• videocam Live Webinar with Live Q&A
  • calendar_month September 10, 2026 @ 1:00 PM ET/10:00 AM PT
  • signal_cellular_alt Intermediate
  • card_travel International
  • schedule 90 minutes

Export Controls and Cloud Computing: Complying With ITAR, EAR, and Evolving Sanctions Laws

About the Course

Introduction

This CLE course will provide international trade counsel with a review of the compliance challenges with export control and economic sanctions laws for cloud users and providers. The panel will offer best practices to meet the requirements of the International Traffic in Arms Regulations (ITAR), Export Administration Regulations (EAR), and Office of Foreign Assets Control (OFAC) sanctions regulations.

Description

Storing data in the cloud creates significant legal challenges for companies. Cloud data may be located on servers housed in different countries. As a result, uploading data to a server outside the U.S. is considered an export and may require authorization. The location of the users accessing the information and cloud administrators' nationality also present compliance risks.

With the prevalence of storing information in the cloud and penalties for violating ITAR, EAR, or OFAC restrictions potentially severe, companies that use cloud computing services must understand the limitations and requirements when using cloud computing to remain in compliance with export control laws.

Listen as our authoritative panel reviews the U.S. export control and economic sanction laws that impact cloud computing, examines the compliance challenges for cloud users and providers, and offers best practices to meet the ITAR, EAR, and OFAC requirements.

Presented By

Evan T. Abrams
Partner
Steptoe LLP

Mr. Abrams counsels financial institutions, multinational corporations, and individuals on a variety of international regulatory and compliance matters. He regularly advises clients on issues related to anti-money laundering (AML), economic sanctions, export controls, foreign anti-corruption, the Committee on Foreign Investment in the United States (CFIUS), and the Defense Counterintelligence and Security Agency (DCSA). Among other sectors, his practice focuses on emerging technology and financial technology where he leverages his deep understanding of business trends and technological developments to help clients achieve their commercial objectives while complying with complex regulatory regimes.

Michael T. Gershberg
Partner
Fried Frank Harris Shriver & Jacobson LLP

Mr. Gershberg's practice focuses on the representation of foreign and domestic clients regarding the application of economic sanctions and export control laws and regulations, including EAR, ITAR, and economic sanctions administered by the OFAC. He also advises clients on their obligations under the antiboycott and anti-money laundering rules. Mr. Gershberg's work in the export control and economic sanctions area includes advocacy before governmental agencies, conducting internal investigations, and preparing voluntary self-disclosures and other legal submissions. He also assists clients in connection with export transactions and enforcement issues, due diligence for M&As, economic sanctions and export control training, determining export jurisdiction and classification, developing compliance plans and providing compliance counseling, and export licensing.

Credit Information
  • This 90-minute webinar is eligible in most states for 1.5 CLE credits.


  • Live Online


    On Demand

Date + Time

  • event

    Thursday, September 10, 2026

  • schedule

    1:00 PM ET/10:00 AM PT

I. Applicable export control and economic sanction laws

A. ITAR

B. EAR

C. OFAC/sanctions laws

II. Compliance challenges

A. For cloud users

B. For cloud providers

III. Best practices for compliance

The panel will review these and other key issues:

  • What is BIS, DDTC, and OFAC guidance on export control compliance for cloud storage and computing services?
  • What export control compliance challenges do cloud users and providers face?
  • What best practices should cloud users and their counsel employ to ensure compliance with ITAR, EAR, and sanctions requirements?