On January 5, 2021, President Donald Trump signed Executive Order (EO) 13971, banning certain transactions and activities with persons who “develop or control” eight Chinese “connected software applications,”1 specifically Alipay, CamScanner, QQ Wallet, SHAREit, Tencent QQ, VMate, WeChat Pay, and WPS Office. The prohibitions will come into effect 45 days after the issuance of the order, that is, February 19.
Notably, EO 13971 does not clarify which transactions are prohibited, nor does it specify the persons with whom those transactions are prohibited. Rather, the EO directs the U.S. Department of Commerce to identify said transactions and persons at a later date. According to the terms of the EO, the Department of Commerce must not identity the prohibited transactions and persons until February 19 at the earliest, which is also the date on which the prohibitions come into effect. Consequently, the EO anticipates that the list of prohibited transactions and persons will be issued under, and the order will primarily be implemented by, the incoming Biden administration. Despite the language in the EO, some media reports have indicated that the Department of Commerce may nevertheless identify the prohibited transactions before President Trump leaves office on January 20, 2021.
The EO also directs the Department of Commerce to continue evaluating Chinese connected software applications that may pose a risk to the United States, leaving the possibility open that additional Chinese software applications could be targeted in the future.
The EO relies on the President’s authority under International Emergency Economic Powers Act (IEEPA), and cites the national emergency declared in EO 13873, which addressed what the Trump administration determined to be threats against information and communications technology and services in the United States. See Sidley’s prior alert on EO 13873 here. The current EO states that “[t]he United States has assessed that a number of Chinese connected software applications automatically capture vast swaths of information from millions of users in the United States, including sensitive personally identifiable information and private information, which would allow the [People’s Republic of China] and [Chinese Communist Party] access to Americans’ personal and proprietary information.” The order states that such data collection “would permit China to track the locations of federal employees and contractors, and build dossiers of personal information.”
Also of note, the EO provides that no later than February 19, the Department of Commerce, in consultation with the Attorney General and the Director of National Intelligence, must prepare a report containing recommendations to prevent the transfer of U.S. user data to foreign adversaries, “including through the establishment of regulations and policies to identify, control, and license the export of such data.” This report could have wide-ranging implications for U.S. export controls, specifically by contributing to the development of additional restrictions on the transfer of data. Moreover, while the current EO is directed at China, this report could address measures, including restrictions on data transfer, related to any “foreign adversaries.” This is not the only indication that the Department of Commerce may impose export restrictions on the transfer of data. Following passage of the Export Control Reform Act of 2018, the Department of Commerce suggested it was considering export restrictions on certain categories of data.
The EO contains language similar to that found in two earlier EOs issued by President Trump in August 2020, which sought to block certain transactions with the Chinese parent companies of software applications TikTok and WeChat, respectively. These two orders likewise cited the national emergency declared in EO 13873 and the President’s authority under IEEPA. At this time, federal courts have blocked both orders as litigation continues, and TikTok and WeChat continue to be available for download in the United States.
While the August orders were applied by the Department of Commerce to be focused on U.S.-based use and servicing of the applications, it is unclear whether this will be true for the transactions prohibited under the EO 13971. On its face, this EO could potentially prohibit “any transaction [with prohibited persons] by any person … subject to the jurisdiction of the United States,” even if those transactions occur in China or in other countries. As noted, the Department of Commerce will further identify those prohibited transactions (as well as the persons who are considered to “develop or control” the targeted software applications) on or after February 19, and the new order will therefore primarily be implemented by the incoming Biden administration. In the meantime, EO 13971 creates significant uncertainty for businesses around the world that rely on the software applications listed in the EO, which include some of the most popular apps in the world.
1 EO 13971 defines “connected software application” to mean “software, a software program, or group of software programs, designed to be used by an end user on an end-point computing device and designed to collect, process, or transmit data via the Internet as an integral part of its functionality.”
2 See Press Release, “Commerce Department Prohibits WeChat and TikTok Transactions to Protect the National Security of the United States,” U.S. Dep’t of Commerce (September 18, 2020), https://www.commerce.gov/news/press-releases/2020/09/commerce-department-prohibits-wechat-and-tiktok-transactions-protect.