Government Contracts Maritime Military

DOJ’s Data Security Program Final Rules Effective – Implications for Telecom Providers

On January 8, 2025, the U.S. Department of Justice (DOJ) issued its final rule to implement Executive Order 14117 aimed at preventing access to Americans’ bulk sensitive personal data and government-related data by countries of concern, including China, Cuba, Iran, North Korea, Russia, and Venezuela (Data Security Program or DSP). The regulations took effect on April 8, 2025, with additional compliance requirements for U.S. persons taking effect by October 6, 2025.
While the DSP includes an exemption for “telecommunications services” (as specifically defined in the rule), telecommunications providers must closely review their services involving data transactions with countries of concern or covered persons associated with those countries to ensure the particular service provided or transaction falls within the exemption. Non-compliance with the DSP can result in significant civil and criminal penalties, underscoring the importance for telecommunications providers to thoroughly understand and adhere to these rules, where applicable.
Scope and Applicability
The DSP sets forth prohibitions and restrictions on certain data transactions that pose national security risks. The rules are designed to be national security regulations to address identified risks to U.S. national security, rather than privacy regulations designed to protect privacy or other individual interests.
The DSP applies to U.S. persons and entities engaging in transactions that provide access to Covered Data to Countries of Concern or Covered Persons associated with those countries in specified ways. Countries of Concern currently include China (including Hong Kong and Macau), Cuba, Iran, North Korea, Russia, and Venezuela, but this list is subject to future change. The DSP defines Covered Persons as entities or individuals associated with a Country of Concern, based on the following criteria:

An entity that is 50% or more owned by a Country of Concern
An entity that is organized or chartered under the laws of a Country of Concern
An entity that has its primary place of business in a Country of Concern
An entity that is 50% or more owned by a Covered Person
A foreign person, as an individual, who is an employee or contractor of a Country of Concern
A foreign person, as an individual, who is primarily a resident in the territorial jurisdiction of a country of concern
Any entity or individual that the Attorney General designates as a Covered Person subject to broad discretion set forth in the DSP

Covered Data involves two primary categories of data: U.S. sensitive personal data and U.S. government-related data. At a high level, the new rules prohibit, restrict, or exempt certain data transactions involving Covered Data that could give countries of concern or Covered Persons access to such data, and are triggered by bulk data transfers, which can include individual transfers that over time trigger specified volume thresholds. The rules also include specified record keeping and reporting requirements, as well as a process for obtaining approval of otherwise prohibited transfers. The rules also include enforcement mechanisms with the potential for civil and criminal penalties for non-compliance.
On April 11, 2025, DOJ issued a compliance guide, along with a list of Frequently Asked Questions (FAQs) to assist entities with understanding and implementing the DSP. DOJ also announced a 90-day limited enforcement period from April 8 to July 8, 2025, focusing on facilitating compliance rather than enforcement, provided that entities are making good faith efforts as outlined in the 90-day policy.By July 8, 2025, entities must be fully compliant with the DSP, as the DOJ will begin enforcing the provisions more rigorously. By October 6, 2025, compliance with all aspects of the DSP, including due diligence, audit requirements, and specific reporting obligations, will be mandatory.
For a more detailed discussion of the persons and transactions covered under the DSP and its applicability, including definitions, see our recent alert on Navigating the New DOJ Data Security Program Compliance.
Telecommunications Services Exemption
Of note for telecommunications providers is that the DSP, Rule Section 202.509, includes a “telecommunications services” exemption. This exemption for telecommunications services states that the DSP rules: “…do not apply to data transactions, other than those involving data brokerage, to the extent that they are ordinarily incident to and part of the provision of telecommunications services,” as that term is defined under the rule. Specifically, Rule Section 202.252, the new DOJ rule definition of “telecommunications service” means:
the provision of voice and data communications services regardless of format or mode of delivery, including communications services delivered over cable, Internet Protocol, wireless, fiber, or other transmission mechanisms, as well as arrangements for network interconnection, transport, messaging, routing, or international voice, text, and data roaming.1

Of note, this exemption specifically applies to activities directly related to the technical and operational aspects of delivering telecommunications services and does not extend to ancillary services like marketing or data analytics. The Department also declined to expand the exemption to include data transactions related to IP addresses or cybersecurity services.
Importantly, the DOJ made clear the definition of telecommunications services for purposes of the DSP is unique to the DSP and is without reference to the definition in Section 153(53) of the Communications Act. The import of this is that the definition is apparently without reference to whether the service is a common carrier offering.
Examples of Exempt and Non-Exempt Transactions
Rule Section 202.509 provides examples of bulk data transfers incident to telecommunications services that fall within the exemption, and an example of a bulk data transfer by a telecommunications service provider that falls outside the exemption:
(1) Example 1. A U.S. telecommunications service provider collects covered personal identifiers from its U.S. subscribers. Some of those subscribers travel to a country of concern and use their mobile phone service under an international roaming agreement. The local telecommunications service provider in the country of concern shares these covered personal identifiers with the U.S. service provider for the purposes of either helping provision service to the U.S. subscriber or receiving payment for the U.S. subscriber’s use of the country of concern service provider’s network under that international roaming agreement. The U.S. service provider provides the country of concern service provider with network or device information for the purpose of provisioning services and obtaining payment for its subscribers’ use of the local telecommunications service provider’s network. Over the course of 12 months, the volume of network or device information shared by the U.S. service provider with the country of concern service provider for the purpose of provisioning services exceeds the applicable bulk threshold. These transfers of bulk U.S. sensitive personal data are ordinarily incident to and part of the provision of telecommunications services and are thus exempt transactions.
This example illustrates where the data sharing is integral to the core function of providing telecommunications services and facilitating international roaming, aligning with the exemption criteria.
(2) Example 2. A U.S. telecommunications service provider collects precise geolocation data on its U.S. subscribers. The U.S. telecommunications service provider sells this precise geolocation data in bulk to a covered person for the purpose of targeted advertising. This sale is not ordinarily incident to and part of the provision of telecommunications services and remains a prohibited transaction.
Here, the sale of geolocation data for advertising purposes is not directly related to the telecommunications service itself, placing it outside the scope of the exemption.
(3) Example 7. A U.S. company owns or operates a submarine telecommunications cable with one landing point in a foreign country that is not a country of concern and one landing point in a country of concern. The U.S. company leases capacity on the cable to U.S. customers that transmit bulk U.S. sensitive personal data to the landing point in the country of concern, including transmissions as part of prohibited transactions. The U.S. company’s ownership or operation of the cable does not constitute knowingly directing a prohibited transaction, and its ownership or operation of the cable would not be prohibited (although the U.S. customers’ covered data transactions would be prohibited). See 28 CFR § 202.305.
This example illustrates that while the infrastructure operation itself is not a prohibited transaction, the data transfers by customers using the international submarine cable are prohibited if they involve countries of concern. This would likely be a direct issue for the underlying customer rather than the telecommunications service provider, though providers might still consider whether it would make sense to ensure that their customer agreements include provisions insulating them from any potential exposure from such customer non-compliance.

