[Federal Register Volume 75, Number 197 (Wednesday, October 13, 2010)]
[Notices]
[Pages 62820-62832]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2010-25728]
=======================================================================
-----------------------------------------------------------------------
DEPARTMENT OF HEALTH AND HUMAN SERVICES
Office of the Secretary
Screening Framework Guidance for Providers of Synthetic Double-
Stranded DNA
AGENCY: Department of Health and Human Services, Office of the
Secretary.
ACTION: Notice.
-----------------------------------------------------------------------
Authority: Public Health Service Act, 42 U.S.C. 241, Section
301; HSPD-10.
SUMMARY: To reduce the risk that individuals with ill intent may
exploit the application of nucleic acid synthesis technology to obtain
genetic material derived from or encoding Select Agents or Toxins and,
as applicable, agents on the Export Administration Regulations' (EAR's)
Commerce Control List (CCL), the U.S. Government has developed Guidance
that provides a framework for screening synthetic double-stranded DNA
(dsDNA). This document, the Screening Framework Guidance for Providers
of Synthetic Double-Stranded DNA (the Guidance), sets forth recommended
baseline standards for the gene and genome synthesis industry and other
providers of synthetic dsDNA products regarding the screening of orders
so that they are filled in compliance with current U.S. regulations and
to encourage best practices in addressing biosecurity concerns
associated with the potential misuse of their products to bypass
existing regulatory controls. Following this Guidance is voluntary,
though many specific recommendations serve to remind providers of their
obligations under existing regulations. The framework includes customer
screening and sequence screening, follow-up screening as necessary, and
consultation with U.S. Government contacts, as needed.
A draft version of the Guidance was published as a Federal Register
Notice (Federal Register, Vol. 74, No. 227, November 27, 2009,
Screening Framework Guidance for Synthetic Double-Stranded DNA
Providers) for public consideration and comment for a period of 60
days. Comments were reviewed and the Guidance was amended through a
deliberative interagency process. The Response to Public Comments
document, which precedes the final Guidance in the Supplementary
Information section of this Notice, provides a general review of the
decisions made to alter the Guidance in response to public comments.
The Department of Health and Human Services (HHS) is issuing this
document as the lead agency in a broad interagency process to draft the
Guidance. The Guidance will be reviewed on a regular basis and revised,
as necessary. For further details about the Guidance, to access public
comments, and to provide ongoing feedback please refer to http://www.phe.gov/preparedness/legal/guidance/syndna.
DATES: The Guidance is effective on October 13, 2010.
FOR FURTHER INFORMATION CONTACT: Jessica Tucker, PhD, Office of Policy
and Planning, Office of the Assistant Secretary for Preparedness and
Response, U.S. Department of Health
[[Page 62821]]
and Human Services, 330 C Street, SW., Room 3021K, Washington, DC
20201; phone: 202-260-0632; fax: 202-205-8674; Web site: http://www.phe.gov/preparedness/legal/guidance/syndna.
SUPPLEMENTARY INFORMATION:
Response to Public Comments on Draft Screening Framework Guidance for
Synthetic Double-Stranded DNA Providers
I. Summary
The draft Guidance document was posted as a Federal Register Notice
on November 27, 2009, for a period of 60 days for public comment.
Twenty-two individual responses were received during this time period.
The American Association for the Advancement of Science hosted a
meeting to solicit the views of scientists, the public, and stakeholder
communities on January 11, 2010 during the public comment period; the
summary report from this meeting was submitted as a formal comment.
Public comments are available at the following Web site: http://www.phe.gov/preparedness/legal/guidance/syndna.
An interagency working group of Federal Government representatives
was established to review and consider the public comments that were
received; these comments informed the changes made in the final version
of the Guidance. In general, public comments were received in the areas
of customer screening, customer concerns, follow-up screening, and
sequence screening, though some comments fell outside these categories.
This Response to Public Comments document provides a general review of
the decisions made to alter the Guidance in response to public comments
in these thematic areas.
A. Customer Screening and Customer Concerns
The draft Guidance includes recommendations for providers to screen
against a number of different lists of proscribed entities; the lists
to screen against differ depending on whether the order is placed by a
domestic or international customer. Regarding these recommendations,
several comments indicated a desire for a list that combines these
proscribed entities (or alternatively, for a list of ``approved''
customers). No changes were made in response to these comments. The
indicated lists exist under several different legal authorities and are
maintained by different government bodies. In order to ensure that
providers are referencing the most up-to-date versions of these lists,
the U.S. Government continues to recommend that providers consult the
primary sources.\a\ A list of ``approved'' customers is not practicable
as it would have to be updated very frequently, given the emergence of
new legitimate customers on a regular basis, and it would require that
companies share their customer lists. Customers and providers should be
aware, however, that there are some software packages available that
may address these requests for a centralized database of consolidated
lists.
---------------------------------------------------------------------------
\a\ The Department of Commerce maintains consolidated links to
many of these lists on the following Web site: http://www.bis.doc.gov/complianceandenforcement/liststocheck.htm.
Additionally, the ``EAR Marketplace'' also includes consolidated
links to lists: https://bxa.ntis.gov/prohib.html.
---------------------------------------------------------------------------
Several comments were received regarding the list of ``red flags''
outlined in Section V.A.2 of the Guidance. Some respondents requested
more guidance regarding how to respond to ``red flags'' raised in the
customer screening process. To address these concerns, the Guidance now
clarifies that follow-up screening is recommended whenever any `red
flag' raises cause for concern. Additionally, several respondents
requested the deletion of the following `red flag' which appeared in
the draft Guidance: ``An unusually large order of DNA sequences,
including larger than normal quantities, the same order placed several
times, or several orders of the same sequence made in a short
timeframe.'' Some customers and providers have indicated that such
orders are a regular part of doing business and do not pose cause for
concern. The U.S. Government agrees with these assessments.
Accordingly, this `red flag' has been deleted from the final Guidance
text.
Several comments also indicated that ``customers'' are not always
equivalent to ``end users,'' and these respondents indicated that the
Guidance should be clearer in advising providers to request information
about the ``end user.'' In response to these comments, the final
Guidance has been amended to define ``customers'' and ``principal
users''; most initial customer screening is focused on customers, while
follow-up screening addresses both customers and principal users.
``Principal users'' was chosen rather than ``end users,'' to prevent
confusion with the Department of Commerce definition of ``end user''
vis-[agrave]-vis export control.
A few comments reflected an interest in altering the Guidance to
include a process for customers to contest denied orders. No changes
were made in response to these comments. Because providers of synthetic
double-stranded DNA (dsDNA) already have the right to deny an order for
multiple reasons, including issues unrelated to biosecurity concerns, a
process to contest denied orders is not offered in this Guidance.
Finally, a couple of comments indicated that customers should be
notified when their orders raised any cause for concern. In follow-up
screening, it is recommended that customers be contacted for additional
information about their order when there is cause for concern, so
customers will be made aware if their order raises a `red flag' for the
provider. Therefore, no changes were made in response to these
comments.
B. Follow-Up Screening
A few comments requested additional clarity or recommendations
regarding vetting orders that are placed by an individual within a
larger organization or entity. As a result, the follow-up screening
section has now been amended to include examples of steps that might be
taken to address orders from customers that are organizations or
principal users that are affiliated with a larger organization.
Additionally, because a couple of comments indicated that unaffiliated
customers or principal users may not have a publication record, an
additional option was provided for vetting unaffiliated customers/
principal users wherein the customer/principal user may provide
references that can verify their identity and the legitimacy of the
order.
C. Sequence Screening
The topic that elicited the most public comments was sequence
screening. The issues raised can generally be separated into the
following themes: type/length of DNA to screen, sequences of concern,
and sequence screening methodology.
1. Type/Length of DNA to Screen
In the draft Guidance, the U.S. Government recommended that orders
of synthetic dsDNA 200 base pairs (bps) and longer should be subject to
a screening framework. A number of public comments critiqued this
recommendation, while a few comments supported this recommendation as
reasonable. Some comments stated that 200 bps is too small to be
practical for providers to implement, and recommended screening
sequences 1 kilobase pair (kbp) and longer. A larger number of comments
stated that a 200 bp limit is not scientifically justified, and argued
that because most providers already screen all synthetic dsDNA orders,
the 200 bp limit should be eliminated. Finally, a small number of
comments recommended that oligonucleotides, in addition to dsDNA,
should be included in a screening
[[Page 62822]]
framework. The U.S. Government agrees that a 200 bp limit is not
scientifically justified and that most providers already screen all
dsDNA orders. Therefore, the recommendation to eliminate the 200 bp
limit was adopted, and the final Guidance now recommends that all dsDNA
orders should be screened. Because crafting ``agents of concern'' using
dsDNA via de novo synthesis is still easier than by using single-
stranded oligonucleotides, dsDNA is the focus of this screening
framework. Additionally, it is likely that implementing a screening
framework would pose a significant burden for providers of
oligonucleotides. Nonetheless, given the rapid developments in DNA
synthesis, the U.S. Government will continue to examine this issue and
may make amendments accordingly.
