Monday 22 June 2020

U.S. Universities and Foreign Researchers: Guidance from the AAU and APLU

The Association of American Universities (AAU) and Association of Public and Land Grant Universities (APLU) has released a document entitled, “University Actions to Address Concerns about Security Threats and Undue Foreign Government Influence on Campus.”  The document is a response to increased concerns in the United States concerning intellectual property theft by foreign students, researchers and professors.  The document focuses on how U.S. universities can exercise additional care in vetting visitors and guests as well as ensure that data and intellectual property is adequately protected.  The document is an attempt to achieve those goals and assuage some that adequate measures are being taken.  The prospect of universities in the United States completely losing technical expertise as well as tuition dollars is not an attractive option.  The Trump Administration is rumored to release an executive order severely limiting certain visas and the Optional Practical Training program soon [UPDATE: Here is the Executive Order.  Apparently, it doesn't touch the Optional Practical Training Program].  Here are some provisions on visitors to campus, intellectual property and export controls: 


• Development and use of faculty disclosure requirements for intellectual property (IP) protection. Institutions routinely require faculty disclosure of intellectual property with commercialization potential, with the intent of ensuring that such IP is secured by quickly applying for the appropriate patent protection. Institutions also protect and restrict access to specific information on university invention disclosures, patent applications, and license agreements.

• Use of Technology Control Plans (TCPs) and non-disclosure agreements. Institutions regularly establish TCPs and other risk-mitigation initiatives to ensure the security of research and protection of intellectual property and to maintain compliance with federal regulations, laws, and contract directives. In instances where proprietary research is being conducted, institutions regularly make use of non-disclosure agreements.

. . .


• Development and use of requirements for vetting and securely hosting foreign visitors while on campus. Institutions have developed policies requiring faculty to alert university officials, often through their export control, research compliance, or international affairs offices, when they plan to have foreign visitors come to visit campus and/or tour their laboratories. The hosting faculty member may be required to fill out a brief questionnaire and/or form for each visitor. Some institutions use software solutions such as Visual Compliance or Amber Road, which search numerous continually updated restricted parties lists, to screen for restricted or denied parties. Other institutions have implemented measures for securely hosting and escorting foreign visitors and avoiding unauthorized information gathering. Some institutions are also now choosing to screen all visiting foreign scholars, which previously may have been limited to scholars in visa categories requiring screening under export control regulations.

• Implementation of visitation control plans and visiting scholar handbooks. Some institutions and departments have created plans to detail specific measures the host will take to prevent unauthorized access to export-controlled data and areas where export-controlled research is performed. Submitted plans often include a list of visitors, who they meet with, the duration and campus location of their visit, and the purpose of their visit. Institutions have also provided detailed handbooks with guidance on how to successfully invite and host a visiting student researcher or a visiting scholar on campus including details on how visitors should be onboarded.

• Development of resource documents on foreign engagements and visitors to campus. The Academic Security and Counter Exploitation Working Group (ASCE) produced a paper, “Steps and Considerations for Effective Foreign Visitor Review Process in an Academic Environment.” The paper suggests a checklist for foreign visitor review processes including: determining the level of risk proposed by the visitor, reviewing the visitors background and reason for visit, preparing an official university invitation, managing the onboarding process and oversight while visitor is on campus, and completing the departure process for the foreign visitor. ASCE also includes a list of suggested interview questions that institutions could use for foreign visitors. COGR produced a “Framework for Review of Global Engagements in Academic Research” to provide an underlying structure to support an institution’s analysis of global research engagements, assess potential risks, and develop strategies for mitigation. The U15 Group of Canadian Research Universities also developed a paper, “Mitigating Economic and/or Geopolitical Risks in Sensitive Research Projects: A Tool for University Researchers,” to assist with identifying and mitigating risks with research collaborations and projects, and provides a checklist for building a strong project team, assessing non-academic partners, and reviewing use of research findings.

The Australian Group of 8 has also produced “Guidelines to Counter Foreign Interference in the Australian University Sector” to help manage and engage with risk to deepen resilience against foreign interference in the university sector.


• Use and strengthening of policies and programs to ensure full compliance with federal export control requirements. Institutions have in place clear, visible, and comprehensive policies regarding whether and how they will undertake export-controlled research activities. This includes applying for export control licenses when required and creating TCPs to protect technology from unauthorized access when export-controlled technologies are involved and/or classified work is being conducted.

• Employing university staff with specific export control compliance expertise. Most AAU and APLU institutions have one or more staff members with specific responsibility for ensuring compliance with export controls. Many of these individuals belong to the Association of University Export Control Officers (AUECO), a national association of more than 270 university export control officers, whose mission is aimed at exchanging information and sharing knowledge and effective university policies and procedures to advance university compliance with U.S. export, import, and trade sanctions laws and regulations. Institutions conducting classified research also have specially trained Facility Security Officers (FSOs), who oversee security specific to this research.

There are also provisions on data control.  The document can be found here.

No comments: