Let's talk about the "RESTRICT Act"

Let’s talk about the RESTRICT Act

The Senate text summary of S.686 - RESTRICT Act, Sen. Warner, Mark R. [D-VA] (Introduced 03/07/2023) is as follows:

“The purpose of the bill is to create a framework for the federal government to identify, assess, and address national security threats posed by certain types of information and communications technology (ICT) products and services.”

It would prohibit federal agencies from purchasing or using specific products and services. The bill would also establish a grant program to assist small and rural communication providers in replacing any equipment or services that have been deemed to pose a national security threat.

In addition, the bill would establish a program within the National Institute of Standards and Technology (NIST) to develop standards and guidelines for the secure use of ICT products and services, and it would require the Director of National Intelligence to provide an annual report on the national security risks posed by ICT products and services.

Overall, the goal of the RESTRICT Act is to strengthen the security of the United States’ ICT infrastructure by identifying and addressing potential national security threats posed by certain ICT products and services. It also appears that it references Executive Order 13526 as well, an Order enacted by President Obama which summarily defines:

“a uniform system for classifying, safeguarding, and declassifying national security information, including information relating to defense against transnational terrorism”.

Notice also the term “joint resolution” mentioned freely in its pages.

“Joint resolutions may originate either in the House of Representatives or in the Senate. There is little practical difference between a bill and a joint resolution. Both are subject to the same procedure, except for a joint resolution proposing an amendment to the Constitution. On approval of such a resolution by two-thirds of both the House and Senate, it is sent directly to the Administrator of General Services for submission to the individual states for ratification.”

If that’s too confusing, the ELI5 is this type of resolution would be used if Congress wants to disagree with a determination made by the Secretary of Commerce under Section 3 of the bill. The section sets out a specific process for considering this type of resolution, including waiving certain rules and limiting debate to 10 hours. Waiving the requirements for a vote of disapproval or approval, in either case, would be highly unethical.

What does this bill actually introduce into federal law?

  1. creation of a framework for the identification and assessment of national security risks posed by certain ICT products and services, including the establishment of an interagency process for identifying and assessing these risks;
  2. prohibition on federal agencies purchasing or using ICT products and services that have been identified as posing a national security risk;
  3. creation of a grant program to assist small and rural communication providers in replacing any equipment or services that have been deemed to pose a national security risk;
  4. establishment of a program within the National Institute of Standards and Technology (NIST) to develop standards and guidelines for the secure use of ICT products and services;
  5. the requirement for the Director of National Intelligence to provide an annual report on the national security risks posed by ICT products and services.

In this sense, the RESTRICT Act could be seen as a way for the federal government to exert greater control over the purchase, use, and sale of certain ICT equipment and services that are deemed to pose a national security threat. (Essentially, as it sees fit to do so.)

Yes, up to and including the VPNs and virtual credit cards services we all know and love. :(

Similar texts to S.686 with overarching legislation

  1. S.2098 - 115th Congress (2017-2018): Foreign Investment Risk Review Modernization Act of 2018 (05/22/2018) - expands the scope of such “covered transactions”;
  2. McCaul, Meeks, Gallagher, Langevin, Kinzinger, Keating Reintroduce the Cyber Diplomacy Act. Committee on Foreign Affairs.
  3. Rep. Escobar, V. [D-T.-16. (2022, November 1). H.R.3557 - 117th Congress (2021-2022): Homeland Security Improvement Act.
  4. Sen. Schumer, C. E. D-N. (2021, June 8). S.1260 - 117th Congress (2021-2022): United States Innovation and Competition Act of 2021 (06/08/2021)