Since May of 2019, standards setting organizations (SSOs) and U.S. companies have been struggling with the blowback from the decision by the U.S. Department of Commerce (DoC) to add Huawei and scores of its affiliated companies to the “Entity List” maintained by the U.S. Bureau of Industry and Security. In June of 2020, the DoC then released a long awaited “Interim Final Rule,” providing a safe harbor for U.S. companies and Huawei et al. to work together on standards. Until August 17, the DoC is accepting recommendations to improve the Interim Final Rule from interested parties. We have prepared detailed feedback which we will be submitting on behalf of Gesmer Updegrove LLP, multiple clients, and any other SSOs and interested parties that may wish to lend their support. 

The concerns addressed in these comments arise from the fact that U.S. law prevents U.S. companies from disclosing a broad range of technology to companies on the Entity List, and that’s what usually happens during standards development. Those who disclose covered technology in violation of the rules can incur criminal liability.

Although the Interim Final Rule provides a safe harbor, it has various limitations, including that it only applies to Huawei and its affiliates and not other companies on the Entity List, and only benefits SSOs that qualify as  “Voluntary Consensus Standards Bodies” under a preexisting rule called OMB Circular A-119. Unfortunately, most information and communications technology (ITC) SSOs don’t meet that test. Of those, some will not want to make the changes needed to meet the new test, while others that do will be saddled with additional processes and delays, most of which are not necessary to achieve the policy goals behind the Entity List restrictions.

Our detailed comments, reproduced in full below, include recommendations that urge the D0C to:

• Create a standards-specific exception that is based on prevailing norms of Information and Communications Technology (ICT) SSO best practices rather than the more stringent VCSB rules that the government itself is not rigidly bound by under OMB Circular A-119. Ideally, the eventual rule would simply state that U.S. companies may safely participate in any SSO formed with the intention of creating global standards and which admits all interested parties as members on a non-discriminatory basis. Failing that, providing an SSO-specific exception referencing only the Openness and Consensus elements of the VCSB definition, tailored to ICT SSO realities, would provide a next-best solution.
• Clarify that additional collaborative activities commonly associated with standards development and necessary to achieve market needs are also included within the exception. These activities include the creation of reference implementations, participating in and sharing the results of conformance testing, and related activities that help foster adoption, implementation, and improvement of ‎standards conducted by, or under the auspices, of an SSO.
• Include all industry participants that at any time are included in the Entity List, and not just Huawei and its affiliates.

If you have questions or are interested in lending your support to these comments and recommendations, please contact me at Andrew.updegrove@gesmer.com before August 16. We would welcome your participation.

The full text (minus footnoted citations) of our submission follows. You may find further background regarding the Huawei situation and the Interim Final Rule here.

*  *  *

DRAFT COMMENTS AND RECOMMENDATIONS TO U.S. DEPARTMENT OF COMMERCE
RELATING TO HUAWEI AND ITS AFFILIATES
RIN 0694-AI06 

Thank you for the opportunity to present comments in relation to 15 CFR Parts 744 and 772, RIN 0694–AI06, “Release of ‘Technology’ to Certain Entities on the Entity List in the Context of Standards Organizations” (the “Interim Final Rule”). The following remarks are made on behalf of Gesmer Updegrove LLP and the [__] standards setting organizations (SSOs) listed on the attachment to this letter.

I. Summary of Concerns

In the view of the SSOs supporting these comments, the Interim Final Rule in its current form does not adequately meet the needs of the dynamic ICT standardization world, nor is it likely in its current form to meet the Department of Commerce’s announced policy goals to protect U.S. economic and national security and to advance its foreign policy interests through U.S. participation and leadership in technical standards setting.  Specifically, we believe that:

