338. With respect to the authorizations in 31 CFR § 560.540(a)(1) and (a)(2) of the Iranian Transactions and Sanctions Regulations (ITSR), what services and software are covered?
Qualifying services under 31 CFR § 560.540(a)(1) are those that are “incident to the exchange of communications over the internet,” as well as cloud-based services in support of such services or of any other transaction authorized or exempt under the ITSR. Qualifying software under 31 CFR § 560.540(a)(2) is software that is incident to, or enables services incident to, the exchange of communications over the internet, as well as certain cloud-based services. In addition, qualifying software under 31 CFR § 560.540(a)(2) must meet the stated export control-related criteria. Both paragraphs provide an illustrative but not exhaustive list of the types of services that are authorized: “instant messaging, chat and email, social networking, sharing of photos and movies, web browsing, blogging,...
* FAQ amended on 5-16-24 in connection with OFAC’s incorporation of Iran GL D-2 into the ITSR at section 560.540. Amendments to this FAQ were non-substantive in nature.
* On 9-23-22, OFAC replaced Iran GL D-1 with Iran GL D-2, initially without making amendments to this FAQ. See Iran GL D-2, and comments thereto, for a discussion on the changes between GL D-1 and GL D-2. On 1-11-23, OFAC amended this FAQ without making substantive changes beyond, as the case may be, changing references to GL D-1 to GL D-2 and removing "personal" from "personal communications". The notes below the asterisks pertain to the original version of the FAQ (see native PDF file). Note the continued relevance of the Interpretive Guidance and...