ITAR issues: a brief reminder

The International Traffic in Arms Regulations, commonly known as the ITAR rules, are a set of U.S. Government regulations passed under the Arms Export Control Act. The ITAR rules are primarily intended to keep technology with military applications out of the hands of countries or individuals posing a threat to U.S. national security. Defence-related technology, which includes both goods and the related technical data, is included in a part of the regulations called the United States Munitions List. For some Canadian companies, especially aerospace and defence companies, compliance with the ITAR rules is a precondition of receiving controlled goods and technologies from a U.S. company.

Section 126.1 of the ITAR rules prohibits exports of controlled articles to certain “proscribed” countries. The ITAR rules include a list, subject to amendment, of approximately 24 such countries, among them Afghanistan, China, Cuba, Iran and North Korea. The concept of export includes transferring or giving access to controlled articles to an individual, such as an employee. Rule 126.1 states that it is the policy of the United States to deny licenses, and other approvals, for the export and import of controlled articles, destined for or originating in proscribed countries.

Consequently, before the August 2011 ITAR amendment, a Canadian company had to exclude employees who were nationals of proscribed countries from participation in projects involving controlled articles even if the company had obtained all the authorizations required under the ITAR rules. In other words, employees who possessed dual citizenship (Canadian citizenship and citizenship of a proscribed country) could not work on ITAR projects. Therefore, in order to comply with the ITAR rules as well as Canadian regulations, Canadian companies could not give access to ITAR-controlled articles to Canadian employees who were also nationals of a proscribed country.

Obviously, this situation raised concerns and caused some problems, as the right to equality is protected by the charters and codes governing human rights and freedoms. In particular, the Ontario Human Rights Commission and the Commission des droits de la personne et de la jeunesse du Québec filed complaints, ultimately settled out of court, against Canadian companies for discrimination based on citizenship and place of origin. Canadian companies were faced with a dilemma: on the one hand, they were required to comply with U.S. and Canadian export rules; on the other hand, when they applied those rules, they were sued for discrimination.

On May 16, 2011, the U.S. Department of State published ITAR amendments that came into force on August 15, 2011. One of the objectives of the amendments was precisely to address the fact that the rules had raised human rights issues for certain allies and friends of the United States without a commensurate gain in national security.

New rules and the setting aside of the nationality test

The ITAR amendments include a new Section 126.18, which states that approval is no longer needed for the transfer by foreign companies, including Canadian companies, of controlled articles to dual national employees.

However, Section 126.18 includes several conditions:

  • The exemption only applies to “unclassified” articles.
  • The employees must be “bona fide, regular employees,” a regular employee meaning:
  1. an individual permanently and directly employed by the company; or
  2.  an individual in a long-term contractual relationship with the company where the individual works at the company's facilities and works under the company's direction and control. If the individual is provided by a staffing agency, the staffing agency must not have any role in the individual’s work.
  • The company must have effective procedures to prevent the diversion of controlled articles to prohibited countries. It may satisfy this condition:
  1. by obtaining a security clearance approved by the host nation – that is, Canadian – government for its employees; or
  2. by
  • having in place a process to screen its employees for “substantive contacts” with proscribed countries and having employees execute a Non-Disclosure Agreement that provides assurances that they will not transfer any information to unauthorized parties; and
  • maintaining a technology security/clearance plan that includes procedures to screen employees for “substantive contacts” and by maintaining records that must be made available to the U.S. authorities upon request.

To determine whether an employee has “substantive contacts” that would disqualify him or her for the exemption, Section 126.18 lists seven criteria:

  • regular travel to a proscribed country;
  • recent continuing contacts with “agents, brokers and nationals from such countries”;
  • continued “demonstrated allegiance” to such countries;
  • maintenance of a residence in such countries;
  • maintenance of business relationships with persons of such countries;
  • receiving salary or other continuing monetary compensation from such countries; and
  • acts otherwise indicating a risk of diversion.

The various criteria imposed by the new ITAR amendments are very vague and raise a number of enforcement issues. However, the Canadian government has actively been working to make the task easier for Canadian companies.