The examples above focus on whether a particular bulk data transfer is “ordinarily incident to and part of the provision of” an exempt telecommunications service. So, for example, arrangements outside the actual provision of the service, such as the sale or sharing of customer data for marketing purposes or with application providers, would appear to be outside the scope of the exemption.
As one example, a number of major mobile carriers had location-based service programs, which were the subject of a series of FCC enforcement actions, that facilitated, through third party “location aggregators”, the sharing of user location data with application providers to enable location-based services.2 Example No. 2, above, would suggest that this type of service would not be “ordinarily incident to and part of the provision of” a carrier’s mobile data services (the telecommunications service under the DSP definition) and hence outside the exemption.
Challenges and Considerations
The harder question, however, and one that will undoubtedly be initially vexing for providers without further clarification from DOJ, is the actual scope of the “telecommunications services” definition in the rule. This is particularly true for integrated offerings by providers that clearly include telecommunications services, but also include integrated components which include bulk transfers, that standing alone might be outside the scope of the telecommunications services definition. Of significance, in adopting this definition, the DOJ stated that the definition is limited to the listed telecommunications services and does not reach services like cloud computing.
The recently issued FAQs also reinforce this point, stating the definition is “limited to communications services and does not include all internet-based services like cloud computing.” See Question 77. This begs the question of an offering by a telecommunications services provider that includes both cloud computing and associated transport services. Similarly, the provision of integrated applications offered by telecommunications services providers in conjunction with their telecommunications service offerings, would raise similar questions, particularly, as noted above, in connection with Example No. 2.
Providers should note that any data transaction not essential to the core function of telecommunications—such as partnerships involving user data for non-service-related purposes—may fall outside the exemption. Providers must differentiate between core telecommunications functions and ancillary services, ensuring that services like data analytics or marketing, which are not ordinarily incident to the core telecommunications services, are carefully evaluated for compliance.
Implications of Limitation to Telecommunications Service Exemption
While DOJ’s final rule appears to provide three straightforward examples, the issues arise about integrated service offerings such as telecommunications services that include a cloud computing or a data center component. While the telecommunications service aspect appears to be exempt, the data storage or cloud computing aspect would not be, at least if offered on a standalone basis. The same may be true for integrated application offerings in connection with application providers, most obviously, under Example No. 2 in connection with sharing location data. This necessitates a thorough review of service offerings, particularly those bundled with non-telecommunications services like cloud computing, data center services, and applications, to determine compliance with DSP regulations. Accordingly, telecommunications providers must closely examine the integrated services they provide, along with their data sharing arrangements with third parties, to determine whether the transaction may trigger prohibited or restricted data transactions involving countries of concern or Covered Persons.

1In adopting this definition, DOJ noted that commenters suggested that the definition of telecommunications services be expanded to include voice and data communications over the internet. DOJ agreed and instead of limiting the scope of “telecommunications services” to the definition in Communications Act, 47 U.S.C. 153(53) (which would have applied only to common carriers) the DOJ adopted its own definition of the term to cover present day communications for the purposes of the exemption. Under the Communications Act, telecommunications service means the offering of telecommunications for a fee directly to the public, or to such classes of users as to be effectively available directly to the public, regardless of the facilities used.2See FCC Fines AT&T, Sprint, T-Mobile and Verizon Nearly $200 Million for Illegally Sharing Access to Customers’ Location Data (FCC News Release, Apr. 29, 2024); see also AT&T, File No. EB-TCD-18-00027704, Forfeiture Order at ¶¶ 8-10 (FCC 24-40, Apr. 29, 2024), vacated, AT&T v. FCC, No. 24-60223, Slip Op. at 5-6 (5th Cir. Apr. 17, 2025).

Beltway Buzz, April 25, 2025

The Beltway Buzz™ is a weekly update summarizing labor and employment news from inside the Beltway and clarifying how what’s happening in Washington, D.C., could impact your business.

Congress Out, Agenda Delayed. The U.S. Congress is currently in the second week of its spring break recess and will return to Washington, D.C., on April 28, 2025. Upon returning, Republican leaders are expected to move forward with their budget reconciliation package that is expected to address military spending, energy production, taxes, and immigration. The Buzz will also be monitoring potential U.S. Senate confirmation hearings for individuals nominated to lead labor and employment–related agencies. President Donald Trump has nominated individuals to lead the U.S. Department of Labor’s (DOL) Occupational Safety and Health Administration and Wage and Hour Division, as well as the General Counsel’s office of the National Labor Relations Board, but those nominees have not yet had their Senate confirmation hearings.
Executive Order Seeks to Limit Use of Disparate-Impact Liability. On April 23, 2025, President Trump issued an executive order (EO) titled “Restoring Equality of Opportunity and Meritocracy.” The EO states, “It is the policy of the United States to eliminate the use of disparate-impact liability in all contexts to the maximum degree possible.” Currently, employers may be held liable under a disparate-impact theory of discrimination if an otherwise neutral employment policy or practice results in an adverse impact on a protected class. The EO directs all federal agencies to “deprioritize enforcement of all statutes and regulations to the extent they include disparate-impact liability” and further instructs the attorney general and the chair of the U.S. Equal Employment Opportunity Commission to review all current legal matters that rely on a theory of disparate-impact liability, and to “take appropriate action with respect to such matters consistent with the policy of th[e] order.” T. Scott Kelly, Nonnie L. Shivers, and Zachary V. Zagger have the details.
Disparate-impact liability in employment discrimination cases was first established by the Supreme Court of the United States in 1971 and codified by Congress in the Civil Rights Act of 1991. In February 2025, U.S. Attorney General Pam Bondi issued a memorandum instructing U.S. Department of Justice (DOJ) officials to deemphasize disparate-impact theories of liability.
Senate HELP Committee Chair Outlines Independent Contractor Proposals. Senator Bill Cassidy (R-LA), chairman of the Senate Committee on Health, Education, Labor, and Pensions, has released a white paper advocating for various legislative proposals related to independent contractors. The white paper, titled, “Portable Benefits: Paving the Way Toward a Better Deal for Independent Workers,” builds on Cassidy’s 2024 “request for information seeking feedback from stakeholders on ways to remove federal legal and regulatory barriers to portable benefits for independent workers.” Among the proposals advanced in the paper are a single statutory test for determining employment status, as well as legislation that would allow employers to provide health and retirement benefits to workers without those benefits triggering employment status. (The Buzz recently detailed bills in the U.S. House of Representatives that address these issues.)
Immigration Policy Update. Recent developments in the immigration policy arena include the following:

The U.S. District Court for the District of Massachusetts issued an order blocking the Trump administration’s rescission of Cuba, Haiti, Nicaragua, and Venezuela (CHNV) humanitarian parole program. Emphasizing the need for a case-by-case review prior to revoking grants of parole, the judge ruled that the “categorical termination of existing grants of parole was arbitrary and capricious.” Amanda M. Mullane and Daniela Medrano Sullivan have the details.
Secretary of State Marco Rubio announced sweeping changes to the operational structure of the U.S. Department of State. While the Bureau of Consular Affairs—the subagency within the State Department responsible for issuing visas—does not appear to be impacted at this early stage, the Buzz will continue to monitor the situation as it develops.

DOL Staff Exit. Workers at the DOL are leaving, either pursuant to deferred-resignation offers from the new administration or involuntary reductions in force.

Deferred Resignations. Almost 20 percent of the DOL’s employees will reportedly leave their positions in September 2025 after accepting deferred-resignation offers.
OFCCP Continues to Shrink. According to media reports, most employees in the Office of Federal Contract Compliance Programs’ (OFCCP) enforcement division’s national office and five of its six regional offices have been placed on administrative leave in advance of planned reductions in force at the agency. (Employees in the Southwest and Rocky Mountain Region—often referred to by practitioners as “SWARM”—were not impacted.) The action follows on the heels of a February 2025 DOL memo indicating that 90 percent of OFCCP employees would eventually be removed from their positions. A group of Democratic senators and representatives wrote a letter to Secretary of Labor Lori Chavez-DeRemer, warning that the dramatic reduction in staff at OFCCP would leave veterans and individuals with disabilities vulnerable to discrimination.

