Personal Learning

A number of my professional colleagues have probably heard of ITAR, but I think its an interesting topic that a lot of people don’t know about. My work relates to managing the data that engineers create on a day-to-day basis. ITAR are the International Traffic in Arms Regulations, a set of U.S. laws governing how defense products and information are handled. Since many defense-related things are engineered products, my job and these laws cross paths with some regularity.

The gist of ITAR is that you can’t share sensitive technology outside of the U.S. or with non-U.S. persons. What a lot of people don’t realize, including the engineers at risk for this sort of thing, is that ITAR includes stipulations for penalties against individuals, not just companies that make defense-related products.

For instance, an engineer accidentally taking a set of drawings in his briefcase when he travels out of the country could be subject to multiple violations of ITAR. When you couple that with the fact that each violation can carry up to $1,000,000 in fines and 10 years in prison, the implications get serious very quickly.

The drawing example is simplistic though. Think about emailing something to yourself (you don’t know where the servers on the internet are located), or what files are lingering on your laptop when you head off on a trip. Many defense companies educate and protect their employees against this sort of accident, but there are a lot of companies that don’t even realize that they are making a defense-related component (like the guy working at the machine shop just making parts for some customer that he doesn’t even know). And of course, ignorance is no defense for this sort of thing (pun intended).