Research Security

Research at UT plays a significant role in advancing our fundamental understanding of the universe, generating creative breakthroughs that lead to technologies with positive benefit, creating opportunities for economic growth in the state, and changing the trajectory of young people through education. Collaboration has long been an important driving force in research. The growth of interdisciplinary approaches and powerful specialized technologies has dramatically elevated the need for and importance of collaborative research. However, the increase of collaborative research has created some challenges. Research security and foreign influence is an issue that continues to receive increased attention from Congress and all major federal agencies sponsoring research at UT. Recognizing, understanding, and dealing with such challenges and related issues will help ensure responsible, effective, and productive research collaborations.

While the federal government is placing greater scrutiny on foreign activities, Dan Jaffe, UT’s Vice President for Research, Scholarship and Creative Endeavors stated the following in an email to researchers:

“External collaborations, including international collaborations, are an essential part of research and scholarship at the University of Texas at Austin. We encourage you to continue to seek out and nurture research partnerships that further your intellectual goals. As we build these partnerships, we need to be mindful of the obligation that comes with them. Both our own standards of transparency and the requirements of federal funding agencies make it necessary for investigators and the institution to disclose support, partnership, and involvement that can lead to bias, conflict of interest, or conflict of commitment, or the appearance of any of these.”

UT’s Science & Security Team within the Office of Research Support and Compliance can provide support and assistance with any of the following issues as they relate to research security, or conduct a review of your outside commitments, positions, and research collaborations to assess and mitigate risk from foreign influence, by emailing your request to sas@austin.utexas.edu:

  • International research and collaborations
  • International travel
  • Hosting or sponsoring visiting Research Affiliates on campus
  • Foreign government-sponsored talent recruitment programs
  • Disclosure of foreign conflicts of interest or commitment

Since early 2018, various departments of the U.S. government have expressed publicly their belief that foreign entities may be using their financial support and interactions with the U.S. academic community to compromise the United States’ economic competitiveness and national security. Three main areas of concern were identified:

  • Diversion of intellectual property to other entities, including other countries;
  • Sharing of confidential information on grant applications by NIH peer reviewers; and
  • Failure by some researchers to disclose substantial resources from other organizations.

To address these research security concerns, new policies and regulations were established by federal research sponsors, and those that were already in existence have been more actively enforced. The following are some of the recent announcements by federal sponsors concerning foreign involvement at U.S. universities:

  • National Institutes of Health:
    • On August 20, 2018, the NIH Director, Dr. Francis Collins, issued a letter a reminding the research community of the requirement to disclose in funding applications and progress reports "all forms of other support and financial interests, including support coming from foreign governments or other foreign entities."
    • Prior to issuing this notice the NIH contacted more than 60 institutions regarding scientists the NIH believes failed to disclose financial ties to foreign agencies or have failed to uphold the confidentiality of the peer review process. As a result of related investigations conducted collaboratively between the NIH and the institutions, some dismissals have occurred, and grant funds have been returned.
  • National Science Foundation:
    • On July 11, 2019, NSF Director, Dr. France Cordova issued a "Dear Colleagues Letter" commenting on an increase in "the scope and sophistication of the activities threatening our research community" and outlining NSF’s plans to address this situation, including a renewed effort "to ensure that existing requirements to disclose current and pending support information are known, understood, and followed."
    • In December 2019, NSF released a report entitled "Fundamental Research Security." Among other findings, this report identified "problems with respect to research transparency, lack of reciprocity in collaborations and consortia, and reporting of commitments and potential conflicts of interest."
  • Department of Defense:
    • The National Defense Authorization Act for FY 2019 stated that DOD shall "establish an initiative to work with academic institutions...to support protection of intellectual property and controlled information...and to limit undue influence, including through foreign talent programs, by countries to exploit United States technology."
    • DOD issued a memo on March 20, 2019 that outlined disclosure requirements for Key Personnel on research and research-related educational activities supported by DOD grants and contracts.
    • DARPA announced a Countering Foreign Influence Program in September 2021 to help protect critical technology and intellectual property associated with DARPA’s research projects. DARPA will use a Risk Rubric to provide a risk rating for all proposed Senior/Key Personnel selected for a fundamental research grant or cooperative agreement award, and will be based on information and activities disclosed by Senior/Key Personnel over the last four years.
  • Department of Energy:
    • On December 13, 2019, DOE issued DOE Order 142.3A Chg 2 to remove an exemption from prior approval requirements for certain foreign nationals participating in DOE funded fundamental research projects at universities.
    • On September 4, 2020, DOE issued DOE Order 486.1A and an FAQ concerning the participation of DOE employees, contractors, and certain subcontractors in foreign government talent programs and other activities in "foreign countries of risk." The list of these countries is subject to change. At present it includes China, Russia, North Korea, and Iran. It is our current understanding that this Order does not apply to DOE financial assistance awards to universities. With regard to DOE laboratory subcontracts to universities, it normally applies only to university staff if they come on to a DOE site to perform R & D work.
  • Department of Education:
    • Under Section 117 of the Higher Education Act of 1965, universities are required to report twice each year, by foreign entity, contracts and/or gifts from a foreign source that cumulatively equal or exceed $250,000 in the calendar year. A growing number of universities have been investigated for failure to provide accurate reports, as described in this Department of Education bulletin and report to the U.S. Senate issued by the Department. Further information on Section 117 can be found on the Department of Education website.
  • National Aeronautics and Space Administration:
    • Since 2011, NASA has prohibited the use of any its funding to enter into agreements "to participate, collaborate, or coordinate bilaterally in any way with China or any Chinese-owned company, at the prime recipient level or at any subrecipient level, whether the bilateral involvement is funded or performed under a no-exchange of funds arrangement." For related information please review the FAQs from NASA.