The Buzz will keep tabs on how staff reductions at the DOL in general, and OFCCP specifically, will impact the department’s regulatory and enforcement agendas.
Remember the Maine! On April 25, 1898, Congress declared war on Spain. The Cuban War of Independence, the rise of sensationalistic “yellow journalism,” U.S. self-interest, and the February 15, 1898, explosion of the USS Maine in Havana Harbor all contributed to a series of congressional actions that culminated in a declaration of war. The declaration read:
A bill declaring that war exists between the United States of America and the Kingdom of Spain.
Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled, first. That war be, and the same is hereby, declared to exist, and that war has existed since the twenty-first day of April, A.D. 1898, including said day, between the United States of America and the Kingdom of Spain.
Second. That the President of the United States be, and he hereby is, directed and empowered to use the entire land and naval forces of the United States, and to call into the actual service of the United States the militia of the several States, to such extent as may be necessary to carry this act into effect.
Approved, April 25, 1898.

The war ended several months later with the signing of the Treaty of Paris on December 10, 1898, and resulted in the United States’ acquisition of Puerto Rico, Guam, and the Philippines.

A Roadmap for Export Controls? Project 2025 and the Future of U.S. Exports – Part III

The second Trump administration has come flying out of the starting blocks on international trade policy actions—imposing and rescinding, shaping and reshaping tariffs, sanctions, and export controls. The executive orders and directives have come so thick and fast that it is not always simple for businesses to chart a consistent policy direction and develop their plans to account for what might be coming next.
However, there is in fact a pretty clear map that could indicate the U.S. policy direction with respect to export controls.
The U.S. Department of Commerce, Bureau of Industry and Security (BIS) may well follow the map that was drafted by the same people who are now among the BIS leadership. The cartographers, as it were, are James Rockas and Robert Burkett. Rockas and Burkett now serve as the Deputy Under Secretary and Chief of Staff, respectively, at BIS. Both are listed as authors of the chapter on the Department of Commerce in the Project 2025 Mandate for Leadership publication by the Heritage Foundation.[1] Regardless of one’s views on Project 2025, the publication is a useful indicator of the future of U.S. export controls, among other policies.
In this article, we examine what the proposed “modernization” of the Export Administration Regulations (EAR) outlined in Project 2025 looks like, and analyze how the Project 2025 proposals could be implemented in future U.S. export regulations.
The Checklist
The section of Project 2025 dedicated to BIS presents a list[2] of key priorities for “EAR modernization” , as follows:
Featured Today

Eliminating the “specially designed” licensing loophole;
Redesignating China and Russia to more highly prohibitive export licensing groups (country groups D or E);
Eliminating license exceptions;
Broadening foreign direct product rules;
Reducing the de minimis threshold from 25 percent to 10 percent—or 0 percent for critical technologies;
Tightening the deemed export rules to prevent technology transfer to foreign nationals from countries of concern;
Tightening the definition of “fundamental research” to address exploitation of the open U.S. university system by authoritarian governments through funding, students and researchers, and recruitment;
Eliminating license exceptions for sharing technology with controlled entities/countries through standards-setting “activities” and bodies; and
Improving regulations regarding published information for technology transfers.

On first reading, some of these proposals may not seem to fit neatly within the familiar EAR framework. That might make it hard to picture how they will be implemented in regulations, much less to plan for them.
But that’s just the sort of picturing we propose to take on!
We have worked our way through the list above. We have asked ourselves how those broad, potentially seismic changes might actually be put into practice. Where is there real room for rewriting the regulations? Where is there precedent in export regulatory history? (Where what’s past be prologue, to borrow a phrase)?
Here we present our initial thoughts on what may be coming. We note that none of these points constitutes legal advice. But they may be useful for considering where your organization may wish to consider the possibility of future export control regulations.[3] And they may come fast, so get ready. As the poet said, defer no time. Delays have dangerous ends.
We present our findings in three parts (in three days), dividing the list to conquer it and to do so without overburdening our readers.
7. “Tightening the definition of “fundamental research” to address exploitation of the open U.S. university system by authoritarian governments through funding, students and researchers, and recruitment”
The Fundamental Research provisions of the EAR consider certain technology and software in mathematics, engineering, and science that are the result of research in universities to be in the public domain, and thus not controlled for export. One criterion for this exemption from control is that the research must be of the type that is normally published. Currently, the fundamental research exclusion provides for universities to allow students, regardless of nationality, to take part in research and to have access to certain technology and software that may otherwise be controlled.
However, universities have been under increasing scrutiny in cases where fundamental research exposes sensitive technology to students, professors, researchers, and even donors from countries of concern. Tightening the fundamental research exception could mean limiting the exception so that it does not apply to foreign persons affiliated with certain universities (such as those on the Specially Designated Nationals list), or even to all nationals of certain countries of concern. Alternatively, the rules could be tightened to allow U.S. government sponsors of research to place greater limits on access to sponsored projects based on nationality, or to require universities to waive the fundamental research exception altogether in their sponsorship agreements. Since the Fundamental Research exemptions are based in the First Amendment, there may be limits on how far that reform could be taken. But we have no doubt that the administration will look at how to restrict the Fundamental Research exemptions.
8. “Eliminating license exceptions for sharing technology with controlled entities/countries through standards-setting “activities” and bodies”
Currently, certain low-controlled technology or software is not subject to the EAR when it is being shared for the purpose of designing, developing, and/or implementing industry standard. The rule is designed for international cooperation.
Historically, the Trump administration has shown a disinclination to participate in multilateral activity (the Paris Climate Accord, UN Convention on Human Rights, Trans Pacific Partnership, NAFTA, Transatlantic Trade and Investment Partnership (TTIP), etc.). It would not be inconsistent with administration practice to narrow or eliminate exceptions that provide for free sharing of technolgoy with multilateral standards-setting groups.
Eliminating the exception would be a straightforward revision of the rule, which could potentially affect U.S. government and U.S. company relations with other governments, international organizations, international inspections under the Chemical Weapons Convention, and the International Space Station operations.
9. “Improving regulations regarding published information for technology transfers.”
Much like the fundamental research exception described above, adjusting the EAR-exception for published technology could potentially violate the First Amendment. One potential approach would be for the EAR to adopt an approach similar to the ITAR’s public domain exception. For example, public release, such as publishing, would only be permitted after approval from the U.S. Government. The proposal may also redefine what is considered “published” by introducing exceptions to the definition.
Conclusions and Early Indications
The second Trump administration has issued, rescinded, revised, and reissued a substantial number of tariffs, sanctions, and export control measures. Although it is easy to be overwhelmed by the volume of actions, some of the policy direction of the new administration is clear. And as outlined here, the Commerce Department chapter of the Project 2025 Mandate for Leadership provides strong indicators of the administration’s policy direction on export controls.
At the same time, developments outside the four corners of Project 2025 suggest that certain reforms may already be in motion. On April 10, 2025, Landon Heid—President Trump’s nominee for Assistant Secretary of Commerce for Export Administration—testified before the Senate Banking Committee and indicated that BIS may act “relatively quickly” to apply Entity List restrictions to subsidiaries of listed entities, drawing a parallel to OFAC’s 50% rule. If implemented, this shift would materially expand the scope of compliance obligations for exporters, reexporters, and technology providers by effectively capturing foreign subsidiaries and affiliates that have so far fallen outside the scope of licensing requirements.
Heid’s remarks also flagged broader enforcement priorities—particularly around China’s acquisition of artificial intelligence capabilities. He pointed to risks associated with transshipment through jurisdictions such as Hong Kong and suggested BIS may pursue tighter controls to curb diversion and illicit procurement of advanced technologies. Those developments, while not explicitly part of Project 2025, reflect an accelerating trajectory toward more expansive and aggressive export control enforcement.
Together, the Project 2025 blueprint and the emerging policy posture from BIS leadership offer a coherent preview of what the next phase of U.S. export regulation may look like. Companies would do well to monitor those signals and begin scenario planning for a regulatory environment in which the scope of control is broader, the tools are sharper, and the compliance expectations are higher.
FOOTNOTES
[1] Available at 2025_MandateForLeadership_CHAPTER-21.pdf.
[2] Id. at p.672.
[3] Additionally, we would be glad to kick these ideas around with others (I know my associates are tired of me talking about it to them). So if you have any comments, questions, or ideas to posit, please feel free to contact the authors directly.

