In most cases, if you’re traveling to another country with a university-owned laptop with typical office productivity software, you will probably not need an export license as long as the equipment is always under your immediate control and returns to the US within a year. If you are travelling to an embargoed country, or you have non-retail-grade encryption software installed, or the device includes EAR- or ITAR-controlled technical data, or the hardware is unusually sophisticated, you should check with the Export Control Office (Linda Morris, 303-492-2889) for further advice.
Traveling outside the US with laptops, tablets, smart phones or storage devices involves special considerations and may require an export license:
If the computer or other equipment is owned by the University of Colorado, the equipment as well as any pre-loaded encryption software may be eligible for License Exception TMP (Temporary Exports). To qualify for this exception, the equipment:
If you personally own the equipment, it may qualify for License Exception BAG (Baggage). To qualify for this exception, the equipment and pre-loaded encryption software must be for your personal use in private or professional activities. “Strong” encryption software may also qualify for this exception, unless the travel (or traveler) involves embargoed countries*.
You should not take with you ANY of the following without first obtaining specific advice:
Beyond export laws, you should also be aware that traveling with electronic devices may result in unexpected disclosure of personal information. Certain countries are known for accessing files upon entry, so you should be extremely careful about any proprietary, patentable, or sensitive information that may be stored on your device. (For certain countries, this includes material that might be perceived as pornographic, or culturally inappropriate.) Homeland Security personnel may also decide to inspect your laptop upon return to the US, in which case everything on the device is subject to inspection. In the United States, the inspectors may take possession of those items for various periods of time, and even permanently depending upon the circumstances. The inspectors in other countries might do so as well. You should be wary about including on a laptop that you take overseas any financial or other personal information that you would not want viewed without your permission.
If your university-owned device contains controlled software or sensitive data—particularly data that may be controlled under ITAR or EAR regulations—we strongly recommend that you do not travel with it, especially internationally. If a laptop is to be used only for making presentations, consider taking a memory stick or storing the presentation on a cloud-based server instead. If you are using a laptop for other purposes (such as email), can you instead take a “clean” computer that does not include the restricted software, data, or other sensitive information?
Note Regarding E-mail
Technical data--including technical discussions about controlled technology projects--should not be transmitted, discussed or attached in email, whether international or domestic. If you have a mission-critical need to share information with your approved project team members, you should consult with the CU Office of Information Security about the possibility of special arrangements.
Note Regarding Encryption
Encrypting your files, or the complete hard disk, is generally considered a best practice for data security. However, doing so when travelling internationally can create an additional set of issues. Some countries restrict the import of encrypted devices, and US regulations prohibit the export of an encrypted device to embargoed countries.* That is another reason to consider travelling with a "clean" device with only minimal software and no restricted data.
If you have questions, please check with Linda Morris in the Export Controls Office.
* Embargoed countries with restrictions on encryption currently include Cuba, Syria, Sudan, North Korea and Iran. Check with the Department of Treasury Office of Foreign Assets Control (http://www.treasury.gov/resource-center/sanctions/Programs/Pages/Programs.aspx) for the most up-to-date information.
See http://www.bis.doc.gov/index.php/policy-guidance/encryption/encryption-faqs for more information on encryption