The Canadian government, through the Controlled Goods Directorate, an entity of Public Works and Government Services Canada (PWGSC), has adopted an “enhanced security strategy.” As part of that strategy, it has introduced a new Security Assessment Application to collect information on employees who have access to controlled goods.

The Security Assessment Application is intended, among other things, to enable the application of the Canadian Controlled Goods Regulations (Regulations). Section 13 of the Regulations requires every registered person to, with the consent of the individual concerned, conduct a security assessment of its employees for the purpose of determining “the honesty, reliability and trustworthiness of a person and the extent to which the person poses a risk of transferring a controlled good to a person who is not registered or exempt from registration.” (Section 15 of the Regulations). The assessment must take into account the following:

  1. personal references;
  2.  criminal history;
  3. in the case of an individual, their places of residence, and their employment and educational histories; and,
  4. in the case of a corporation or other business, its ownership.

On August 29, 2011, the Government of Canada entered into an agreement through an exchange of letters with the U.S. Department of State concerning the process for implementing the new ITAR rules. As part of this exchange of letters, the Department of State endorses, according to the Government of Canada, the enhanced Controlled Goods Program as Canada's chosen avenue for Canadian industry to meet the new requirements of the ITAR rules.

It would therefore appear that, for Canadian industry, the ITAR requirement to adopt effective procedures to prevent the diversion of controlled articles can be met through compliance with the Canadian regulations and the tools developed by the Controlled Goods Programs.

The exchange of letters is also designed to ensure that processes are applied in a manner consistent with Canadian privacy legislation. If a Canadian company has concerns about a possible diversion of controlled articles to ITAR-proscribed countries, it is required to inform the Controlled Goods Directorate, which will investigate the matter further. The exchange of letters specifies that all requests by the Department of State for access to the information garnered from the security assessments must be made through the Controlled Goods Directorate.

Right to equality and right to privacy

By employing a neutral process, the new procedure may have addressed concerns that had been raised about discrimination. While it is not clear under the ITAR rules if all employees or only dual nationals are required to undergo a security assessment, it does seem that, at least under the Canadian Controlled Goods Program, all employees with access to controlled goods must be assessed. Consequently, there does not appear to be any direct discrimination.

However, it warrants mentioning that a seemingly neutral distinction may still be discriminatory if it disproportionately affects a protected group, in this instance, individuals of specific national origins. Should a security assessment procedure be contested on these grounds, the procedure may be justified since it is solely intended to exclude individuals who pose a risk of transferring controlled goods to a person not authorized to receive them.

In short, from a right to equality standpoint, the new rules are an improvement. Insofar as possible, companies will have to apply the security assessment procedure equally and follow the instructions provided by the Canadian authorities.

The new ITAR rules also raise a number of issues concerning the right to privacy of the employees involved.

In Canada, personal information protection legislation exists that protects the right to privacy of job applicants or existing employees. However, such legislation usually contains exceptions and allows a person’s personal information to be collected and disclosed without his or her consent if such collection and disclosure is authorized by law.

A company that has access to controlled articles may therefore argue that collecting information using the Security Assessment Application is authorized by law, namely the Controlled Goods Regulations.

It would appear that the constitutional validity of the Controlled Goods Regulations cannot be challenged under the Canadian Charter of Rights and Freedoms (Canadian Charter) by referring to their impact on the right to privacy of applicants and employees. In Reference re: Federal Courts Act (Can.), the Federal Court of Appeal had to determine whether the Marine Transportation Security Regulations were contrary to the Canadian Charter. Those regulations required the port authorities to collect, for security questions, personal information on their employees. The information required was similar to what is required under the Controlled Goods Regulations. The Federal Court of Appeal, even while presuming that the collection of such information may constitute a search by the government (without, however, ruling on the matter), found that the regulations did not violate Sections 7 and 8 of the Canadian Charter.

In conclusion, Canadian employers subject to the ITAR rules should ensure that their hiring process complies with Canadian regulations and that those regulations are applied so as to avoid any right to equality or right to privacy violations.