Skip to content
DWT logo
People Services Insights
About Offices Careers
Search
People
Services
Insights
About
Offices
Careers
Search
Advisories
International Trade, Investment & National Security

Reminder: Have You Filed Your Encryption Self-Classification Reports with the Bureau of Industry and Security?

Annual self-classification reports and semi-annual reports for encryption hardware, software, or technology are due February 1 every year
By   Burt Braverman and Brian Wong
02.01.24
Share
Print this page

This is a reminder that annual self-classification reports and semi-annual reports for hardware, software, or technology utilizing encryption ("Encryption Items") were due to be filed by February 1, 2024, with the Bureau of Industry and Security ("BIS"), Department of Commerce.

Annual Self-classification Report

An annual self-classification report must be filed for items exported under License Exception ENC – 15 CFR § 740.17(b)(1) of the Export Administration Regulations ("EAR"), except for mass market Encryption Items meeting the mass market criteria under Note 3 to Cat. 5, Part 2 and classified as Export Control Classification Number ("ECCN") 5A992.c (hardware) or 5D992.c (software), or when a Commodity Classification ("CCATS") has been obtained from BIS for the Encryption Item. Mass market products are typically consumer products sold at retail stores or internet locations such as consumer electronics, mobile devices and apps, and retail software.

 

Annual self-classification reports must be filed by February 1 of each year. The annual self-classification report covers Encryption Items exported or reexported during the prior calendar year (January 1 through December 31).

 

The annual self-classification report must be filed in electronic format by e-mail to crypt-supp8@bis.doc.gov and enc@nsa.gov, or on disk (the latter only if necessary). Detailed filing instructions are on the BIS website here.

Semi-annual Report

Semi-annual reporting is required for exports of Encryption Items controlled by License Exception ENC, 15 CFR §§ 740.17(b)(2) and 740.17(b)(3) ("(b)(2)" and "(b)(3)") to all destinations other than Canada and for reexports from Canada.

 

Section (b)(2) Encryption Items include network infrastructure items, non-public source code, encryption technology, and quantum cryptography. Network infrastructure includes WAN, MAN, VPN, backhaul and long-haul, satellite infrastructure, and terrestrial wireless infrastructure, all within the specifications of Section 740.17(b)(2).

 

Section (b)(3) Encryption Items include encryption components (e.g., chips, chipsets, electronic assemblies), non-standard cryptography, digital forensics, and cryptographic libraries and modules.

 

Encryption Items and transactions excluded from the semi-annual reporting requirement include:

 

•  Encryption commodities or software with a symmetric key length not exceeding 64 bits.

•  Encryption items exported (or reexported from Canada) via free and anonymous download.

•  Encryption items from or to a U.S. bank, financial institution or its subsidiaries, affiliates, customers, or contractors for banking or financial operations.

•  Foreign products developed by bundling or compiling of source code.

 

Semi-annual reports must be filed by February 1 of each year (for exports occurring between July 1 and December 1), and by August 1 of each year (for exports occurring between January 1 and June 30).

 

The semi-annual report must be filed in electronic format by e-mail to crypt@bis.doc.gov and enc@nsa.gov, or on disk (the latter only if necessary). Detailed filing instructions are on the BIS website here.

 

The EAR encryption regulations are complex, and our descriptions of the Encryption Items subject to or exempt from the reporting requirements are summary in nature and are illustrative but not exhaustive lists.

 

Brian Wong is an export compliance advisor at Davis Wright Tremaine.

Related Articles

04.10.25
Insights
Corporate & Business Transactions
Protect Yourself: U.S. Exporters Advised To Obtain End-Use and End-User Statements for All Exports, Including EAR99 Items Read More
11.13.24
Webinars
International Trade, Investment & National Security
"The Impact of FDI Controls on International M&A: A Transatlantic View," Davis Wright Tremaine Webinar Read More
07.22.24
Advisories
International Trade, Investment & National Security
OFAC Provides Guidance on Extended Statute of Limitations Read More
DWT logo
©1996-2025 Davis Wright Tremaine LLP. ALL RIGHTS RESERVED. Attorney Advertising. Not intended as legal advice. Prior results do not guarantee a similar outcome.
Media Kit Affiliations Legal notices
Privacy policy Employees DWT Collaborate EEO

SUBSCRIBE
©1996-2025 Davis Wright Tremaine LLP. ALL RIGHTS RESERVED. Attorney Advertising. Not intended as legal advice. Prior results do not guarantee a similar outcome.