In January 2021, National Security Presidential Memo-33 (NSPM-33) outlined the White House’s expectations for protection against foreign government interference and exploitation in federally funded research and development. In January 2022, the Office of Science and Technology Policy issued guidance to federal agencies for implementing NSPM-33. The five key areas addressed by NSPM-33 that will impact research and sponsored programs are:

  • Disclosure requirements and standardization
  • Digital persistent identifiers
  • Consequences for disclosure requirement violations
  • Information sharing
  • Research security programs

Since its release, federal agencies have been working to modify policies and procedures with which universities will need to comply and complete their plans for implementation of NSPM-33.

Over the coming months, UT will regularly update guidance, policies, and procedures in order to achieve compliance with agency implementations for disclosure and the use of digital persistent identifiers. In addition, UT will be developing new processes to address NSPM-33 requirements related to: 1) cybersecurity, 2) foreign travel security, 3) research security training, and 4) export control training.

International Collaboration and Research Security Resources

Information That Must Be Disclosed to Federal Research Sponsors

In an effort to strengthen research security in the U.S., the National Security Presidential Memorandum-33 (NSPM-33) was signed on January 14, 2021. NSPM-33 directs federal funding agencies to strengthen protections of U.S. government-supported research and development against foreign government interference and exploitation. The main issues encountered related to foreign interference are often associated with instances of lack of disclosure appointments, affiliations, and current and pending support from external funding sources. One of the main objectives of NSPM-33 is to develop consistent disclosure requirements for use by senior personnel, as well as to develop common disclosure forms for the Biographical Sketch and Current and Pending (Other) Support sections of an application for federal research and development grants or cooperative agreements. All the federal science funding agencies have agreed to move towards adopting standardized formats.

The Office of Sponsored Projects serves as UT’s coordinating office for externally funded research and sponsored projects, to include funding from federal sponsors, and can provide further guidance on federal disclosure requirements.

Information That Must Be Disclosed to the University of Texas at Austin

The other main category of foreign interference is with conflicts of interest and conflicts of commitment. UT supports and encourages faculty and professional staff to engage in outside professional activities that support the University’s mission while also being committed to ensuring personal, financial, and organizational conflicts of interest do not interfere with the ability to contribute to the advancement of society through education of our students, research, creative activity, scholarly inquiry, and the development and dissemination of new knowledge, including the commercialization of University discoveries.

The Office of Research Support and Compliance serves as UT’s coordinating office for disclosing conflicts of interest, conflicts of commitment, and outside activities to the University, and can provide further guidance on related disclosure policies and processes.