2. ``Sequences of Concern''
A number of comments noted that many sequences that are not unique
to Select Agents and Toxins may pose a biosecurity risk, but that only
those sequences unique to Select Agents and Toxins (and, for
international orders, those sequences unique to items on the Commerce
Control List (CCL)) are characterized as ``sequences of concern''
within the draft Guidance. Additionally, several comments noted that
non-Select Agent homologs that are closely related to a Select Agent
virulence factor or pathogenicity gene could potentially be ordered and
then substituted for the Select Agent sequence. These comments
variously recommended that the Guidance adopt a broader definition of
``sequences of concern,'' establish a curated database of virulence
genes and ``other dangerous sequences,'' and/or adopt a ``Top
Homology'' screening approach (see discussion of Screening Methodology
below).
The U.S. Government recognizes that there are concerns that
synthetic dsDNA sequences not unique to Select Agents or Toxins or CCL
items may also pose a biosecurity concern. However, a robust screening
framework that can be consistently implemented from provider to
provider requires a clear set of criteria for identifying non-Select
Agent or Toxin (or non-CCL) ``sequences of concern.'' Due to the
complexity of determining whether a specific sequence corresponds to a
virulence factor or pathogenicity gene or otherwise poses a biosecurity
risk, and because current knowledge of virulence and pathogenicity is
limited, it is not currently possible to develop clear criteria that
providers could use to robustly, comprehensively, and consistently
identify non-Select Agent and Toxin or non-CCL ``sequences of concern''
based on virulence, pathogencity, or ``other danger.''
In addition, many pathogens and toxins not listed on the Select
Agents and Toxins lists and the CCL could nearly as easily be obtained
through other means. The Select Agents and Toxins lists and the CCL are
well-defined lists of high consequence pathogens and toxins that have
the potential to pose a severe threat to human, animal, or plant
health. Finally, the agents on the Select Agents and Toxins lists and
the CCL are most relevant for these purposes because a primary goal is
to prevent access to agents otherwise subject to existing regulations.
Consequently, in the final Guidance, the U.S. Government continues
to define ``sequences of concern'' as those sequences unique to Select
Agents and Toxins (and those sequences unique to items on the CCL for
international orders).
The sequence screening recommendations contained in this Guidance
do not preclude the use of curated databases or the development of
robust criteria that can consistently identify non-Select Agent and
Toxin or non-CCL sequences that may pose a biosecurity risk. The U.S.
Government encourages the continued development of such databases and
criteria as additional screening tools that will improve with time as
additional data becomes available. To advance knowledge in this arena,
the National Academies is conducting a study that will identify the
scientific advances necessary to predict biological function from
nucleic acid sequences for oversight of Select Agents.
3. Screening Methodology
Many of the comments on screening methodology echoed issues raised
in defining ``sequences of concern.'' A number of comments criticized
the ``Best Match'' approach to screening, arguing that it is easily
circumvented and less robust than some current industry screening
practices, and proposed either screening against a centralized, curated
database of ``sequences of concern'' or adopting a ``Top Homology''
approach. The curated database approach is potentially very efficient,
but requires the creation of databases identifying specific features
such as known pathogenic sequences, virulence factors, house-keeping
genes, etc. While the acquisition of such knowledge is progressing, at
this time it is not possible to provide a robust database that would
identify all or even most such sequences.
In the ``Top Homology'' approach, human screeners examine all
sequences that exceed a certain threshold of homology to a dsDNA order
to determine whether or not the matching sequences are derived from
Select Agents and Toxins or from genes variously described in public
comments as ``genes that can be intentionally abused,'' ``risk-
associated'' genes, or genes that ``code for virulence or other threat
characteristics.'' This approach shares some similarities with ``Best
Match,'' though the ``Top Homology'' approach considers all sequences
that exceed a certain threshold and ``Best Match'' considers the top
``hit.'' As with the customized database approach, a ``Top Homology''
approach could not be meaningfully implemented without a clear set of
effective criteria for determining in a consistent and non-arbitrary
manner when an order should trigger further customer review. However,
the clear and effective criteria needed to make such an approach work
are difficult to determine. The ``Best Match'' approach flags only the
top ``hit,'' which meets the stated goal of identifying sequences
unique to Select Agents and Toxins (and, for international orders,
sequences unique to items on the CCL).
As a result, the U.S. Government continues to recommend the use of
the ``Best Match'' approach for screening. As stated above, the U.S.
Government recognizes that there are concerns that synthetic dsDNA
sequences not unique to Select Agents or Toxins or CCL items may also
pose a biosecurity concern. The U.S. Government also recognizes that
many providers have already instituted measures to address these
concerns. The Guidance sets forth recommended baseline standards for
providers regarding the screening of orders so they are filled in
compliance with current U.S. regulations and to encourage best
practices in addressing biosecurity concerns. As such, the ongoing
development of best practices in this area is commendable and
encouraged, particularly in light of the continued advances in DNA
sequencing and synthesis technologies and the accelerated rate of
sequence submissions to public databases such as GenBank.
Minor wording changes have been made to clarify or alter the
technical details of the screening methodology, including language to
address the high sequence similarity of some Select Agents and Toxins
with some attenuated strains of Select Agents and Toxins that have been
excluded from regulation. The U.S. Government recognizes that continued
research and
[[Page 62823]]
development may lead to new and improved screening methodologies. As
new methods are developed, U.S. guidance may change accordingly. In
addition, the sequence screening methodology recommendations contained
in this Guidance do not preclude the use of other screening approaches
that providers assess to be equivalent or superior to the ``Best
Match'' approach.
It is significant to note that sequence screening is simply a
trigger for further customer screening and decision-making and does not
by itself provide a basis for determining that filling an order is
likely to pose a threat.
Beyond ``Best Match'' comments, some public comments requested that
additional software screening recommendations be provided; for example,
software packages, additional screening parameters, etc. It is not the
policy of the U.S. Government to recommend specific, proprietary
software packages. As a result, additional screening parameters are not
provided as these details are specific to individual screening
packages. Finally, the recommendation to ``separately'' screen
international orders against both the Select Agents and Toxins lists
and the CCL that appeared in the draft Guidance was altered to indicate
that, for international orders, screening should cover the CCL in
addition to the Select Agents and Toxins lists. Whether these screens
are conducted separately or simultaneously is up to the provider.
D. Other Issues
In the draft Guidance, the screening framework indicated that
customer screening should precede sequence screening. Several comments
noted that the order of screening is irrelevant, as long as both
customer and sequence screening occur for every order. The U.S.
Government agrees with these comments, and has altered the final
Guidance to remove the recommendation that screening occur in a
particular order.
Finally, the recommendations in the draft Guidance were directed to
``commercial'' providers. Some comments indicated that the U.S.
Government should recommend that all providers of synthetic dsDNA
follow the recommended screening framework. The U.S. Government agrees
with these comments. In order to effectively meet biosecurity goals,
this recommendation was adopted, and the final Guidance is directed to
all providers of synthetic dsDNA. Accordingly, when the final Guidance
refers to ``orders'' of synthetic dsDNA, this term does not necessarily
imply a commercial transaction.
The Guidance will be reviewed on a regular basis and revised, as
necessary. The U.S. Government recognizes that as the technology, the
industry, and the nature of the biosecurity risk change, the Guidance
will have to be altered, accordingly.
Screening Framework Guidance for Providers of Synthetic Double-Stranded
DNA
I. Summary
Synthetic biology, the developing interdisciplinary field that
focuses on both the design and fabrication of novel biological
components and systems as well as the re-design and fabrication of
existing biological systems, is poised to become the next significant
transforming technology for the life sciences and beyond. Synthetic
biology is not constrained by the requirement of using existing genetic
material and thus has great potential to be used to generate organisms,
both currently existing and novel, including pathogens that could
threaten public health, agriculture, plants, animals, the environment,
or materiel. In the United States, many such pathogens, as well as
certain toxins, are defined by specific existing regulations: Namely,
the Select Agent Regulations (SAR) and, for international orders, the
Export Administration Regulations (EAR). To reduce the risk that
individuals with ill intent may exploit the application of nucleic acid
synthesis technology to obtain genetic material derived from or
encoding Select Agents or Toxins and, as applicable, agents on EAR's
Commerce Control List (CCL), the U.S. Government has developed Guidance
that provides a framework for screening synthetic double-stranded DNA
(dsDNA). This Guidance sets forth recommended baseline standards for
the gene and genome synthesis industry and other providers of synthetic
dsDNA products regarding the screening of orders so that they are
filled in compliance with current U.S. regulations and to encourage
best practices in addressing biosecurity concerns associated with the
potential misuse of their products to bypass existing regulatory
controls.
