President Donald J. Trump has issued an executive order, “Securing the Information and Communications Technology and Services Supply Chain,” that declares a national emergency as to the threats against information and communications technology and services in the United States. It delegates authority to the secretary of Commerce to prohibit transactions posing an unacceptable risk to the national security of the United States or the security and safety of U.S. persons. In a brief press statement, the White House noted, “The President has made it clear that this Administration will do what it takes to keep America safe and prosperous, and to protect America from foreign adversaries who are actively and increasingly creating and exploiting vulnerabilities in information and communications technology infrastructure and services in the United States.”

The executive order prohibits transactions that involve information and communications technology or services designed, developed, manufactured or supplied by persons owned by, controlled by or subject to the jurisdiction or direction of a foreign adversary whenever the secretary of Commerce determines that a transaction would pose a threat to national security. Any determination by the secretary of Commerce to prohibit such transactions will be based on consultations with other departments and agencies of the U.S. government. Commerce has announced that it will issue regulations within the next 150 days to establish procedures for reviewing these transactions. The executive order also requires the director of National Intelligence to prepare an assessment within the next 40 days on the risks to the United States and critical infrastructure systems “from information and communications technology or services designed, developed, manufactured, or supplied by persons owned by, controlled by, or subject to the jurisdiction or direction of a foreign adversary.” The secretary of Homeland Security must prepare an assessment within the next 80 days “evaluating vulnerabilities in hardware, software, and services that threaten the national security of the United States.”

In what is viewed as directly related to this executive order, the Department of Commerce announced that a forthcoming Federal Register notice will add China’s Huawei Technologies Co. Ltd. and its affiliates to the Entity List of the Bureau of Industry and Security (BIS). A Commerce press release states that “this action stems from information available to the Department that provides a reasonable basis to conclude that Huawei is engaged in activities that are contrary to U.S. national security or foreign policy interest. This information includes the activities alleged in the Department of Justice’s public superseding indictment of Huawei, including alleged violations of the International Emergency Economic Powers Act (IEEPA), conspiracy to violate IEEPA by providing prohibited financial services to Iran, and obstruction of justice in connection with the investigation of those alleged violations of U.S. sanctions.” Once a party is placed on the Entity List, any sale, export or transfer of controlled technology to such an entity by a U.S. person or company requires an export license from BIS, and in most instances, consideration of such an export license is processed under an overall agency “policy of denial.”