On November 26, 2019, the U.S. Department of Commerce (“Commerce”) issued proposed rules to implement Executive Order 13873, “Securing the Information and Communications Technology and Services Supply Chain.” Commerce has opened a public comment period that ends December 27, 2019.

Key Takeaways

  • The proposed rules allow the Secretary of Commerce to prohibit or mitigate any type of transaction that relates to the use of equipment or services provided by “foreign adversaries” in the information and communications sector.
  • The proposed rules do not provide for any pre-clearance or approval process of transactions that may be implicated.
  • The impact of these rules will likely fall not only on telecom, internet, and other communications service providers, but also on any businesses with devices that connect to these networks.

Executive Order 13873

On May 15, 2019, President Trump declared a national emergency regarding threats to the U.S. information and communications technology and services (“ICTS”) supply chain by foreign adversaries. Broadly, Executive Order 13873 (the “Executive Order”) prohibits certain transactions involving ICTS that were designed, developed, manufactured, or supplied by a foreign adversary if the Secretary of Commerce (“Secretary”) determines that a given transaction is a threat to national security.

The Executive Order has a far-reaching effect. In addition to affecting broadband, satellite, wireless, and other telecom networks, it also affects security service providers, internet application operators/developers, and any manufacturers of connected devices (including video cameras, health monitoring devices, and more). The scope of covered transactions includes acquisitions, importation, transfer, installation, dealing in or use of any ICTS. The Executive Order further directed the Secretary to issue implementing regulations.

Commerce issued the new proposed rules late last month, well after the Executive Order’s intended 150-day deadline. In sum, the rules do not provide significant clarity and fail to address many of the open questions in the Executive Order.

New Proposed Rules

The proposed rules add little detail to the Executive Order. The primary additional information is a set of steps and timelines for transactions that would be chosen by the Secretary for evaluation.

  • Under the proposed rules, the Secretary may commence an evaluation at his or her own discretion, at the request of certain other senior officials, or based on information provided by private parties.[1] The rules do not require that the parties be notified of the commencement of an evaluation, but the Secretary may request documents and notify companies to retain documents during this period.
  • Upon a preliminary determination that a transaction meets the criteria for threatening national security, the Secretary is required to notify the parties to a transaction of this preliminary determination.
  • Within 30 days of receipt of a preliminary determination, the parties may submit opposition and supporting information. The parties may also propose mitigation measures.
  • The Secretary then has another 30 days to make a final determination, which may prohibit a transaction or require mitigation measures.

The proposed rules further establish criteria for when certain transactions may be subject to this review, including any transaction:

  • Conducted by any person subject to the jurisdiction of the United States or that involves property subject to the jurisdiction of the United States;
  • Involving any property in which any foreign country or national thereof has an interest; and,
  • Was initiated, is pending, or will be completed after May 15, 2019, regardless of when any contract was signed or any applicable license granted

The proposed rules also provide for the imposition of penalties. Some penalties, the nature of which are open-ended in the proposed rules, may be specified by the Secretary in any mitigation determination as a consequence for the failure to comply with the mitigation. Additional penalties rely on the framework for statutory maximums established pursuant to the International Emergency Economic Powers Act (“IEEPA”).

Importantly, the proposed rules do not:

  • Provide any mechanism for parties to a transaction involving foreign equipment to obtain a pre-clearance, as under the CFIUS regulations. The proposed rules state that the Secretary will not issue any advisory opinions or declaratory rulings.
  • Identify any classes of transactions that are categorically prohibited or exempt from this review.
  • Provide guidance regarding the types of transactions that are likely to be scrutinized or considered a threat.
  • Define “transactions” in any way that would limit its broad scope under the Executive Order.
  • Identify “foreign adversaries,” leaving such determinations to the discretion of the Secretary in consultation with other agencies.

Request for Comment

The proposed rules specifically solicit comment in the following areas, with a particular focus on the role of mitigation measures:

  • Instances where the Secretary should consider categorical exclusions.
  • Classes of persons whose use of ICTS could never violate the Executive Order.
  • Potential forms of mitigation for certain risks.
  • Means of ensuring that parties consistently comply with mitigation measures.
  • Means of notifying the Secretary of changes in circumstances, including technology developments, that render mitigation measures obsolete, no longer effective, or newly applicable.
  • How to interpret “dealing in” and “use of” in the context of defining covered “transactions.”
  • Whether specific recordkeeping requirements should be imposed related to transactions in this sector.

Winston is able to assist clients in understanding the effect of these rules on their business as well as planning for the implementation of these rules. Further, Winston can assist in providing public comment on the proposed rules.