Commerce to Publish Proposed Regulations to Implement EO on "Securing the Information and Communications Technology and Services Supply Chain"

The Commerce Department will publish, in proposed form, long-awaited regulations to implement the sweeping language of the May 2019 Executive Order entitled “Securing the Information and Communications Technology and Services Supply Chain.” 

The proposed regulations, to be promulgated under the authority of the International Emergency Economic Powers Act (IEEPA) and the EO, would establish a case-by-case process, by which the Secretary of Commerce could initiate (at its discretion, or at the request of another agency, or even a private party, via a dedicated web portal for “credible” tips) a review of any specific transaction (meaning “any acquisition, importation, transfer, installation, dealing in, or use of any information and communications technology or service”) that is: (1) initiated, pending, or to be completed after May 15, 2019; (2) involves persons or property subject to US jurisdiction; (3) involves any property in which a foreign country or national has an interest; (4) “involves information and communications technology or services designed, developed, manufactured, or supplied by persons owned by, controlled by, or subject to the jurisdiction or direction of a foreign adversary” (with the definition of “foreign adversary” adopted from the EO, not narrowed to identify any specific foreign governments or persons); and (5) that poses either:

1. Undue risk of sabotage to or subversion of the design, integrity, manufacturing, production, distribution, installation, operation, or maintenance of information and communications technology or services in the United States;
2. Undue risk of catastrophic effects on the security or resiliency of United States critical infrastructure or the digital economy of the United States; or
3. Otherwise poses an unacceptable risk to the national security of the United States or the security and safety of United States persons.

The parties to a transaction under review would receive a preliminary determination of the Secretary’s findings and would then have 30 days to present “an opposition,” or proposed measures for mitigation in lieu of an outright prohibition of the transaction. Commerce will accept public comments on all aspects of the proposed regulations for 30 days (until December 27, 2019).