Following this Guidance is voluntary, though many specific
recommendations serve to remind providers of their obligations under
existing regulations. Briefly, upon receiving an order for synthetic
dsDNA, the U.S. Government recommends that providers perform customer
screening and sequence screening. If either customer screening or
sequence screening raises any concerns, providers should perform
follow-up screening. If follow-up screening does not resolve concerns
about the order or there is reason to believe a customer may
intentionally or inadvertently violate U.S. laws, providers should
contact designated entities within the U.S. Government for further
information and assistance. This Guidance also provides recommendations
regarding proper records retention protocols and screening software.
II. Introduction
Synthetic biology, unlike traditional recombinant DNA technology,
is not constrained by the requirement for existing genetic material.
This novel feature, along with rapid advances in DNA synthesis
technology and the open availability of pathogen genome sequence data,
has raised concerns in the scientific community, the dsDNA synthesis
industry, the U.S. Government, and the general public that individuals
with ill intent could exploit this technology for harmful purposes.
Within the U.S., microbial organisms and toxins that have been
determined to have the potential to pose a severe threat to public
health and safety, animal health, plant health, or animal or plant
products are regulated through the SAR, administered by the Department
of Health and Human Services/Centers for Disease Control and Prevention
(HHS/CDC) and the U.S. Department of Agriculture/Animal and Plant
Health Inspection Service (USDA/APHIS). The SAR sets forth requirements
for the possession, use, and transfer of listed agents. Additionally,
the EAR identifies agents and genomic sequences that require export
licenses from the United States. The directed synthesis of
polynucleotides could enable individuals not authorized to possess
Select Agents (or, for international orders, those items listed on the
CCL) to obtain them through transactions with providers of synthetic
dsDNA. Such synthesis obviates the need for access to the naturally
occurring agents or naturally occurring genetic material from these
agents, thereby greatly expanding the potential availability of these
agents.
The National Science Advisory Board for Biosecurity (NSABB) was
charged with identifying the potential biosecurity concerns raised by
the ability to synthesize Select Agents and providing advice on whether
current U.S. Government policies and regulations adequately cover the
de novo synthesis of Select Agents. Their report entitled Addressing
Biosecurity Concerns Related to the Synthesis of Select Agents was
formally transmitted to the U.S. Government in March 2007.
[[Page 62824]]
Federal Departments and Agencies with roles in life sciences research
and/or security deliberated over the NSABB recommendations and
identified a series of relevant policy actions targeted to promote risk
management, while seeking to minimize negative impacts upon scientific
progress or industrial development.
One of the formal policy actions charged Federal Departments and
Agencies to identify, evaluate, and support the establishment of a
screening infrastructure for use by providers and users of synthetic
nucleic acids while engaging stakeholders in industry and academia.
This document provides guidance to all providers of synthetic dsDNA
regarding a screening framework for synthetically-derived dsDNA orders.
Specific recommendations are in bold type throughout the text.
In the context of this Guidance, the following definitions are
applicable:
``Provider'' refers to the entity that synthesizes and distributes
dsDNA. A provider is understood to be an entity synthesizing dsDNA for
and distributing dsDNA to a customer, not a research scientist
collaborating with a colleague.\1\ ``Customer'' refers to the
individual or organization that orders or requests synthetic dsDNA from
a provider, and ``Principal user'' is the individual that receives and
ultimately uses the ordered or requested dsDNA.
---------------------------------------------------------------------------
\1\ Transfers of synthetic dsDNA should be evaluated for
conformance with the SAR and EAR even when dealing with
collaborating laboratories.
---------------------------------------------------------------------------
III. Goals of Guidance
The primary goal of the Guidance is to minimize the risk that
unauthorized individuals or individuals with malicious intent will
obtain ``toxins and agents of concern'' through the use of nucleic acid
synthesis technologies, and to simultaneously minimize any negative
impacts on the conduct of research and business operations. The
Guidance was developed, in light of providers' existing protocols, to
be implemented without unnecessary cost and to be globally extensible,
both for U.S.-based providers operating abroad and for international
providers.
Providers of synthetic dsDNA have two overriding responsibilities
in this context:
Providers should know to whom they are distributing a
product.
Providers should know if the product that they are
synthesizing and distributing contains, in part or in whole, a
``sequence of concern''.
The Guidance outlines a screening framework that will assist
providers in meeting both of these responsibilities. Though certain
guidance provided in this document is necessarily framed by U.S. policy
and regulations, the Guidance was composed so that fundamental goals,
provider responsibilities, and the screening framework could be
considered for application by the international community. In
particular, though the Select Agents and Toxins and the CCL-listed
items that are the primary focus of the Guidance may not be relevant
for all countries, the sequence screening framework can be applied to
other categories of agents and toxins that may be relevant for other
regions.\2\
---------------------------------------------------------------------------
\2\ The CCL items that are on the Australia Group Common Control
Lists are relevant for all Australia Group members (see http://www.australiagroup.net/en/index.html).
---------------------------------------------------------------------------
IV. Overview: Synthetic dsDNA Screening Framework
Providers should establish a comprehensive and integrated screening
framework that includes both customer screening and sequence screening,
as well as follow-up screening when customer and/or sequence screening
raises a concern.
Customer Screening--The purpose of customer screening is
to establish the legitimacy of customers ordering synthetic dsDNA
sequences. Providers should develop customer screening mechanisms to
verify the legitimacy of a customer if the customer is an organization
or confirm customer identity if the customer is an individual, to
identify potential `red flags,' and to conform to U.S. trade
restrictions and export control regulations.
Sequence Screening--The purpose of sequence screening is
to identify when ``sequences of concern'' are ordered. Identification
of a ``sequence of concern'' does not necessarily imply that the order
itself is of concern. Rather, when a ``sequence of concern'' is
ordered, further follow-up procedures should be used to determine if
filling the order would raise concern. Sequence screening is
recommended for all dsDNA orders.
Follow-up Screening--The purpose of follow-up screening is
to verify the legitimacy of customers both at the level of the customer
and the principal user, to confirm that customers and principal users
placing an order are acting within their authority, and to verify the
legitimacy of the end-use.
Many customers will likely volunteer information about their
identity or the sequence they are ordering. Providers should
corroborate this information as part of their screening framework.
The following overall screening methodology is recommended:
1. Upon receiving an order for synthetic dsDNA, the U.S. Government
recommends that providers conduct both customer screening and sequence
screening. In customer screening, providers should review the
information provided by the customer to verify their corporate or
individual identity (as applicable), and to identify potential ``red
flags.'' Providers should also check customers against lists of denied
or blocked persons and entities maintained by the Departments of
Commerce, State, and Treasury.
In sequence screening, the U.S. Government recommends screening the
ordered sequence to identify sequences derived from or encoding Select
Agents and Toxins \3\ and, for international customers, providers
should also screen the ordered sequence to identify sequences derived
from or encoding items on the CCL.\4\ Scenarios of concern may include:
---------------------------------------------------------------------------
\3\ Please see http://www.selectagents.gov to access the most
recent Select Agents and Toxins lists.
\4\ Visit http://www.access.gpo.gov/bis/ear/ear_data.html to
access the most recent Commerce Control List and review the Export
Administration Regulations. The pathogens on the Commerce Control
List are derived from the Select Agents and Toxins lists and the
Australia Group's three pathogen control lists. As a member of the
Australia Group, the United States has made a commitment to control
exports of pathogens and their genetic elements on these lists.
---------------------------------------------------------------------------
a. If an ordered dsDNA product can be classified as a Select Agent
or Toxin based on the SAR \3\ \5\ or is identified as a ``sequence of
concern'' (defined in Section V.B.1.), additional customer verification
steps should be performed and may in some cases be required.
---------------------------------------------------------------------------
\5\ The CDC/APHIS national Select Agent registry Web site
(http://www.selectagents.gov) contains a guidance document entitled
``Applicability of the Select Agent Regulations to Issues of
Synthetic Genomics'' to assist providers in identifying
synthetically derived Select Agent materials that would fall under
the current regulations. The regulation of Select Agents and Toxins
currently includes (1) nucleic acids that can produce infectious
forms of any Select Agent viruses and (2) Recombinant nucleic acids
that encode for the functional form(s) of any of the regulated
toxins if the nucleic acids: (i) Can be expressed in vivo or in
vitro, or (ii) Are in a vector or recombinant host genome and can be
expressed in vivo or in vitro.
---------------------------------------------------------------------------
b. If an ordered dsDNA product can be classified as a Select Agent
or Toxin based on the SAR, 3 5 providers must be registered
under the SAR to possess the dsDNA product. Transfer of the material
from the provider must be done in accordance with APHIS and CDC
procedures using the APHIS/CDC Form 2 to obtain authorization for and
to document the transfer. Additional information on the transfer of
Select Agents and Toxins is available at http://www.selectagents.gov.
c. Additional restrictions or licensing requirements may apply for
[[Page 62825]]
international orders if they include an item that is listed on the
CCL.\6\
---------------------------------------------------------------------------
\6\ See Category 1, ECCN 1C353 of the CCL available at http://www.bis.doc.gov.
