DARPA Screening for ‘Risk’ in Researchers’ Foreign Affiliations

For over three years, the Department of Defense has been responding to congressional direction aimed at securing the research it funds from potential exploitation by rival governments. While many federal agencies have stepped up their research security efforts, DOD’s moves have generally been more expansive, both because they extend to the protection of R&D geared toward military applications, and because Congress has given the department additional mandates.

Now, the Defense Advanced Research Projects Agency is implementing a “Countering Foreign Influence Program” that involves assessing risks posed by researchers’ affiliations with foreign institutions, even for unclassified projects in fundamental research. While other science agencies have likewise expanded their use of disclosure policies to identify problematic conflicts of interest and time commitment, DARPA’s policy goes further by tying the review process to specific categories of foreign entities of concern.

Although DARPA stresses that projects deemed to carry high risk can still proceed with the appropriate approval, many stakeholders are seeking more clarity on the kinds of affiliations DARPA and other science agencies might deem problematic.

‘Risk rubric’ outlines affiliations of concern

DARPA Director Stefanie Tompkins announced the Countering Foreign Influence Program in a memorandum issued in September 2021. DARPA officials have explained the program is part of DOD’s response to legislation enacted in 2018 that directs the department to carry out an initiative to protect the academic researchers it funds from “undue influence and other security threats.”

The program’s reviews of funding applicants’ affiliations will cover all “senior/key personnel,” and the process places the most weight on their activities in the previous four years. In conjunction with the memo announcing the program, the agency released a “risk rubric” that summarizes types of foreign affiliations and associations that would lead it to assign projects risk ratings ranging from “low” to “very high.”

If the project is assigned a “high” or “very high” rating, the applicant can propose risk-mitigation measures or alternate project personnel to reduce the rating to “low” or “moderate.” If the risk cannot be lowered to that level, the project can only proceed with approval from DARPA’s deputy director.

Factors that could lead to a very high risk rating include active affiliations with institutions the U.S. has placed export restrictions on, or participation in certain talent recruitment programs supported by foreign governments. Additional factors include whether the researcher is receiving funds from or has an active affiliation with entities connected to the governments of countries of concern.

An initial version of the risk rubric published in September indicated that ties to family and friends abroad could also be evaluated as part of the review process, but DARPA removed the language in a December revision after receiving significant pushback from the research community. Explaining the change in an FAQ document , DARPA states, “After we published our policy we received feedback that some wording in our rubric did not reflect the intent of our policy, and that we could have been clearer.”

The FAQ also includes a question about why the policy applies to fundamental research, given that a 1985 presidential directive known as NSDD-189 established that the products of fundamental research should generally be unrestricted and that classification is the appropriate mechanism for controlling particularly sensitive research. In response, DARPA maintains that the new process “does not put any restrictions on research,” noting it concerns decision-making prior to funds being allocated.

Foreign-entity blacklists in flux

In defining affiliations and funding sources deemed to carry risk, DARPA’s rubric broadly identifies governments and government-connected entities in countries that are a “strategic competitor” of the U.S., or that are a “country with a history of targeting U.S. technologies for unauthorized transfer,” a status abbreviated “CWHTUST.”

The rubric does not list strategic competitors or CWHTUSTs, though in similar contexts the U.S. government has often identified China, Russia, Iran, and North Korea as top countries of concern. Congress has recently directed DOD to publicly identify talent recruitment programs and academic institutions that have engaged in various malicious practices or that take direction from military or intelligence agencies in countries of concern, but the department has not yet published such lists.

The U.S. government has generally objected to the Chinese government’s strategy of “military-civil fusion,” wherein civilian institutions in China are enlisted to support military goals to a far greater degree than is the case in democratic countries. Under a 2020 executive order by President Trump that remains in effect, the State Department began barring U.S. entry to Chinese graduate students and visiting researchers who have present or former ties to institutions deemed to support the military-civil fusion strategy, though the department has not publicly identified institutions subject to the policy.

The DARPA rubric does contain specifics on a subset of institutions of concern, pointing to a 2020 executive order amended by President Biden that sanctions “Chinese Military-Industrial Complex Companies,” which span sectors such as telecommunications, microelectronics, aviation, and nuclear energy. The rubric also refers to lists maintained by the U.S. Bureau of Industry and Security (BIS), which administers export controls.

The BIS “Entity List” encompasses organizations and individuals deemed to be participating in “activities contrary to U.S. national security and/or foreign policy interests,” such as weapons development or human rights abuses. Exports to entities on this list require special approval, with the presumption such licenses will likely be denied.

Over the past two years, BIS has added numerous institutions to the list, most based in China. These include companies and universities conducting R&D in areas such as supercomputing , surveillance technology , quantum computing , and biotechnology . Among them are the Hefei National Laboratory for Physical Sciences at the Microscale, which hosts a leading quantum research group, and the Academy of Military Medical Sciences, which BIS alleges is developing “purported brain-control weaponry.”

Among the entities in other countries recently added to the list are various institutions implicated in missile programs in Iran and Pakistan, and chemical and biological weapons programs in Russia . BIS also placed the Moscow Institute of Physics and Technology on a separate list of organizations deemed to support military activities.

Agencies attempting to dispel fear in research community

The DARPA policy arrives at a time when many researchers are on edge due to the Justice Department’s high-profile prosecutions of scientists who allegedly failed to disclose ties they maintained with Chinese institutions. University officials have aired concerns that the situation has been exacerbated by ongoing uncertainty about how science agencies will use the information disclosed to them, pointing in part to the DARPA policy.

At a meeting last month of the National Academies research security roundtable , MIT Vice President for Research Maria Zuber remarked that the White House’s recent interagency guidance on disclosure policy did not quell anxieties because it did not address how disclosures can be used.

“In addition to having a chilling effect on international collaborations potentially, [the guidance] also has increased the fear level, particularly for our principal investigators of Asian descent,” she said. Apparently referring to DARPA’s removed language about risk associated with friends and family abroad, she added, “Agencies are doing things among themselves, and the initial DARPA matrix, which fortunately was revised, had some things that caused a lot of fear.”

Kathryn Moler, dean of research at Stanford University, expressed a similar sentiment, saying, “There are definitely cases, not a small number, of people who are deciding not to engage in perfectly reasonable, helpful international collaborations because they just don’t want to take any risks right now.”

Responding to these concerns, Bindu Nair, director of DOD’s Basic Research Office, emphasized that DOD is still willing to support even risky international engagements, remarking:

Mike Lauer, head of extramural research for NIH, insisted that how the agency uses disclosed information today is “really the same way we’ve been doing it for many years,” saying it looks for “scientific overlap, budgetary overlap, commitment overlap, or significant financial conflicts of interest.” Rebecca Keiser, NSF’s chief research security officer, noted that NSF’s grant manual has a “very firm statement that disclosing international collaborations does not negatively impact the review of a proposal.”

Keiser did however identify a need for researchers to be able to distinguish between bona fide international collaborations versus potentially exploitative arrangements. She noted the 2019 JASON report on research security offered a “catechism” of questions for researchers to ask themselves prior to entering into a collaboration, and that NSF intends to incorporate the construct into forthcoming training materials.