Securing the Information and Communications Technology and Services Supply Chain

The Executive Order: Securing the Information and Communications Technology and Services Supply Chain declares that threats to the information and communications technology and services supply chain by foreign adversaries are a national emergency. The Executive Order prohibits certain transactions that involve information and communications technology or services designed, developed, manufactured, or supplied by persons owned by, controlled by, or subject to the jurisdiction or direction of a foreign adversary whenever the Secretary of Commerce, in consultation with other Federal officials, determines that such a transaction, or a class of transactions: 

• Poses an undue risk of sabotage to or subversion of the design, integrity, manufacturing, production, distribution, installation, operation, or maintenance of information and communications technology or services in the United States;
• Poses an undue risk of catastrophic effects on the security or resiliency of United States critical infrastructure or the digital economy of the United States; or
• Otherwise poses an unacceptable risk to the national security of the United States or the security and safety of United States persons.

Executive Order

Executive Order 13942 (Addressing the Threat Posed by TikTok, and Taking Additional Steps To Address the National Emergency With Respect to the Information and Communications Technology and Services Supply Chain)

NOTICE: A federal district court in E.D. Pennsylvania issued a nationwide preliminary injunction on 10/30/2020 in the case of Douglas Marland et al. v. Trump et al., No. 20-cv-4597.  The Court granted the Plaintiffs’ motion for an injunction against the implementation of Executive Order 13942 (limited to the Secretary of Commerce’s Identification of Prohibited Transactions 1 through 6, TikTok/ByteDance).  The Commerce Department is complying with the terms of the Court’s Order.  Accordingly, this serves as NOTICE that the Secretary’s prohibition of identified transactions pursuant to Executive Order 13942, related to TikTok/ByteDance, HAS BEEN ENJOINED, and WILL NOT GO INTO EFFECT, pending further legal developments.

Federal Register Notice

Executive Order 13943 (Addressing the Threat Posed by WeChat, and Taking Additional Steps To Address the National Emergency With Respect to the Information and Communications Technology and Services Supply Chain)

NOTICE: A federal district court in N.D. California issued a nationwide preliminary injunction at 5:49 AM PDT on 9/19/2020 in the case of WeChat Users Alliance v. Trump, No. 20-cv-05910-LB.  The Court granted the Plaintiffs’ motion for an injunction against the implementation of Executive Order 13943 (limited to the Secretary of Commerce’s Identification of Prohibited Transactions 1 through 6, WeChat/Tencent).  The Commerce Department is obligated to comply with the Court’s Order and is taking immediate steps to do so.  Accordingly, on September 21, 2020, the Commerce Department withdrew the Identification of Prohibited Transactions from the Federal Register prior to formal publication.  The Secretary’s Identification of Prohibited Transactions will remain available for public inspection on the Commerce Department’s website.  This serves as NOTICE that the Secretary’s prohibition of identified transactions pursuant to Executive Order 13943, related to WeChat/Tencent, HAVE BEEN ENJOINED, and WILL NOT GO INTO EFFECT, pending further legal developments.

Federal Register Notice

Executive Order on Protecting Americans’ Sensitive Data from Foreign Adversaries

NOTICE: On June 9, 2021, the President signed an Executive Order on Protecting Americans’ Sensitive Data from Foreign Adversaries, to elaborate upon measures to address the national emergency with respect to the information and communications technology and services supply chain that was declared in Executive Order 13873 of May 15, 2019 (Securing the Information and Communications Technology and Services Supply Chain).  This executive order identifies factors that may be considered in evaluating the risks of connected software applications under the Executive Order 13873 framework.  It also directs the Department of Commerce, in consultation with other U.S. departments and agencies, to issue two reports: (1) making recommendations to protect against harm from the unrestricted sale of, transfer of, or access to United States persons' sensitive personal data, including personally identifiable information and genetic information – to include large data repositories – to persons owned or controlled by, or subject to the jurisdiction or direction of, foreign adversaries; and (2) making recommendations for additional executive and legislative actions to address the risk associated with connected software applications that are designed, developed, manufactured, or supplied by persons owned or controlled by, or subject to the jurisdiction or direction of, foreign adversaries. 

The new executive order also revokes Executive Order 13942 of August 6, 2020 (Addressing the Threat Posed by TikTok, and Taking Additional Steps To Address the National Emergency With Respect to the Information and Communications Technology and Services Supply Chain); Executive Order 13943 of August 6, 2020 (Addressing the Threat Posed by WeChat, and Taking Additional Steps To Address the National Emergency With Respect to the Information and Communications Technology and Services Supply Chain); and Executive Order 13971 of January 5, 2021 (Addressing the Threat Posed by Applications and Other Software Developed or Controlled by Chinese Companies).  The order directs heads of executive departments to promptly take steps to rescind any orders, rules, regulations, guidelines, or policies, or portions thereof, implementing or enforcing the now revoked orders. Consistent with that directive, the Secretary of Commerce has rescinded the prohibitions implemented under those executive orders. View Federal Register Notice here.