---------------------------------------------------------------------------
2. If sequence screening or customer screening raises any concerns,
providers should pursue follow-up screening to verify the legitimacy of
the customer, the principal user and the end-use of the ordered
sequence. The goal of follow-up screening is to assist the provider in
determining whether to fill the order. If the provider encounters a
scenario where they would benefit from additional assistance in
assessing an order, the provider is encouraged to seek advice from the
relevant U.S. Government Departments and Agencies by contacting the
nearest FBI Field Office Weapons of Mass Destruction (WMD) Coordinator.
The WMD Coordinator can be reached by contacting the local FBI Field
Office and asking to be connected to the FBI WMD Coordinator.
V. Details: Synthetic dsDNA Screening Framework
This section provides details of the steps involved in the
recommended screening framework. These steps include customer
screening, sequence screening, and follow-up screening.
A. Customer Screening
Customer screening encompasses two overarching responsibilities of
providers: customer verification and identification of any ``red
flags.''
1. Customer Verification
(a) The U.S. Government recommends that, for every order, providers
of synthetic dsDNA gather the following information to verify a
customer's identity:
Customer's full name and contact information
Billing address and shipping address (if not the same)
Customer's institutional or corporate affiliation (if
applicable)
(b) To ensure compliance with U.S. regulations concerning exports
and sanctioned individuals and countries, the U.S. Government
recommends that, for every order, providers of synthetic dsDNA screen
customers against several lists of proscribed entities (described in
Section VI).
Lack of affiliation with an institution or firm does not
automatically indicate that a customer's order should be denied. In
such cases, the U.S. Government recommends conducting follow-up
screening.
Additionally, the U.S. Government recognizes that many providers
have instituted measures and procedures to properly vet customers. The
ongoing development of best practices in customer screening is
commendable and encouraged, particularly as methodologies and resources
become available to further assist with customer screening.
The U.S. Government recommends that companies retain records of
customer orders for at least eight years based on the statute of
limitations set forth by U.S. Code of Federal Crimes and Procedures,
Title 18 Section 3286.\7\
---------------------------------------------------------------------------
\7\ The eight-year statute of limitations in Section 3286
applies to the offense defined by Title 18 Section 175(b)
(possession of biological agents with no reasonable justification).
---------------------------------------------------------------------------
The U.S. Government recommends archiving the following information:
customer information (point-of-contact name, organization, address, and
phone number), order sequence information (nucleotide sequences
ordered, vector used), and order information (date placed and shipped,
shipping address, and receiver name).
2. ``Red Flags''
In reviewing the customer's order information, providers should
take into account any circumstances in the proposed transaction that
may indicate that the order may be intended for an inappropriate end-
use, customer, or destination. These are known as ``red flags.''
The following is an illustrative list of indicators that can help
in identifying suspicious orders of synthetic dsDNA:
A customer whose identity is not clear, who appears
evasive about their identity or affiliations, or whose information
cannot be confirmed or verified (e.g., addresses do not match, not a
legitimate company, no Web site, cannot be located in trade
directories, etc.).
A customer who would not be expected in the course of
their normal business to place such an order (e.g., no connection to
life science research, biotechnology or requirement for DNA synthesis
services).
A customer that requests unusual labeling or shipping
procedures (e.g., requests to misidentify the goods on the packaging,
requests to deliver to a private address, or requests to change the
customer's name after the order is placed, but before it is shipped).
A customer proposing an unusual method of payment (e.g.,
arranging payment in cash, personal credit card or through a non-bank
third party) or offering to pay unusually favorable payment terms, such
as a willingness to pay a higher than expected price.
A customer that requests unusual confidentiality
conditions regarding the order, particularly with respect to the final
destination or the destruction of transaction records.
If a review of customer information reveals one or more ``red
flags,'' the U.S. Government recommends that providers conduct follow-
up screening. If providers are unsure about whether to fill an order,
they should contact the U.S. Government for further information
(described in Section VII).
B. Sequence Screening
Sequence screening, which identifies whether a requested sequence
is a ``sequence of concern,'' is intended to serve as a trigger for
further follow-up screening and does not by itself provide a basis for
determining whether an order poses a risk. Providers should screen all
orders of dsDNA.
1. Identifying ``Sequences of Concern''
The U.S. Government recommends that dsDNA orders be screened for
sequences derived from or encoding Select Agents and Toxins and, for
foreign orders, for dsDNA derived from or encoding CCL-listed agents,
toxins, or genetic elements. The U.S. Government chose the pathogens
and toxins identified by HHS and USDA as ``Select Agents and Toxins''
as an appropriate list of ``agents of concern'' against which providers
should screen orders since:
The list is comprised of high consequence pathogens and
toxins that have the potential to pose a severe threat to human,
animal, or plant health or to animal or plant products
Their possession, use, and transfer are managed through
Federal regulations.
The Select Agents and Toxins lists are reviewed biennially and
updated as needed to address biosecurity concerns.\8\
---------------------------------------------------------------------------
\8\ A list of biological agents and toxins that affect humans
has been promulgated by HHS/CDC (HHS Select Agents and Toxins, 42
CFR 73.3). A list of biological agents that affect animals and
animal products has been promulgated by USDA/APHIS/Veterinary
Services (USDA Select Agents and Toxins, 9 CFR 121.3). A list of
agents that affect plants and plant products has been promulgated by
USDA/APHIS/Plant Protection and Quarantine (USDA Select Agents and
Toxins, 7 CFR 331.3). Additionally, HHS and USDA promulgated a list
of ``overlap'' agents that affect both humans and animals (42 CFR
73.4 and 9 CFR 121.4).
---------------------------------------------------------------------------
The U.S. Government reminds providers to screen for items on the
CCL for international orders to ensure they are in compliance with the
EAR. As a member of the Australia Group, the United States requires
exporters through
[[Page 62826]]
the EAR to obtain export licenses for exports of reading-frame length
nucleic acid sequences from pathogens listed under Export Control
Classification Numbers (ECCNs) 1C351, 1C352, 1C353, and 1C354.\9\ The
EAR also requires exporters to obtain licenses for exports of reading-
frame length nucleic acid sequences from pathogens on the Select Agent
list not listed elsewhere on the CCL (ECCN 1C360). The EAR requirements
specifically apply to genetic elements that encode toxins or sub-units
of controlled toxins or genetic elements associated with pathogenicity
of controlled microorganisms.
---------------------------------------------------------------------------
\9\ Definitions of terms pertinent to exports can be found in
Part 772 of the EAR. Part 734 (15 CFR chapter VII, subchapter C)
describes the scope of the EAR and explains certain key terms and
principles used in the EAR. The EAR provisions are subject to
change, as they are regularly updated pursuant to multilateral
agreements.
---------------------------------------------------------------------------
Therefore, for the purposes of this Guidance, Select Agents and
Toxins are classified as ``agents of concern,'' and ``sequences of
concern'' are dsDNA sequences derived from or encoding Select Agents
and Toxins. For international orders, ``agents of concern'' also
include items on the EAR's CCL, and ``sequences of concern'' include
those dsDNA sequences derived from or encoding those items. The U.S.
Government may revisit these definitions in the future in light of
experience with implementation of the Guidance and scientific and
technological developments.
Because the CCL and the Select Agents and Toxins lists are not
identical, it is recommended that providers ensure that international
orders are screened to identify sequences derived from or encoding
items on the Select Agents and Toxins lists and the CCL.
If a customer orders a synthetic dsDNA product that meets the
definition of a Select Agent or Toxin,\3\ \5\ domestic providers and
customers must be in compliance with the CDC and APHIS Select Agent
Regulations (42 CFR part 73, 7 CFR part 331, and 9 CFR part 121) in
order to fill the order. A provider of such regulated dsDNA must be
registered with CDC or APHIS in order to synthesize these materials. In
addition, the provider must obtain an approved transfer form from CDC
or APHIS and, for interstate transfers, a permit from APHIS (when
applicable) in order to ship such products. International providers are
advised that the receiving party must obtain an import permit from CDC
and/or APHIS and an approved transfer form in order to receive such
products. All providers are advised that receivers must hold a permit
in order to receive through importation or interstate transport any
product that meets the definition of ``plant pest'' (as defined at 7
CFR part 330), or any organism or its derivative which may introduce or
disseminate any contagious or infectious disease of animals (9 CFR part
122).
The U.S. Government recognizes that there are concerns that
synthetic dsDNA sequences not unique to Select Agents or Toxins or CCL
items may also pose a biosecurity concern. The U.S. Government also
recognizes that many providers have already instituted measures to
address these concerns. The ongoing development of best practices in
this area is commendable and encouraged, particularly in light of the
continued advances in DNA sequencing and synthesis technologies and the
accelerated rate of sequence submissions to public databases such as
the National Institutes of Health's GenBank. However, due to the
complexity of determining pathogenicity and because research in this
area is ongoing and many such agents are not currently encompassed by
regulations in the U.S., generating a comprehensive list of such agents
to screen against is not currently feasible and hence is not provided
in this Guidance.
