In place of these EOs, the new EO, “Protecting Americans’ Sensitive Data from Foreign Adversaries,” builds on steps the US Commerce Department has already taken under EO 13873 of May 15, 2019, to protect the information and communications technology and services (ICTS) supply chain against threats from China and other identified foreign adversaries.

As a result of the new EO, the US government will further analyze the risks arising from the use of applications such as TikTok and WeChat – including risks related to the security of Americans’ sensitive data — and could take further steps to mitigate those risks, either through existing ICTS regulations or through additional executive and legislative actions.

Repeal of Three Prior Executive Orders

Section 1 of the new EO repeals three prior Executive Orders: EO 13942 of August 6, 2020 (which directed the US Commerce Department to prohibit certain transactions related to ByteDance/TikTok), EO 13943 of August 6, 2020 (which similarly directed the Commerce Department to prohibit certain transactions related to WeChat), and EO 13971 of January 5, 2021 (which directed the Commerce Department to prohibit certain transactions with the persons who control or develop eight other software applications linked to China).

Pursuant to EOs 13942 and 13943, the Commerce Department published rules in September 2020 that identified prohibited WeChat- and ByteDance-related transactions.  Among other prohibited transactions, downloads and hosting of the WeChat and TikTok applications in the United States were to be prohibited.  Opponents of these new rules soon brought challenges in US courts and ultimately won injunctions that prevented the rules from taking effect.  No rules were published to implement EO 13971.

Under section 2(a) of the new EO, the Commerce Department’s September 2020 rules on WeChat- and ByteDance-related transactions must be rescinded.

New Framework

While the new EO revokes the three prior Executive Orders, it provides new means to reach similar ends – namely, protecting sensitive U.S. data and addressing other national security risks created by apps from identified foreign adversaries.

• Further analysis and recommendations: Under section 2(b) of the EO, the Secretary of Commerce – in consultation with other relevant agencies – must submit a report to the National Security Advisor with recommendations to protect against two identified harms: “harm from the unrestricted sale of, transfer of, or access to United States persons’ sensitive data” and “harm from access to large data repositories by persons owned or controlled by, or subject to the jurisdiction or direction of, a foreign adversary.” This report is due by October 7, 2021.  Under section 2(c) of the EO, the Secretary of Commerce – again in consultation with other relevant agencies – must submit a second report recommending additional executive and legislative actions to address the risks posed by connected software applications that are designed, manufactured, or supplied by persons owned, controlled, or under the jurisdiction or direction of a foreign adversary.  The second report is due by December 6, 2021.
• Continuing evaluation of connected software applications under EO 13873 and the ICTS regulations: Section 2(d) of the new EO requires the Secretary of Commerce to evaluate, on a continuing basis, transactions involving connected software applications that may pose unacceptable risks to US national security, and to take appropriate action under EO 13873 and its implementing regulations (the ICTS regulations).  Those regulations, issued as an interim final rule in January 2021 with effect from March 2021, empower the Commerce Department to (i) identify transactions where the acquisition or use of information and communications technology and services linked to foreign adversaries poses unacceptable national security risks, and (ii) impose restrictions on those transactions, or prohibit them altogether.

Conclusion

The new EO reflects continuity in the US government’s view that a national security risk arises from transfers of sensitive personal or commercial data, including transfers that occur through connected software applications linked to foreign adversaries. It also signals that the Biden administration believes the remedies attempted in 2020 regarding TikTok and WeChat (such as attempting to bar downloads of those popular applications) infringed excessively on other fundamental interests, such as freedom of communication.

Although the three EOs that took aim at TikTok, WeChat, and other China-linked applications have been revoked, the new EO reinforces the application of the ICTS regulations to connected software applications, and sets in motion a new policymaking process that could lead to more narrowly tailored restrictions on the handling of sensitive US data by applications linked to China and other identified US adversaries.

David Stetson, a former senior lawyer at the US Department of the Treasury, Office of Foreign Assets Control (OFAC) and in-house sanctions lawyer, leads investigations and advises clients on OFAC sanctions and related anti-money laundering (AML) and export controls issues.

Edward J. Krauland represents clients on matters involving US and multilateral economic sanctions, dual use, defense and nuclear export controls, anti-money laundering (AML) compliance, anti-boycott, review of foreign investments in the United States, and government procurement regulations in the cross-border context.

