New Commerce Rule Injects Uncertainty Into Foreign Transactions Involving Information and Communications Technology
January 19, 2021
By Brett W. Johnson, Vinnie Lichvar and Michael Calvanico
On January 14, 2021, the U.S. Department of Commerce issued an interim final rule to address national security, economic security, and public health and safety concerns related to Information and Communications Technology and Services (“ICTS”) transactions with certain designated “foreign adversaries.” Pursuant to authority granted under Executive Order 138731 , this new rule 2 allows the Commerce Secretary broad discretion to block or mitigate ICTS transactions involving a foreign adversary if the Secretary deems that transaction an “unacceptable risk.”
The rule identifies six foreign governments or foreign non-government persons as foreign adversaries: the People’s Republic of China, including the Hong Kong Special Administrative Region; the Republic of Cuba; the Islamic Republic of Iran; the Democratic People’s Republic of Korea; the Russian Federation; and Venezuelan politician Nicolás Maduro. Any transaction dealing in ICTS developed, manufactured or supplied by persons subject to control of these foreign adversaries is subject to a discretionary review process and potential termination.
Fortunately, Commerce does provide a defined limitation on what ICTS transactions fall under the sweep of this rule. Generally, the rule applies to an ICTS transaction involving technology used in “critical infrastructure sectors” such as defense agencies; hardware and software integrated into mobile, wireless and cable networks or satellite services; data-hosting services processing sensitive personal data of more than one million Americans; and technologies related to artificial intelligence, quantum key distribution and computing, drones or advanced robotics. Notably, the review process does not apply to transactions undergoing or previously subject to review by the Committee on Foreign Investment in the United States (“CFIUS”), which is a wholly separate consideration for U.S. companies engaging in transactions, including mergers, acquisition or transfers of technology, with foreign companies.
The rule also provides a set timetable for the review process and subsequent avenues to challenge any determinations that result. Once an ICTS transaction implicating a foreign adversary is referred to the Commerce Department, the agency will then have 180 days to review the transaction and render a decision. Dependent on certain defined criteria, the Secretary must determine whether a transaction poses an undue or unacceptable risk to national security and either accept, reject or prescribe mitigation measures for the proposed transaction depending on that determination.
If the Secretary rejects a transaction or prescribes mitigation, all parties to that transaction must receive a written determination justifying the decision. Any party to the transaction then has 30 days to contest that determination or provide assurances that the cause of the initial determination has been removed. The Secretary must then issue a final determination and written report. After final determination, any violation of that determination may result in civil fines totaling twice the amount of the underlying transaction or criminal penalties including up to 20 years in prison.
This rule becomes effective 60 days from the date of final publication3 and only applies to those transactions initiated, pending or completed on or after that effective date. However, companies already engaged in foreign transactions must be aware that the rule considers any act or service with respect to an ICTS transaction, such as execution of a managed services contract, installation of software updates or the conducting of repairs occurring after the effective date as entirely new transactions subject to the review process.
This new rule demonstrates the U.S. Commerce Department’s continued willingness to enact strict export control policies in order to exert pressure on foreign adversaries and entities based in China – particularly those companies that are engaged in the development and manufacturing of new technology. By way of example, in May of 2019, the Commerce Department added Huawei Technologies Co. Ltd. and 70 affiliates to its “Entity List,” effectively banning the company from buying parts and components from U.S. companies without U.S. government approval. The Commerce Department has since enacted additional rules to further restrict Huawei’s access to U.S. technology.4
President-elect Joe Biden’s nominee for U.S. trade representative, Katherine Tai, previously served as Chief Counsel for China Trade Enforcement with responsibility for the development and litigation of U.S. disputes against China at the World Trade Organization. Given her background, it is unclear whether the new administration will continue to utilize the Commerce Department to restrict trade practices with China to the extent of President Trump’s administration or whether they will take a softer diplomatic approach. The new administration’s stance on targeting foreign technology companies with the same or similar restrictive trade policies utilized under the current administration also remains unclear. However, President-elect Biden has indicated that he does not intend to quickly change international trade policy until a full review of the current status of trade relations is complete.
Regardless, in light of this new rule, any individual or entity that conducts foreign business should be aware of the implications that attend the rule and plan accordingly. Specifically, companies should consider updating policies and procedures related to foreign transactions. Such policies may include requiring thorough reviews and screening of all individuals or entities involved in any foreign transaction and may wish to consider contingency options in foreign contracts in consideration of the potential uncertainty, delay or termination that the review process implicates. Companies should also consider the appropriate notices and assignment of risks are documented. Companies may also wish to engage counsel in anticipation of this review process and any subsequent challenges or even to voluntarily initiate the CFIUS review process in order to establish confidence that a particular foreign transaction will not become subject to this new rule. Companies may want to consider ensuring adequate training for its employees to avoid unintended consequences related to foreign transaction of technical data exchanges. Finally, companies should pay close attention to changes in trade policies that are likely to be enacted under the new administration.
- Executive Order 13873, Executive Order on Securing the Information and Communications Technology and Services Supply Chain, is available at https://www.whitehouse.gov/presidential-actions/executive-order-securing-information-communications-technology-services-supply-chain/.
- The unpublished version of this interim rule is available at https://public-inspection.federalregister.gov/2021-01234.pdf.
- As of this date, the interim rule is unpublished in the federal register but will likely be published on January 19, 2021. https://www.federalregister.gov/public-inspection/2021-01234/securing-the-information-and-communications-technology-and-services-supply-chain.
©2022 Snell & Wilmer L.L.P. All rights reserved. The purpose of this publication is to provide readers with information on current topics of general interest and nothing herein shall be construed to create, offer, or memorialize the existence of an attorney-client relationship. The content should not be considered legal advice or opinion, because it may not apply to the specific facts of a particular matter. As guidance in areas is constantly changing and evolving, you should consider checking for updated guidance, or consult with legal counsel, before making any decisions.