Key Federal and State Regulations

The U.S.  has a long history of innovation while protecting research security. As early as WWII through the emergence of export control regulations and the eventual creation of the fundamental research exclusion an infrastructure has been in place to support the free and open dissemination of ideas while facilitating global interests. For the past few years, the concept of securing research has been considered specific to sensitive data, export-controlled information, and other high-risk areas; however, changes in the research and technology landscape have expanded security concerns across the research spectrum.   

In response to this evolving climate, JASON, an independent advisory group solicited by the National Science Foundation (NSF), released their report on Fundamental Research Security in 2019 outlining the security concerns and recommendations related to undue foreign influence and fundamental research. JASON released another report, Safeguarding the Research Enterprise, in 2024 reiterating the necessity of the fundamental research classification and advising on how to mitigate security concerns with sensitive research.  

Expand FAQ List

  •  NSPM-33 

    National Security Presidential Memorandum 33 (NSPM-33) is a directive that aims to protect federally funded research from foreign interference and exploitation. It mandates the establishment of research security programs to protect against foreign government interference and exploitation at research institutions receiving over $50 million in federal research funding.  

    NSPM-33 also requires a certification from research organizations confirming they have implemented a research security program that includes the four elements:  

    • A cybersecurity program consistent with the National Institute of Standards and Technology guidance  
    • Foreign travel security that includes periodic training for covered individuals and reporting requirements  
    • Research security training for covered individuals and an institution's certification of individuals' completion of such training  
    • Export control training for covered individuals who perform research and development involving export-controlled technologies and processes for reviewing foreign sponsors, collaborators, and partnerships  

  • CHIPS AND SCIENCE ACT  

    The CHIPS and Science Act boosts investments in research and development to bring preeminence in semiconductor manufacturing back to the U.S. It mandates universities to implement heightened research security measures, including reporting foreign funding sources, disclosing potential conflicts of interest related to foreign talent recruitment, and providing research security training for faculty and staff involved in federally funded research projects. 

    The Act prohibits participation in a foreign talent recruitment program by personnel of Federal research agencies and prohibits participation in a Malign Foreign Talent Recruitment Program (MFTRP) by covered individuals involved with research and development awards from those agencies. Covered individuals must certify prior to proposal submission that they are not associated with a MFTRP.  Texas State University is required to certify that all senior personnel associated with the proposal have been made aware of and have complied with their responsibility to abide by the requirements of this act.  

  • S.B. No. 1565 (Texas) 

    The law set forth by the state of Texas requires each institution of higher education to establish a policy framework that promotes secure academic research at the Institution while mitigating the risk of foreign espionage and interference. It requires the governing board of the university system to establish a separate research security policy framework for each institution of higher education under the governing board's management and control.  

    The policy framework must address:  

    • achieving the highest level of compliance with applicable ethical, legal, regulatory, contractual, and system standards and requirements for securing and protecting the institution's research portfolios;  
    • promoting within the institution an organizational culture of compliance with federal requirements to ensure the institution maintains eligibility for federal funding; and  
    • designating a person to serve as a research security officer responsible for maintaining classified information, maintaining controlled unclassified information, conducting foreign influence reporting, and addressing other issues at the institution associated with the goals of the policy framework. 

  • GA-48 (Texas) 

    Executive Order GA-48 is an order issued by Texas Governor Greg Abbott on November 19, 2024. This order creates additional requirements for Texas public higher education institutions and other state agencies regarding activities involving countries listed on the U.S. Department of Commerce’s foreign adversaries list under 15 C.F.R. & 791.4 (China, Cuba, Iran, North Korea, Russia, and Venezuela).  

    State agencies shall require any company that submits a bid or proposal with respect to a contract for goods or services to the agency or institution of higher education to certify that the company:  

    • Listed in Section 889 of the 2019 National Defense Authorization Act (NDAA); or  
    • Listed in Section 1260H of the 2021 NDAA; or  
    • Owned by the government of a country on the U.S. Department of Commerce's foreign adversaries list under 15 C.F.R. § 791.4; or  
    • Controlled by any governing or regulatory body located in a country on the U.S. Department of Commerce's foreign adversaries list under 15 C.F.R. § 791.4.  

    No personnel of a public institutions of higher education, shall accept any gift, regardless of value, from an entity associated with or travel to, for professional purposes, a country on the U.S. Department of Commerce's foreign adversaries list under 15 C.F.R. § 791.4. All agencies and public institutions of public higher education affected by this order shall include this prohibition in their ethics policies and create a mechanism by which their employees can report being approached by groups representing these countries, that offer gifts or travel, or alleged violations of this ethics policy.  

    • The Texas Workforce Commission shall amend the state application to include an attestation by applicants that they are not employed by and do not have any connection or continuous connections to any governmental entity or political apparatus of a country listed in 15 C.F.R. § 791.4.   
    • Institutions of higher education must create processes by which their employees will notify the agency of any personal travel to a foreign-adversary nation prior to their travel and submit a post-travel brief outlining details of the trip, including the dates and purpose of travel, to their employer.   
    • Public institutions of higher must include in the minimum qualifications of the job descriptions of all positions that research, work on, or have access to critical infrastructure as defined in Section 113.001(2), Business and Commerce Code, that a requirement to be hired for and to continue to be employed in that position is the ability to maintain the security or integrity of the infrastructure.  
    • Institutions of higher education are required to submit reporting on foreign-gift and contract disclosures to the U.S. Department of Education under Section 117 of the Higher Education Act of 1965, must submit the same reporting  to the Texas Higher Education Coordinating Board (THECB).   
    • All public institutions of higher education must include in their employment manuals a prohibition on their faculty and employees from taking part in any foreign recruitment program by a foreign-adversary nation.