• The OMB Circular A-119 definitions of “voluntary consensus standards body” (VCSB) and “standard” include criteria that are unduly difficult to meet, inconsistent with ICT standardization needs, and unrelated to U.S. policy objectives. The result will likely be that some SSOs of great importance to U.S. companies will not qualify under the Interim Final Rule, while others will be forced to add steps to their processes that will make their operations more costly, less efficient and less capable of bringing essential standards swiftly to the global marketplace.
• Several global SSOs (including 5G SSOs) have indicated they believe they are already exempt under preexisting BIS rules and Advisory Opinions. Many of their U.S. company members concluded otherwise, and therefore decided they are unable to participate in those SSOs.  We believe it is highly unlikely that any of these SSOs will make changes intended to address an Interim Final Rule that imposes additional VCSB requirements, is restricted only to Huawei (and its affiliates identified on the Entity List), and applies only to technology that is either EAR99 or controlled only for antiterrorism reasons. In these cases, U.S. companies will remain at a critical disadvantage.
• Compliance with the existing publication and meeting exceptions under EAR Section 734.7 is substantially less onerous than compliance with the Interim Final Rule, applies to a wider range of technologies, and allows participation by all Entity List companies, meaning that many SSOs that wish to admit Huawei (or any of its Entity List affiliates) will likely choose to comply with these exceptions rather than the Interim Final Rule, making the latter less useful than industry participants had hoped.
• Restricting the Interim Final Rule’s applicability to a single company and its affiliates runs counter to traditional standards of fairness and falls short of meeting any market needs relating to other Entity List companies. SSOs and U.S. companies will continue to encounter difficulties whenever any other Entity Listed company applies to, or is accepted for membership by, an SSO in which U.S. companies participate. 
• ICT SSO intellectual property rights (IPR) policies ensure that companies that help create standards will license any essential patents they own relating to those standards on reasonable and non-discriminatory (RAND) terms. When Huawei and its affiliates are barred from helping create a standard, they remain free to assert their patents on non-RAND terms against that standard, and are given every incentive to do so, potentially hampering the uptake and driving up the costs of 5G and other essential technology.
• Importantly, we also note that neither the current nor any previous version of OMB Circular A-119 has ever limited government use of standards to just those developed by VCSBs. Instead, Section 5(b) of OMB A-119 establishes a “preference” for the use of such standards. In fact, whether a standard is the work product of a VCSB is only one of no fewer than nineteen factors a government agency “should” consider “on a case-by-case basis” in “evaluating whether to use a standard.”  To require that BIS apply OMB A-119 more rigidly in reference to Entity List company participation in standards development is inconsistent with past government practice and unnecessary in order to accomplish the current policy goal.

II.    Amendments Recommended

We urge the Department of Commerce to amend the Interim Final Rule to:

• Create a standards-specific exception that is based on prevailing norms of Information and Communications Technology (ICT) SSO best practices rather than the more stringent VCSB rules that the government itself is not rigidly bound by under OMB Circular A-119. Ideally, the eventual rule would simply state that U.S. companies may safely participate in any SSO formed with the intention of creating global standards and which admits all interested parties as members on a non-discriminatory basis. Failing that, providing an SSO-specific exception referencing only the Openness and Consensus elements of the VCSB definition, tailored to ICT SSO realities, would provide a next-best solution.
• Clarify that additional collaborative activities commonly associated with standards development and necessary to achieve market needs are also included within the exception. These activities include the creation of reference implementations, participating in and sharing the results of conformance testing, and related activities that help foster adoption, implementation, and improvement of ‎standards conducted by, or under the auspices, of an SSO.
• Include all industry participants that at any time are included in the Entity List.

III.     Background

1.  Non-VCSB Consortia Reflect Marketplace Needs and Realities. ICT standards are created in many hundreds of independent SSO.  The governance, intellectual property policy and other rules of these organizations are market driven and periodically updated to meet evolving market needs. While virtually all SSOs implement some number of the VCSB attributes established by OMB Circular A-119, only some (such as SSOs accredited by the American National Standards Institute (ANSI)) implement all of them. Beginning in c. 1990, U.S. (and other) ICT companies have increasingly chosen to launch new standards development projects within non-ANSI accredited SSOs, often referred to generically as consortia, in large part to avoid process requirements they viewed as being unnecessary and limiting. Over the past twenty years, the great majority of ICT standards development has taken place in such organizations. These consortia are subject to domestic and foreign antitrust and competition laws, and have been actively monitored by U.S., E.U. and other regulatory bodies.

The processes of consortia typically diverge from those mandated under the VCSB definition in several important respects. As an example, a requirement to maintain “a fair and impartial process for resolving conflicting views,” as traditionally practiced, involves requiring each member voting “no” on a standard to give its reasons for withholding its approval, and the changes it would require before it would vote yes. These responses are then compiled, and each comment is reconciled, either by agreement with the requested change, by recommendation of a different compromise change, or by providing an explanation of why no change is recommended. The aggregate comments are then circulated for consideration by all working group members, after which a new voting period is begun. In contrast, a consortium would typically debate concerns in real time and ballot a final draft, thereby saving months in the development process. Famously, the process of the Internet Engineering Task Force, one of the most fundamental and important ICT consortia in the world since its initiation by the U.S. government, is self-described as “rough consensus and running code.” 

