The latest in a string of U.S. government (USG) actions restricting the use of Chinese technology in the U.S. supply chain is an interim rule issued by the Department of Defense (DoD), General Services Administration (GSA), and National Aeronautics and Space Administration (NASA) implementing the first phase of Section 889 of the FY2019 National Defense Authorization Act (NDAA). This rule, which goes into effect on August 13, 2019, prohibits federal agencies from buying “covered telecommunications equipment or services as a substantial or essential component of any system, or as critical technology as part of any system” from designated Chinese entities, including Huawei Technologies Company Ltd. (Huawei) and ZTE Corporation (ZTE), and several providers of video surveillance equipment and services. We detail this proscription below and summarize how the rule shifts the compliance burden to government contractors.
1. The interim rule applies immediately to new solicitations as well as to procurements pending award. The rule is essentially immediate—at least, as of August 13, 2019—when Section 889(a)(1)(A) of the NDAA takes effect. However, because this is an interim rule, interested parties may still submit comments, which the agencies may consider before releasing a “final” rule. Notably, the prohibition applies not just to solicitations issued on or after August 13, but also to existing solicitations where the award will occur on or after August 13.
2. The rule applies to commercial item acquisitions and even acquisitions below the simplified acquisition threshold. Commercial item acquisitions, including government purchases of commercially available off-the-shelf (COTS) items, and contracts with dollar amounts below the simplified acquisition threshold are exempt from many compliance‑related requirements, but not from this rule.
3. The rule requires a representation from the contractor at award and imposes a significant reporting requirement during performance. If you identify prohibited equipment or services during performance, you have one business day to report it.
4. Contractors must flow down the prohibition and requirements to subcontractors, even commercial item vendors.
5. The rule adopts in full the NDAA’s definitions of “covered telecommunications equipment” and CFIUS’s definition of “critical technology.” The interim rule recycles the definition of “critical technologies” in the regulations implementing certain portions of the Foreign Investment Risk Review Modernization Act, which expanded the national security review authority of the Committee on Foreign Investment in the United States (CFIUS). In addition to the export control-based prongs of the definition, “critical technologies” includes “emerging and foundational technologies,” which are to be designated via an interagency notice and comment process led by the Commerce Department and new regulations to be issued on or before February 2020, but which may be issued sooner.
6. More regulation is coming. A broader prohibition under Section 889 of the NDAA prohibits government agencies from entering contracts with entities that use covered equipment, services, or technology. This prohibition is effective August 13, 2020, subject to forthcoming regulations.
A Prohibition Grounded in National Security Concerns
Unlike other initiatives driven by the Administration’s trade policy, this interim rule implements a congressional mandate to address national security concerns related to the integration of Chinese telecommunications technology in the USG supply chain. In contrast to the timing of Huawei’s designation on the Commerce Department’s Entity List, which suggested tactical pressure applied to China during deteriorating tariff negotiations, the NDAA established the timing. Congress enacted Section 889 in response to the threat of Chinese government espionage and surveillance against U.S. entities. At a February 2018 Senate Intelligence Committee hearing, the heads of six U.S. intelligence agencies warned that private citizens should not use products or services from Huawei or ZTE based on security concerns about companies “beholden to foreign governments.”
Section 889 prohibits U.S. government agencies from:
1. Procuring or renewing a contract for any “equipment, system, or service that uses covered telecommunications equipment or services as a substantial or essential component of any system, or as critical technology as part of any system”; or
2. Entering into or renewing a contract with any entity that uses any such equipment, system, or service as a “substantial or essential components of any system, or as critical technology as part of any system.”
The interim rule implements the first prong of Section 889. The rule adopts Section 889’s definition of “Covered telecommunications equipment,” which includes:
- Telecommunications equipment produced by Huawei or ZTE and their affiliates;
- Video surveillance and telecommunications equipment produced by Hytera Communications Corporation (Hytera), Hangzhou Hikvision Digital Technology Company (Hikvision), Zhejiang Dahua Technology Co., Ltd. (Dahua), or their affiliates for the purpose of public safety, security of government facilities, physical security surveillance of critical infrastructure, and other national security purposes;
- Telecommunications or video surveillance services provided by any of these entities or using any such equipment; and
- Telecommunications or video surveillance equipment or services produced or provided by an entity that the Secretary of Defense, in consultation with the Director of National Intelligence or the Director of the Federal Bureau of Investigation, reasonably believes to be an entity owned or controlled by, or otherwise connected to, the Chinese government.