2. Technical Goals and Recommendations for Sequence Screening
The U.S. Government developed the following list of specific
technical goals and recommendations for a sequence screening
methodology to ensure the reliable and accurate detection of synthetic
dsDNA sequences derived from or encoding ``sequences or agents of
concern:''
The U.S. Government recommends that the sequence screening method
be able to identify sequences unique to Select Agents and Toxins; to
meet their obligations under existing regulations, for international
orders, screening should also be able to identify sequences unique to
CCL-listed agents, toxins, and genetic elements. Many DNA sequences
encode genes that are required to maintain normal cellular physiology,
otherwise known as ``house-keeping genes.'' These ``house-keeping
genes'' are highly conserved between pathogenic and non-pathogenic
species. Screening methodologies that recognize highly conserved
sequences such as ``house-keeping genes'' as positive ``hits'' for
``sequences of concern'' offer little biosecurity benefit and may
impede the screening efforts. Such methodologies would produce a larger
number of ``hits'' adding extra burden for screeners and potentially
resulting in actual ``sequences of concern'' being overlooked.
Additionally, such a system may hamper scientific research by falsely
assigning sequences from closely related microbes as ``sequences of
concern.''
The U.S. Government recommends that sequence screening be performed
for both DNA strands and the resultant polypeptides derived from
translations using the three alternative reading frames on each DNA
strand (or six-frame translation). Each amino acid is encoded by a
codon, a three nucleotide sequence of DNA. The correspondence from
codon to amino acid is not unique. A given amino acid may be encoded by
one to six distinct codons, which means that an amino acid polypeptide
can be encoded by many different DNA sequences. Consequently, to
determine whether a nucleotide sequence is derived from or encodes a
``sequence or agent of concern,'' it is necessary to screen the six-
frame translation polypeptides encoded by the DNA sequences in addition
to the DNA sequences themselves.
The U.S. Government recommends that sequence alignment methods
should enable the detection of any ``sequences of concern'' in a dsDNA
order. The screening routine should be capable of local sequence
alignments. A sequence screening system that assesses only the overall
sequence length without any local checks may not detect a ``sequence of
concern'' embedded within a larger, benign sequence. In order to ensure
that ``sequences of concern'' embedded within larger sequences are not
overlooked, when screening orders longer than 200 base pairs (bps),
providers should use screening techniques able to detect ``sequences of
concern'' as short as 200 bps in length. One method that providers may
consider using involves comparing overlapping 200 bp nucleotide
segments (nucleotides 1-200, 2-201, etc.) and corresponding 66 amino
acid sequences, over the length of the dsDNA order, to a public
sequence database such as GenBank using a sequence alignment tool.
3. Sequence Screening Methodology
The U.S. Government recommends a ``Best Match'' approach for
sequence screening to determine whether a query sequence is derived
from or encodes a Select Agent or Toxin or, for international orders, a
sequence from a CCL-listed item. In this approach, the query sequence
is aligned with a database of known sequences (such as GenBank) to
identify the sequence with the greatest percent identity (the ``Best
[[Page 62827]]
Match'') over each 200 bp nucleic acid segment and corresponding amino
acid sequence (or over the entire query sequence for those dsDNA orders
shorter than 200 bps). Advantages of the ``Best Match'' approach
include: It is automatically adaptable as new sequences are added to
GenBank, it is adaptable to entirely synthetic genes, it can be
accomplished using publicly available databases and tools, and it does
not require provider discretion in setting similarity cut-off criteria.
In this approach, a query sequence is deemed to be a ``hit,'' and
the order should be investigated further by the provider in follow-up
screening, if the nucleotide sequence, over any span of 200 or more
nucleotides (or fewer than 200 nucleotides if the query sequence is
shorter than 200 bps), or if any of the six derivable 66 amino acid
open reading frame (ORF) translations, is more closely related to the
sequence of a Select Agent or Toxin (or CCL item, when applicable) than
to any other sequence in GenBank. Due to the high sequence similarity
of some Select Agents and Toxins with some attenuated strains of Select
Agents and Toxins that have been excluded from regulation,\10\
sequences that are ``Best Matches'' to these excluded strains should
still be considered a ``hit'' and the order should be subject to
follow-up screening.
---------------------------------------------------------------------------
\10\ Information about attenuated strains that are not subject
to the requirements of 42 CFR part 73, 9 CFR part 121, and 7 CFR
part 331 can be accessed at http://www.selectagents.gov/Exclusions.html.
---------------------------------------------------------------------------
The ``Best Match'' approach is intended to minimize the number of
sequence hits due to genes that are shared among both Select Agents or
Toxins and non-Select Agents or Toxins (or for genes shared among CCL
and non-CCL items, when applicable). Nonetheless, some harmless
sequences in Select Agents or Toxins (or CCL items) or those that are
routinely used in scientific research may result in a ``hit'' during
this sequence screen. The U.S. Government recommends that providers
develop, maintain, and document protocols to determine if a sequence
``hit'' qualifies as a true ``sequence of concern;'' protocols that are
no longer current should be maintained for at least eight years.
Additionally, providers should keep screening records of all ``hits''
for at least eight years, even if the order was deemed acceptable. In
cases where the provider is unable to make the determination, advice
can be sought from the relevant U.S. Government Departments and
Agencies by contacting the nearest FBI Field Office Weapons of Mass
Destruction Coordinator.
As noted in Section V.B.1 above, the U.S. Government recognizes
that there are concerns that synthetic dsDNA sequences not unique to
Select Agents or Toxins or CCL items may also pose a biosecurity
concern. The U.S. Government also recognizes that many providers have
already instituted measures to address these concerns. The ongoing
development of best practices in this area is commendable and
encouraged, particularly in light of the continued advances in DNA
sequencing and synthesis technologies and the accelerated rate of
sequence submissions to public databases such as GenBank.
To this end, providers may also choose to use other screening
approaches that they assess to be equivalent or superior to the ``Best
Match'' approach or that supplement it, including customized database
approaches or approaches that evaluate the biological risk associated
with non-Select Agent and Toxin sequences or, for international orders,
sequences not associated with items on the CCL. These sequence
screening recommendations do not preclude the use of curated databases
of non-Select Agent or Toxin or non-CCL sequences for sequence
screening. The U.S. Government encourages the development of such
databases as an additional screening tool that will improve with time
as additional data become available. Whatever sequence screening
approach a provider adopts, the approach should meet the technical
requirements outlined in Section V.B.2; additionally, the provider may
choose to develop additional criteria to address non-Select Agent and
Toxin or non-CCL sequences. If the provider determines that an ordered
product poses a biosecurity risk, the provider should conduct follow-up
screening accordingly. The U.S. Government recommends that providers
develop, maintain, and document their sequence screening protocols
within company records; protocols that are no longer current should be
maintained for at least eight years.
The U.S. Government recognizes that continued research and
development may lead to new and improved screening methodologies. As
new methods are developed, U.S. Guidance may change accordingly.
C. Follow-Up Screening
The purpose of follow-up screening is to verify the legitimacy of
the customer and the principal user, to confirm that the customer and
principal user placing an order are acting within their authority, and
to verify the legitimacy of the end-use.
Follow-up screening should be conducted if customer screening or
sequence screening raises any concerns. In any case where there are
abnormal circumstances surrounding the order or the customer has
ordered a ``sequence of concern,'' the U.S. Government recommends that
providers ask for information about the customer and principal user,
including the proposed end-use of the order, to help assess the
legitimacy of their order.\11\ Sample end-uses of ordered synthetic
dsDNA could include, but are not limited to:
---------------------------------------------------------------------------
\11\ As statutory precedent for requesting information about
proposed end-use, providers and customers should be aware of U.S.
Code Title 18 Section 175(b), which states in part that ``Whosoever
knowingly possesses any biological agent, toxin, or delivery system
of a type or in a quantity that, under the circumstances, is not
reasonably justified by a prophylactic, protective, bona fide
research, or other peaceful purpose, shall be fined under this
title, imprisoned not more than 10 years, or both.''
---------------------------------------------------------------------------
Identification of pathogenicity genes via marker-deletion
mutagenesis.
Training for threat agent detection.
Production of organism for experimental research studies.
If not conducted previously, providers should gather the following
information to verify a principal user's identity:
Principal user's full name and contact information.
Billing address and shipping address (if not the same).
Principal user's institutional or corporate affiliation
(if applicable)
If the customer or principal user is affiliated with an institution
or firm, providers should contact the relevant biological safety
officer, supervisor, lab director, director of research, or other
relevant institutional representative in order to confirm the order,
verify the customer's and principal user's identity, and verify the
legitimacy of the order. If the customer or principal user is not
affiliated with an institution or firm, providers should also conduct a
literature review of the customer's or principal user's past research
to verify his or her identity and the legitimacy of the order. If a
literature review results in no publications, providers should request
the unaffiliated customer or principal user provide references that can
verify their identity and the legitimacy of the order. Additionally,
the U.S. Government recommends that providers screen principal users
against several lists of proscribed entities (described in Section VI),
if this
[[Page 62828]]
step wasn't already performed as part of customer screening.