Brian Egan is a distinguished international lawyer who advises on a range of complex legal issues that affect his US and foreign clients.

Wendy Wysong focuses her practice on regulatory compliance and white-collar defense of international laws, including the US Foreign Corrupt Practices Act (FCPA), International Traffic in Arms Regulations (ITAR), Export Administration Regulations (EAR), US sanctions laws and regulations administered by the Office of Foreign Assets Control (OFAC), and US anti-boycott laws, as well as government fraud and public corruption. 

Nick Turner works with multinational financial institutions and corporations in the United States, European Union, Hong Kong, China, Singapore, Australia, and other jurisdictions in Asia on all aspects of economic sanctions, anti-money laundering, and anti-bribery and corruption compliance and investigations. 

Meredith Rathbone counsels clients in numerous countries on achieving their business goals while ensuring compliance with US export controls and economic sanctions laws administered by the Departments of Commerce, State, and Treasury. 

To read the original commentary from Steptoe International Compliance, please visit here.

The post Biden Administration Revokes TikTok and WeChat Executive Orders, Revises Framework on Security Threats from Foreign Apps appeared first on WITA.

Enforcement of the antitrust statutes is an important tool for the protection of competitive markets. Yet, it is a blunt instrument unable to reach many nuanced competition and consumer protection issues created by the digital economy. It is inherently uncertain in outcome, reliably lengthy in process, and an after-the-fact response rather than a broad-based set of rules.

Without a doubt, Big Tech has delivered wonderous new capabilities. However, the “move fast and break things” mantra of Silicon Valley has meant that digital companies move fast and make their own rules. Antitrust statutes reflect a time when markets were relatively stable because technology was relatively stable. Today, the rapid pace of digital technology means companies can move rapidly to advantage themselves by exploiting consumers and eliminating potential competition.

Regulation, done with agility, can be an important refinement to the blunt force of the antitrust laws while being able to protect competition and consumers alike. It is not enough, however, to re-task industrial era federal agencies to oversee the digital giants. These agencies are full of dedicated professionals, but they operate on precedents and procedures built for another era when technology and innovation moved at a slower pace. In place of such industrial era muscle memory, we need a purpose-built federal agency with digital DNA.

Congress has traditionally created new expert agencies to oversee new technology platforms. Whether the Interstate Commerce Commission (railroads), Federal Communications Commission (broadcasting), Federal Aviation Administration (air transport), Consumer Financial Protection Bureau (finance), or any other of the alphabet agencies, the precedent is clear: new technologies require specialized oversight. In our report, “New Digital Realities; New Oversight Solutions” we conclude such regulation in the digital era warrants creation of a Digital Platform Agency to establish public interest expectations that promote fair market practices while being agile enough to deal with the rapid pace of digital technology.

Such an agency should be governed by a new congressionally established digital policy built on three pillars:

• Risk management rather than micromanagement: rigid industrial era utility-style regulation is incompatible with today’s rapid pace of technological change. Regulation should be based on risk-targeted remedies focused on market outcomes.
• Restoration of common law principles: for hundreds of years common law has required those providing services to anticipate and mitigate harmful effects (a “duty of care”), as well as  providing access to essential services (a “duty to deal”). Oversight of Big Tech need do nothing more than reinstate such expectations.
• Agile regulation: in lieu of top-down dictates, the new agency should be the forum to involve the industry in developing enforceable behavioral standards similar to fire and building codes. Such codes introduce innovation-promoting agility to the oversight process while protecting consumers and competition

The existing agencies of government are based on statutes and structures that reflect the relatively stable markets and relatively stable technology of the late industrial era. These policies and procedures, however, have been ambushed by the digital future.

The solution to the public interest challenges posed by Big Tech is to embrace its differences and enable subject matter experts to substitute the public interest for corporate interests. While antitrust enforcement is important, the companies can no longer be permitted to make their own rules. It is time for purpose-built federal oversight of the dominant force in our lives and our economy.

Tom Wheeler is a visiting fellow of Government Studies at the Center for Technology Innovation. 

To read the original blog post, click here. 

The post The Need for Regulation of Big Tech Beyond Antitrust appeared first on WITA.