The interim rule also includes one new definition by defining “substantial or essential component” somewhat circularly as “any component necessary for the proper function or performance of a piece of equipment, system, or service.”
Notably, Section 889 does not prevent agencies from (1) contracting with an entity for services that connect to the facilities of a third party (such as backhaul, roaming, or interconnection arrangements) or (2) using “telecommunications equipment that cannot route or redirect user data traffic or permit visibility into any user data or packets that such equipment transmits or otherwise handles.” Section 889 also does not require USG agencies to terminate existing contracts as of the effective date of each provision, but it does prohibit agencies from extending or renewing such contracts.
Practical Implications for All Contractors and Subcontractors
The interim rule implements Section 889 by making several revisions to the Federal Acquisition Regulation (FAR). Specifically, the rule:
- Incorporates the statute’s prohibitions and definitions under FAR Part 4; and
- Modifies FAR Parts 12, 13, and 39 to require contracting officers to adhere to the prohibitions in acquisitions of commercial items, acquisitions below the simplified acquisition threshold, and acquisitions of information technology, respectively.
The interim rule also adds two solicitation provisions and contract clauses under FAR Part 52. The first clause—FAR 52.204-24—requires the offeror to represent whether or not it will provide covered telecommunications equipment or services in the performance of the contract. In the event the offeror represents that it will provide covered equipment or services, the clause requires a detailed disclosure of: (i) the brand, model, and item description; (ii) the proposed use of the equipment or service, including relevant factors about whether the use is permissible under the prohibition; (iii) the entity providing any covered service; and (iv) the entity that produced any covered equipment.
The interim rule states that DoD, GSA, and NASA are working to update the online System for Award Management (SAM) to allows contractors to represent annually whether they sell covered equipment or services. Only contractors that provide an affirmative representation in SAM will be required to provide offer-by-offer disclosures in their proposals for contracts or task orders. This option is not available yet, so contractors should expect to see the representation incorporated into solicitations starting August 13.
The second clause—FAR 52.204-25—incorporates Section 889’s prohibitions and definitions into the contract and also imposes a significant reporting requirement on the contractor. The reporting requirement obligates the contractor to report through DIBNet if it identifies any activity prohibited by the rule during contract performance. Contractors must do so within one business day of identifying the activity, and then follow up within 10 business days with any additional information about mitigation actions undertaken or recommended.
The new clauses will be incorporated into solicitations, contracts, and orders as follows:
- All solicitations for contracts or task orders issued on or after August 13, 2019;
- All solicitations for contracts or task orders issued before August 13, 2019, where award is not made prior to August 13, 2019;
- Indefinite delivery/indefinite quantity (IDIQ) contracts will include the new clauses prior to placing new orders; and
- Existing contracts and task orders will include the clauses if or when the instrument is modified to extend the period of performance (including option exercises).
The new clauses must be flowed down to subcontractors, even commercial item vendors.
Future Restrictions Will Restrict Contractors’ “Use” of Covered Technology
On August 13, 2020, the prohibition’s scope will expand again. Section 889(a)(1)(B) of the NDAA will take effect, prohibiting USG agencies from entering into contracts with entities that use covered technology. A legislative proposal from the White House Office of Management and Budget (OMB) to amend Section 889 to delay the effective date has not been adopted.
The contractor’s “use” of such equipment, systems, or services would presumably need to be in connection with the contractor’s performance of a federal government contract. After all, Section 889’s language requires that the equipment be used as “substantial or essential components of any system, or as critical technology as part of any system.” This interpretation would also dovetail with Section 889’s overall purpose of protecting U.S. government data from foreign exploitation.
Nor are the restrictions on using Huawei and ZTE technology and services limited to the NDAA. By October 14, 2019, the Secretary of Commerce must issue new restrictions implementing the May Executive Order declaring a national emergency over the influx of telecommunications technology developed by “foreign adversaries” and entities controlled by them. Implementing regulations will identify covered entities and transactions, almost certainly targeting entities like Huawei and ZTE.