Providers may consider other steps that could be implemented as
part of follow-up screening. For example, when the customer is an
institution or firm, providers may consider the following steps: Check
the customer's contact information against standard industry and
institutional directories and listings; where the customer is known by
reputation, check that the contact information matches its Web page;
and/or confirm customer identity though government contacts. When the
customer or principal user is affiliated with an institution or firm,
providers may consider the following steps: Check whether the
institution's or firm's usual paperwork has been used to place the
order; check that shipments will be delivered to the institution's or
firm's usual address; check that the customer's and principal user's
supervisors have been copied on the order or can confirm the order;
check that the order has been certified by the institution or firm;
and/or check that the end-use has been reviewed and approved by the
institutional biosafety committee or another relevant institutional
committee.
It is important to note that a provider's decision to pursue
follow-up screening does not necessarily imply that the U.S. Government
will be contacted. However, in cases where follow-up screening cannot
resolve concerns raised by customer screening or sequence screening, or
when providers are otherwise unsure about whether to fill an order, the
U.S. Government recommends that providers contact relevant agencies as
described in Section VII. Providers should retain records of any
follow-up screening, even if the order was ultimately filled, for at
least eight years.
VI. Recommended Processes for Domestic and International Orders
This section outlines recommendations for specific screening
processes for orders from domestic and international customers. The
customer screening, sequence screening, and follow-up screening
protocols that are referenced in this section are defined and described
in Section V. Most of the information provided in this section serves
as a reminder to providers to ensure they are meeting their legal
obligations not to conduct unapproved business transactions with
certain proscribed entities.
A. Domestic Orders
Once a domestic customer order is received, the provider should
conduct both customer screening and sequence screening, in no
particular order.
1. Customer Screening
In addition to verifying the customer identity and identifying any
``red flags,'' providers should be aware of regulatory and statutory
prohibitions for U.S. persons from dealing with certain foreign
persons, entities and companies. In order to avoid violating U.S. law,
providers are encouraged to check the customer against several lists of
proscribed entities before filling each order, including the:
Department of Treasury Office of Foreign Assets Control
(OFAC) list of Specially Designated Nationals and Blocked Persons (SDN
List).
Department of State list of persons engaged in
proliferation activities.
Department of Commerce Denied Persons List (DPL).
According to U.S. regulations, no U.S. persons or entities may
conduct business transactions with individuals or entities on the SDN
List without a license from OFAC. This list is maintained by OFAC. OFAC
only provides a license to deal with individuals on the SDN List in
extremely limited circumstances.\12\
---------------------------------------------------------------------------
\12\ Additional information, including the SDN List, is
available at: http://www.treas.gov/offices/enforcement/ofac/sdn/.
---------------------------------------------------------------------------
According to U.S. regulations, no U.S. persons or entities may
conduct business transactions with individuals sanctioned by the
Department of State for engaging in proliferation activities.\13\
---------------------------------------------------------------------------
\13\ Announcements of such sanctions determinations are printed
in the Federal Register and are maintained on the Department of
State's Web site (http://www.state.gov/t/isn/c15231.htm).
---------------------------------------------------------------------------
Additionally, the U.S. Government recommends that providers screen
customers against the DPL for domestic orders. This list includes those
firms and individuals whose export privileges have been denied. While
the Department of Commerce only regulates exports and therefore does
not require that companies screen their domestic customers against the
list, it recommends that they do so, to avoid unwittingly passing on
sensitive technology or materials to U.S. residents known to be
involved in proliferation activities.\4\
Because the updated lists are available online, providers should
ensure they are using the most recently updated lists when screening
customers or principal users against these lists.
If there are concerns after consulting these lists, providers
should seek assistance from the U.S. Government as outlined in Section
VII.
2. Sequence Screening
Providers should also conduct sequence screening. If a ``sequence
of concern'' is identified, providers should conduct follow-up
screening.
B. International Orders
Once an order from an international customer is received, the
provider should conduct customer screening and sequence screening, in
no particular order. Providers are reminded that genetic elements of
the Select Agents and Toxins, microorganisms and toxins (proteins) are
controlled for export. Exporters should make sure they are in
compliance with the EAR when exporting genetic elements from CCL-listed
items.\4\
1. Customer Screening
In addition to verifying the customer identity, identifying any
``red flags,' and complying with the rules described for domestic
orders, all providers who export products from the United States to
international customers must comply with the U.S. export laws,
including the International Emergency Economic Powers Act,\14\ the
Trading with the Enemy Act,\15\ and any implementing U.S. Government
regulations or Presidential Executive orders. Certain transactions with
sanctioned countries may be permitted but may require a license from
OFAC and/or the Department of Commerce's Bureau of Industry and
Security (BIS). Currently, most transactions involving Cuba, Iran, and
Sudan are prohibited. In order to comply with the U.S. export laws and
regulations, providers must first determine whether a given transaction
with a sanctioned country is permitted, and, if not permitted without a
license or approval, obtain any appropriate export licenses or other
U.S. Government permissions prior to exporting any product to
sanctioned countries.
---------------------------------------------------------------------------
\14\ Visit http://www.treas.gov/offices/enforcement/ofac/legal/statutes/ieepa.pdf for additional information.
\15\ Visit http://www.treas.gov/offices/enforcement/ofac/legal/statutes/twea.pdf for additional information.
---------------------------------------------------------------------------
According to U.S. regulations, no U.S. persons or entities may
conduct transactions with individuals or entities on the SDN List
without a license from OFAC. This list is maintained by OFAC. OFAC only
provides a license to deal with individuals on the SDN List in
extremely limited circumstances.\12\
According to U.S. regulations, no U.S. persons or entities may
conduct business transactions with individuals sanctioned by the
Department of State
[[Page 62829]]
for engaging in proliferation activities.\13\
Some products may not have a specific number on the CCL and so will
be designated as EAR99 for export purposes. Items designated as EAR99
do not require a license unless they are exported to countries on the
embargoed list, to banned individuals, or for prohibited end-uses. As a
result, before filling an international order for any dsDNA product
that cannot be classified under an Export Control Classification Number
(ECCN), providers must consult several lists of such individuals and
organizations according to the EAR.\4\ If the customer appears on any
of these lists, additional action is required and an export license may
be necessary, depending on the list.\16\ These lists include the DPL,
the Entity List (EL),\17\ and the Unverified List (UL).\18\
---------------------------------------------------------------------------
\16\ A general review of export control basics is available at
http://www.bis.doc.gov/licensing/exportingbasics.htm.
\17\ The Entity List is found in Supplement No. 4 to Part 744 of
the EAR and can be found on the Web site http://www.bis.doc.gov/entities/default.htm. It is updated periodically.
\18\ The Unverified List is found on the Web site http://www.bis.doc.gov/enforcement/unverifiedlist/unverified_parties.html.
It is updated periodically.
---------------------------------------------------------------------------
In addition to the SDN List and proliferation sanctions
notifications, providers must not conduct business with persons and
entities on the DPL based on the EAR.\4\ The DPL includes parties that
have been denied export and reexport privileges.
In accordance with the EAR, exports to persons or entities on the
EL require an export license.4 17 The EL contains a list of
names of certain international persons--including businesses, research
institutions, government and private organizations, individuals, and
other types of legal persons--that are subject to specific license
requirements for the export, reexport and/or transfer (in-country) of
specified items. On an individual basis, the persons on the EL are
subject to licensing requirements and policies supplemental to those
found elsewhere in the EAR.
The presence of a party on the UL in a transaction is a ``red
flag'' that should be resolved before proceeding with the transaction.
4 18 The UL includes names and countries of foreign persons
who in the past were parties to a transaction with respect to which BIS
could not conduct a pre-license check (PLC) or a post-shipment
verification (PSV) for reasons outside of the U.S. Government's
control. Additional ``red flags'' can be found in Supplement No. 3 to
Part 732 of the EAR.
To avoid violating U.S. laws and regulations, providers should
consult these lists whenever an international customer places an order.
Because the updated lists are available online, providers should ensure
they are using the most recently updated lists when screening customers
or principal users against these lists.
Additionally, U.S. persons or entities may not export, reexport, or
transfer (in-country) an item subject to the EAR without a license if,
at the time of export, reexport, or transfer (in-country) the exporter
knows that the item will be used in the design, development,
production, stockpiling, or use of biological weapons in or by any
country or destination, worldwide.
If any of these checks reveals cause for concern, the provider
should proceed according to the details provided in Section VII.
If an order involves an export, according to the EAR, both the
provider and customer are required to maintain documentary evidence of
the transaction and are prohibited from misrepresenting or concealing
material facts in licensing processes and all export control
documents.\4\
If customer screening raises any concerns, providers should conduct
follow-up screening.
