President Trump Declares a National Emergency Regarding Threats Against Information and Communications Technology and Services in the United States; Commerce’s Bureau of Industry and Security (BIS) Adds Huawei to its Entity List

May 17, 2019

On May 15, 2019, President Trump signed an Executive Order[1] [2] entitled "Securing the Information and Communications Technology and Services Supply Chain."  The Executive Order is numbered 13873, and was published in the Federal Register on May 17, 2019.  84 FR 22,689-22,692.[3]  The Executive Order is based on authority granted by the International Emergency Economic Powers Act and the National Emergencies Act.

Executive Order (EO) 13873 declares a national emergency with respect to the threats against information and communications technology and services in the United States and delegates authority to the Secretary of Commerce to prohibit transactions posing an unacceptable risk to the national security of the United States or the security and safety of United States persons.

This executive order is believed to be aimed at China and such companies as Huawei Technologies Co. Ltd., a Chinese company that is the largest telecommunications equipment producer in the world.

President's Findings

Executive Order 13873 finds that:

Foreign adversaries are increasingly creating and exploiting vulnerabilities in information and communications technology and services, which store and communicate vast amounts of sensitive information, facilitate the digital economy, and support critical infrastructure and vital emergency services, in order to commit malicious cyber-enabled actions, including economic and industrial espionage against the United States and its people.

And

Unrestricted acquisition or use in the United States of information and communications technology or services designed, developed, manufactured, or supplied by persons owned by, controlled by, or subject to the jurisdiction or direction of foreign adversaries augments the ability of foreign adversaries to create and exploit vulnerabilities in information and communications technology or services, with potentially catastrophic effects.

EO 13873 states that these findings constitute an "unusual and extraordinary threat to the national security, foreign policy, and economy of the United States," and that the threat exists in the case of "individual acquisitions or uses of such technology or services," as well as when "acquisitions or uses of such technologies are considered as a class."

EO 13873 states that additional steps are required to deal with this threat, and to "protect the security, integrity, and reliability of information and communications technology and services provided and used in the United States."

Prohibitions and Mitigation Measures

EO 13873 prohibits "any acquisition, importation, transfer, installation, dealing in, or use of any information and communications technology or service (transaction) by any person, or with respect to any property, subject to the jurisdiction of the United States" where:

  • The transaction involves any property in which any foreign country or a national thereof has any interest (including through an interest in a contract for the provision of the technology or service)";
  • The transaction was initiated, is pending, or will be completed after the date" of EO 13873 (May 15); and where
  • The Secretary of Commerce (Secretary), in consultation with the secretaries of Treasury, State, Defense, and Homeland Security, the Attorney General, the U.S. Trade Representative, the Director of National Intelligence, the Administrator of General Services, the Chairman of the Federal Communications Commission, and, as appropriate, the heads of other executive departments and agencies (agencies), has determined that:
    • The transaction involves information and communications technology or services designed, developed, manufactured, or supplied, by persons owned by, controlled by, or subject to the jurisdiction or direction of a foreign adversary"; and
    • The transaction:
      • Poses an undue risk of sabotage to or subversion of the design, integrity, manufacturing, production, distribution, installation, operation, or maintenance of information and communications technology or services in the United States;
      • Poses an undue risk of catastrophic effects on the security or resiliency of United States critical infrastructure or the digital economy of the United States; or
      • Otherwise poses an unacceptable risk to the national security of the United States or the security and safety of United States persons.

EO 13873 permits the Secretary, in consultation with the heads of other appropriate agencies, to design or negotiate measures to mitigate the concerns identified.  Such measures may "serve as a precondition to the approval of a transaction or of a class of transactions that would otherwise be prohibited" by the Order.

Rules and Regulations

  • Within 150 days of the date of EO 13873 (i.e., by October 12, 2019), the Secretary, in consultation with the other identified secretaries and agency heads, shall publish rules or regulations implementing the authorities delegated to the Secretary by the Order.
  • The rules and regulations may, among other things:
    • determine that particular countries or persons are foreign adversaries;
    • identify persons owned by, controlled by, or subject to the jurisdiction or direction of foreign adversaries;
    • identify particular technologies or countries with respect to which transactions involving information and communications technology or services warrant particular scrutiny;
    • establish procedures to license transactions otherwise prohibited;
    • establish criteria by which particular technologies or particular participants in the market for information and communications technology or services may be recognized as categorically included in or as categorically excluded from the prohibitions established by EO 13873; and
    • identify a mechanism and relevant factors for the negotiation of agreements to mitigate concerns.
  • The term "foreign adversary" means "any foreign government or foreign non-government person engaged in a long‑term pattern or serious instances of conduct significantly adverse to the national security of the United States or security and safety of United States persons."
  • The term "information and communications technology or services" means "any hardware, software, or other product or service primarily intended to fulfill or enable the function of information or data processing, storage, retrieval, or communication by electronic means, including transmission, storage, and display."

Reports to Congress

  • The Secretary, in consultation with the Secretary of State, is authorized to submit recurring and final reports to the Congress on the national emergency declared by EO 13873.

