On May 15, 2019, President Trump issued an Executive Order (“EO”) targeting activities of certain foreign telecommunications companies based in hostile countries. Entitled “Securing the Information and Communications Technology and Services Supply Chain,” the EO declares a national emergency based on a Presidential finding that “foreign adversaries are increasingly creating and exploiting vulnerabilities in information and communications technology and services … in order to commit malicious cyber-enabled actions” rising to the level of “an unusual and extraordinary threat to national security.”[1] As a result, the EO allows the Federal Government, led by the Secretary of Commerce, to bar U.S. companies from doing business with foreign entities it determines are contributing to the threat.
Although the EO does not identify specific countries or entities, it sets up a system for key government agencies to target them. Further, it became clear after the EO was released that the action is aimed at Huawei and other Chinese companies in particular. The Department of Commerce already has announced that Huawei and 68 non-U.S. affiliates of Huawei will be added to the Bureau of Industry and Security Entity List, which means a specific license will be required to do business with these entities.
The EO prohibits the “acquisition, importation, transfer, installation, dealing in, or use of any information and communications technology or service” (defined as a “Transaction”) where the Transaction:
-
involves property in which any foreign country has an interest;
-
is initiated, pending, or to be completed after May 15, 2019 (the date of the EO); and
-
the Secretary of Commerce, in conjunction with the heads of other executive departments and agencies, determines:
-
the Transaction involves information and communications technology or services developed or supplied by persons subject to a foreign adversary; and
-
the Transaction:
-
“poses an undue risk of sabotage” to information and communications technology or services in the U.S.; or
-
“poses an undue risk of catastrophic effects on the security or resiliency of United States critical infrastructure or the digital economy”; or
-
otherwise poses an unacceptable risk to national security.
-
-
In addition to the above determination, the EO also authorizes the Secretary of Commerce to direct the timing and manner of cessation of prohibited Transactions, as well as adopt rules and regulations which, among other things, determine the particular countries or persons to be considered foreign adversaries under the EO and identify particular services and technologies warranting scrutiny. The EO requires publication of such rules within 150 days of the issuance of the EO.
Furthermore, the EO tasks two additional heads of Executive agencies with certain duties. The Director of National Intelligence is directed to assess threats to the United States from information and communications technology or services connected to foreign adversaries, and provide an initial assessment within 40 days, and annually thereafter. The Secretary of Homeland Security, meanwhile, is directed to provide an assessment of entities, hardware, software, and services that pose “the greatest potential consequences to the national security of the United States,” and produce a written assessment within 80 days, and annually thereafter. Finally, the Secretary of Commerce is tasked with providing a report by May 15, 2020 assessing the sufficiency and necessity of actions taken under the EO.
The full impact of this EO remains unclear, as does the interplay between the EO and Section 889 of the National Defense Authorization Act (NDAA) for Fiscal Year 2019, which called on agencies to restrict contract activities with companies that use certain Chinese telecommunications equipment or services as a substantial element of their business. NDAA Section 889 was discussed in our previous blog post on this topic. We will continue to monitor this situation closely.
[1] “Foreign adversary” is defined as “any foreign government or foreign non-government person engaged in long-term pattern or serious instances of conduct significantly adverse to the national security of the United States or security and safety of United States persons.”