Resources

International collaboration is essential to pursuing the frontiers of science. UT values and encourages international research, collaboration, and scholarship as a means to further knowledge and expertise. It is through our international scholarly relationships that our faculty, staff, and students continue to generate innovations and discoveries that leave a lasting impact around the globe. But these engagements may also present individual and institutional risks which have been highlighted in a 2019 report on Fundamental Research Security completed by JASON, an independent scientific advisory group, on behalf of the National Science Foundation. While international collaboration adds value in many ways to the scientific enterprise, it also creates the possibility for improper foreign government influence, ranging from the misdirection of research to the actual theft of data and ideas.

Authorship of Scholarly and Scientific Publications

The publication of results is an essential component of the research process. It disseminates new knowledge, an expectation that is inherent to sponsored research. It creates a bases of assigning credit to the authors, thus providing support for seeking professional advancement or completing training requirements. It establishes scientific priority with implications for credit for discovery or for intellectual property protection. Finally, publication allows others to assess, correct, or build on the authors’ results, which is crucial to scientific progress.

For those researchers at UT with secondary or visiting appointments at another university or research institution outside of UT, HOP 7-1070 on Authorship of Scholarly and Scientific Publications states that, except in very special circumstances, faculty, staff, and students should list UT as their primary affiliation (i.e., the one you list first). The policy also gives clear criteria for listing of a secondary affiliation. Over time, your affiliation allows your work to contribute to the overall reputation of UT that increases the value of the degrees we confer and the value of holding a faculty position at our university.

When you agree to a secondary appointment, one thing to watch for in any employment or affiliation document is a requirement for listing the other institution as your affiliation on your scholarly products. Unless you have received an explicit approval from your dean and the Office of Research Support and Compliance, you may not sign an agreement for a secondary or visiting appointment that requires you to list another institution as your first affiliation. In listing such institutions as a secondary affiliation, you will need to follow the criteria established by HOP 7-1070, part VIIA. ORSC can help you navigate this requirement. All questions can be directed to Michelle Stickler, Associate Vice President for Research.

In particular, when entering into agreements with foreign institutions, aligning with the requirements in HOP 7-1070 can prevent problems. Some federal sponsors use affiliation and acknowledgement information as input data in their effort to ensure compliance with reporting requirements for current and pending (other) support. Listing secondary institutions on publications as either first or second affiliations when those affiliations have not been fully disclosed to UT and federal sponsors may cause problems for scholars. Secondary affiliations should not be indicated unless the secondary institution has provided substantive support for the research, and that support has been properly disclosed to both UT and federal sponsors.

If you are concerned about an existing agreement as it relates to this new policy, you can contact UT's Science and Security Team for assistance with navigating any potential issue, to include bringing those agreements into compliance.

Contracts & Agreements with Outside Entities

UT encourages employees to undertake consulting and other professional relationships with outside entities as they may provide valuable experience to the UT employee in their research and teaching activities. These relationships between the UT employee and the outside entity can oftentimes be a personal agreement which UT is not a party; however, the University has an interest in ensuring that faculty members adhere to UT policies regarding these arrangements. UT employees should not enter into contracts or agreements with outside entities that conflict with institutional responsibilities or UT policies, to include:

  • Signing a contract requiring non-disclosure of employment, salary/compensation, or research funding received outside of UT;
  • Entering into agreements that require primary authorship affiliation with an entity outside of UT;
  • Signing a contract that assigns all IP rights to an entity outside of UT.

The Office of Research Support and Compliance has further information and guidance on signing contracts and agreements with outside entities, to include common issues with consulting arrangements and other outside activities.

Other Important Matters Related to Foreign Engagement & Collaboration

Foreign Government-Sponsored Talent Recruitment Programs

The term “foreign government-sponsored talent recruitment program” (FGTRP) is defined by federal funding agencies as “an effort directly or indirectly organized, managed, or funded by a foreign government, or a foreign government institution or entity, to recruit science and technology professionals or students (regardless of citizenship or national origin, or whether having a full-time or part-time position). Some foreign government-sponsored talent recruitment programs operate with the intent to import or otherwise acquire from abroad, sometimes through illicit means, proprietary technology or software, unpublished data and methods, and intellectual property to further the military modernization goals and/or economic goals of a foreign government. Many, but not all, programs aim to incentivize the targeted individual to relocate physically to the foreign state for the above purpose. Some programs allow for or encourage continued employment at United States research facilities or receipt of Federal research funds while concurrently working at and/or receiving compensation from a foreign institution, and some direct participants not to disclose their participation to United States entities. Compensation could take many forms including cash, research funding, complimentary foreign travel, honorific titles, career advancement opportunities, promised future compensation, or other types of remuneration or consideration, including in-kind compensation.”

