On May 15, 2019, President Trump executed a new Executive Order (EO) likely to inject increased levels of scrutiny and uncertainty throughout the vast and interconnected web of government contract supply chains. The new EO, entitled “Securing the Information and Communications Technology and Services Supply Chain,” comes during a period of escalating trade tensions with China and following a breakdown of trade talks earlier in the week. The EO sets the stage for restricting commercial business with a significantly broader block of Chinese companies like Huawei (already subject to a federal procurement ban) in an effort to stem “malicious cyber-enabled actions” within U.S. networks.

Drawing upon authorities available under the International Emergency Economic Powers Act of 1977, the EO prohibits any commercial “transaction” determined by the Secretary of Commerce to involve “information and communications technology or services” designed, developed, manufactured, or supplied by entities owned, controlled, or subject to the jurisdiction of a “foreign adversary,” thereby posing “unacceptable risk to the national security of the United States.” This analysis requires a broad analysis including risk to the “U.S. critical infrastructure or the digital economy of the US.” On the same day President Trump executed the EO, the Department of Commerce announced that it would take a separate but related action in adding Huawei and 70 of its affiliates to the “entity list,” effectively prohibiting Huawei from acquiring items or technology from U.S. suppliers without authorization from Commerce.

In assessing the potential reach and impact of the supply chain EO, it is important to note that:

  • The scope of technologies and services covered by the EO is exceedingly broad, defined to include “any hardware, software, or other product or service primarily intended to fulfill or enable the function of information or data processing, storage, retrieval, or communication by electronic means, including transmission, storage, and display.”
  • Though intended initially to target Huawei and its affiliates, the EO contemplates that additional countries and entities considered foreign adversaries may be identified through regulations to be issued by Commerce within 150 days.
  • Those regulations may also identify particular technologies subject to the new prohibitions, and establish procedures through which otherwise prohibited transactions or technologies may be permitted through the issuance of “licenses.”
  • The EO also identifies enhanced roles and responsibilities for the Department of Homeland, Department of Justice, and the Director of National Intelligence.

Much of the focus will now turn to Commerce and its development of regulations to implement the sweeping language of this new EO.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Paul Freeman Paul Freeman

Paul Freeman is a partner in Crowell & Moring’s New York office and a member of the firm’s Environment & Natural Resources and Government Contracts groups. He brings two decades of diverse experience advising clients in the energy, maritime, and aerospace and defense…

Paul Freeman is a partner in Crowell & Moring’s New York office and a member of the firm’s Environment & Natural Resources and Government Contracts groups. He brings two decades of diverse experience advising clients in the energy, maritime, and aerospace and defense industries on a range of issues, with a primary emphasis on matters involving enforcement defense, litigation, and risk management.

Paul routinely advises clients in response to investigations by, or inquiries from, a range of regulators, primarily the U.S. Environmental Protection Agency (EPA) and the U.S. Department of Justice (DOJ), and also including the U.S. Securities and Exchange Commission, the Internal Revenue Service, the U.S. Department of Defense Inspector General, the Federal Bureau of Investigation, the U.S. Commodity Futures Trading Commission, and state attorneys general.

Photo of Peter J. Eyre Peter J. Eyre

Peter J. Eyre is a partner and co-chair of Crowell & Moring’s Government Contracts Group. He is also a member of the firm’s Management Board. Peter was named to BTI Consulting Group’s list of “Client Service All-Stars” in 2016, 2017, and 2019 and…

Peter J. Eyre is a partner and co-chair of Crowell & Moring’s Government Contracts Group. He is also a member of the firm’s Management Board. Peter was named to BTI Consulting Group’s list of “Client Service All-Stars” in 2016, 2017, and 2019 and has been named an Acritas Star, Acritas Stars Independently Rated Lawyers (2016, 2017, 2019). He is nationally ranked by Chambers USA in Government Contracts since 2014, and by Super Lawyers since 2017.

Photo of Kate M. Growley, CIPP/G, CIPP/US Kate M. Growley, CIPP/G, CIPP/US

Kate M. Growley (CIPP/US, CIPP/G) is a director in Crowell & Moring International’s Southeast Asia regional office. Drawing from over a decade of experience as a practicing attorney in the United States, Kate helps her clients navigate and shape the policy and regulatory…

Kate M. Growley (CIPP/US, CIPP/G) is a director in Crowell & Moring International’s Southeast Asia regional office. Drawing from over a decade of experience as a practicing attorney in the United States, Kate helps her clients navigate and shape the policy and regulatory environment for some of the most complex data issues facing multinational companies, including cybersecurity, privacy, and digital transformation. Kate has worked with clients across every major sector, with particular experience in technology, health care, manufacturing, and aerospace and defense. Kate is a Certified Information Privacy Professional (CIPP) in both the U.S. private and government sectors by the International Association of Privacy Professionals (IAPP). She is also a Registered Practitioner with the U.S. Cybersecurity Maturity Model Certification (CMMC) Cyber Accreditation Body (AB).

Photo of Evan D. Wolff Evan D. Wolff

Evan D. Wolff is a partner in Crowell & Moring’s Washington, D.C. office, where he is co-chair of the firm’s Chambers USA-ranked Privacy & Cybersecurity Group and a member of the Government Contracts Group. Evan has a national reputation for his deep technical…

Evan D. Wolff is a partner in Crowell & Moring’s Washington, D.C. office, where he is co-chair of the firm’s Chambers USA-ranked Privacy & Cybersecurity Group and a member of the Government Contracts Group. Evan has a national reputation for his deep technical background and understanding of complex cybersecurity legal and policy issues. Calling upon his experiences as a scientist, program manager, and lawyer, Evan takes an innovative approach to developing blended legal, technical, and governance mechanisms to prepare companies with rapid and comprehensive responses to rapidly evolving cybersecurity risks and threats. Evan has conducted training and incident simulations, developed response plans, led privileged investigations, and advised on hundreds of data breaches where he works closely with forensic investigators. Evan also counsels businesses on both domestic and international privacy compliance matters, including the EU General Data Protection Regulation (GDPR), and the California Consumer Privacy Act (CCPA). He is also a Registered Practitioner under the Cybersecurity Maturity Model Certification (CMMC) framework.