A Roadmap for Export Controls? Project 2025 and the Future of U.S. Exports – Part II

On first reading, some of these proposals may not seem to fit neatly within the familiar EAR framework. That might make it hard to picture how they will be implemented in regulations, much less to plan for them.
But that’s just the sort of picturing we propose to take on!
We have worked our way through the list above. We have asked ourselves how those broad, potentially seismic changes might actually be put into practice. Where is there real room for rewriting the regulations? Where is there precedent in export regulatory history? (Where what’s past be prologue, to borrow a phrase)?
Here we present our initial thoughts on what may be coming. We note that none of these points constitutes legal advice. But they may be useful for considering where your organization may wish to consider the possibility of future export control regulations.[3] And they may come fast, so get ready. As the poet said, defer no time. Delays have dangerous ends.
We present our findings in three parts (in three days), dividing the list to conquer it and to do so without overburdening our readers.
4. “Broadening foreign direct product rules”
Foreign Direct Product Rules (FDPRs) extend U.S. export controls to cover foreign manufactured items that are the direct product of certain U.S.-origin technology, software, or equipment.[4] In 2020, the FDPRs were broadened significantly to cover foreign made items destined for the Chinese telecommunications equipment maker Huawei and certain of its affiliates, and a handful of other Chinese and Chinese-owned companies. In general, there are two pieces to an FDPR, the Product Scope (what the control applies to), and the Destination Scope (at what countries or companies the control is aimed).
Since BIS brought the FDPR hammer out of the toolbox, it has found plenty of nails. There are now ten separate FDPRs applicable to Product Scopes such as Supercomputers and semiconductor manufacturing equipment, or to Destination Scope targets such as the Russian and Belarusian militaries. In terms of writing regulations, it is likely easiest for the U.S. government to aim a broad product scope control at a narrow target, singling out a company or group of companies. However, recent EAR amendments have placed broad controls on artificial intelligence by defining a set of AI model weights that may be subject to controls globally.
We fully expect new FDPRs to contain broader Product Scope to cover technologies the administration considers critical (e.g., semiconductor manufacturing, autonomous vehicles, or AI). Likewise, we expect new FDPRs may contain several new companies in the Destination Scope, as the administration develops new targets over time.
5. “Reducing the de minimis threshold from 25 percent to 10 percent—or 0 percent for critical technologies”
Currently, a product made outside the United States may be subject to U.S. export controls if it incorporates more than a de minimis amount of U.S.-origin controlled content by value. That is, if you make a computer in France, but the hard drive is U.S.-origin and incorporated into your French computer, then the value of that hard drive may account for more than the de minimis amount of value of that computer. As a result, that computer may be controlled by U.S. export controls, even as it is exported from France as a French-made item.
For most countries, the de minimis threshold of U.S. content is 25% of the value of the foreign-made item. However, for certain countries (e.g., Iran) it is 10%, and for others (e.g., Cuba), it is 0%. In cases where the threshold is 0%, the de minimis rule operates like the ITAR see-through rule: any U.S.-origin controlled content in the foreign made item will trigger U.S. controls for export to the country with a 0% de minimis level.
It follows that a reduction of the de minimis level would significantly expand the extraterritorial jurisdiction of BIS. It would give BIS control of a broad swath of foreign made products that would be exported to the country with the lower de minimis threshold.
6. “Tightening the deemed export rules to prevent technology transfer to foreign nationals from countries of concern”
When a person discloses controlled technology to a foreign person, the release of that technology is considered an export to the home country of that foreign person. That is the case regardless of where the release occurs, even if both persons are in the United States. The release of technology—through a discussion, through visual inspection, or through written communication—is “deemed” to be an export to the foreign person’s country of nationality. Similarly, a release of U.S.-controlled technology in a foreign country by a person authorized to have that technology to a person of a third-country nationality, is a deemed reexport to that person.
So when an engineer in Denmark is collaborating with his U.S. colleagues on controlled technology development, the technology is exported to Denmark. If he discusses the technology with his Chinese colleague in Denmark, that discussion may be considered a deemed reexport to China. However, in certain cases, if the Chinese national is an employee of the same company and the company is authorized to receive the technology, the technology may be shared with the Chinese national without any further licensing.[5]
That scenario presents a tempting target for a BIS looking to tighten controls on technology going to China. The rule could simply be changed so that a person from China (or Russia or any other country of concern) could not receive the controlled technology without further licensing. Alternatively, export licenses might be written to include provisos prohibiting certain deemed reexports, e.g., to China.
In either case, as a Danish (or EU or other third-country) employer, you may need to consider whether you can hire that graduate student from a country of concern or whether you can staff certain projects with persons with certain nationalities. At the same time, non-U.S. companies aiming to comply when hiring employees from U.S. countries of concern will need to balance that compliance against any local employment laws on hiring decisions made on the basis of national origin.
Conclusions and Early Indications
The second Trump administration has issued, rescinded, revised, and reissued a substantial number of tariffs, sanctions, and export control measures. Although it is easy to be overwhelmed by the volume of actions, some of the policy direction of the new administration is clear. And as outlined here, the Commerce Department chapter of the Project 2025 Mandate for Leadership provides strong indicators of the administration’s policy direction on export controls.
At the same time, developments outside the four corners of Project 2025 suggest that certain reforms may already be in motion. On April 10, 2025, Landon Heid—President Trump’s nominee for Assistant Secretary of Commerce for Export Administration—testified before the Senate Banking Committee and indicated that BIS may act “relatively quickly” to apply Entity List restrictions to subsidiaries of listed entities, drawing a parallel to OFAC’s 50% rule. If implemented, this shift would materially expand the scope of compliance obligations for exporters, reexporters, and technology providers by effectively capturing foreign subsidiaries and affiliates that have so far fallen outside the scope of licensing requirements.
Heid’s remarks also flagged broader enforcement priorities—particularly around China’s acquisition of artificial intelligence capabilities. He pointed to risks associated with transshipment through jurisdictions such as Hong Kong and suggested BIS may pursue tighter controls to curb diversion and illicit procurement of advanced technologies. Those developments, while not explicitly part of Project 2025, reflect an accelerating trajectory toward more expansive and aggressive export control enforcement.
Together, the Project 2025 blueprint and the emerging policy posture from BIS leadership offer a coherent preview of what the next phase of U.S. export regulation may look like. Companies would do well to monitor those signals and begin scenario planning for a regulatory environment in which the scope of control is broader, the tools are sharper, and the compliance expectations are higher.
FOOTNOTES
[1] Available at 2025_MandateForLeadership_CHAPTER-21.pdf.
[2] Id. at p.672.
[3] Additionally, we would be glad to kick these ideas around with others (I know my associates are tired of me talking about it to them). So if you have any comments, questions, or ideas to posit, please feel free to contact the authors directly.
[4] We recognize that the term in the regulations is not “equipment,” but, rather “plant or major component of a plant.” But boy is that longer phrase ungainly, so we will use “equipment” as a shorthand here and trust that it sufficiently conveys the message.
[5] However, there would be some administrative steps involved in making that release lawful.