Formal appeals mechanisms are also less common in consortia, partially because they have been found to be infrequently necessary, and partly because such processes can be abused to delay the finalization of a standard.

Stated another way, in the fast-paced world of ICT, where technology life cycles are invariably short and competitive pressures extreme, the marketplace has found its own balance between due process formalities and time to market pressures, adopting those elements of a VCSB in which it found value, and disregarding those where the perceived benefits are outweighed by related delays or incur the potential  for gaming the system. Today, there are thousands of global consortium SSO standards in use that have been created through the ICT process. Many, if not most, of these standards enable “interoperability,” allowing components within a given system to work together, and permitting each system to interoperate with other compliant systems. When government agencies procure technology under OMB Circular A-119, they necessarily specify compliance with these standards on a daily basis. In doing so, they give appropriate weight to “the prevalence of the use of the standard in the national and international marketplaces,” and “[t]he extent to which the standard is an international standard.” 

2.  ICT SSOs are not often Controlled by U.S. Companies.  It is vital to note that ICT SSOs are almost always global in membership. While U.S. companies are important contributors to such SSOs, they represent only one national constituency and therefore may not have a voting majority. By their nature, SSOs find it important to maintain both the reality and the perception of neutrality so that they will be accepted by the global marketplace. Expecting such organizations to make meaningful changes to their rules at the request of a single government is unrealistic, and progressively more so to the extent that the changes impair their ability to meet market needs. It also sets a dangerous precedent for other national governments, some of which might seek to force SSOs to make changes that would disadvantage U.S. participants.

Given that the announced goal of the Interim Final Rule is to, “Clear [the] Way for U.S. Companies to More Fully Engage in Tech Standards-Development Bodies,”  it is essential that the ultimate version of that rule impose only requirements that ICT SSOs can realistically be expected to accommodate, and that provide SSOs and U.S. companies with a clear and reliable path forward for decision making.

3.  OMB Circular A-119 Definitions have never before been Prescriptive.   OMB Circular A-119 was amended in 1998 to support the implementation of the U.S. Technology Transfer and Advancement Act of 1995  (the Act). Most recently, OMB Circular A-119 was amended in 2016. It is important to note that throughout this time period, the Circular has never required that government entities reference only VCSB-created standards in a procurement order, nor has it rigidly limited which private sector standards could be referenced into law by reference to the VCSB definition. Instead, OMB Circular A-119 expresses a preference for such standards, while noting many other factors a government agency may take into account before settling instead on a non-VCSB SSO standard. 

4.  SSO IPR Policies. Under the terms of the great majority of ICT SSO intellectual property rights (IPR) policies, members of a working group developing a standard are required to either agree to license any patent claims they own that are essential to use of that standard on reasonable and non-discriminatory terms, or disclose those claims and the affected parts of the standard so that the working group can seek to “design around” the infringement. As of November 2019, Huawei and its Entity List affiliates were reported to own more 5G patents than any other company, some percentage of which will inevitably become essential under 5G standards.  Where Huawei and its affiliates are not members of an SSO creating a standard, they will have no obligation to license those patents on RAND terms – or at all.

IV.      Specific Comments and Recommendations

1.  OMB A-119 has been too Broadly and Prescriptively Applied in the Interim Final Rule. The detailed requirements of OMB Circular A-119 can make sense in the context of (for example) health and safety standards that are referenced into law. In such situations, it is appropriate that a quasi-legislative process that ensures balance, consensus and rights of appeal should be preferred. Unlike standards referenced into law that must be complied with, ICT standards succeed or fail based upon market acceptance. That acceptance is based in large part on the credibility of the process employed, and such processes have evolved in response to what the market finds value in. 

While OMB Circular A-119 definitions have the obvious appeal of being long standing and therefore widely understood, it is not obvious why all attributes of the VCSB definition should be mandated under the Interim Final Rule when they have been considered to be advisory in the past with respect to equally important policy objectives. Importantly, two considerations under OMB Circular A-119 justifying use of non-VCSB standards relate to wide international market adoption of a standard. 

To impose OMB Circular A-119 requirements on ICT SSOs without exception (and with potentially severe criminal and civil sanctions for violations) at the same time that Congress and government agencies remain free to utilize standards that do not meet the same requirements is inconsistent and serves no obvious policy goal. At the same time, such a rigid requirement will at worst result in SSOs of crucial interest to U.S. companies being unable to comply, and at best impose needless burdens on SSOs attempting to comply.

