On November 27, 2019, the Department of Commerce issued a proposed rule to implement the May 15, 2019 Executive Order entitled “Securing the Information and Communications Technology and Services Supply Chain.”  Once finalized and effective, the regulations will govern the process and procedures that the Secretary of Commerce will use to determine whether certain transactions involving information and communications technology or services (“ICTS”) should be prohibited or otherwise restricted.  As currently drafted, the proposed rule goes further than many other legal authorities, in that it allows the government to prohibit or otherwise restrict a broad range of wholly commercial transactions that the Secretary determines present national security risks.

Details on key aspects of the proposed rule are in a Client Alert that we published on November 27, available here.  The public comment period remains open until December 27.  Given the breadth of the proposed rule and the significant number of open questions, thoughtful comments will be critically important in scoping a final rule.

Under the proposed rule, the Secretary may review and mitigate, prohibit, or unwind transactions that: (1) are conducted by any person subject to the jurisdiction of the United States or involve property subject to the jurisdiction of the United States; (2) involve any property in which any foreign country or a national thereof has an interest (including through an interest in a contract for the provision of the technology or service); and (3) were initiated, pending, or completed after May 15, 2019, regardless of when agreements relating to those transactions were entered into, dated, or signed or when any license, permit, or authorization applicable to the transaction was granted.  The Secretary would also have the ability to review, and potentially prohibit, mitigate, or unwind transactions involving “ongoing” activities, even if a contract was entered into prior to May 15, 2019.

The review of a covered transaction could be commenced by the Secretary (or a designee): (1) at the Secretary’s own discretion; (2) upon request from a department head, agency, governmental body, or the Federal Acquisition Security Council, as appropriate; or (3) based on information submitted by private parties to the Secretary that the Secretary deems credible.  This third prong could allow business competitors to submit information triggering a review.  In all cases, the Secretary would have broad discretion under the proposed rule to initiate, conduct, and resolve an investigation.

The proposed rule leaves significant uncertainty for companies in the ICTS sector (and companies that procure ICTS) as to the types of transactions that may undergo review and be prohibited or otherwise restricted.  Companies in the ICTS sector must take account of the proposed rule in considering potential transactions, especially those involving countries that the U.S. Government considers to present national security concerns, such as China and Russia.  Our firm’s national security team stands ready to help businesses analyze the potential impacts of the proposed rule on their operations and consider how best to engage with the government, particularly during this month’s public comment phase.

*****

This post is being published concurrently on Covington’s Inside Government Contracts and Global Policy Watch blogs. 

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Ryan Burnette Ryan Burnette

Ryan Burnette is a government contracts and technology-focused lawyer that advises defense and civilian contractors on federal contracting compliance and on civil and internal investigations that stem from these obligations. Ryan has particular experience with clients that hold defense and intelligence community contracts…

Ryan Burnette is a government contracts and technology-focused lawyer that advises defense and civilian contractors on federal contracting compliance and on civil and internal investigations that stem from these obligations. Ryan has particular experience with clients that hold defense and intelligence community contracts and subcontracts, and has recognized expertise in national security related matters, including those matters that relate to federal cybersecurity and supply chain security. Ryan also advises on FAR and DFARS compliance, public policy matters, agency disputes, and government cost accounting.  He speaks and writes regularly on government contracts and cybersecurity topics, drawing significantly on his prior experience in government to provide insight on the practical implications of regulations.

Ryan is especially experienced with:

  • Government cybersecurity standards, including the Federal Risk and Authorization Management Program (FedRAMP); Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7012 and 252.204-7020; National Institute of Standards and Technology (NIST) publications, such as NIST SP 800-171; software and artificial intelligence security, attestations, and bill of materials requirements; and the Cybersecurity Maturity Model Certification (CMMC) program.
  • Supply chain requirements, including Section 889 of the FY19 National Defense Authorization Act; restrictions on covered semiconductors and printed circuit boards; Information and Communications Technology and Services (ICTS) restrictions; and matters relating to the Federal Acquisition Security Council (FASC).
  • Information handling, marking, and dissemination requirements, including those relating to Covered Defense Information (CDI) and Controlled Unclassified Information (CUI).
  • Federal Cost Accounting Standards and FAR Part 31 allocation and reimbursement requirements.

Prior to joining Covington, Ryan served in the Office of Federal Procurement Policy in the Executive Office of the President, where he developed and implemented government-wide contracting regulations and administrative actions affecting more than $400 billion dollars’ worth of goods and services each year. While in government, Ryan worked on several contracting-related Executive Orders, and worked with White House and agency officials on regulatory and policy matters affecting contractor disclosure and agency responsibility determinations, labor and employment issues, IT contracting, commercial item acquisitions, performance contracting, GSA Schedules and interagency acquisitions, competition requirements, and suspension and debarment, among others.

Additionally, in the wake of significant incidents affecting the program, Ryan was selected to serve on a core team that led reform of security processes affecting federal background investigations for cleared employees and contractors. These efforts resulted in the establishment of a new federal bureau to conduct and manage background investigations.