DARPA screens for “risk” in researchers’ foreign affiliations

Editor’s note: This article is adapted from a 15 February post on FYI, which reports on federal science policy. Both FYI and Physics Today are published by the American Institute of Physics.

The Defense Advanced Research Projects Agency has implemented a new review process for the research projects it funds that assesses risks posed by funding applicants’ affiliations with foreign institutions. The agency’s new Countering Foreign Influence Program, which applies to fundamental research projects, was announced in September and revised in December.

Other federal science agencies have likewise expanded their use of disclosure policies to identify problematic conflicts of interest and time commitment. DARPA’s policy goes further by tying the review process to specific categories of foreign entities of concern. Although the agency stresses that projects deemed to carry high risk can still proceed with the appropriate approval, many stakeholders are seeking more clarity on the kinds of affiliations DARPA and other science agencies might deem problematic.

“Risk rubric” outlines affiliations of concern

The new policy is a product of more than three years of DOD efforts to respond to congressional direction to secure the research it funds from potential exploitation by rival governments. Its moves have generally been more expansive than those at other federal agencies, both because they extend to the protection of R&D geared toward military applications and because Congress has given the department additional mandates.

DARPA director Stefanie Tompkins announced the Countering Foreign Influence Program in a September memorandum . DARPA officials have explained the program is part of DOD’s response to legislation enacted in 2018 that directs the department to carry out an initiative to protect the academic researchers it funds from “undue influence and other security threats.”

The program’s reviews of funding applicants’ affiliations cover all “senior/key personnel” and place the most weight on the researchers’ activities in the previous four years. In conjunction with the memo announcing the program, the agency released a “risk rubric” that summarizes types of foreign affiliations and associations that would lead it to assign projects risk ratings ranging from “low” to “very high.”

If the project is assigned a “high” or “very high” rating, the applicant can propose risk-mitigation measures or alternate project personnel to reduce the rating to “low” or “moderate.” If the risk cannot be lowered to that level, the project can proceed only with approval from DARPA’s deputy director.

Factors that could lead to a very high risk rating include active affiliations with institutions the US has placed export restrictions on, or participation in certain talent recruitment programs supported by foreign governments. Additional factors include whether the researcher is receiving funds from or has an active affiliation with entities connected to the governments of countries of concern.

An initial version of the risk rubric published in September indicated that ties to family and friends abroad could also be evaluated as part of the review process, but DARPA removed the language in a December revision after receiving significant pushback from the research community. Explaining the change in an FAQ document , DARPA states, “After we published our policy we received feedback that some wording in our rubric did not reflect the intent of our policy, and that we could have been clearer.”

The FAQ also includes a question about why the policy applies to fundamental research, given that a 1985 presidential directive known as NSDD-189 established that the products of fundamental research should generally be unrestricted and that classification is the appropriate mechanism for controlling particularly sensitive research. In response, DARPA maintains that the new process “does not put any restrictions on research,” noting it concerns decision making prior to funds being allocated.

Foreign entity blacklists in flux

In defining affiliations and funding sources deemed to carry risk, DARPA’s rubric broadly identifies governments and government-connected entities in countries that are a “strategic competitor” of the US, or countries “with a history of targeting U.S. technology for unauthorized transfer,” a status abbreviated CWHTUSTs.

The rubric does not list strategic competitors or CWHTUSTs, though in similar contexts the US government has often identified China, Russia, Iran, and North Korea as top countries of concern. Congress recently directed DOD to publicly identify talent recruitment programs and academic institutions that have engaged in various malicious practices or that take direction from military or intelligence agencies in countries of concern, but the department has not yet published such lists.

The US government has generally objected to the Chinese government’s strategy of “military–civil fusion,” wherein civilian institutions in China are enlisted to support military goals to a far greater degree than is the case in democratic countries. Under a 2020 executive order by President Donald Trump that remains in effect, the State Department began barring US entry to Chinese graduate students and visiting researchers who have present or former ties to institutions deemed to support the military–civil fusion strategy. The department has not publicly identified institutions subject to the policy.

The DARPA rubric does contain specifics on a subset of institutions of concern, pointing to a 2020 executive order amended by President Biden that sanctions “Chinese Military–Industrial Complex Companies” spanning sectors such as telecommunications, microelectronics, aviation, and nuclear energy. The rubric also refers to lists maintained by the US Bureau of Industry and Security (BIS), which administers export controls.

The BIS “Entity List” encompasses organizations and individuals deemed to be participating in “activities contrary to U.S. national security and/or foreign policy interests,” such as weapons development or human rights abuses. Exports to entities on this list require special approval, with the presumption that such licenses will likely be denied.

Over the past two years, BIS has added numerous institutions to the list, most of them based in China. These include companies and universities conducting R&D in areas such as supercomputing , surveillance technology , quantum computing , and biotechnology . Among them are the Hefei National Laboratory for Physical Sciences at the Microscale, which hosts a leading quantum research group, and the Academy of Military Medical Sciences, which BIS alleges is developing “purported brain-control weaponry.”

Among the entities in other countries recently added to the list are various institutions implicated in missile programs in Iran and Pakistan and in chemical and biological weapons programs in Russia . BIS also placed the Moscow Institute of Physics and Technology on a separate list of organizations deemed to support military activities.

Agencies attempt to dispel fear in research community

The DARPA policy arrives at a time when many researchers are on edge due to the Justice Department’s high-profile prosecutions of scientists who allegedly failed to disclose ties they maintained with Chinese institutions. Some university officials say the situation has been exacerbated by ongoing uncertainty about how science agencies will use the information disclosed to them, pointing in part to the DARPA policy.

At a meeting last month of the National Academies research security roundtable , Maria Zuber, MIT’s vice president for research, remarked that the White House’s recent interagency guidance on disclosure policy did not quell anxieties because it did not address how disclosures can be used. “In addition to having a chilling effect on international collaborations potentially, [the guidance] also has increased the fear level, particularly for our principal investigators of Asian descent,” she said. Apparently referring to DARPA’s removed language about risk associated with friends and family abroad, she added, “Agencies are doing things among themselves, and the initial DARPA matrix, which fortunately was revised, had some things that caused a lot of fear.”

Kathryn Moler, dean of research at Stanford University, expressed a similar sentiment, saying, “There are definitely cases, not a small number, of people who are deciding not to engage in perfectly reasonable, helpful international collaborations because they just don’t want to take any risks right now.”

Responding to these concerns, Bindu Nair, director of DOD’s Basic Research Office, emphasized that DOD is still willing to support even risky international engagements, remarking:

Representatives from NSF and the National Institutes of Health at the meeting also sought to dispel fears about the intentions behind their agencies’ respective disclosure policies.

Mike Lauer, head of extramural research for NIH, insisted that the agency uses disclosed information today “really the same way we’ve been doing it for many years,” adding that it looks for “scientific overlap, budgetary overlap, commitment overlap, or significant financial conflicts of interest.” Rebecca Keiser, NSF’s chief research security officer, noted that NSF’s grant manual has a “very firm statement that disclosing international collaborations does not negatively impact the review of a proposal.”

Keiser did, however, identify a need for researchers to be able to distinguish between bona fide international collaborations and potentially exploitative arrangements. She noted that the 2019 JASON report on research security offered a “catechism” of questions for researchers to ask themselves prior to entering into a collaboration, and that NSF intends to incorporate the construct into forthcoming training materials.