On 18th December, 2019 the Directorate General of Foreign Trade (DGFT) organised an interaction with the industry in New Delhi to take feedback on export of dual use items. NASSCOM and DSCI participated in this meeting to provide their feedback on SCOMET licensing issues. NASSCOM’s inputs (over and above inputs from NASSCOM members present at the meeting) have been summarised below:
- Licence Exceptions for Encryption Items
Some Indian IT-ITeS companies provide customised software to business consumers abroad which incorporate encryption functionality for the purposes of data confidentiality, even where information security is not the primary function of the software. In such cases, the company must obtain an export licence as information security items are typically controlled items under the SCOMET List.
Although the Cryptography Note in the SCOMET List excludes items which do not have information security as the primary function of the software, the company is required to obtain an export licence if the feature set of the software is designed to customer specification; this is often the case in B2B transactions.
Under the existing export control laws, companies in India are required to obtain an export licence for each export of software to business consumers by virtue of the encryption functionality which inheres in the software. This increases the cost of doing business for the industry.
Many countries already provide for relaxed licensing requirements in their export control laws specifically for encryption products which range from mere record-keeping requirements to reporting requirements. For instance, under licence exception Encryption Commodities, software and technology (ENC) in the US, no classification request or reporting is required for certain exports, reexports, transfers (in-country) to related parties, not involving the development or production of new products. Similar relaxations in the export of encryption items may be considered under Indian export control laws.
2. Applicability of SCOMET to Export of Foreign Origin Items which have been Imported for Work for Hire Purposes
It is common for Indian technology companies to carry out work, based on foreign companies’ technology, on “work for hire” (WfH) basis. In such cases, at no point does the Indian company become the owner of the developed code, software and technology or the products, items, components, systems, codes, software and technology received as inputs from foreign companies for providing IT-ITeS services. The technology involved in such cases remains essentially ‘foreign origin’ technology and subject typically to export control laws of the foreign jurisdiction where the technology originates.
At present, export controls in India do not distinguish between domestic (Indian) origin technology, and foreign origin technology. This results in a situation wherein foreign origin technology such as that which is originally exported by a foreign company under a WfH contract to the Indian technology company, remains subject to an export licence requirement in India. This includes, the requirement for the exporter to submit an end-use-cum-end-user certificate (EUC). The current practice of providing EUC by the foreign company to the Indian government under Indian export control laws binds the foreign company to Indian government’s control of the foreign company’s technology. Given that the EUC contains an undertaking from the end user that they shall not retransfer or sell the exported technology, its replicas or its derivatives without the knowledge/consent of the Government of India, this requirement is perceived as severely restricting the foreign company’s ability to export technology on a WfH basis.
Further, where foreign origin technology has been imported on WfH basis, there is back to back export, i.e., the technology is first exported from a foreign country to India and subsequently exported back to that country by the Indian company. There is no risk of proliferation in such cases as the Indian company is exporting the technology back to the same company from which it originally imported the technology on WfH basis; as this involves a point to point export, there is no risk of diversion of the technology.
Therefore, there is a need to consider a licence exception in the nature of relaxed licensing requirements for the export of foreign origin technology by Indian companies (where such technology has initially been imported on WfH basis). For instance, under the proposed licence exception, the requirement to provide EUC for permission to export can be done away with.
3. Applicability of Export Control Laws to Cloud-based Storefronts
The current market trend among IT companies is to increasingly adopt a software as a service (SaaS) business model, where the company provides cloud-based storefronts to customers.
In traditional on-line application stores, users purchase/obtain a software application through a download from the server, however, in the cloud-based storefront setting users do not download a software application from the storefront but instead utilise the software application, including all its features and functions in the cloud, without downloading the product.
Under the existing export control laws in India, it is not clear whether provision of SaaS to customers outside India is treated as an ‘export’, and consequently, whether an export licence is required in such cases. In the US, the Bureau of Industry and Security (BIS) issued an Advisory Opinion on Cloud-based Storefronts in November, 2014 clarifying that there is no export of software by cloud-based storefronts, and therefore, no export licence is required. There is need for a similar clarification under Indian export control laws.
Nasscom continues to engage with DGFT on SCOMET licensing issues. For any information, please write to firstname.lastname@example.org.
Please read our feedback on MeitY’s Draft Approach Paper on Intangible Technology Transfer here.