Dual-Use Items: understanding recent changes in European Union and China

Regulations on dual-use items are evolving rapidly in European Union and China, imposing new constraints on exporting businesses.

Whether you are a tech startup or a multinational corporation, understanding these changes is crucial to secure your exports.

In this article, we explore the recent regulatory updates while offering practical advice to safeguard your operations.

European Updates: A Revised List of Dual-Use Items

On September 5, 2024, the European Commission issued Delegated Regulation (EU) 2024/2547, updating the list of dual-use items contained in Annex I of Regulation (EU) 2021/821. These modifications, aligned with multilateral export control regimes (Wassenaar Arrangement, Missile Technology Control Regime, Nuclear Suppliers Group, and Australia Group), aim to keep pace with technological advancements and security priorities.

Several categories were updated, including Category 5 (Telecommunications and Information Security), which incorporates adjustments related to lawful interception software.

In France, the decree of February 2, 2024, also introduced national measures concerning the export of quantum computing technologies, effective since March 1, 2024.

Focus on Cyber-Surveillance Items

To assist businesses, the European Commission also issued guidelines on October 11, 2024 (Recommendation (EU) 2024/2659), clarifying the definition of “cyber-surveillance items” and the specific obligations for exporters.

Certain cyber-surveillance items are listed in Annex I, but other technologies may also be covered under the "catch-all clause" of Article 5 of the regulation. This clause extends controls to items not listed in Annex I that could be used for internal repression or to commit human rights violations.

Exporters must implement due diligence procedures to identify whether the items they export could be considered cyber-surveillance items. When a risk is identified, it must be reported to the competent authorities, who will decide if prior authorization is necessary.

For more information on cyber-surveillance items, we recommend reading our detailed article on the subject: Are You Exporting Cyber-Surveillance Items Without Knowing It?

Changes in China: Modernized Regulations

In parallel, China introduced new rules on dual-use items on October 19, 2024, which came into effect on December 1, 2024. These regulations replace frameworks that were over two decades old and are part of the Export Control Law (ECL) of 2020.

These new rules reinforce requirements for end-user and end-use controls while harmonizing Chinese practices with international standards.

How to Secure Your Exports

1. Analyze Your Products and Technologies
   Identify whether your items, technologies, or products qualify as dual-use items.
2. Establish an Internal Compliance Program (ICP)
   Adopt internal procedures to ensure the monitoring and documentation of exports.
3. Train Your Teams
   Ensure your staff understands the implications of updates and can recognize red flags.
4. Apply for Necessary Licenses
   If your items are subject to controls, initiate administrative procedures promptly.
5. Monitor Regulatory Developments
   Changes are frequent. Proactive monitoring is essential to stay up to date.

Need Assistance to Secure Your Exports?

As a law firm, we offer our expertise to:

• Classify Your Items: We analyze your products, systems, and technologies to determine whether they qualify as dual-use items and identify your specific obligations.
• Obtain Export Licenses Quickly: We manage your administrative procedures with competent authorities, expediting processes to minimize delays and avoid blockages.
• Implement Your Internal Compliance Program (ICP): We assist you in creating or strengthening your ICP.
• Respond Effectively to Red Flags: We support you in managing red flags, from suspending operations to reporting to authorities.
• Defend You in Case of Disputes: In the event of controls or litigation, we protect your interests.

Contact us today for tailored support to meet your needs.

‍

About the Author

Jocelyn Pitet is an attorney at the Paris Bar (France) and co-founder of Entropy, a law firm dedicated to advanced technologies. His practice focuses on areas such as cybersecurity, data protection, IT contracts, blockchain, artificial intelligence, and other disruptive technologies. For over ten years, Jocelyn has been advising innovative startups, leading tech companies, as well as major international groups in managing complex legal challenges related to digital and innovation.

Alongside his work at the law firm, Jocelyn Pitet also holds teaching positions at the University of Paris Panthéon-Assas and the Leonard de Vinci Institute, where he teaches courses on blockchain law, data protection law, and cybersecurity law.

‍