The U.S. Department of Commerce ("Commerce") has significantly ramped up action under its regulations on securing systems, software, products and other technology infrastructure within the Information and Communications Technology and Services ("ICTS") supply chain, issuing major rulemakings (two proposed and one final) this year after years of relative inaction.
As explained in detail below, the ICTS rules empower Commerce to investigate transactions involving ICTS sourced from China and other "adversary" countries and, as warranted, to mitigate related national security risk, including by banning the ICTS at issue.
Just this year, Commerce has issued proposed rules regarding national security risks related to infrastructure as a service ("IaaS") cloud services and connected vehicles, and issued the first-ever ban under the ICTS rules, targeting Kaspersky Lab software. These developments mark a turning point in the administration of the ICTS rules and signal Commerce's intent to regulate the technology supply chain, which will present challenges for industry as Commerce builds out its approach.
To read the full article, please click here.
"The 'ICTS' Rules: Technology Supply Chain Regulation Has Arrived," by Anthony Rapa was published in Westlaw Today on October 30, 2024.