FGTRPs typically provide U.S. academics with additional appointments, resources, and responsibilities. Some FGTRP contracts require the recruited researcher to not disclose the relationship to their home institution. If participation in these programs involves establishment of an employee-employer relationship, the conduct of research or teaching, and/or acceptance of salary from another institution, invitations to join these programs must be disclosed to UT as part of the prior approval process for outside activities.

FGTRP participants are usually obligated to disclose intellectual property to the foreign institution with which they are affiliated. In most cases, these obligations conflict with existing obligations to UT under Board of Regents Rule 90101: Intellectual Property. Before agreeing to such requirements, faculty should confer with the UT Science & Security Team at sas@austin.utexas.edu.

As part of the national discussion of inappropriate foreign influence on U.S. research, many federal sponsors, including NIH and NSF, have cited foreign talent recruitment programs as posing a particular threat to the U.S. research community. The CHIPS and Science Act of 2022, enacted in August 2022, directs that researchers working on federally supported research projects must disclose participation in foreign talent recruitment programs in federal research proposals. Furthermore, the new law also prohibits federal research grants from going to any individual participating in a “malign foreign talent program.” As such, participation in foreign talent recruitment programs could affect the likelihood of being selected to participate in future U.S. government-sponsored research work and is specifically prohibited by U.S. government research agencies

Click here for more information on Malign Foreign Talent Recruitment Programs. The content of which is a summary taken from several reports and is not meant to be used as an all-encompassing report or a specific set of requirements.

In order to comply with UT and federal sponsor requirements, all participation in a FGTRP must be disclosed. If you are considering an invitation that may meet any of the FGTRP criteria, or if you have other related questions, please contact UT’s Science & Security Team.

Resources

Military-Civil Fusion Strategy

According to multiple reports, Military-Civil Fusion (MCF) is a national strategy of the Chinese Communist Party (CCP) to develop the People’s Liberation Army into a “world class military” by 2049. Under MCF, the CCP is acquiring the intellectual property, key research, and technological advances of the world’s citizens, researchers, scholars, and private industry in order to advance the CCP’s military aims. The CCP is systematically reorganizing the Chinese science and technology enterprise to ensure that new innovations simultaneously advance economic and military development. PRC President and CCP General Secretary Xi Jinping personally oversees the strategy’s implementation. He chairs the CCP’s Central Military Commission and the Central Commission for Military-Civil Fusion Development.

The goal of the MCF strategy is to enable the PRC to develop the most technologically advanced military in the world. As the name suggests, a key part of MCF is the elimination of barriers between China’s civilian research and commercial sectors, and its military and defense industrial sectors. Key technologies being targeted under MCF include quantum computing, big data, semiconductors, 5G, advanced nuclear technology, aerospace technology, and AI. According to the U.S. Department of State, the PRC specifically seeks to exploit the inherent ‘dual-use’ nature of many of these technologies, which have both military and civilian applications.

U.S. Department of State put together a one page Military-Civil Fusion handout for further information.

On a related note, President Trump signed a Presidential Proclamation (Proclamation 10043) in May 2020 limiting the entry of some Chinese students and scholars on F or J visas into the US. This Proclamation was carried over by the Biden Administration. Most Chinese graduate students and scholars at UT will NOT be impacted by this proclamation, however, some may be at risk. This proclamation specifically applies to Chinese graduate students and researchers who are affiliated with China’s “military-civil fusion strategy.” The U.S. government has not yet published a list of entities that support the PRC’s military-civil fusion strategy. We will continue to monitor the situation and will provide updates if/when a list becomes available.

For purposes of this Proclamation, “affiliated with” means a person who:

  • is currently receiving funding; employed by; studying at; conducting research at or on behalf of, or
  • has been an employee or student of or has conducted research at or on behalf of such an entity in the past.