Assessment Reports

Director of National Intelligence

  • The Director of National Intelligence shall produce periodic written assessments of the threats to the United States from information and communications technology or services designed, developed, manufactured, or supplied by persons owned by, controlled by, or subject to the jurisdiction or direction of a foreign adversary.
  • The Director of National Intelligence shall provide these assessments to the President, the Secretary, and the heads of other agencies as appropriate.
  • An initial assessment shall be completed within 40 days of the date of EO 13873 (i.e., by June 24, 2019).
  • Further assessments shall be completed at least annually, and shall include analysis of:
    • threats enabled by information and communications technologies or services designed, developed, manufactured, or supplied by persons owned by, controlled by, or subject to the jurisdiction or direction of a foreign adversary; and
    • threats to the United States Government, United States critical infrastructure, and United States entities from information and communications technologies or services designed, developed, manufactured, or supplied by persons owned by, controlled by, or subject to the influence of a foreign adversary.

Secretary of Homeland Security

  • The Secretary of Homeland Security shall assess and identify entities, hardware, software, and services that present vulnerabilities in the United States and that pose the greatest potential consequences to the national security of the United States.
  • Within 80 days of the date of EO 13873 (i.e., by August 3, 2019), and annually thereafter, the Secretary of Homeland Security, in coordination with sector-specific agencies and coordinating councils as appropriate, shall produce a written assessment, including:
    • an evaluation of hardware, software, or services that are relied upon by multiple information and communications technology or service providers, including the communication services relied upon by critical infrastructure entities identified pursuant to section 9 of Executive Order 13636 of February 12, 2013 (Improving Critical Infrastructure Cybersecurity).

Secretary of Commerce

  • Within 1 year of the date of EO 13873 (May 15, 2020), and annually thereafter, the Secretary, in consultation as appropriate with the secretaries of Treasury, Homeland Security, State, and Defense, the Attorney General, the U.S. Trade Representative, the Director of National Intelligence, and the Chairman of the Federal Communications Commission, shall assess and report to the President whether the actions taken pursuant to EO 13873 are sufficient and continue to be necessary to mitigate the risks identified in the Order.

BIS Adds Huawei Technologies Co. Ltd. to the Entity List

On May 15, 2019, the Bureau of Industry and Security (BIS) of the U.S. Department of Commerce announced the addition of Huawei Technologies Co. Ltd. and its affiliates to its Entity List.[4]

BIS stated that this action was taken based on information supporting the conclusion that Huawei, a Chinese company that is the largest telecommunications equipment producer in the world, is engaged in activities contrary to U.S. national security or foreign policy interests.

This information includes the "activities alleged in the Department of Justice's public superseding indictment of Huawei, including alleged violations of the International Emergency Economic Powers Act (IEEPA), conspiracy to violate IEEPA by providing prohibited financial services to Iran, and obstruction of justice in connection with the investigation of those alleged violations of U.S. sanctions."

Impact of Adding Huawei to Entity List

  • The sale or transfer of American technology to Huawei will require a license issued by BIS.
  • A license may be denied if the sale or transfer would harm U.S. national security or foreign policy interests.

One press article notes: "This listing makes it virtually impossible for companies to survive once U.S. firms are discouraged from doing business with them."[5]

Entity List Criteria

Additions to the Entity List are decided by the End-User Review Committee, which is comprised of officials from the Departments of Commerce, Defense, State, and Energy.  Per 15 CFR § 744.11(b), the Entity List may include "persons or organizations for whom there is reasonable cause to believe that they are involved, were involved, or pose a significant risk of becoming involved in activities that are contrary to the national security or foreign policy interests of the United States, and those acting on behalf of such persons."[6]

Huawei's listing on the Entity List will be effective when published in the Federal Register.

While the national security concerns about interference with the U.S. information and telecommunication system have been building for some time, the actions this week by the Trump Administration both add pressure on China to find a resolution to the current US-China trade negotiations following the US 301 investigation and, at the same time, make such a resolution more challenging.


[1] The White House, Executive Order on Securing the Information and Communications Technology and Services Supply Chain (May 15, 2019); https://www.whitehouse.gov/presidential-actions/executive-order-securing-information-communications-technology-services-supply-chain/

[2] On May 15, 2019, the White House also issued a press statement and a message to Congress concerning Executive Order 13873.  See The White House, Statement from the Press Secretary (May 15, 2019); https://www.whitehouse.gov/briefings-statements/statement-press-secretary-56/;  The White House, Message to the Congress on Securing the Information and Communications Technology and Services Supply Chain (May 15, 2019); https://www.whitehouse.gov/briefings-statements/message-congress-securing-information-communications-technology-services-supply-chain/

[3] Securing the Information and Communications Technology and Services Supply Chain, 84 Fed. Reg. 22689 (Executive Office of the President, May 17, 2019);  https://www.federalregister.gov/documents/2019/05/17/2019-10538/securing-the-information-and-communications-technology-and-services-supply-chain

[4] U.S. Department of Commerce press release, Department of Commerce Announces the Addition of Huawei Technologies Co. Ltd. to the Entity List (May 15, 2019); https://www.commerce.gov/news/press-releases/2019/05/department-commerce-announces-addition-huawei-technologies-co-ltd

[5] Damian Paletta , Ellen Nakashima and David J. Lynch, U.S. Trump administration cracks down on giant Chinese tech firm, escalating clash with Beijing, The Washington Post (May 15, 2019); https://www.washingtonpost.com/world/national-security/trump-signs-order-to-protect-us-networks-from-foreign-espionage-a-move-that-appears-to-target-china/2019/05/15/d982ec50-7727-11e9-bd25-c989555e7766_story.html?utm_term=.061c57bd1295

[6] Id.



All Trade Flows and Washington Updates
A Primerus Law Firm
Terms and Conditions
© 2013 - 2019 Stewart and Stewart
[ Log On ]