1 / 31

How to Develop Technology Control Plans (TCPs)

How to Develop Technology Control Plans (TCPs). Introduction. Regulations Who is a Foreign Person? Foreign TCP vs. U.S. Citizen TCP Scope Purpose TCP & NDA Technical Data Indoctrination of Foreign Person. Introduction Con’t. Facility Access Export/Import Out Processing

ata
Download Presentation

How to Develop Technology Control Plans (TCPs)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. How to Develop Technology Control Plans (TCPs)

  2. Introduction • Regulations • Who is a Foreign Person? • Foreign TCP vs. U.S. Citizen TCP • Scope • Purpose • TCP & NDA • Technical Data • Indoctrination of Foreign Person

  3. Introduction Con’t • Facility Access • Export/Import • Out Processing • Security Point of Contacts • Attachments • Approval Signatures • Waivers

  4. REQULATIONS • International Traffic In Arms Regulations (ITAR) 22 C.F.R Chapter I, Subchapter M Parts 120-130, Section 126.13 Required Information (c). • Foreign Nationals @ security cleared facilities • Employed • Assigned • DoD 5220.22-M National Industrial Security Program Operating Manual (NISPOM) 10-509.

  5. Who is a Foreign Person? • Any natural person who is not a lawful permanent resident defined by 8 U.S.C. 1101(a)(20) or who is a protected individual as defined by 8 U.S.C. 1324b(a) (3). It also means any foreign corporation, business association, partnership, trust, society or any other entity or group that is not incorporated or organized to do business in the United States, as well as international organizations, foreign governments and any agency or subdivision of foreign government (e.g. diplomatic missions).

  6. Who is a Foreign Person? (Con’t) • Title 8 U.S.C. 1101(A)(20) - The term “lawfully admitted for permanent residence” means the status of having been lawfully accorded the privilege of residing permanently in the United States as an immigrant in accordance with the immigration laws, such status not having changed.

  7. Who is a Foreign Person? (Con’t) • Title 8 U.S.C. 1324(A)(3) - The term “protected individual” means an individual who - (A) is a citizen or national of the United States, or (B) is an alien who is lawfully admitted for permanent residence, is granted the status of an alien lawfully admitted for temporary residence.

  8. Foreign TCP vs. U.S. Citizen TCP • Foreign TCP • Signed by Foreign Nationals • U.S. Citizen TCP • Signed by Employees and U.S. Visitors • Contains additional information • Who is a Foreign Person? • Defines Technical Data • Software • Classified Technical Data • Unclassified Technical Data

  9. Foreign TCP vs. U.S. Citizen TCP • Reviewing Requirements Of All Technical Data • Sanitization Of Program Area • Program Security Classification Guide, Security Aspects Ltr, Grading Document • Licenses, Technical Assistance Agreements (TAAs) and Provisos • Counterintelligence Briefings • Safeguarding Private Data, Proprietary Information, & Classified Data

  10. Scope • Applies to all elements of your company and any U.S. visitor associated with foreign government or commercial programs. • Foreign Military Sales (FMS) • Commercial Sales

  11. Purpose • To delineate the controls necessary to ensure that no transfer of technical information or technical data is effected to Foreign Persons beyond that which is approved for license by the Department of State, Office of Defense Trade Controls (ODTC).

  12. Technology Control Plan & Non-disclosure Statement • Disclosure of controlled technical data to a Foreign National assigned at a U.S. security cleared facility is considered an export under the International Traffic In Arms Regulations (ITAR) (22 CFR 126.13(c)). Such a release requires a Department of State license agreement or an exemption, and submission of a Technology Control Plan (TCP) and a Non-Disclosure Statement.

  13. What is Technical Data? • Information required for the design, development, production, manufacture, assembly, operation, repair, testing, maintenance, or modification of defense articles. This includes information in the form of blueprints, drawings, photographs, plans, instructions, and documentation. • Classified information relating to defense articles and defense services.

  14. What is Technical Data? • Software that includes but is not limited to system functional design, logic, flow, algorithms, application programs, operating systems and support software for design, implementation, test, operation, diagnosis, and repair. • Information covered by an invention secrecy order. • Note:This definition excludes information related to general scientific, mathematical, or engineering principles commonly taught in schools, colleges, and universities, or other information in the public domain. It also excludes basic marketing information on function or purpose, as well as general systems descriptions of defense articles.

  15. Indoctrination of Foreign Person • Safeguarding Private Data, Proprietary Information, & Classified Data • Facility Services • International mailing • International Freight and Courier Shipments • International Couriering Of Classified Material • International Mailing Of Classified Material • Facsimile

  16. Indoctrination of Foreign Person • Information Systems • Prohibited Activities • Illegal Copying • Communication Of Proprietary Data • Virus Detection • Etc. • Reproduction • Classified Storage • Security Clearance Instructions

  17. Facility Access • Security Violations • Deliberate violations of security procedures could result in immediate removal from the facility and will be subject to investigation, which may result in disciplinary action to include prosecution. The company has a zero tolerance for deviation for this TCP without specific prior approval. • Area violations • Camera Phone violation

  18. Facility Access • Badge Requirements • Hours of Access • Areas of Access • Dress Policy • Unauthorized Personal Items • Container Searches

  19. Export/Import • Export License Requirements • What is an Export? • 1. Sending or taking a defense article out of the U.S. in any manner, except by mere travel outside the U.S. by a person whose personal knowledge includes technical data; or • 2. Transferring registration or control to a foreign person of any aircraft, vessel, or satellite covered by the U.S. Munitions List, whether in the U.S. or abroad; or • 3. Disclosing (including oral or visual disclosure) or transferring in the U.S. any defense article to an embassy, any agency or subdivision of a foreign government (e.g., diplomatic mission); or

  20. Export/Import (Con’t) • 4. Disclosing (including oral or visual disclosure) or transferring technical data to a foreign person, whether in the U.S. or abroad; or • 5. Performing a defense service on behalf of, or for the benefit of, a foreign person, whether in the U.S. or abroad. • 6. A launch vehicle or payload shall not, by reason of the launching of such vehicle, be considered an export.

  21. Export/Import (Con’t) • Examples of Export Violations • Export or Import without a License; • Failure to file a shippers export declaration; • Export to an unauthorized consignees; • Handcarrying technical data or hardware overseas without appropriate documentation.

  22. Export/Import (Con’t) • Possible Penalties • General violation – Fine of not more than five times the value of the export involved or $50,000 whichever is the greater; • Willful violation – Fine of not more than five times the value of the export involved or $1,000,000 whichever is the greater; • Individual shall be fined not more than $500,000 for each violation • Seizure or Forfeiture of Goods; • Imprisonment; • Loss of Export privileges; • Employment Termination; • Loss of patent rights.

  23. Out Processing • To ensure all material and equipment that the visitors is taking is authorized.

  24. Security/Export/IT Security Points of Contact • Include names and phone numbers

  25. Attachments • Facility Map • Building Map • International Shipping Document • Notes Page • Technology Control Plan (TCP) & Nondisclosure Statement (NDS)

  26. Facility Map

  27. Building Map

  28. Approval Signatures • Security • Export • IT Security

  29. Waivers • Case by case

  30. Lessons Learned • Keep employees informed of areas of access • Webpages • Annual Security Briefings • News Flashes • Remind employees of responsibilities to report suspicious activity • Webpages • Annual Security Briefings • News Flashes • In person

  31. Questions

More Related