This Proclamation primarily effects Chinese scholars or researchers planning to enter the US. However, it may apply to people already in the US on a F or J visa who meet the criteria above. UT values the presence of international students and scholars as important members of our academic and research community and we welcome you here.

The UT Science & Security Team will continue analyzing this proclamation and its implementation. Contact the Science & Security Team with any related questions or to request an assessment of your collaborations and affiliations with entities that may be associated with this MCF strategy.

The University of Texas has long been known as a destination for visiting scientists, scholars, and researchers from foreign and domestic academic institutions, industry, and governmental entities. The formal and informal free exchange of knowledge and information that these visits entail has led to countless technological breakthroughs and scientific discoveries.

Nonemployee Research Affiliates (NERA), aka visiting scholars or researchers, are individuals who are typically but not always affiliated with an outside university, institution, business, or government and seek to be temporarily in residence at UT for 10 or more days to collaborate with faculty, learn research techniques, or use specialized facilities. NERAs are not appointed as employees of the University and generally do not receive financial support or compensation from UT. NERAs visiting from both international and domestic locations require review by the Office of the Vice President for Research, Scholarship and Creative Endeavors prior to being appointed. The Nonemployee Research Affiliate webpage addresses the different NERA categories, specific criteria for NERA consideration, the nomination process, and all approval steps necessary for granting facilities access to both domestic and international visitors.

As an important reminder, UT Sponsors with federal research funding may be required by award policies to disclose support provided by this visiting research affiliate as Current and Pending (Other) Support. Please review this summary table identifying pre- and post-award disclosure requirements and email UT's Science & Security Team with any questions.

Warnings have been delivered to the U.S. higher education community over the past several years by national security and law enforcement officials about the threats to campuses from certain visitors affiliated with foreign governments seeking to influence, interfere and, in some cases, steal scientific research and intellectual property. These threats reveal that all colleges and universities should not take anything for granted in dealing with issues of research security. The following is a list of suspicious behaviors to look for when hosting visitors on campus:

  • Insists on working in private
  • Volunteers to help on classified or sensitive projects
  • Misuses computer or information systems
  • Lacks concern for or violates security protocols
  • Attempts to gain access to labs or information outside of approved scope
  • Unnecessarily photographs or copies materials, information, or other items
  • Shows unusual interest in information outside of approved environment

Questions

UT Austin believes that an international experience is essential to our academic mission. UT faculty and research staff must protect their persons, staff and collaborators, equipment, data, and materials when they travel abroad or domestically. What an individual needs to take with them, what risks they may encounter, and what preventative steps they should take depends on the nature of their work and their travel destination. Prior to departing on a university-related international trip, all faculty and staff are required to complete specific steps as listed on the Texas Global website for international travel. This site also includes the Restricted Regions List of locations worldwide that pose a heightened travel risk and the process for requesting travel to these locations.

Travel to certain embargoed or sanctioned destinations such as Cuba, Iran, Syria, Sudan, or North Korea requires advance review and in some instances licenses from the U.S. Department of Treasury, Office of Foreign Assets Control. Please contact the University Export Control Officer if you plan to undertake such travel.

Any equipment, research specimen, research materials or data being carried or sent internationally should be reviewed and approved by the University Export Control Officer. All agreements, licenses, and documentation should be obtained BEFORE data or items are shipped or hand carried out of UT.

All faculty and research staff are encouraged to follow these best practices from UT’s Information Security Office to secure data and research materials when traveling.

Below are additional international travel precautionary considerations for your awareness:

  • There is no expectation of privacy in most countries (wireless access, internet cafes)
  • In some countries hotel rooms are subject to search and digital storage devices are copied
  • Elicitation techniques can be used by strangers, colleagues, and conference attendees to obtain details of your visit, the type of research you and colleagues are doing (USG, DoD funded), the progress or goals of your research, etc.
  • Do you engage in “inappropriate” behavior that could cause you to be blackmailed?
    • Solicitations for prostitution, drug use, strip clubs, etc.
  • Do you have conversations about IP or sensitive date overseas in “unsecured” places or on the phone?