2. Sequence Screening
Providers should also perform sequence screening. The U.S.
Government reminds providers to conduct sequence screening on orders
from international customers to determine whether they are governed by
and to ensure compliance with the EAR.\4\
The U.S. Government recommends that, in addition to screening for
sequences unique to Select Agents and Toxins, providers use a ``Best
Match'' approach to identify sequences unique to pathogens, toxins, and
genetic elements on the CCL when an order is placed by an international
customer. If the ordered dsDNA is controlled under ECCN 1C353 (which
covers genetic elements and genetically modified organisms) and is
capable of encoding a protein, an export license is necessary for all
international orders, according to the EAR.\4\ Because the EAR's CCL
and the Select Agents and Toxins lists are not identical, it is
recommended that providers ensure that international orders are
screened to identify sequences unique to Select Agents and Toxins and
CCL-listed items.
If a ``sequence of concern'' is identified, providers should
conduct follow-up screening.
VII. Contacting the U.S. Government
In cases where follow-up screening cannot resolve an issue raised
by either customer screening or sequence screening, the U.S. Government
recommends that providers contact one of the following agencies for
further information:
Federal Bureau of Investigation (FBI)
If an order raises concerns based on customer screening or sequence
screening and follow-up screening does not sufficiently verify the
customer's identity, the principal user's identity, and the order's
intended end-use, providers should contact the Weapons of Mass
Destruction (WMD) Coordinator at their nearest FBI Field Office.
Providers should also contact the WMD Coordinator if follow-up
screening reveals that the customer or principal user has no legitimate
need for the order.
CDC and APHIS Select Agent Regulatory Programs (Select Agent Programs)
If necessary, the CDC and APHIS Select Agent regulatory programs
can be contacted through the national Select Agent Web site (http://www.selectagents.gov). The CDC program can be contacted directly via e-
mail at lrsat@cdc.gov or by fax at 404-718-2096. The APHIS program can
be contacted directly via e-mail at
Agricultural.Select.Agent.Program@aphis.usda.gov or by fax at 301-734-
3652.
Department of Commerce
If sequence screening reveals that an order from an international
customer contains a Select Agent or ``sequence of concern,'' providers
should contact the nearest field office of the Department of Commerce's
Office of Export Enforcement. Providers should also contact the Office
of Export Enforcement if they receive an international order from a
country currently subject to a U.S. trade embargo or a customer or
principal user that is on one of the proscribed lists described in
Section VI. The Department of Commerce will contact other U.S.
Government agencies as necessary. The supervisory office is in
Washington, DC and the phone number is 202-482-1208. Locations and
contact information for all field offices are available at http://www.bis.doc.gov/about/programoffices.htm. Assistance from an export
counselor at the Department of Commerce is available by calling 202-
482-4811.
[[Page 62830]]
Scenarios
If providers encounter one of the following scenarios and are
unable to resolve issues raised by customer screening or sequence
screening, they can contact one of the following U.S. Government
agencies for assistance, using the contact information provided above:
1. Provider receives synthetic dsDNA order and a customer flag
(suspicious customer) is identified in customer screening. Follow-up
screening does not resolve the concerns. Recommend the provider contact
the nearest FBI Field Office WMD Coordinator. FBI contacts other
Departments and Agencies, as appropriate.
2. Provider receives a synthetic dsDNA order that is for a Select
Agent or Toxin. Provider should refer to the Select Agent Regulations
and follow necessary protocols. If necessary, the provider should
contact the appropriate Select Agent Program (CDC or APHIS).
a. CDC or APHIS may contact FBIHQ as appropriate.
3. Provider receives a synthetic dsDNA order that incorporates a
``sequence of concern;'' follow-up screening reveals no legitimate
purpose \11\ for order or research requirement. Provider should contact
the FBI WMD Coordinator. FBI contacts the CDC or APHIS as appropriate.
4. Provider receives an international synthetic dsDNA order
incorporating a Select Agent or Toxin or a ``sequence of concern'' and
DOC denies the export license. DOC contacts the FBI as appropriate.
5. Provider receives a synthetic dsDNA order from a customer that
is listed on one or more restricted lists, which prohibits the
fulfillment of the order. Provider should contact the FBI WMD
Coordinator. FBI contacts DOC as appropriate.
VIII. Customer and Sequence Screening Software and Expertise
There are a variety software packages that can assist with the
verification of customers (and principal users, if necessary) and
screening against the necessary lists of proscribed entities. Providers
should be aware that commercially available software packages may not
necessarily address all aspects of customer screening recommended by
the U.S. Government.
In addition to a sequence database and screening method,
appropriate sequence screening software must be selected by providers
of synthetic dsDNA. The U.S. Government recommends that providers
select a sequence screening software tool that utilizes a local
sequence alignment technique; a popular and publicly available suite of
algorithms that meets this requirement is the BLAST family of tools,
and other tools are available. BLAST is available for download for free
at the National Center for Biotechnology Information Web site.\19\
Similar tools are also freely or commercially available, or could be
designed by the provider to meet their sequence screening needs.
Specific criteria for the statistical significance of the hit (BLAST's
e-values) or percent identity values will not be recommended because
these details depend on the specific screening protocol. By utilizing
the ``Best Match'' approach, the sequence with the greatest percent
identity over each 66 amino acid or 200 bp fragment should be
considered the ``Best Match,'' regardless of the statistical
significance or percent identity.
---------------------------------------------------------------------------
\19\ http://blast.ncbi.nlm.nih.gov/Blast.cgi.
---------------------------------------------------------------------------
The U.S. Government recommends that providers of synthetic dsDNA
have the necessary expertise in-house to perform the sequence
screenings, analyze the results and conduct the appropriate follow-up
research to evaluate the significance of dubious sequence matches. Such
follow-up research could include comparing the ordered sequence to
information found in the published literature about Select Agents and
Toxins (or, when applicable, items on the CCL) or with information
found in other databases of Select Agents and Toxins (or items on the
CCL).
The U.S. Government recognizes that continued research and
development on new and improved bioinformatics tools is desirable. As
new methods are developed, U.S. Guidance may change accordingly.
IX. Records Retention
The U.S. Government recommends that providers:
Retain records of customer orders for at least eight years
based on the statute of limitations set forth by U.S. Code of Federal
Crimes and Procedures, Title 18 Section 3286.\7\
Archive the following information: Customer information
(point-of contact name, organization, address, and phone number), order
sequence information (nucleotide sequences ordered, vector used), and
order information (date placed and shipped, shipping address, and
receiver name).
Develop, maintain, and document protocols to determine if
a sequence ``hit'' qualifies as a true ``sequence of concern;''
protocols that are no longer current should be maintained for at least
eight years.
Keep screening records of all ``hits'' for at least eight
years, even if the order was deemed acceptable.
Develop, maintain, and document their sequence screening
protocols within company records; protocols that are no longer current
should be maintained for at least eight years.
Retain records of any follow-up screening, even if the
order was ultimately filled, for at least eight years.
If an order involves an export, according to the EAR, both the
provider and customer are required to maintain documentary evidence of
the transaction and are prohibited from misrepresenting or concealing
material facts in licensing process and all export control
documents.\4\
X. Appendix to Screening Framework Guidance for Providers of Synthetic
Double-Stranded DNA
Summary of Recommendations
The field of synthetic genomics is evolving rapidly. This document
is intended to provide guidance to providers of synthetic double-
stranded DNA (dsDNA) regarding the screening of orders so that they are
filled in compliance with current U.S. regulations and to encourage
best practices in addressing biosecurity concerns associated with the
potential misuse of their products to bypass existing regulatory
controls. The U.S. Government recommends that all orders of synthetic
dsDNA be subject to a screening framework that incorporates both
sequence screening and customer screening.
Customer Screening
The U.S. Government recommends that, for every order, providers of
synthetic dsDNA:
(1) Gather the following information to verify a customer's
identity:
Customer's full name and contact information.
Billing address and shipping address (if not the same).
Customer's institutional or corporate affiliation (if
applicable).
(2) Screen customers against several lists of proscribed entities
(described in Section VI).
In cases where the customer is not affiliated with an institution
or firm, the U.S. Government recommends that the provider conduct
follow-up screening.
If a review of customer information reveals one or more ``red
flags,' the U.S. Government recommends that providers conduct follow-up
screening.
[[Page 62831]]
Sequence Screening
The U.S. Government recommends that:
Ordered sequences be screened using a ``Best Match''
approach to identify sequences that are unique to Select Agents and
Toxins.
For international orders, ordered sequences be screened
using a ``Best Match'' approach to identify sequences that are unique
to pathogens, toxins, and genetic elements on the Commerce Control List
(CCL), in addition to screening for sequences that are unique to Select
Agents and Toxins.
Sequence screening be performed for both DNA strands and
the resultant polypeptides derived from translations using the three
alternative reading frames on each DNA strand (or six-frame
translation).
Sequence alignment methods should enable the detection of
any ``sequences of concern'' in a dsDNA order.
