Home > Vol. 80 > Issue 80:2 > Clicking the “Export” Button: Cloud Data Storage and U.S. Dual-Use Export Controls

Clicking the “Export” Button: Cloud Data Storage and U.S. Dual-Use Export Controls

Joseph A. Schoorl · February 2012
80 GEO. WASH. L. REV. 632 (2012)

Use of online data storage services known generally as “cloud computing” could lead to unintentional violations of the United States’ dual-use export control regime, the Export Administration Regulations (“EAR”). Transmission of data to servers outside of the United States constitutes an export under the EAR. Depending on the nature of the data transmitted and the location of the foreign server, the users of these cloud services could be liable for violations of the EAR. This Note argues that the EAR’s fundamental reliance on the geographic destination of exports should not apply to the regulation of cloud computing. This regime threatens to undermine the development of an important technology without addressing the real threats that arise when U.S. companies store sensitive technical data on cloud servers. To remedy these failures, the Department of Commerce’s Bureau of Industry and Security should create a new license exception for the storage of technical data on the cloud. This license exception would make the physical location of the cloud computing server irrelevant for purposes of the EAR and ensure that export-controlled technical data stored on the cloud is secure and protected.

You may also like
A Comprehensive Approach to Stateless Income
“Yes We Scan”: Using SEC Disclosures to Compel and Standardize Tech Companies’ Reports on Government Requests for User Data
Enhancing Responsiveness and Alleviating Gridlock: Pragmatic Steps to Balance Campaign Finance Law in Light of the Supreme Court’s Jurisprudence
LAWS unto Themselves: Controlling the Development and Use of Lethal Autonomous Weapons Systems