protection on Human Rights and the support for international peace and security”. It is very important that when legitimate companies are dealing with sensible technologies to protect citizens it needs to be considered what and in which amount bureaucratic burdens for authorizations should be implemented. For a global player like Microsoft a reactive approach should also be taken into account. Mr. Smitham was explaining that for inter-company transfers with larger customers where often SMEs provide services the amount of work required is rapidly growing to enormous amounts. Mr. Smitham agrees with Ms. Schaake’s demand for clearer definitions which should be understood by everyone and not only Dual Use experts. Furthermore, the intention of the user for legitimate tools, for a use which it was never developed in the first place should not be pushed to a point where it is close to the impossible to make any predictions for companies.

Sophie Windisch, Advisor, Austrian Federal Economic Chamber, welcomes the objective of harmonizing the dual-use rules as well as their application within the Member states due to the need of a consistent framework and a level-playing-field. Nevertheless, Ms Windisch was expressing her concerns regarding the proposal for a recast because it would lead to higher legal uncertainty, less planning security and high administrative burdens, especially for SMEs. Ms Windisch understands the need to include cyber surveillance items but a unilateral control by the EU will not prevent the abusive use of cyber surveillance technologies. Therefore, Ms Windisch recommends to strive for an international approach and an international listing of cyber surveillance technology. The definitions and criteria of the Dual Use regulation have to be clarified because businesses need clear guidelines on what they can and cannot do. In that context Ms Windisch stated that the items should be listed by their technological characteristics and not by their potential misuse. For enabling that, experts from the member and the industry should help revising these definitions. The Human Rights and Terrorism catch all clauses are at the current level only vaguely formulated and too undefined. The clauses target non-listed dual-use items without any limitation, and therefore in principle every item. Especially SMEs do not have the staff and the organisation in place to cope with those provisions. A promising alternative which Ms Windisch was recommending is a list based approach which would be more appropriate and precise in the fight against terrorism or human right violations than general catch all provisions which – in practice – cannot be duly observed, neither by authorities nor by companies.

For more pictures from this Event, you are welcomed here