Defense Contractors’ Restrictions When Contracting with Chinese Companies

In the current economic climate, the obvious focus of many companies is on the administration’s imposition of tariffs. However, government contractors, especially those contracting with the U.S. Department of Defense (“DoD”), must not lose sight of their current and potential future direct and indirect relationships with certain Chinese entities.
Contractors’ compliance obligations regarding relationships with Chinese entities flow from:

FAR 52.204-25 (Section 889 of the 2019 National Defense Authorization Act (“NDAA”)), and
The Chinese Military Companies (“CMC”) List (Section 1260H of the 2021 NDAA) (also known as the “1260H List”).

Section 889 became effective in 2019 and 2020, so compliance policies and procedures applicable to contracting with all federal government agencies should be well in place. New complexities are emerging for defense contractors given the expanding number of Chinese entities on the1260H List. All contractors are required to annually certify compliance with Section 889, but defense contractors will have an additional level of compliance. They will be required to comply with the 1260H List beginning in June 2026 (for contractors that work with individuals or entities that lobby for CMCs) and June 2027 (for contractors sourcing from or otherwise doing business with entities on the 1260H list). We discuss both compliance frameworks below and provide several key takeaways for contractors.
Government-Wide Supply Chain Restrictions: Section 889
Parts A and B of Section 889 impose significant restrictions on a contractor’s ability to use and sell to the government covered telecommunications and video surveillance products and services (“covered equipment and services”) from five Chinese entities and their affiliates.
Part A, effective August 2019, prohibits the government from procuring covered equipment and services manufactured by the companies identified below. A prime contractor is required to flow down this prohibition to its subcontractors. Part B, effective August 2020, prohibits the government from contracting with entities that “use” covered equipment and services from the five identified companies. This prohibition applies to a contractor’s use of covered equipment and services in any part of its business. There is no nexus required tethering the use of such equipment or services to the contractor’s performance of a federal government contract. Part B does not flow down to subcontractors.
As U.S. government contractors are now well aware, compliance with Part B requires eliminating covered technology and services from their organizations from the five named Chinese entities and their affiliates, which typically include the following types of products/services:

Huawei: mobile phones, laptops, tablets, routers, and switches
ZTE Corporation: mobile phones, mobile hotspots, and network equipment (routers/switches)
Hytera Communications Corporation: radio transceivers and radio systems
Dahua Technology Company & Hangzhou Hikvision Digital Technology: video surveillance products and services (e.g., company surveillance systems)

DoD-Only Relationship Restrictions on Companies Listed on the Section 1260H List
The 2021 NDAA will add a second layer of compliance only for defense contractors. The Secretary of Defense is required to publish an annual list of CMCs. Starting in June 2026, DoD will be prohibited from procuring goods, services, and technology produced or developed by listed CMCs or companies that hire lobbyists that lobby for CMCs. Starting in June 2027, the same prohibition will apply to indirect procurements, meaning defense contractors must eliminate goods, services, and technology from listed CMCs from their supply chains.
To be included on the 1260H List, a Chinese entity must have one of two associations as determined by DoD. First, an entity must directly or indirectly (whether through ownership, control, or affiliation) act as an agent of the People’s Liberation Army; Chinese military or paramilitary elements; security, police, law, or border enforcement; the People’s Armed Police; the Ministry of State Security; or any other organization controlled by the Central Military Commission of the Communist Party, the Ministry of Industry and Information Technology, the State-Owned Assets Supervision and Administration Commission of the State Council, or the State Administration of Science, Technology, and Industry for National Defense. Alternatively, listed entities are those important to civilian and military advancements in China’s defense industrial base; these entities are called “military-civil fusion contributors.”
Whereas compliance regimes for Section 889 are nearly five years old, compliance deadlines for Section 1260H are upcoming:

Starting June 30, 2026, DoD may not (i) enter, renew, or extend contracts for goods, services, or technology with listed entities or their affiliates, or (ii) contract with companies that engage individuals or entities that lobby for CMCs, even if regulated “lobbying” activity does not relate to the contractor’s operations (Section 851 of the 2025 NDAA). (“Lobbying” is defined by the Lobbying Disclosure Act of 1995).

The prohibition differentiates between end-item technology and mere “components” of end item technologies. The prohibition focuses on end-items. (“Component” means an item supplied to the Federal Government as part of an end-item or of another component. 41 U.S.C. § 105.)

Starting June 30, 2027, DoD may not purchase end products or services developed or produced by listed entities indirectly through third parties. (Note an exception in Section 805 of the 2025 NDAA excluding the purchase of component materials that are part of an end product created by an entity not on the 1260H list.)

Section 1260H of the Fiscal Year 2021 NDAA required that DoD publish the 1260H List each year until at least 2030. Additional entities have been added each year thereafter. In an effort to provide contractors with ample notice, DoD has begun publishing 1260H Lists. As of January 2025, there are 134 entities on the list (Notice of Availability of Designation of Chinese Military Companies (Federal Register)). The listed entities span an array of industries, including telecommunications, aerospace, semiconductors, artificial intelligence, energy, and transportation, among others. Notably, Hangzhou Hikvision Digital Technology Co., Ltd. (Hikvision); Huawei Technologies Co., Ltd.; and Zhejiang Dahua Technology Co., Ltd. (Dahua) appear on both the Section 889 and Section 1260H lists.
Key Takeaways for Contractors

For Section 889 and Section 1260H compliance, U.S. government contractors must assess their supply chains both for direct contracts as well as contracting for end products or services developed or produced by listed entities indirectly through third parties on either list.
For purposes of Section 1260H, contractors must assess whether existing sourcing relationships involve “components” of end items (which are exempted) or end items themselves.
Further, contractors must conduct extensive due diligence to understand the agents working with them and on behalf of any listed entity to avoid running afoul of the restrictions on lobbying activity.
Contractors should actively monitor this space because more stringent restrictions may follow.

What’s Happening With EEO-1 Data Collection

2024 EEO-1 Component 1 Data Collection Set to Proceed
The 2024 EEO-1 Component 1 data collection process is expected to move forward, based on documentation submitted to the White House Office of Management and Budget (OMB) for approval. The proposed 2024 EEO-1 Instruction Booklet states the data collection is slated to begin on Tuesday, May 20, 2025, with a submission deadline of Tuesday, June 24, 2025.The EEOC has stated it intends to publish the finalized dates on its website.
EEOC Seeks to Eliminate Non-Binary Reporting Option
The EEOC has submitted a change request to OMB, aimed at modifying the Instruction Booklet rather than the reporting form itself. Notably, the EEOC is seeking to remove the voluntary reporting option for employees who identify as non-binary.
In previous years, employers had the option to report non-binary employees separately, outside the male/female categories, with the count included in a comments section. However, under Executive Order 14168, “Defending Women From Gender Ideology Extremism and Restoring Biological Truth to the Federal Government,” the EEOC has eliminated this reporting option entirely.
The updated “Reporting by Sex” section in the revised Instruction Booklet has been reduced to a single sentence: “The EEO-1 Component 1 data collection provides only binary options (i.e., male or female) for reporting employee counts by sex, job category, and race or ethnicity.”
What’s Next
The 2025 EEO-1 reporting cycle, covering 2024 data, appears to be on track, though the EEOC has not yet updated its official EEO-1 data collection website: https://www.eeocdata.org/eeo1.
Employers should monitor for further guidance from the EEOC, especially concerning the reporting of non-binary employees and compliance expectations for federal contractors. In the meantime, employers should consult with outside counsel regarding best practices for compliance and submission of data.

