Regulators Issue Huawei, ZTE Interim Rule

By Ryan Burnette, Susan Cassidy and Samantha L. Clark

Photo: iStock

The Federal Acquisition Regulatory Council recently released an interim rule governing Section 889(a)(1)(B) of the 2019 National Defense Authorization Act. All U.S. government prime contractors should take heed.

The rule — effective Aug. 13 with a 60-day comment period — implements the statutory prohibition on agencies contracting with any “entity” that “uses” covered telecommunications equipment or services “as a substantial or essential component of any system or as a critical technology of any system.” That includes all telecomm equipment or services produced and provided by Huawei or ZTE, and video surveillance and telecommunications equipment or services produced and provided by Hytera, Hikvision, or Dahua, or any subsidiaries or affiliates.

This prohibition applies to all U.S. government prime contractors, whether domestic or international, including those selling commercially available off-the-shelf items.
Leading up to the highly anticipated release of these regulations, compliance questions from industry focused on definitions of key terms, requirements, and the process for exceptions and waivers.

The interim rule clarifies that, for now, the term “entity” refers to only the prime contractor because the prime contractor is the only entity with whom the agency “enters into a contract.” The FAR Council, however, highlighted the possibility that the final rule could be expanded to entities beyond the contracting party.

The new rule does not clarify all aspects of what is meant by “use” of covered telecommunications equipment or services. However, the council noted that the prohibition applies “regardless of whether that usage is in performance of work under a Federal contract.” This confirms that even commercial activities that bear no connection to the contracting entity’s performance of a federal contract are within the scope of the prohibition.

The regulations focus on whether the prime contractor itself uses covered telecommunications equipment or services. However, the prime contractor will still need to ensure that it is not procuring any such equipment or services from its subcontractors, suppliers and vendors for the prime contractor’s use.

The rule requires a contractor to represent to the government that after conducting a “reasonable inquiry,” it does or does not use the covered equipment or services. “Reasonable inquiry” is defined as “an inquiry designed to uncover any information in the entity’s possession about the identity of the producer or provider of covered telecommunications equipment or services used by the entity that excludes the need to include an internal or third-party audit.”

This definition raises several compliance challenges. First, the scope of “any information in the entity’s possession” is ambiguous though the interim rule states that it is “primarily documentation or other records.”

Second, the terms “producer” and “provider” are not defined in the regulation, but the common usage of producer would include the manufacturer of the product, whereas the provider could be a reseller.

Finally, the language that “excludes the need” for audits appears to alleviate the need for reverse engineering. A question remains, however, as to how broadly to extend diligence for the entity’s own use of telecommunication equipment and services for purposes of complying with Section 889(a)(1)(B).

Contracting officers must include the updated clause when exercising options under existing U.S. government contracts. Such an addition could present issues because the contractor may not have factored compliance into their prices for performance of those option periods.

The FAR Council has outlined an expectation for contractors to prepare plans in the first year that demonstrate how they are complying with the new requirements. Therefore, it is important for contractors to develop a compliance plan that will allow them to submit accurate representations to the government in the course of their offers.

The interim rule confirmed that only the exception for covered telecommunications equipment that cannot route, redirect, or permit visibility into any user data or packets applies to Subsection 889(a)(1)(B). All of these terms remain undefined. However, the statute uses the term “cannot,” rather than “do not.” This structure suggests that the government will apply the exception narrowly, by examining the equipment’s capabilities and functionalities, regardless of whether the equipment is actually being used for those functions.

In general, an agency head may grant a waiver on a contract-by-contract basis until Aug. 13, 2022. Where a contractor sells the same products or services to multiple agencies, the contractor must initiate the waiver request with the contracting officers in each agency responsible for the potential contract. Although Section 889 allows an entity to receive a national security waiver from the Office of the Director of National Intelligence, we expect those waivers to be rare.

If the contractor is unable to certify compliance at the time a bid is submitted, it will be presumed that a waiver will be required. A contracting officer may choose not to initiate the waiver process and award to a compliant offeror. Contractors who anticipate needing a waiver should begin preparing the information in advance to include with their proposals so as to not cause any self-imposed delays to a process with many steps.

Susan Cassidy is a partner, Samantha Clark is special counsel and Ryan Burnette is an associate at Covington & Burling LLP.

Topics: Defense Department

Comments (0)

Retype the CAPTCHA code from the image
Change the CAPTCHA codeSpeak the CAPTCHA code
Please enter the text displayed in the image.