Alerts and Updates
Executive Order Addresses Foreign Threats to U.S. Information and Communications Technology and Services Systems
May 21, 2019
Supported by various laws and regulations, the president determined that the United States’ information communication technology systems are increasingly under threat from “foreign adversaries.”
On May 15, 2019, President Donald Trump signed Executive Order 13873, “Securing the Information and Communications Technology and Services Supply Chain” (Federal Register Vol. 84. No. 96, page 22689-92).
Supported by various laws and regulations, the president determined that the United States’ information communication technology systems are increasingly under threat from “foreign adversaries,” defined as “any foreign government or foreign non-government person engaged in a long-term pattern or serious instances of conduct significantly adverse to the national security of the United States or security and safety of United States persons.” These systems and services are targets for “malicious cyber-enabled actions, including economic and industrial espionage” as they “store and communicate vast amounts of sensitive information, facilitate the digital economy, and support critical infrastructure and vital emergency services.”
The president also determined that foreign adversaries’ acquisition and use of information and communications technology, as well as services tied to foreign adversaries, warrant action as it increases their ability to exploit vulnerabilities in such technology to harm the United States.
Although the president recognized the significance and benefits of maintaining an “open investment climate” in the United States, he concluded that it is “important for the overall growth and prosperity of the United States” that “such openness must be balanced by the need to protect [the] country against critical national security threats.”
It is in light of these overriding threats that the president put in place a framework of broad restrictions and prohibitions relating to the acquisition, transfer, installation, dealing in or use of any information and communications technology or services by any person, or with respect to any property, subject to the jurisdiction of the United States, where the transaction involves any property in which any foreign country or a national thereof has any interest (including through an interest in a contract for the provision of the technology or services). This applies where the transaction was initiated, is pending, or will be completed after the effective date of the E.O. and after the secretary of commerce, in consultation with other federal agencies, has made the required findings as set forth in Section 1 of the E.O.
It is to be noted that the E.O. states in subsection 1(c) that “The prohibitions in subsection (a) of this section apply except to the extent provided by statutes, or in regulations, orders, directives, or licenses that may be issued pursuant to this order, and notwithstanding any contract entered into or any license or permit granted prior to the effective date of this order.” This clause will certainly have significant impact upon companies that already have in place contracts and other commitments affected by the E.O.
Proposed Rule Adds Huawei to List for “Presumption of Denial” Review Policy
In addition to the above E.O., on May 16, 2019, the U.S. Department of Commerce, Bureau of Industry and Security (BIS), posted a proposed rule amending the Entity List found in the Export Administration Regulations (EAR) 15 CFR 744.16 and Supplement No. 4, Part 744, to add Huawei Technologies Co. Ltd. and 68 non-U.S. affiliates located in 26 destinations (all identified by company name and location) to the Entity List.
The Entity List specifies the named party, the country of concern, the specific license requirements associated with the Entity List designation and BIS’ review policy relating to license applications. The review policy regarding Huawei and the named non-U.S. affiliates is “presumption of denial” and the license requirements identifies 15 CFR 744.11: license requirements that apply to entities acting contrary to the national security or foreign policy interests of the United States. It is to be noted that that a proposed transaction requires a license and Section 744.11 is in addition to any other such requirements.
Thus, all items subject to the EAR, including those designated as EAR 99 and End Use and End User restrictions all are implicated by reason of Entity List designation. (15 CFR 744.16).
Although BIS’ new rule regarding Huawei is not scheduled for publication in the Federal Register until May 21, 2019, the new rule is effective as of May 16, 2019, 4:15 p.m. Eastern time, when the rule became available for public inspection on the Public Inspection List maintained by the Federal Register.
Notwithstanding the above-discussed limitations, on May 18, 2019, one day after its announcement of the amended Entity List adding Huawei and its affiliates, a DOC spokesperson said it may soon scale back restrictions on Huawei and its affiliates to “prevent the interruption of existing network operations and equipment.” According to the DOC representative, the DOC is considering the issuance of a “temporary general license” to permit Huawei and its affiliates to purchase U.S. goods so Huawei can help its existing customers maintain the reliability of networks and equipment. However, such temporary general license would not permit Huawei and its affiliates to buy parts and components from U.S. suppliers to manufacture new products. The temporary general license is expected to last 90 days, according to the DOC representative. The DOC representative further explained that even with the Entity List, U.S. suppliers may still apply for separate licenses to conduct new businesses with Huawei, but stressed that such new licenses would be extremely difficult to obtain. More details are expected in the upcoming Federal Register.
For More Information
If you have any questions about this Alert, please contact Brian S. Goldstein, Yuanyou (Sunny) Yang, J. Manly Parks, Nathan B. Reeder, any member of our International Practice Group, any attorney in our Cybersecurity Group or the attorney in the firm with whom you are regularly in contact.
Disclaimer: This Alert has been prepared and published for informational purposes only and is not offered, nor should be construed, as legal advice. For more information, please see the firm's full disclaimer.