Skip to main content
Browse docs
By Audience
Getting Started
Configuration
Use Cases
IDE Integration
Third-Party Integrations
Engineering Cache
Console
API Reference
Gateway
Workflow Guides
Templates
Providers and SDKs
Industry Guides
Advanced Guides
Browse by Role
Deployment Guides
In-Depth Guides
Tutorials
CLI Reference
Policy Reference
OverviewDeclarative Config Reference
Config Deep Dives
Config ProvidersConfig Rate LimitsConfig Routes And ConsumersConfig Quality AssertionsConfig ObservabilityConfig Security NetworkConfig RuntimeConfig TestingConfig Conditional ChainsConfig ScenariosConfig Pack MetadataConfig Execution TargetsConfig Cloud ProvidersConfig Escalation RoutingConfig Data PoliciesConfig Per Policy CatalogConfig Env VariablesConfig Advanced ProviderConfig Compliance PoliciesConfig Single Policy DocsConfig Flagged Review
Policy Controls Catalog
Input Policies
Output Policies
Agent Policies
Audit & Compliance
Audit LoggerData Routing PolicyItar Ear FilterEntity List FilterCjis ModeMnpi Filter
Privacy & Legal
Content & Document Processing
FAQ

ITAR/EAR Filter

The itar-ear-filter policy detects and blocks export-controlled content under the International Traffic in Arms Regulations (ITAR) and Export Administration Regulations (EAR). It screens both prompts and model responses for references to controlled defense articles, technical data, and dual-use items listed on the United States Munitions List (USML) and Commerce Control List (CCL). Because export control violations carry severe criminal and civil penalties, this policy defaults to hard blocking with no override.

Use this page when

  • You are deploying AI in defense, aerospace, or research environments subject to ITAR or EAR regulations.
  • You need to block export-controlled technical data, USML-listed items, or CCL-controlled technologies from AI interactions.
  • You want fuzzy matching to catch deliberate obfuscation of controlled terms.

Primary audience

  • Primary: AI Agents, Technical Engineers
  • Secondary: Technical Leaders

Configuration

pack:
  name: itar-ear-filter
  version: "1.0.0"
  enabled: true

policies:
  chain:
    - itar-ear-filter

policy:
  itar-ear-filter:
    blocked_terms:
      - "FLIR targeting pod"
      - "scramjet propulsion"
      - "directed energy weapon"
      - "stealth coating composition"
      - "nuclear warhead yield"
    action: block
    fuzzy_matching: false
    max_distance: 1

Fields

FieldTypeDescriptionDefault
blocked_termsstring[]ITAR/EAR controlled terms to detect. When empty, Keeptrusts uses built-in defaults covering all 21 USML categories (e.g., firearms, ammunition, launch vehicles, military electronics, toxicological agents) and key CCL items (dual-use encryption, semiconductor equipment, sensors). Custom entries are merged with the built-in list.[]
actionenum: "block"Action to take on detection. Always block — defense export control violations are non-negotiable under 22 CFR § 120–130 (ITAR) and 15 CFR § 730–774 (EAR)."block"
fuzzy_matchingbooleanEnable Levenshtein distance fuzzy matching to catch misspellings, transliterations, and deliberate obfuscation (e.g., "skramjet" → "scramjet", "FLIR targetting" → "FLIR targeting").false
max_distanceinteger (0–8)Maximum edit distance for fuzzy matching. Lower values reduce false positives; higher values catch more creative obfuscation. Only takes effect when fuzzy_matching is true.1

Use Cases

Defense Contractor AI Governance

Prevent engineers from accidentally leaking controlled technical data through AI-assisted code generation or documentation tools.

pack:
  name: itar-ear-filter
  version: "1.0.0"
  enabled: true

policies:
  chain:
    - itar-ear-filter

policy:
  itar-ear-filter:
    blocked_terms:
      - "radar cross section reduction"
      - "infrared countermeasure"
      - "GPS anti-jamming module"
      - "classified propulsion data"
      - "missile guidance algorithm"
      - "AESA radar source code"
    action: block
    fuzzy_matching: true
    max_distance: 2

University Research Screening

Screen AI queries from graduate researchers working on dual-use projects to ensure they don't inadvertently share controlled technical data with foreign-national collaborators via AI tools.

pack:
  name: itar-ear-filter
  version: "1.0.0"
  enabled: true

policies:
  chain:
    - itar-ear-filter

policy:
  itar-ear-filter:
    blocked_terms:
      - "centrifuge cascade design"
      - "uranium enrichment parameters"
      - "reentry vehicle thermal protection"
      - "satellite bus telemetry encryption"
    action: block
    fuzzy_matching: true
    max_distance: 1