In order to ensure that ``sequences of concern'' embedded
within larger sequences are not overlooked, when screening orders
longer than 200 bps, providers should use screening techniques able to
detect ``sequences of concern'' as short as 200 bps in length.
If a customer orders a synthetic dsDNA product that meets the
definition of a Select Agent or Toxin,\20\ domestic providers and
customers must be in compliance with the CDC and APHIS Select Agent
Regulations (42 CFR part 73, 7 CFR part 331, and 9 CFR part 121) in
order to fill the order.
---------------------------------------------------------------------------
\20\ Please see http://www.selectagents.gov to access the most
recent Select Agents and Toxins lists. The CDC/APHIS national Select
Agent registry Web site (http://www.selectagents.gov) contains a
guidance document entitled ``Applicability of the Select Agent
Regulations to Issues of Synthetic Genomics'' to assist providers in
identifying synthetically derived Select Agent materials that would
fall under the current regulations.
---------------------------------------------------------------------------
Follow-Up Screening
Providers should conduct follow-up screening if sequence screening
or customer screening raises any concerns. In follow-up screening, the
U.S. Government recommends that providers ask for information about the
customer and principal user, including the proposed end-use of the
order, to help assess the legitimacy of their order. Providers should
gather the following information to verify a principal user's identity:
Principal user's full name and contact information.
Billing address and shipping address (if not the same).
Principal user's institutional or corporate affiliation
(if applicable).
If the customer or principal user is associated with an institution
or firm, providers should contact the relevant biological safety
officer, supervisor, lab director, director of research, or other
relevant institutional representative to confirm the order, verify the
customer's and principal user's identity, and verify the legitimacy of
the order. If the customer or principal user is not affiliated with an
institution or firm, providers should also conduct a literature review
of the customer's or principal user's past research to verify his or
her identity and the legitimacy of the order. If a literature review
results in no publications, providers should request the unaffiliated
customer or principal user provide references that can verify their
identity and the legitimacy of the order. Additionally, providers
should screen principal users against several lists of proscribed
entities (described in Section VI), if this step wasn't already
performed as part of customer screening.
Domestic Orders
The U.S. Government reminds providers of the following:
According to U.S. regulations, no U.S. persons or entities
may conduct transactions with individuals or entities on the list of
Specially Designated Nationals and Blocked Persons (SDN List) without a
license from the Department of the Treasury Office of Foreign Assets
Control (OFAC).\21\
---------------------------------------------------------------------------
\21\ Additional information, including the SDN List, is
available at: http://www.treas.gov/offices/enforcement/ofac/sdn/.
---------------------------------------------------------------------------
According to U.S. regulations, no U.S. persons or entities
may conduct business transactions with individuals sanctioned by the
Department of State for engaging in proliferation activities.\22\
---------------------------------------------------------------------------
\22\ Announcements of such sanctions determinations are printed
in the Federal Register and are maintained on the Department of
State's Web site (http://www.state.gov/t/isn/c15231.htm).
---------------------------------------------------------------------------
The U.S. Government recommends that providers check domestic
customers against the most recent Department of Commerce Denied Persons
List (DPL).\23\
---------------------------------------------------------------------------
\23\ Visit http://www.access.gpo.gov/bis/ear/ear_data.html to
access the most recent Commerce Control List and review the Export
Administration Regulations.
---------------------------------------------------------------------------
In order to avoid violating U.S. law, providers are encouraged to
check the customer against the most recent versions of these lists of
proscribed entities before filling each order.
International Orders
The U.S. Government reminds providers of the following:
All providers who export products from the United States
to international customers must comply with the U.S. export laws,
including the International Emergency Economic Powers Act (IEEPA),\24\
the Trading with the Enemy Act,\25\ and any implementing U.S.
Government regulations or Presidential Executive Orders. Certain
transactions with sanctioned countries may be permitted, but most
require a license from OFAC and/or the Department of Commerce's Bureau
of Industry and Security (BIS). Most transactions involving Cuba, Iran,
and Sudan are prohibited. In order to comply with the U.S. export laws
and regulations, providers must first determine whether a given
transaction with a sanctioned country is permitted, and, if not
permitted without a license or approval, obtain any appropriate export
licenses or other U.S. Government permissions prior to exporting any
product to sanctioned countries.
---------------------------------------------------------------------------
\24\ Visit http://www.treas.gov/offices/enforcement/ofac/legal/statutes/ieepa.pdf for additional information.
\25\ Visit http://www.treas.gov/offices/enforcement/ofac/legal/statutes/twea.pdf for additional information.
---------------------------------------------------------------------------
According to U.S. regulations, no U.S. persons or entities
may conduct business transactions with individuals and entities on the
SDN List without a license from OFAC.\21\
According to U.S. regulations, no U.S. persons or entities
may conduct business transactions with individuals sanctioned by the
Department of State for engaging in proliferation activities.\22\
The Export Administration Regulations (EAR) require that
providers have an export license from BIS prior to exporting a
synthetic nucleic acid that is controlled by an Export Control
Classification Number (ECCN) and is capable of encoding a protein.\23\
U.S. persons or entities may not export, reexport, or
transfer (in-country) an item subject to the EAR without a license if,
at the time of export, reexport, or transfer (in-country) the exporter
knows that the item will be used in the design, development,
production, stockpiling, or use of biological weapons in or by any
country or destination, worldwide.\23\
In accordance with the EAR, providers must not conduct
business with persons and entities on the DPL.\23\
In accordance with the EAR, exports to persons or entities
on the Entity List require an export license and are subject to
licensing requirements and policies in addition to those elsewhere in
the EAR.\26\
---------------------------------------------------------------------------
\26\ The Entity List is found in Supplement No. 4 to Part 744 of
the EAR and can be found on the website http://www.bis.doc.gov/entities/default.htm. It is updated periodically.
---------------------------------------------------------------------------
[[Page 62832]]
The presence of a party on the UL in a transaction is a
``red flag'' that should be resolved before proceeding with the
transaction.\27\
---------------------------------------------------------------------------
\27\ The Unverified List is found on the Web site http://www.bis.doc.gov/enforcement/unverifiedlist/unverified_parties.html.
It is updated periodically.
---------------------------------------------------------------------------
In accordance with the EAR, if an order involves an
export, both the provider and customer are required to maintain
documentary evidence of the transaction and are prohibited from
misrepresenting or concealing material facts in licensing processes and
all export control documents.\23\
In order to avoid violating U.S. laws and regulations, providers
are encouraged to check the international customer against the most
recent versions of these lists of proscribed entities before filling
each order.
The U.S. Government recommends that providers utilize a ``Best
Match'' approach to identify sequences unique to pathogens, toxins, and
genetic elements on the Commerce Control List for international orders,
as well as identifying sequences unique to Select Agent and Toxins.
Contacting the U.S. Government
In cases where follow-up screening cannot resolve concerns raised
by either customer screening or sequence screening, or when providers
are otherwise unsure about whether to fill an order, the U.S.
Government recommends that providers contact relevant agencies as
described in Section VII.
Customer and Sequence Screening Software and Expertise
Providers should be aware that commercially available customer
screening software packages may not necessarily address all aspects of
customer screening recommended by the U.S. Government.
The U.S. Government recommends that:
Providers select a sequence screening software tool that
utilizes a local sequence alignment technique.
Providers have the necessary expertise in-house to perform
the sequence screenings, analyze the results, and conduct the
appropriate follow-up research to evaluate the significance of dubious
sequence matches.
Records Retention
The U.S. Government recommends that providers:
Retain records of customer orders for at least eight years
based on the statute of limitations set forth by U.S. Code of Federal
Crimes and Procedures, Title 18 Section 3286.\28\
---------------------------------------------------------------------------
\28\ Section 3286 specifies that no person shall be prosecuted,
tried, or punished for any noncapital offense involving certain
violations unless the indictment is found or the information is
instituted within 8 years after the offense was committed. This
statute of limitations applies to Title 18 Section 175(b)
(possession of biological agents with no reasonable justification).
---------------------------------------------------------------------------
Archive the following information: customer information
(point-of-contact name, organization, address, and phone number), order
sequence information (nucleotide sequences ordered, vector used), and
order information (date placed and shipped, shipping address, and
receiver name).
Develop, maintain, and document protocols to determine if
a sequence ``hit'' qualifies as a true ``sequence of concern;''
protocols that are no longer current should be maintained for at least
eight years.
Keep screening records of all ``hits'' for at least eight
years, even if the order was deemed acceptable.
Develop, maintain, and document their sequence screening
protocols within company records; protocols that are no longer current
should be maintained for at least eight years.
Retain records of any follow-up screening, even if the
order was ultimately filled, for at least eight years.
Dated: October 6, 2010.
Kathleen Sebelius,
Secretary, U.S. Department of Health and Human Services.
[FR Doc. 2010-25728 Filed 10-12-10; 8:45 am]
BILLING CODE 4150-37-P