Harvard’s Tax-Exempt Status Dispute with the Trump Administration: Implications for Nonprofits

On April 16, 2025, President Donald Trump signaled a desire for Harvard University (Harvard or the University) to lose its tax-exempt status after the University refused several demands in the Trump Administration’s letter to Harvard, dated April 11, 2025, including reforms to governance and leadership, hiring and admission processes, student programs with records of antisemitism or bias and student discipline, as well as a discontinuation of DEI programs. Harvard’s refusal resulted in the Department of Education freezing $2.2 billion in grants and $60 million in contracts to Harvard. The Trump administration plans to freeze another $1 billion in federal funding for Harvard’s health research.
Harvard University sued the Trump administration on Monday, April 21, 2025, for infringing on the University’s free speech rights under the First Amendment. Additionally, Harvard argues that the administration’s actions against the University were arbitrary and capricious and outside the scope of its authority. Harvard contends that the federal government cannot impose unrelated conditions for higher-education institutions to access federal funding. The fate of Harvard’s federal funding and tax-exempt status may now set a precedent that could impact other nonprofit organizations.
While most nonprofit organizations focus on their missions, even a mission-driven organization can lose its 501(c)(3) status if it violates the Illegality Doctrine.1 In Bob Jones University v. United States (1983), the Supreme Court affirmed that a tax-exempt organization must operate in a manner consistent with public policy and federal law.2 The Court upheld the IRS’s decision to revoke tax-exempt status based on racially discriminatory practices — even though the institution claimed a religious purpose.3 If a tax-exempt organization engages in illegal activity or operates against public policy, it risks revocation — even if the charitable purpose itself is lawful.
Can the President Direct the IRS To Revoke Harvard’s Tax-Exempt Status?
On April 15, 2025, President Trump posted on Truth Social: “Perhaps Harvard should lose its Tax Exempt Status and be Taxed as a Political Entity if it keeps pushing political, ideological, and terrorist inspired/supporting ‘Sickness? Remember, Tax Exempt Status is totally contingent on acting in the PUBLIC INTEREST!”
Generally, Section 7217 of the Internal Revenue Code of 1986 (the Code) prohibits the President, and other executive branch employees, from either directly or indirectly requesting that the IRS investigate or audit specific targets. The IRS has declined to comment to date on whether they are considering review or revocation of Harvard’s tax-exempt status. Additionally, a White House spokesman stated, “Any forthcoming actions by the I.R.S. are conducted independently of the President, and investigations into any institution’s violations of their tax status were initiated prior to the President’s TRUTH.” However, if the IRS revokes Harvard’s status, Harvard will almost certainly appeal.
What Rev. Rule 80-278 Says – and Why It Still Matters
With calls to revoke Harvard’s tax-exempt status making headlines again, nonprofit organizations must revisit Rev. Rul. 80-278, one of the IRS’s clearest positions on when 501(c)(3) status can be revoked. In Rev. Rul. 80-278, the IRS held that an organization systematically violating civil rights laws was not entitled to tax-exempt status even if its stated mission was charitable.4 Charitable purpose is not enough if the conduct is illegal or contrary to “clearly defined and established” public policy.5
Harvard’s legal position was made clear by a spokesperson for the University, who stated that “there is no legal basis for revoking the University’s exemption.” However, the burden of proof would be on Harvard to prove that its activities are not illegal or against public policy, and that it is otherwise entitled to tax exemption. Ultimately, if Harvard exhausts all administrative remedies with the IRS, then it could potentially file for a declaratory judgement remedy under Section 7428 of the Code. Historically, there is no IRS precedent that directly applies to protected speech by students or faculty.
What Should Your Nonprofit Do?
In light of the ongoing dispute with Harvard, and the potential for time and cost associated with defending tax-exempt status, nonprofit organizations should diligently review their internal governing documents, ongoing federal and state grants and contracts, and other materials to ensure compliance with federal and state laws related to tax-exempt status.
Suggested Actions

Audit Advocacy and Activities. Make sure your lobbying, programming and public-facing content align with your exempt purpose and IRS standards.
Review Governance & Oversight. Ensure your board understands its fiduciary role in legal compliance — not just mission direction.
Compile Basic Organizational Information for Potential Audits. Begin compiling materials that commonly would come up in an audit or investigation, such as tax returns, relevant agreements and grant or scholarship program materials.
Develop a Rapid-Response Framework. Have a plan for if (or when) your tax status, operations or speech get questioned by regulators, donors or the media.

[1] Rev. Rul. 80-278, 1980-2 C.B. 175 (1980).
[2] Bob Jones Univ. v. United States, 461 U.S. 574, 103 S. Ct. 2017, 76 L. Ed. 2d 157 (1983).
[3] Id. at 602-604.
[4] Rev. Rul. 80-278, 1980-2 C.B. 175 (1980).
[5] Id.

Changes at the OFCCP: Enforcement Employees Placed on Administrative Leave Amid Federal Workforce Cuts

Employees in the Office of Federal Contract Compliance Programs (OFCCP) across the country have been placed on administrative leave. The move is part of the Administration’s broader federal workforce reduction efforts.
The email communication, sent Wednesday, April 16, by newly appointed OFCCP Director Catherine Eschbach, notified staff in the agency’s enforcement division—both at the national office and in five of six U.S. regional offices—of their change in status. Eschbach cited a “significantly reduced scope of mission” as the reason behind the administrative action.
The OFCCP, which monitors federal contractors for compliance with anti-discrimination and, prior to the rescinding of Executive Order 11246, affirmative action laws, has been a key target in the Administration’s plan to streamline the Department of Labor (DOL). Executive Order 14173 issued in January 2025, which rescinded Executive Order 11246, curtailed the agency’s authority by eliminating or reducing key legal and oversight powers.
As discussed in our prior blog post, a February 25 memo from the DOL outlined plans to ultimately eliminate up to 90% of OFCCP’s workforce. The April 16 notice to OFCCP employees came two days after a final deadline for staff to opt into voluntary exit programs, including deferred resignation and early retirement.
The administrative leave impacts primarily the enforcement staff, meaning the national office’s policy, operations, and administrative branches will remain as well as the Southwest and Rocky Mountain (SWARM) regional office, according to Eschbach’s message.
Employers should work with outside counsel to stay abreast of government changes and understand how they may impact their companies.

“Just Do It” May Sell Shoes, but Can It Revolutionize Bureaucracy?