UT’s Science and Security Team offers both pre trip briefings and post trip debriefings to provide value of knowing what to look for and be aware of before travel, with an avenue to report any suspicions upon return. Contact the Science and Security Team at sas@austin.utexas.edu to request a travel brief/debrief or if:

  • you know or suspect theft of IP or other sensitive info
  • you receive requests from persons or entities known to be on the Denied Person List
  • you receive persistent unsolicited emails or contacts from individuals or companies deemed suspicious
  • you receive requests for advanced and/or controlled technologies from individuals or companies known or suspected of being from a foreign government

Be extra vigilant when traveling overseas if you have the following, as you are more likely to be a target for information:

  • Conduct or affiliated with USG or DoD funded research
  • Have a Technology Control Plan (TCP)
  • Work with ITAR or other restricted technologies
  • Work in a lab/area that has any of the above

International Travel Security Resources

Export Control

Today’s computer-connected world provides abundant access for criminals, terrorists, opportunists, and intelligence services to exploit the access cyber networks afford. They can hack into a system and steal research and other information, send phishing email with malware attached, and exploit social networking sites. They search for restricted information, people who have access to the information, and information that can be used to coerce or entice people with access to share restricted data. There have been computer intrusions into US universities from numerous countries. US universities receive large numbers of unsolicited requests for information and millions of hits on their Web servers each day. Computer hackers, especially those funded by a foreign government, are capable of breaching firewalls and exploiting vulnerabilities in software. They are also skilled at deceiving trusting or unassuming individuals through scams.

Why should you take the time to secure your digital data? It's part of being a responsible researcher, just like using appropriate protocols and protecting human subjects. Your reputation and your funding are on the line. If your data is compromised, your research could be called into question. Following UT’s Information Security Office guidance for protecting sensitive digital research data will help ensure the security of the systems involved and will help safeguard the confidentiality and integrity of sensitive digital research data.

In 2021, the White House released National Security Presidential Memo-33 (NSPM-33) which outlined expectations for protection against foreign government interference and exploitation in federally funded research and development. In January 2022, the White House Office of Science and Technology Policy issued guidance to federal agencies for implementing NSPM-33. One of the key areas of this guidance is a requirement for research institutions receiving Federal science support in excess of $50 million establish and operate a research security program, which includes an element of cyber security. The following is taken from a list of basic safeguarding protocols and procedures to be applied within the cyber security element (see the NSPM-33 guidance to federal agencies for a complete list):

  • Provide regular cybersecurity awareness training, including how to recognize and respond to social engineering threats and cyber breaches
  • Limit information system access to authorized users only
  • Verify and control/limit connections to and use of external information systems
  • Control any non-public information posted or processed on publicly accessible information systems
  • Provide protection of scientific data from ransomware and other data integrity attack mechanisms
  • Perform periodic scans of the information system and real-time scans of files from external sources as files are downloaded, opened, or executed

Among the various resources available for protecting digital research data, the following are offered at UT and should be strongly considered:

  • The Texas Advanced Computing Center (TACC). Scientific research produces massive amounts of data, and the resulting datasets are of great value to researchers for years and even decades to come. These datasets are often extremely large and must be easily and quickly accessible as well as stored in a protected environment. Cloud computing provides instantaneous, secure access to computing resources. TACC has a comprehensive set of cloud services which are designed for researchers who need large-scale resources, but prefer a virtualized, on-demand environment – allowing them to efficiently perform modeling and simulations, visualizations, data analytics, and management from any location. Visit UT's TACC website to learn more about these resources and how to become a TACC user.
  • The Secure Research Environment (SRE). UT’s Defense Research Advancement within OVPR has built out the SRE for Department of Defense-related research that requires higher levels of information assurance. Located at the JJ Pickle campus, SRE’s resources include dedicated lab space for US Persons only, IT infrastructure, including the ability to use virtual machines, and program management support. They can be contacted at DRA_Research@austin.utexas.edu for more information.

Technical staff play an important role in protecting sensitive digital research data. UT’s Information Security Office has tools and services that can help support the researcher community implement the security practices that are essential on our campus. Check out the Information Security Office website for more information on protecting your digital research data or e-mail the Information Security Office at security@utexas.edu if you have any questions or need more information.

See more below...