Reform of export controls must not lead to legal uncertainties for German industry

In September 2016, the European Commission adopted a reform proposal, which sets out extensive changes to the EC dual-use regulation and thus could have a negative impact on the development of Europe and Germany as technology locations. It is now up to the European Parliament and Council to ensure a cautious and sound judgement in the legislative procedure, because the proposed provisions of the proposal for a regulation 2016/0295 (COD) are disproportionate and go beyond the objective.

A core concern of the European Commission is to harmonise EU export controls more strongly. This is a good idea provided that definitions are sharpened and capacities of national licensing authorities are developed. A comparable level of control within the EU is important. However, new rules should not be created as long as the existing rules are not evenly implemented and enforced in EU Member States.

Beyond this, the European Commission would like to strengthen the so-called human security approach in export controls. The export of technologies should be regulated more strictly if they can be deployed for surveillance purposes. Henceforth, such technologies should no longer be exported to countries where there is a risk that human rights could be violated using these technologies.

Safeguarding human rights is a central concern also for industry. However, the current reform proposal raises many questions. Some of the reform ideas could even place a considerable burden on German industry. In particular, the development of digital infrastructures would be affected negatively if, as currently envisaged, a vague catch-all clause were to make all cyber-surveillance technologies subject to export licence reservation. Software and hardware to monitor and evaluate (big) data flows or processes are now comprised in virtually all industrial applications.

Among others, the following infrastructures are affected:  

  1. Smart energy, water, and gas provision. Security and monitoring technologies serve to protect against attacks and help to close security gaps. In addition, network loads are analysed in order to steer the desired energy mix.
  2. Smart traffic concepts. Security and monitoring technologies enable smart traffic management systems and help where rail, roads, air corridors, and waterways are highly digitised. Among other things, they help to protect against personal injuries.
  3. Industrial plant construction and e-health increasingly use security and monitoring technologies for data analysis, error-minimised control and remote diagnosis. Telecommunications networks also face comparable challenges.

Large uncertainties for companies

In case of vague catch-all rules, there would be great insecurity about the legal interpretation. The question of when a delivery increases the risk of human rights violations in a specific case is difficult for companies to answer. It would be difficult to predict the time needed to scrutinise individual cases. The usual IT and list-based risk control would be impossible. Companies would endeavour to have individual assessments carried out by authorities not only in doubtful cases or in cases which are clearly eligible for a licence. Instead, they would endeavour such official assessment regularly by way of precaution. Under no circumstances should policy-makers offload their responsibility on to companies and leave them in the dark about whether or not their product requires a licence. As apart from the sensitive political judgement, it is unclear what information sources companies must consult or assess and to what extent. Organisational obligations in the compliance structure are also unpredictable.

Long lead times cripple the overall project and product business

If the spare parts and service business was to be made more difficult through lengthy individual export licences, European companies would run the risk of becoming less competitive in the overall project and product business. For customers, the promise of rapid remote diagnosis, repair or delivery of spare parts is a contributory factor to the decision to award a contract. The customer wants to minimise the downtime risk. Installations must not stand idle. A licensing period lasting several months before a service can be provided would be unacceptable for the customer.

Only a critical end-use justifies a licensing reservation

During the Arab Spring regime opponents were monitored by state agencies. The European Commission’s aim of regulating the export of communication infrastructure goods in such cases is understandable. Protection of human rights is a valuable good. However, deliveries for civil and non-critically applied infrastructure, industrial production and non-critical countries must not be subjected to controls. Freedom of expression and freedom of association are not jeopardised by such exports. At the level of definitions, the new rules should therefore specify the critical end-use sufficiently strongly that deliveries for non-critical energy, transport and supply structures as well as industrial plant construction are not subject to licensing.