On June 9, 2021, the White House issued a new Executive Order (EO) that revokes three Executive Orders issued in 2020 and early 2021 that were aimed specifically at TikTok, WeChat, and eight other China-linked communications and financial technology software applications.
In place of these EOs, the new EO, “Protecting Americans’ Sensitive Data from Foreign Adversaries,” builds on steps the US Commerce Department has already taken under EO 13873 of May 15, 2019, to protect the information and communications technology and services (ICTS) supply chain against threats from China and other identified foreign adversaries.
As a result of the new EO, the US government will further analyze the risks arising from the use of applications such as TikTok and WeChat – including risks related to the security of Americans’ sensitive data — and could take further steps to mitigate those risks, either through existing ICTS regulations or through additional executive and legislative actions.
Repeal of Three Prior Executive Orders
Section 1 of the new EO repeals three prior Executive Orders: EO 13942 of August 6, 2020 (which directed the US Commerce Department to prohibit certain transactions related to ByteDance/TikTok), EO 13943 of August 6, 2020 (which similarly directed the Commerce Department to prohibit certain transactions related to WeChat), and EO 13971 of January 5, 2021 (which directed the Commerce Department to prohibit certain transactions with the persons who control or develop eight other software applications linked to China).
Pursuant to EOs 13942 and 13943, the Commerce Department published rules in September 2020 that identified prohibited WeChat- and ByteDance-related transactions. Among other prohibited transactions, downloads and hosting of the WeChat and TikTok applications in the United States were to be prohibited. Opponents of these new rules soon brought challenges in US courts and ultimately won injunctions that prevented the rules from taking effect. No rules were published to implement EO 13971.
Under section 2(a) of the new EO, the Commerce Department’s September 2020 rules on WeChat- and ByteDance-related transactions must be rescinded.
New Framework
While the new EO revokes the three prior Executive Orders, it provides new means to reach similar ends – namely, protecting sensitive U.S. data and addressing other national security risks created by apps from identified foreign adversaries.
- Further analysis and recommendations: Under section 2(b) of the EO, the Secretary of Commerce – in consultation with other relevant agencies – must submit a report to the National Security Advisor with recommendations to protect against two identified harms: “harm from the unrestricted sale of, transfer of, or access to United States persons’ sensitive data” and “harm from access to large data repositories by persons owned or controlled by, or subject to the jurisdiction or direction of, a foreign adversary.” This report is due by October 7, 2021. Under section 2(c) of the EO, the Secretary of Commerce – again in consultation with other relevant agencies – must submit a second report recommending additional executive and legislative actions to address the risks posed by connected software applications that are designed, manufactured, or supplied by persons owned, controlled, or under the jurisdiction or direction of a foreign adversary. The second report is due by December 6, 2021.
- Continuing evaluation of connected software applications under EO 13873 and the ICTS regulations: Section 2(d) of the new EO requires the Secretary of Commerce to evaluate, on a continuing basis, transactions involving connected software applications that may pose unacceptable risks to US national security, and to take appropriate action under EO 13873 and its implementing regulations (the ICTS regulations). Those regulations, issued as an interim final rule in January 2021 with effect from March 2021, empower the Commerce Department to (i) identify transactions where the acquisition or use of information and communications technology and services linked to foreign adversaries poses unacceptable national security risks, and (ii) impose restrictions on those transactions, or prohibit them altogether.
Conclusion
The new EO reflects continuity in the US government’s view that a national security risk arises from transfers of sensitive personal or commercial data, including transfers that occur through connected software applications linked to foreign adversaries. It also signals that the Biden administration believes the remedies attempted in 2020 regarding TikTok and WeChat (such as attempting to bar downloads of those popular applications) infringed excessively on other fundamental interests, such as freedom of communication.
Although the three EOs that took aim at TikTok, WeChat, and other China-linked applications have been revoked, the new EO reinforces the application of the ICTS regulations to connected software applications, and sets in motion a new policymaking process that could lead to more narrowly tailored restrictions on the handling of sensitive US data by applications linked to China and other identified US adversaries.
David Stetson, a former senior lawyer at the US Department of the Treasury, Office of Foreign Assets Control (OFAC) and in-house sanctions lawyer, leads investigations and advises clients on OFAC sanctions and related anti-money laundering (AML) and export controls issues.
Edward J. Krauland represents clients on matters involving US and multilateral economic sanctions, dual use, defense and nuclear export controls, anti-money laundering (AML) compliance, anti-boycott, review of foreign investments in the United States, and government procurement regulations in the cross-border context.
Brian Egan is a distinguished international lawyer who advises on a range of complex legal issues that affect his US and foreign clients.
Wendy Wysong focuses her practice on regulatory compliance and white-collar defense of international laws, including the US Foreign Corrupt Practices Act (FCPA), International Traffic in Arms Regulations (ITAR), Export Administration Regulations (EAR), US sanctions laws and regulations administered by the Office of Foreign Assets Control (OFAC), and US anti-boycott laws, as well as government fraud and public corruption.
Nick Turner works with multinational financial institutions and corporations in the United States, European Union, Hong Kong, China, Singapore, Australia, and other jurisdictions in Asia on all aspects of economic sanctions, anti-money laundering, and anti-bribery and corruption compliance and investigations.
Meredith Rathbone counsels clients in numerous countries on achieving their business goals while ensuring compliance with US export controls and economic sanctions laws administered by the Departments of Commerce, State, and Treasury.
To read the original commentary from Steptoe International Compliance, please visit here.