The U.S. Department of Commerce has unveiled proposed new regulations aimed at reviewing transactions related to "information and communications technology and services."
2024-09-24 22:25:34
On November 27, 2019, the U.S. Department of Commerce proposed new regulations ("New Regulations") to implement Executive Order 13873, "Securing the Information and Communications Technology and Services Supply Chain," issued in May of the same year. The New Regulations outline how the Department of Commerce will review transactions related to information and communications technology and services (ICTS) that pose undue or unacceptable risks to U.S. national security or individuals. Under the New Regulations, the Department of Commerce will conduct case-by-case reviews based on specific circumstances and facts to determine whether to prohibit a transaction, unwind a completed transaction, or require mitigation measures from the parties involved.
Scope of Review
Transactions involving the purchase, import, transfer, installation, sale, or use of "information and communications technology or services" (ICTS) will be subject to review if they meet all of the following conditions:
Any party to the transaction or the property involved is subject to U.S. jurisdiction;
The transaction involves property in which a foreign country or foreign national holds an interest; and
The transaction was initiated, is ongoing, or was completed after May 15, 2019, regardless of when the related contract was signed or any transaction permit was issued.
Review Criteria
The review will consider five aspects, including the three conditions above, as well as:
Whether the transaction involves ICTS designed, developed, manufactured, or supplied by individuals owned, controlled, governed, or directed by a "foreign adversary"; and
Whether allowing the transaction would pose undue or unacceptable risks to U.S. national security or individuals.
Review Process
The New Regulations propose three ways to initiate the review process:
The Department of Commerce initiates the review on its own;
The Department of Commerce initiates the review based on recommendations from other federal agencies; or
The Department of Commerce initiates the review based on credible information provided by non-governmental entities.
If, after a preliminary review, the Department of Commerce determines that it is necessary to prohibit the transaction, require mitigation measures, or unwind a completed transaction, it will notify the parties involved in writing and explain the basis for the preliminary findings. The parties will have 30 days to submit objections and supporting materials to the Department of Commerce. In urgent cases, the Department of Commerce may modify or bypass the above procedures to protect public interest and national security.
After the review, the Department of Commerce will issue a written decision. If the Department determines that the transaction poses undue or unacceptable risks, it may require the parties to implement mitigation measures to reduce the risks or directly prohibit the transaction, including requiring the parties to immediately cease using the ICTS that pose the risks.
The New Regulations are open for public comment, with the deadline for submitting comments being December 27, 2019. Click here to view the full text of the New Regulations.
[1] "Information and communications technology or services" refers to "any hardware, software, or other product or service primarily intended to fulfill or enable the processing, storage, retrieval, or communication of information by electronic means, including transmission, storage, and display."
[2] "Foreign adversary" refers to "any foreign government or foreign non-government individual that has engaged in long-term or serious harm to U.S. national security or the security of U.S. individuals."