Future Supply-Chain Rules to Be Implemented Under Executive Order 13873, and Under Sections 889(a)(1)(B) and 889(b) of the 2019 NDAA
There have been several recent developments in U.S. law, relating to non-tariff restrictions on foreign-origin information technology and telecommunications equipment, with a focus on Chinese-origin products. This is the third installment of a three-part series on this topic.
Executive Order 13873 (to Be Effective August 13, 2020):
On May 15, 2019, President Trump issued Executive Order 13873 (the “EO”), which is entitled, “Securing the Information and Communications Technology and Services Supply Chain.” The EO directs the Secretary of Commerce (the “Secretary”) to publish implementing rules and regulations by October 12, 2019. And, subject to certain factual determinations discussed below by the Secretary, the implementing rules could potentially prohibit a broad range of transactions involving “information and communications technology or services” provided by “persons owned by, controlled by, or subject to the jurisdiction or direction of a foreign adversary.”
- What These Rules Will Prohibit:
Unlike the other rules discussed in this series, it appears the rules required by the EO will not be limited to Government procurements. The prohibited transactions include the following:
“any acquisition, importation, transfer, installation, dealing in, or use of any information and communications technology or service (transaction) by any person, or with respect to any property, subject to the jurisdiction of the United States, where the transaction involves any property in which any foreign country or a national thereof has any interest (including through an interest in a contract for the provision of the technology or service), where the transaction was initiated, is pending, or will be completed after the date of this order, and where the [Secretary] . . . has determined that:
(i) the transaction involves information and communications technology or services designed, developed, manufactured, or supplied, by persons owned by, controlled by, or subject to the jurisdiction or direction of a foreign adversary; and
(ii) the transaction:
(A) poses an undue risk of sabotage to or subversion of the design, integrity, manufacturing, production, distribution, installation, operation, or maintenance of information and communications technology or services in the United States;
(B) poses an undue risk of catastrophic effects on the security or resiliency of United States critical infrastructure or the digital economy of the United States; or
(C) otherwise poses an unacceptable risk to the national security of the United States or the security and safety of United States persons.”
- Key Definitions:
“Information and communications technology or services” means “any hardware, software, or other product or service primarily intended to fulfill or enable the function of information or data processing, storage, retrieval, or communication by electronic means, including transmission, storage, and display.” Thus, the rules will potentially apply to any IT and telecom equipment or system.
“Foreign adversary” means “any foreign government or foreign non-government person engaged in a long-term pattern or serious instances of conduct significantly adverse to the national security of the United States or security and safety of United States persons.” Note that, although China is not named, the Trump administration has repeatedly determined that China has for years engaged in unreasonable trade practices that are discriminatory and burden or restrict U.S. commerce. Public comments made by the Secretary and other U.S. regulators also suggest that the EO is targeting Chinese entities, though it could apply to other countries as well.
“United States person” means “any United States citizen, permanent resident alien, entity organized under the laws of the United States or any jurisdiction within the United States (including foreign branches), or any person in the United States.” This definition makes it clear that these rules could apply to any transaction that could impact anyone in the U.S. (not just the U.S. Government).
Until the Secretary issues the rules, the scope of the prohibition will continue to be unclear. But there are a few things we can glean from the EO. As mentioned above, the rules could potentially apply to any IT or telecom equipment or system. The EO is likely aimed at Chinese firms, and so Huawei, ZTE, and possibly other Chinese telecom firms are likely in the crosshairs. And the scope of the rules is not limited to U.S. Government contracts, so it potentially extends to a wide range of private-sector transactions.
Separately, given the scope of the EO’s prohibition, it appears the rules will only regulate transactions that entail use in U.S.-based IT/telecom systems, or other use in foreign systems if such use impacts any “United States person.” It does not appear these rules will amend U.S. export control laws.
Beyond that, the EO clearly requires the Secretary to make both determinations (i) and (ii) quoted above, which are specific to a “transaction,” before the Secretary can prohibit the transaction. Thus, the Secretary will have to determine both (1) which transactions involve “persons owned by, controlled by, or subject to the jurisdiction or direction of a foreign adversary” and (2) which transactions entail one of the prohibited “risks” enumerated in the EO.
Finally, there are a few other hints provided by the EO on what the rules may include. For instance, the EO suggests the possibility of “categorical” exclusions/inclusions by the Secretary. The EO also suggests the possibility of a procedure for industry to request/obtain specific licenses for specific transactions. Again, based on the expected scope of these rules, such licenses would presumably authorize specific imports, purchases, or uses of otherwise prohibited IT/telecom equipment.
Sections 889(a)(1)(B) and 889(b) of the 2019 NDAA (to Be Effective August 13, 2020):
Section 889 of the National Defense Authorization act for 2019 (the “NDAA”) places new restrictions on all U.S. Government procurements of certain telecommunication equipment, systems, and services (“Systems”). As discussed in the prior installment of this series, Section 889(a)(1)(A) was implemented by interim rule, effective August 13, 2019. The NDAA contains additional restrictions in Sections 889(a)(1)(B) and 889(b), which are schedule to go into effect on August 13, 2020. However, before these additional restrictions go into effect, the U.S. Department of Defense (“DoD”), General Services Administration (“GSA”), and National Aeronautics and Space Administration (“NASA” and, collectively with DoD and GSA, the “Agencies”) will have to issue a final implementing rule, which will amend the Federal Acquisition Regulation (the “FAR”).
- What These Rules Will Prohibit:
As provided in the 2019 NDAA, Section 889(a)(1)(B) provides the following:
“The head of an executive agency may not . . . (B) enter into a contract (or extend or renew a contract) with an entity that uses any equipment, system, or service that uses covered telecommunications equipment or services as a substantial or essential component of any system, or as critical technology as part of any system.”
It is unclear whether this would prohibit the scenario where the entity uses “covered telecommunications equipment or services as a substantial or essential component of any system, or as critical technology as part of any system, when those “covered telecommunications equipment or services” are unrelated to performance of a U.S. Government contract. Again, these rules are expected to be limited to U.S. Government contracts and subcontracts.
Also, this prohibition will continue to be subject to the exclusions discussed previously regarding NDAA Section 889(a)(1)(A), which include the following:
“Nothing in paragraph (1) shall be construed to— (A) prohibit the head of an executive agency from procuring with an entity to provide a service that connects to the facilities of a third-party, such as backhaul, roaming, or interconnection arrangements; or (B) cover telecommunications equipment that cannot route or redirect user data traffic or permit visibility into any user data or packets that such equipment transmits or otherwise handles.”
Next, the prohibition provided in Section 889(b) of the 2019 NDAA provides the following:
“The head of an executive agency may not obligate or expend loan or grant funds to procure or obtain, extend or renew a contract to procure or obtain, or enter into a contract (or extend or renew a contract) to procure or obtain the equipment, services, or systems described in subsection (a).”
Subsection (a) is a reference to Section 889(a)(1) and (a)(2), discussed before. So, it appears this language is primarily meant as a clarification that the U.S. Government cannot obligate or expend funds for a prohibited procurement.