2.  A Narrow, Rigid Final Rule is Unlikely to be Useful to Many Consortia. While the Interim Final Rule withdraws the earlier standards-specific guidance issued by BIS,  it does not bar SSOs from relying instead on the pre-existing meeting and publication exceptions under EAR 734.7(a)(3) and 734.7(a)(5). These exceptions are based upon the concept that no useful purpose would be gained by barring disclosure of technology of concern to an Entity List company if that information had been, or soon would be, made public. Most (but, importantly, not all) SSO activities broadly map to one or the other of these exceptions, and any SSO that wishes to adapt its rules and processes may therefore be more likely to do so under the EAR 734.7 exceptions since the burdens would be lower, the technology scope restrictions of the Interim Final Rule would not apply, and any Entity List company (not just Huawei and its affiliates) could then participate. 

The result is that, while some SSOs (like ANSI-accredited organizations) will take comfort in the Interim Final Rule as written (assuming their activities fit within the technology scope limitations), many consortia will not. Although the benefit to accredited SSOs is not to be ignored, absent further change the far greater number of SSOs developing ICT standards may not see compliance with the Interim Final Rule as a desirable way out of their current dilemma.

We believe that the best path for the Interim Final Rule to take would be to recognize that U.S. companies may safely participate in any SSO that was formed with the intention of creating global standards and which permits all interested parties to become members on a non-discriminatory basis, without adding the additional requirements found under the VCSB definitions.

If that approach is not deemed to be acceptable, SSOs and U.S. companies could still greatly benefit from a Final Rule that would incorporate only the openness and consensus elements of the VCSB definition, and benchmark them against prevailing practices in consortia as well as ANSI-accredited SSOs.

A third alternative would be to create a specific public disclosure exception tailored to standards development. Currently, SSOs seeking to comply with one of the existing exceptions under EAR 734.7 must guess how to adapt existing guidance relating to specific use cases – meetings and publications – to processes that are analogous but meaningfully different. In this regard, we note that the earlier, and now withdrawn, standards-specific guidance, while well-intentioned, was not sufficiently tailored to the realities of standards development to be helpful. 

Finally, we note that many standards are insufficiently detailed to allow vendors to create reliably interoperable products. This “last mile” of interoperation is frequently bridged by SSOs convening “plug-fests,” at which vendors can work out the final wrinkles necessary to allow end-users to enjoy the benefits of seamless interoperation and avoidance of vendor lock-in. Such activities may result in some incidental technical disclosures, and it is difficult to draw any useful guidance from the existing public disclosure and meeting exceptions in this regard. Other common, collaborative, standards-related activities, such as compliance testing and reference implementation development, may also involve technology disclosures. In order to allow the full commercial benefit of standards development to be achieved, these activities need to be permitted without risk as well.

3.  Imposing Single Country Requirements on Global SSOs Sets a Bad Precedent. Simply put, it is unreasonable for a single country to impose requirements on global membership organizations, regardless of the perceived merit of the goal it is pursuing. In the first instance, the U.S. does not have the power to unilaterally compel an SSO to change its rules, and in the second, such actions exacerbate anti-U.S. sentiments already resulting from the difficulty of some SSO members to enter the U.S. to participate in SSO meetings. Normalizing such impositions invites retaliation by other countries at worst, and ongoing disruption at best.

4.  Excluding Entity List Companies from ITC SSOs Invites “Patent Hold Up.”  The creation of standards inevitably creates monopoly powers in the hands of the owners of standards essential patents. The time-honored way of avoiding the abuse of such rights is to bring together all interested owners of such rights in an effort to create standards that can be implemented under RAND licenses provided by participating member/patent owners. Where an SSO decides to exclude Huawei and its affiliates rather than comply with VCSB requirements, these companies are given both the opportunity and incentive to “weaponize” any patent claims they own that become essential under the standards of that SSO. U.S. and international business interests can best be served by facilitating rather than restricting the participation of Huawei and its affiliates in vital 5G SSOs and other important standards development organizations. 

V.    Summary

We applaud the efforts of the Department of Commerce to make it clearer how SSOs can permit Huawei and its affiliates to participate in their standards development activities, and for U.S. companies to assess which SSOs they may participate in while complying with applicable law.  However, we believe the path chosen in the Interim Final Rule is unlikely to achieve the greater goal of allowing full participation by U.S. companies in the global standards development system while avoiding the addition of needless burdens on SSO operations. We therefore recommend that one of the approaches offered above form the basis for the Final Rule.