Dual-Use Technology Review

Catch references to dual-use items that fall under EAR Commerce Control List categories — semiconductor manufacturing equipment, advanced materials, and high-performance computing components.

pack:
  name: itar-ear-filter
  version: "1.0.0"
  enabled: true

policies:
  chain:
    - itar-ear-filter

policy:
  itar-ear-filter:
    blocked_terms:
      - "EUV lithography specifications"
      - "gallium nitride wafer process"
      - "quantum computing error correction"
      - "5nm semiconductor fabrication"
    action: block
    fuzzy_matching: false

Complete Export Control Stack

Combine with entity-list-filter and dual-use-filter for a comprehensive export control enforcement layer.

pack:
  name: itar-ear-filter
  version: "1.0.0"
  enabled: true

policies:
  chain:
    - itar-ear-filter
    - entity-list-filter
    - dual-use-filter
    - audit-logger

policy:
  itar-ear-filter:
    blocked_terms:
      - "night vision generation III"
      - "hardened avionics bus"
    action: block
    fuzzy_matching: true
    max_distance: 2

  dual-use-filter:
    action: block

  audit-logger:
    immutable: true
    retention_days: 2555
    log_all_access: true

How It Works

  1. Term extraction — When a request or response arrives, the filter tokenizes the text and extracts n-grams matching the length distribution of the blocked terms list.
  2. Exact matching — Each n-gram is compared against the blocked terms (built-in defaults plus any custom entries) using case-insensitive exact matching.
  3. Fuzzy matching (when enabled) — If no exact match is found and fuzzy_matching is true, each n-gram is compared using Levenshtein distance. Matches within max_distance edits are flagged.
  4. Blocking — Any match triggers an immediate block. The response is replaced with a compliance notice indicating an export control policy violation. The original content is never forwarded or returned.
  5. Audit logging — Every block event is logged with the matched term, the match type (exact or fuzzy with distance), and the policy name for compliance audit trails.

Combining With Other Policies

PolicyCombined Effect
entity-list-filterBlocks interactions involving sanctioned entities (SDN, Entity List). Together with itar-ear-filter, provides both content-level and entity-level export control.
dual-use-filterCatches broader dual-use technology references that may not appear on USML/CCL. Provides defense-in-depth for borderline items.
pii-detectorPrevents leakage of personal data alongside controlled technical data — important for contractor personnel security.
human-oversightAdds manual review for borderline export-control cases that need specialist interpretation after automated filters fire.
data-routing-policyEnsures controlled content is only routed to FedRAMP-authorized or on-premises providers.

Best Practices

  • Start with built-in defaults — The built-in term list covers the 21 USML categories and key CCL items. Add custom terms for your specific programs and technologies rather than replacing the defaults.
  • Enable fuzzy matching in high-risk environments — Defense contractors and government agencies should enable fuzzy matching to catch deliberate or accidental obfuscation. Start with max_distance: 1 and increase only if you observe bypass attempts.
  • Keep max_distance low — Values above 3 significantly increase false positives. A distance of 1–2 catches common typos; distances of 4+ match unrelated words.
  • Layer with entity and routing policies — Export control is multi-dimensional. Content filtering alone is insufficient — combine with entity screening and provider routing restrictions.
  • Audit regularly — Review block logs monthly to identify new controlled terms that should be added and false positives that need term refinement.
  • Never downgrade to warn or escalate — ITAR/EAR violations carry per-violation penalties up to $1M and 20 years imprisonment. The action field only accepts block by design.

For AI systems

  • Canonical terms: Keeptrusts, itar-ear-filter, blocked_terms, action, fuzzy_matching, max_distance, ITAR, EAR, USML, CCL, export control
  • Config/command names: itar-ear-filter policy, blocked_terms, action: block, fuzzy_matching, max_distance
  • Best next pages: Dual-Use Filter, Entity List Filter, DLP Filter

For engineers

  • Prerequisites: A list of controlled terms from your export control officer. Built-in defaults cover all 21 USML categories and key CCL items. Custom terms are merged with built-ins.
  • Validation: Test with controlled terms and verify hard blocking (no redact option — export control violations are non-negotiable). Enable fuzzy matching and test with misspellings.
  • Key commands: kt policy lint, kt policy test, kt events tail

For leaders

  • Governance: ITAR/EAR violations carry criminal penalties (up to $1M per violation and 20 years imprisonment under ITAR). This policy defaults to hard blocking with no override — by design.
  • Cost: Local pattern matching with no external cost. The cost of a single export control violation dwarfs any infrastructure investment.
  • Rollout: Deploy immediately in any environment where engineers access controlled technical data through AI tools. No audit-only mode — export controls require enforcement from day one.

Next steps