There are a variety of accounts on the progress and success of the first days of the Trump Administration. Some put special significance on a new administration’s first 100 days, but is this the first 100 days or four years + 100 days?
In particular, appearing April 21, 2025, in The Washington Post, there is a report tracing what has happened to the “Five Things” mandate coming from Elon Musk and the DOGE (Department of Government Efficiency) effort. This was a “mandate” to report every federal employee’s work achievements at the risk of losing their job. Apparently, that reporting mandate has now withered away into a range of requirements widely varying by agency.
Some employees are reported to respond with repetitive boilerplate or curt (and sometimes offensive) language. An earlier Bergeson & Campbell, P.C. (B&C®) blog post provided advice about how one might respond to the requirement. Some agencies have told employees to ignore it, some have continued the requirement but do not appear to do anything with the information, and a few continue to mandate reporting and claim to make use of it in employee evaluations.
So catchy phrases (“You’re fired”), props (chainsaws), Executive Orders (take your pick), and even 900-page blueprints (Project 2025) may not be enough to impose fundamental change on “the system.” More benign is the realization that the workforce of two-plus million federal workers is hard to manage with only the 1,000 or so most senior appointees arriving with the new Administration.
One lesson from the President’s first term might have been to realize the utility of fostering some level of confidence (or even trust) in the employees of any agency or program, even if seeking fundamental reforms or impactful budget and staff cuts. Instead, the DOGE effort has seen what appear to be ad hoc personnel cuts without following required procedures or a semblance of planning (example: getting a notice that you no longer have a job when you try to enter the building on a Monday morning), and has raised even more distrust and contempt beyond that which was widely reported during the first Trump term.
Change is difficult even among friends, perhaps more so if you are trying to be a demanding boss (especially one demanding program and staff cuts). Respect for the person, respect for the program’s mission generally, and some semblance of process might reduce some of the upset. In another time and place, a reform plan might have included suggestions from the staff about what should be changed, or even how a significant cut (say 25-50 percent) could be imposed and still maintain the organization.
Such a suggestion box would include everything from old grievances, ode to the status quo, and “cuts for thee not me” ideas. The advantage that may be among the suggestions could be ideas from those employees who “know where the bodies are buried” — outdated practices or procedures, staffing imbalances, or program areas in need of trimming (at least with a pruning saw, however less fetching on social media).
Viable suggestions coming from the incumbent staff are impossible when the staff is afraid and confused by the swirl of e-mails from questionable authority. Surprise cuts to your program or the end of your career coming from press releases and reports of the latest Executive Order is not good for morale. The apparent rationale for the chainsaw metaphor is a “move fast and break things” approach. This is evocative of some strategies used in the Vietnam war, summarized as: “burn down the village to save it.”
Even if big moves and fundamental changes are the order of the day, the private sector and government functions are different in ways that matter. Failed mergers resulting in a drastic drop in stock prices are impactful in different ways than a drastic impairment of important government functions the public depends on — including clean water or safe food and social security checks delivered on time (and that do not bounce).
More respect for the staff and more understanding of the agency mission and how procedures or budgets evolved into today’s program (warts and all) would have served the reform taskmasters more effectively than the progress reported until now.

A Roadmap for Export Controls? Project 2025 and the Future of U.S. Exports – Part I

It goes somewhere else in the controls. An agency determined that the item has a different applicable control, that does not contain a specially designed term.
It is just a little fella. The item is a screw, nut, bolt, clip, pin, washer, grommet bushing, spring, etc.
It works the same as a non-controlled item. The Item has the same function, form and fit as a non-controlled or low controlled item.
It was made for something else. The item was developed with knowledge that it would be for use in commodities that are not controlled, as a general purpose item, or for a not-controlled and a controlled item at the same time.

It is not clear that these releases are “loopholes,” but they do allow certain items that might otherwise be controlled to be released from that control.
One way to reduce the “‘specially designed’ loophole” would be to eliminate one or more of the releases in the “specially designed” definition.
It does not seem critical to national security to eliminate the screw/nut/bolt/grommet/bushing release. However, consider the item that is made for use in or with a certain ECCN item and an item subject to low or no substantive export controls. Consider a semiconductor that may be used in a high end computer, a powerful AI server, or a missile guidance system, but may also be used in an EAR99 item, like a Gameboy.[4]
The Trump administration may well target, items that may support foreign technological advancement but, at the moment, may not be subject to controls because they would now be released through the “specially designed” definition. Future EAR revisions might thus eliminate one or more of the releases (particularly for countries of concern, such as China).
2. “Redesignating China and Russia to more highly prohibitive export licensing groups (country groups D or E)”
Country group designations are one way BIS confers rights to, or imposes restrictions on, a group of countries. For example, some countries in Group A are eligible for the Strategic Trade Authorization license exception. By contrast, countries listed in Group D:5 are subject to U.S. arms Embargoes.
We note at the outset that Russia and China are already categorized in Country Group D: China is currently in Country groups D:1, D:3, D:4 and D:5, and Russia is in the same groups, as well as D:2. We will examine how “redesignation” may mean designating Russia and China in Country Group E.
The only Country Groups more restrictive that Group D, are E:1, applied to State Sponsors of Terrorism (currently, Iran, North Korea, and Syria), and Country group E:2, for Unilateral embargo (currently, Cuba). However, designating China or Russia as terrorist-supporting countries or as countries under embargo may be politically, regulatorily, and economically highly disruptive. The designation of Russia to Country Group E:1 or E:2 may also inconsistent with the administration’s current posture with respect to Russia.
However, one potential approach may be to create a new Country Group (e.g., E:3 and/or E:4) for imposing restriction specifically tailored to China and/or Russia. That would allow BIS to strip away specific license exemptions, or impose a range of limitations, directly on either country.
3. “Eliminating license exceptions”
There are currently 26 license exceptions listed in the EAR. Project 2025 does not specify which ones would be eliminated. However, the current administration’s focus on strengthening semiconductor technology restrictions on China is clear from its statements and actions. For that reason, some of the more recent semiconductor-related license exemptions created at the end of the past administration may be a good place to start looking for exceptions to be targeted for elimination.
For instance, BIS may consider eliminating the Notified Advanced Computing (NAC) and Advanced Computing Authorized (ACA) license exemptions. Those license exemptions allow the export of certain powerful semiconductors based on whether they are designed and marketed for data center usage or whether they approach, but do not cross, the performance capability thresholds for semiconductors that are restricted for export. Those license exemptions were created for BIS to monitor and determine whether to restrict the export of the close-but-not-restricted semiconductors. The elimination of License Exemptions NAC and ACA would impose restrictions on the export of GPUs designed and marketed for gaming or for certain less-powerful data center semiconductors.
Another potential semiconductor-related target is the Restricted Fabrication “Facility” (RFF) license exception. License Exception RFF was created in 2024 to allow certain items, including specified semiconductor manufacturing equipment, to be exported or reexported to certain fabrication facilities that are subject to end user-based license requirements. Ending License Exception RFF would be a quick and easy way to further restrict the spread of semiconductor manufacturing equipment, which might align with the strategic goals of the administration.
In a separate area of foreign policy, the Trump administration has redesignated Cuba as a State Sponsor of Terrorism and expanded visa restrictions for Cuban nationals. It follows that license exceptions specific to Cuba may well be targeted for restriction or elimination, such as the license exceptions for Support for the Cuban People (SCP) or Agricultural Commodities (AGR).
Conclusions and Early Indications
The second Trump administration has issued, rescinded, revised, and reissued a substantial number of tariffs, sanctions, and export control measures. Although it is easy to be overwhelmed by the volume of actions, some of the policy direction of the new administration is clear. And as outlined here, the Commerce Department chapter of the Project 2025 Mandate for Leadership provides strong indicators of the administration’s policy direction on export controls.
At the same time, developments outside the four corners of Project 2025 suggest that certain reforms may already be in motion. On April 10, 2025, Landon Heid—President Trump’s nominee for Assistant Secretary of Commerce for Export Administration—testified before the Senate Banking Committee and indicated that BIS may act “relatively quickly” to apply Entity List restrictions to subsidiaries of listed entities, drawing a parallel to OFAC’s 50% rule. If implemented, this shift would materially expand the scope of compliance obligations for exporters, reexporters, and technology providers by effectively capturing foreign subsidiaries and affiliates that have so far fallen outside the scope of licensing requirements.
Heid’s remarks also flagged broader enforcement priorities—particularly around China’s acquisition of artificial intelligence capabilities. He pointed to risks associated with transshipment through jurisdictions such as Hong Kong and suggested BIS may pursue tighter controls to curb diversion and illicit procurement of advanced technologies. Those developments, while not explicitly part of Project 2025, reflect an accelerating trajectory toward more expansive and aggressive export control enforcement.
Together, the Project 2025 blueprint and the emerging policy posture from BIS leadership offer a coherent preview of what the next phase of U.S. export regulation may look like. Companies would do well to monitor those signals and begin scenario planning for a regulatory environment in which the scope of control is broader, the tools are sharper, and the compliance expectations are higher.
FOOTNOTES
[1] Available at 2025_MandateForLeadership_CHAPTER-21.pdf
[2] Id. at p.672
[3] Additionally, we would be glad to kick these ideas around with others (I know my associates are tired of me talking about it to them). So if you have any comments, questions, or ideas to posit, please feel free to contact the authors directly.
[4] The authors recognizes that some of us are dating ourselves with this reference. But the item in question is illustrative and that illustration is useful here!

