The Commerce Department’s Bureau of Industry and Security (BIS) has posted long-awaited updates to its guidance regarding changes to a number of encryption-related provisions in the Export Administration Regulations (“EAR”). The updates cover the changes to encryption controls adopted in September 2016 and include a quick reference guide and updated flow charts for classifying encryption items, as well as additional guidance on encryption items NOT subject to the EAR. The full updated policy guidance can be found here.

The encryption controls remain one of the more confusing parts of the dual use export controls. If you export software from the U.S., or hardware with encryption capabilities, it is important to get classifications right, and to understand and properly apply license exceptions. One classification error can lead to multiple export violations.