Completion of the CITI Export Control Course and Export Compliance for Researchers module is necessary in this situation to ensure compliance with U.S. laws that regulate the transfer of sensitive technologies, technical data, and materials to foreign nationals or countries. Violations can result in severe civil and criminal penalties, as well as loss of research funding or institutional reputation.

For example, if your project involves:

• Technical data related to defense articles (e.g., satellite systems, missile guidance technology, or military-grade sensors), it may fall under ITAR restrictions.
• Dual-use items (civilian technologies with military applications), such as high-performance computing components, advanced materials (e.g., carbon fiber composites, superconductors), or encryption software, it may be controlled under the EAR.

Training helps identify these risks and ensures that export-controlled information is properly marked, handled, and not disclosed—verbally, visually, or electronically—to unauthorized persons or entities.

Completion of the CITI Export Control Course and Export Compliance for Researchers module is essential in this situation because dual-use technologies—those with both civilian and military or security applications—are regulated under U.S. export control laws, primarily the Export Administration Regulations (EAR). Understanding these regulations is critical to avoid unauthorized transfers of controlled items, data, or software to foreign nationals or entities.

Examples of dual-use technologies that may trigger export control requirements include:

• Advanced sensors or imaging systems used in both industrial automation and surveillance
• High-performance computing hardware or software applicable in scientific research and weapons development
• Unmanned aerial systems (UAS) components that can be used for commercial drones or military applications
• Advanced materials like carbon nanotubes or certain composites with potential use in aerospace or defense

Completion of the CITI Export Control Course and Export Compliance for Researchers module is required for all participants on projects requiring a TCP.

A TCP limits access to sensitive information or items to approved personnel only. Export control training is necessary in this situation because a Technology Control Plan (TCP) indicates that the project involves export-controlled technology or technical data, and special safeguards are required to prevent unauthorized access—particularly by foreign nationals. Training ensures all project personnel understand their responsibilities under U.S. export control laws.

Examples of technical data or materials that may trigger a TCP and export control training include:

• Design schematics for defense-related systems (e.g., radar, propulsion, or weapons components)
• Controlled research data related to aerospace, satellite, or encryption technologies
• Proprietary manufacturing processes involving advanced materials or dual-use components

Training equips individuals to properly safeguard controlled items, enforce access restrictions, and comply with license or authorization requirements throughout the project.

Completion of the CITI Export Control Course and Export Compliance for Researchers module is required for Researchers working with CUI or CDI. Controlled Unclassified Information (CUI) and Covered Defense Information (CDI) may include technical data that is subject to U.S. export control laws, such as the International Traffic in Arms Regulations (ITAR) or the Export Administration Regulations (EAR). These types of information often relate to national security, defense, or sensitive federal programs, and mishandling them can lead to legal and security violations.

Examples of technical data or materials that may trigger export control requirements include:

• Engineering drawings or specifications for military or space-related systems
• Software source code related to defense technology
• Technical information about cybersecurity tools, defense logistics, or critical infrastructure
• Data covered under DoD contracts that is marked as CUI/CDI

Training ensures you understand how to properly receive, store, share, and protect this information, especially when working with collaborators, international students, or cloud services, and helps prevent unauthorized access or export.

Government-required courses such as the DOD Mandatory Controlled Unclassified Information (CUI) Training course may also be required to participate in the project.

Completion of the CITI Export Control Course and Export Compliance for Researchers module is essential in this situation because the involvement of foreign nationals—such as international students, visiting scholars, or foreign collaborators—may constitute a “deemed export” under U.S. export control laws. A deemed export occurs when controlled technical data or technology is shared with a foreign person inside the United States, which is treated the same as an export to their home country. Training ensures all project personnel understand how to identify and protect export-controlled information and avoid unauthorized disclosures.

Examples of technical data or materials that may trigger the requirement include:

• Designs or specifications for controlled defense or aerospace systems (ITAR-controlled)
• Technical data on dual-use technologies, such as advanced semiconductors, quantum sensors, or encrypted software (EAR-controlled)
• Proprietary or restricted research data covered under federal contracts or non-disclosure agreements

Export control training helps prevent violations, supports legal compliance, and enables responsible international collaboration.

Completion of the CITI Export Control Course and Export Compliance for Researchers module is essential in this situation because team members who have access to export-controlled equipment, software, or technical data—even if not directly working with it—may unintentionally violate U.S. export control laws by exposing this information to unauthorized individuals, including foreign nationals. Simply having physical or digital access can constitute a “deemed export” or unauthorized transfer.

Training ensures all team members understand access restrictions, proper handling procedures, and the importance of protecting sensitive materials.

Examples of export-controlled items that may trigger this requirement include:

• Laboratory equipment used in missile, aerospace, or nuclear research (e.g., high-speed centrifuges or lasers)
• Software with encryption capabilities or military applications
• Technical data related to defense systems, advanced materials, or satellite technologies

Training helps maintain compliance, protect national security interests, and avoid costly legal penalties or research disruptions.

Completion of the CITI Export Control Course and Export Compliance for Researchers module is essential in this situation because international collaborations, especially those involving formal agreements like subawards, MOUs, or research contracts with foreign institutions or individuals, may involve the transfer of export-controlled technology, data, or materials. Under U.S. export control laws such transfers may require a license or special authorization.

Training ensures that all participants understand what information or items are controlled, how to share them lawfully, and how to avoid unauthorized disclosures.

Examples of technical data or materials that may trigger export control requirements include:

• Research data related to defense systems, drones, or satellite components
• Proprietary software or source code with encryption or cybersecurity functions
• Technical specifications for advanced materials, semiconductors, or quantum technologies

Without proper training, even routine academic exchanges could result in unintentional violations, putting institutions and individuals at legal and financial risk.

Export control training is needed in this situation because your research is funded by a U.S. federal agency that requires compliance with National Security Presidential Memorandum-33 (NSPM-33). NSPM-33 mandates enhanced research security measures, including compliance with U.S. export control laws to protect sensitive technologies and prevent unauthorized access by foreign entities.

Training ensures researchers understand how to identify and handle export-controlled items or data in accordance with regulations like the International Traffic in Arms Regulations (ITAR) and the Export Administration Regulations (EAR).

By completing export control training, researchers help safeguard federally funded research, maintain compliance with sponsor requirements, and avoid legal and funding risks.

Export control training is needed in this situation because the sponsoring agency or contract has flagged the project for export control compliance, research security, or other sensitive concerns, indicating that it may involve controlled technologies, data, or collaborations subject to U.S. export control laws.

Training ensures that all project personnel understand how to recognize, handle, and protect export-controlled information and avoid unauthorized disclosures—especially when working with foreign collaborators or publicly sharing results.

Examples of technical data or materials that may trigger this requirement include:

• Defense-related research data, such as autonomous systems, sensors, or military-grade communications
• Dual-use technologies, like AI-enabled surveillance tools, advanced semiconductors, or quantum computing components
• Controlled software or source code, particularly with encryption or cybersecurity functions

Export control training helps ensure legal compliance, protects national security, and fulfills the sponsoring agency’s research security expectations.

If any of the above apply, you will be enrolled in the CITI Program Export Control course. Following the intro course, please choose the supplemental courses applicable to your circumstance and export control requirements. To verify these selections, please contact the Export Control Officer at exportcontrol@uh.edu.