Case Study: As you are thinking fast about the PAL robot situation, you receive a call from a manager of a new product line called CyberSecure, a line of software that can circumvent authentication and extract raw data from target systems. The manager explains that he released the passcodes to a non-U.S. subcontractor and also to Sirius Brussels engineering team to access the source code, but IT wants your approval before permitting foreign access. He says the access is urgent to fix a glitch in the code. Apparently a demonstration to a prospective customer in China (which may be state-owned), went swimmingly last week when a sales agent visited the potential customer and left some demo software with them. The manager insists that you quickly approve the non-U.S. access so the engineering teams can finish an update and push out the software product to the new Chinese client. What a day!

Q.1 What is the correct classification of the CyberSecure software? What licensing is needed for prospective exports?

Q.2 What exports have already occurred? What should be done about that? What are your next steps.