April 10, 2020 Public Contract Law Journal

The Kaspersky, ZTE & Huawei Sagas : Why the US Is in Desperate Need of a Standardized Method for Banning Foreign Federal Contractors

by Grace Sullivan

Grace Sullivan is a third-year student at The George Washington University Law School and the winner of the 2019 Public Contract Law Journal Writing Competition (Division I). She would like to thank Professor Sonia Tabriz for her guidance during the writing process. Grace can be contacted by email at gsullivan@law.gwu.edu.

I.  Introduction

Foreign federal government contractors “are susceptible to political whims.”1 Some go so far as to call such contractors “[g]eopolitical [p]awn[s].”2 These statements have rung particularly true in the last few years. In the wake of increasing political and media attention on foreign government interference in U.S. affairs,3 the federal government has taken steps to ban certain international companies from contracting with federal agencies.4 The bans have targeted companies in Russia and China, countries long considered hostile to U.S. national security.5 Indeed, contracting bans have become not only a means of protecting national security, but also a mirror of current political tensions.

The federal government is well within its rights to be vigilant of national security threats involving international contractors. Cybersecurity in particular is a pressing challenge, as experts expect cyberattacks against information technology (IT) systems to increase in number and severity in the coming years.6 Consequences of weak cybersecurity include cybertheft, cyberespionage, denial-of-service (DoS) attacks, botnet malware, and attacks on industrial control systems.7

The federal government has a number of tools at its disposal to impose contracting bans on international contractors that threaten U.S. cybersecurity.8 That is where the problem lies. Because the government has such a myriad of options, there is no uniform manner in which such bans are carried out.9 The consequence of this lack of standardization, this Note argues, is that the bans take on a politically retaliatory flavor — even when based on genuine national security concerns — because each ban appears “tailored” to a specific political circumstance, a specific country, like Russia or China, or a specific world leader, like Vladimir Putin or Xi Jinping.10

This Note argues that the current contracting ban procedures aggravate already delicate foreign relations and confuse contractors and government agencies alike.11 Nowhere is this phenomenon clearer than in the contracting bans on Chinese telecommunications (telecommunications or telecom) giants ZTE and Huawei and Russian cybersecurity firm Kaspersky Lab. Kaspersky was formally banned from contracting with the federal government in December 2017,12 shortly after accusations swirled that the Russian government meddled in the 2016 presidential election.13 ZTE and Huawei were formally banned from contracting with the federal government in August 2018.14 Those bans came on the heels of a massive trade war the Trump administration began in early 2018.15

With these issues in mind, this Note proposes that the United States adopt a standardized method for enacting government contracting bans of indefinite length on foreign companies that pose national security threats. Part II of this Note lays the groundwork for the federal government’s authority to enact these bans. Part III provides information on the ZTE, Huawei, and Kaspersky sagas and compares the methodology of each ban. Part IV discusses what was successful and what went wrong in each of the three case studies. Part IV then proposes a new way forward: a standardized procedure for the U.S. Government to follow in the event of a future need for a contracting ban on an international company. In brief, the proposed procedure borrows aspects from all three case studies but remains conscious of their many pitfalls. Once a federal agency or the executive branch believes that a foreign company should be precluded from contracting with the federal government, the company should be given an opportunity to be heard and to defend itself in front of the Secretary of Homeland Security. If, during this opportunity, the company does not sufficiently assuage Homeland Security’s concerns, Congress should proceed to enact a contracting ban through the upcoming fiscal year’s appropriations bill. If the national security concern is urgent and cannot wait until the passage of the next appropriations bill, the Department of Homeland Security (DHS) should immediately enact a binding operational directive. Part V concludes and looks to the future of foreign relations with Russia and China.

Premium Content For:
  • Public Contract Law Section
Join - Now