1 00:00:00,005 --> 00:00:02,001 [Instructor] Many countries have requirements 2 00:00:02,001 --> 00:00:04,003 about the types of information that may cross 3 00:00:04,003 --> 00:00:05,008 international borders. 4 00:00:05,008 --> 00:00:09,005 I discussed some of these in the privacy compliance video 5 00:00:09,005 --> 00:00:11,000 earlier in this course, 6 00:00:11,000 --> 00:00:12,008 but there are also reasons that Governments 7 00:00:12,008 --> 00:00:14,009 want to restrict the flow of information 8 00:00:14,009 --> 00:00:17,009 other than protecting private information. 9 00:00:17,009 --> 00:00:19,001 In the United States, 10 00:00:19,001 --> 00:00:21,004 the Government uses a category of regulations 11 00:00:21,004 --> 00:00:23,003 known as export controls 12 00:00:23,003 --> 00:00:26,000 to restrict the flow of goods and information 13 00:00:26,000 --> 00:00:30,000 considered sensitive for military and scientific purposes. 14 00:00:30,000 --> 00:00:32,004 These rules come in many different forms, 15 00:00:32,004 --> 00:00:35,000 but let's take a look at three of the most common forms 16 00:00:35,000 --> 00:00:37,009 of export controls in the United States. 17 00:00:37,009 --> 00:00:40,009 The International Traffic in Arms Regulations, 18 00:00:40,009 --> 00:00:43,009 or ITAR applies to anything that the Government 19 00:00:43,009 --> 00:00:46,004 considers a defense article. 20 00:00:46,004 --> 00:00:48,006 This includes many of the things you'd expect 21 00:00:48,006 --> 00:00:50,008 to be classified as munitions. 22 00:00:50,008 --> 00:00:53,007 Firearms, tanks, submarines, 23 00:00:53,007 --> 00:00:56,003 and even nuclear weapons are considered munitions 24 00:00:56,003 --> 00:00:58,001 under the ITAR regulations, 25 00:00:58,001 --> 00:01:01,005 but ITAR also includes the technical data 26 00:01:01,005 --> 00:01:04,005 associated with some military programs. 27 00:01:04,005 --> 00:01:06,008 Government contractors, researchers, 28 00:01:06,008 --> 00:01:09,008 and others who come into contact with this information 29 00:01:09,008 --> 00:01:13,001 must protect it from unauthorized export. 30 00:01:13,001 --> 00:01:16,008 Second, the Export Administration Regulations, 31 00:01:16,008 --> 00:01:20,001 or EAR apply to technology and information 32 00:01:20,001 --> 00:01:22,005 that's considered dual use. 33 00:01:22,005 --> 00:01:24,008 This means that it's technology or information 34 00:01:24,008 --> 00:01:28,004 that has both military and commercial applications. 35 00:01:28,004 --> 00:01:32,000 EAR covers many broad categories of technology, 36 00:01:32,000 --> 00:01:34,007 including sensitive electronics and computers, 37 00:01:34,007 --> 00:01:37,009 lasers, navigation technology, 38 00:01:37,009 --> 00:01:41,009 marine systems, and many other areas of technology. 39 00:01:41,009 --> 00:01:45,002 And third, the Office of Foreign Assets Control 40 00:01:45,002 --> 00:01:49,000 or OFAC restricts economic transactions with countries 41 00:01:49,000 --> 00:01:52,008 that are considered sponsors of terrorism, narcotics, 42 00:01:52,008 --> 00:01:55,001 or other activities considered contrary to the 43 00:01:55,001 --> 00:01:57,006 foreign policy of the United States. 44 00:01:57,006 --> 00:01:59,007 Information security professionals 45 00:01:59,007 --> 00:02:03,002 must be aware of the various import and export controls 46 00:02:03,002 --> 00:02:05,001 that apply to their industry, 47 00:02:05,001 --> 00:02:07,006 and ensure that their activities remain compliant 48 00:02:07,006 --> 00:02:08,009 with these regulations.