Trump Executive Order May Significantly Disrupt Technology Supply Chains

What type of technology is covered?

The EO covers “information and communications technology or services,” which include “any hardware, software, or other product or service primarily intended to fulfill or enable the function of information or data processing, storage, retrieval, or communication by electronic means, including transmission, storage, and display.”

When does the EO take effect?

The EO applies to all transactions that have been initiated, are pending or will be completed after May 15. The EO does not rule out the possibility that the Department of Commerce will exercise authority under the EO with respect to a transaction before promulgating implementing regulations. Indeed, the EO instructs the Director of National Intelligence to issue a threat assessment within 40 days, which could provide sufficient basis for the Department of Commerce to act. It seems more likely, given the complexities described below, that the department will wait to take action until it has resolved at least some of these issues through the implementing regulations. It is possible that any regulations issued under the EO will be retroactive to May 15, although the regulations will presumably clarify that issue.

What types of transactions might be affected?

The EO is extremely broad, and its terms are not precisely defined. We expect that the implementing regulations will substantially narrow the potential scope of the EO, and its relationship to other legal regimes, including U.S. export controls already administered by the Department of Commerce under the Export Control Reform Act of 2018 and U.S. foreign investment screening administered by the Treasury Department under the Foreign Investment Risk Review Modernization Act of 2018. The following examples illustrate various types of transactions that might be affected. The list is not intended to be exhaustive. Furthermore, not all transactions that fall within these categories are necessarily covered. The EO is limited to transactions that present certain heightened risks related to, for example, sabotage to or subversion of ICTS, the security or resiliency of U.S. critical infrastructure or the digital economy, national security or the security and safety of U.S. persons.

• The regulations may prohibit certain transactions involving ICTS provided or supplied by specific companies that are designated as foreign adversaries.
• The regulations may prohibit certain transactions involving ICTS provided or supplied by companies that are owned or controlled by persons or entities from countries that are designated as foreign adversaries. Such restrictions could substantially disrupt commercial relationships with suppliers that are owned or controlled by people from a country that is designated as a foreign adversary even if the supplier itself is not designated as a foreign adversary.
• The regulations may prohibit certain transactions involving ICTS provided or supplied by companies located in countries that are designated as foreign adversaries. For example, they might cover subsidiaries that are located in a foreign adversary even if the subsidiaries are wholly owned by U.S. companies or by companies from U.S. allies.
• The regulations may prohibit certain transactions with companies located in countries that are allied with the United States if the transactions involve ICTS that were originally manufactured or supplied by a person from a foreign adversary.
• In certain cases, the regulations may prohibit a foreign subsidiary of a U.S. company from procuring ICTS from another foreign company if that technology or service was, for example, originally manufactured or supplied by a person from a foreign adversary.
• The regulations may prohibit certain ongoing maintenance service contracts for communications equipment where the services are provided by a person from a foreign adversary after the date of the EO, even if the maintenance contract was signed before the date of the EO.

Background

The EO covers transactions that meet all of the following conditions: 

• The transaction involves “any acquisition, importation, transfer, installation, dealing in, or use of any information and communications technology or service [] by any person, or with respect to any property, subject to the jurisdiction of the United States.”

• “[T]he transaction involves any property in which any foreign country or a national thereof has any interest (including through an interest in a contract for the provision of the technology or service).”

• The Secretary of Commerce determines that “the transaction involves information and communications technology or services designed, developed, manufactured, or supplied, by persons owned by, controlled by, or subject to the jurisdiction or direction of a foreign adversary.”

• The transaction
  • “poses an undue risk of sabotage to or subversion of the design, integrity, manufacturing, production, distribution, installation, operation, or maintenance of information and communications technology or services in the United States”;
  • “poses an undue risk of catastrophic effects on the security or resiliency of United States critical infrastructure or the digital economy of the United States”; or
  • “otherwise poses an unacceptable risk to the national security of the United States or the security and safety of United States persons.”

The Department of Commerce has 150 days, until October 12, 2019, to issue implementing regulations. Such regulations may, inter alia, determine which countries or persons are foreign adversaries for the purposes of the EO; identify the persons owned by, controlled by or subject to the jurisdiction or direction of foreign adversaries for the purposes of the EO; establish procedures to license transactions otherwise prohibited by the EO; establish criteria by which certain technologies or market actors may be categorically included or excluded from the prohibitions in the EO; and identify a mechanism to negotiate or mitigate concerns raised in connection with the EO. 

Given the potentially vast scope of the EO, it is likely that the business community will be asking the Department of Commerce to clarify the scope of the restrictions and target specific identified risks rather than ban or severely restrict  broad and ambiguously defined categories of transactions.