[co-author: Paul Coyle]
On January 5, 2021, President Trump signed an executive order (EO) prohibiting U.S. persons from engaging in transactions with eight “connected software applications” developed or controlled by Chinese companies. The executive order is the most recent in a line of executive actions the outgoing administration has taken since the President’s May 15, 2019 declaration of a national emergency with respect to threats by foreign adversaries to the U.S. information and communications technology and services supply chain (ICT Supply Chain EO). Like the ICT Supply Chain EO and previous executive orders targeting TikTok and WeChat, this action relies on the President’s authority under the International Emergency Economic Powers Act (IEEPA) and the National Emergencies Act.
The executive order prohibits all transactions with persons that develop or control the following Chinese connected software applications as well as their subsidiaries: Alipay, CamScanner, QQ Wallet, SHAREit, Tencent QQ, VMate, WeChat Pay, and WPS Office. This prohibition becomes effective 45 days after the date of its issuance, February 19, 2021. The executive order directs the Secretary of Commerce (Secretary) to identify the transactions and persons subject to the executive order within the same 45-day window.
The executive order also directs the Secretary to produce (within 45 days) a report containing “recommendations to prevent the sale or transfer of United States user data to, or access of such data by, foreign adversaries, including through the establishment of regulations and policies to identify, control, and license the export of such data.” In addition to authorizing the Secretary to adopt rules and regulations, the order instructs the Secretary “to employ all powers granted to [the President] by IEEPA, as may be necessary to implement this order.”
As justification for this action, the executive order states that “the pace and pervasiveness of the spread in the United States of certain connected mobile and desktop applications and other software developed or controlled by persons in the People’s Republic of China [PRC], to include Hong Kong and Macau (China), continue to threaten the national security, foreign policy, and economy of the United States.” Specifically, “[t]he United States has assessed that a number of Chinese connected software applications automatically capture vast swaths of information from millions of users in the United States, including sensitive personally identifiable information and private information, which would allow the PRC and [the Chinese Communist Party] access to Americans’ personal and proprietary information.”
Although the Secretary of Commerce has 45 days to act on the directives within the executive order, President Trump and his cabinet will leave office in 14 days. Unless the Secretary of Commerce acts within the next two weeks, the Biden Administration will be responsible for implementing, amending, or even revoking this executive order.