DoD Workforce Transformation and Strategic Implications for Defense Contractors

The Department of Defense has initiated a far-reaching transformation of its civilian workforce through the Workforce Acceleration and Recapitalization Initiative, formalized in the Deputy Secretary of Defense memorandum “Guiding Principles for The Department of Defense Workforce Optimization.” This comprehensive restructuring represents the most significant overhaul of DoD civilian personnel in decades, aiming to create a leaner, more agile organization exclusively focused on mission-critical functions that enhance national security capabilities. The initiative signals a fundamental shift in how the Pentagon operates, moving away from decades of organizational expansion toward a more focused, technologically advanced defense establishment.
Strategic Pillars of the Initiative
The DoD’s transformation is built upon four interconnected strategic pillars designed to fundamentally reshape its civilian workforce structure and operations. The first pillar, mission-centric realignment, requires all civilian positions to demonstrate direct contribution to core defense priorities including combat readiness, strategic deterrence, and operational effectiveness. This represents a significant departure from previous approaches that often allowed support functions to expand without clear connections to mission outcomes. Under this new framework, positions will undergo rigorous evaluation against mission-critical thresholds, with those failing to demonstrate direct impact facing potential consolidation, reclassification, or elimination. This realignment will enable the DoD to shift personnel and funding toward high-priority defense capabilities that directly enhance America’s military advantage, particularly in contested domains like cyber, space, and advanced weapons systems.
The second pillar focuses on organizational streamlining to eliminate the bureaucratic layering that has accumulated over decades. Parallel functions across components will be consolidated to reduce redundancies that have historically slowed decision-making and diluted accountability. This consolidation aims to accelerate decision velocity throughout the organization—a critical capability in an era of great power competition where operational tempo continues to increase. Enhanced fiscal discipline represents another key benefit, as consolidated operations will maximize resource utilization and effectiveness, potentially freeing billions for modernization priorities rather than administrative overhead. The DoD estimates that eliminating duplicative functions could reduce administrative costs by up to 15% while simultaneously improving service delivery.
Technological modernization forms the third pillar, with the DoD implementing a Digital-First operational approach across all appropriate functions. This goes beyond simple automation to encompass comprehensive digital transformation, including advanced AI solutions for tasks ranging from maintenance scheduling to personnel management. Legacy systems that have hindered interoperability and operational effectiveness will be systematically phased out and replaced with integrated platforms capable of supporting multi-domain operations. This digital transformation will enable enhanced analytics capabilities to support evidence-based resource allocation, allowing the DoD to make data-driven decisions about where to invest limited resources for maximum strategic impact. The initiative specifically targets a 30% reduction in manual processes by FY2026.
The final pillar involves strategic outsourcing based on a comprehensive reassessment of which activities genuinely require government performance versus those better suited for contractor delivery. This represents a nuanced approach rather than wholesale privatization, focusing particularly on non-inherently governmental functions in retail, recreational services, and certain administrative areas. The DoD is developing sophisticated frameworks to determine optimal service delivery models, considering factors beyond immediate cost savings to include mission alignment, performance quality, and strategic flexibility. This approach creates significant opportunities for contractors who can demonstrate superior capability, efficiency, and innovation in delivering these services.
Implementation Roadmap
The DoD has established a structured, multi-phase implementation approach to ensure systematic transformation while maintaining operational continuity. The assessment phase, which concluded with initial organizational review submissions due April 11, 2025, and required components to conduct preliminary evaluations of their organizational structures and workforce compositions. This phase established baseline metrics and identified immediate opportunities for consolidation or elimination of redundant functions. The current detailed planning phase, culminating in comprehensive implementation plans due May 24, 2025, requires components to develop specific restructuring roadmaps, including position-by-position analyses, technology implementation strategies, and contractor transition plans where applicable.
The execution phase will extend throughout FY2025-2026, with a carefully sequenced implementation approach designed to minimize operational disruption while achieving transformation objectives. The workforce impact is projected to reduce civilian positions by 5-8% (approximately 60,000 positions), implemented through a combination of hiring freezes, voluntary separation incentives, and targeted reductions in low-priority areas. This represents the most significant DoD workforce reduction since the post-Cold War drawdown. Recognizing the risk of losing critical talent during this transition, the DoD has developed a sophisticated talent retention strategy emphasizing enhanced performance-based incentives to retain high-performing personnel in mission-critical roles. This includes expanded use of retention bonuses, accelerated promotion pathways, and specialized training opportunities for personnel in priority capability areas.
Implications for Defense Contractors
The DoD’s transformation creates a rapidly evolving landscape that presents both significant opportunities and potential challenges for defense contractors across all sectors. In terms of emerging opportunities, the initiative will drive heightened demand for contractors offering AI, automation, and digital workflow solutions that directly support the DoD’s technological modernization objectives. Companies with proven capabilities in areas like predictive analytics, process automation, and secure cloud implementation will find expanding markets as components seek to accelerate their digital transformation. The increased outsourcing of previously government-performed functions will expand managed service opportunities, particularly in areas like logistics, facilities management, and certain administrative functions where private sector efficiency and innovation can deliver superior outcomes at lower costs.
Advisory services represent another growth area, with increasing need for expertise in change management, organizational transformation, and performance optimization as DoD components navigate complex restructuring processes. Contractors with demonstrated experience in large-scale organizational transformation, particularly those with relevant public sector experience, will be well-positioned to capture this growing demand. Additionally, as the DoD shifts remaining personnel toward higher-value functions, training and development requirements will expand, creating opportunities for contractors offering specialized technical training, leadership development, and certification programs aligned with the DoD’s evolving capability needs.
To effectively capitalize on these opportunities, contractors should consider several market positioning strategies. First and foremost, they must recalibrate their offerings to directly support the DoD’s core operational priorities, emphasizing how their products and services enhance lethality, readiness, and strategic advantage rather than simply providing administrative support. This requires a sophisticated understanding of the DoD’s mission requirements and capability gaps, along with the ability to articulate clear, compelling value propositions in terms that resonate with defense decision-makers focused on mission outcomes.
Contractors should also position their service offerings as enablers of the DoD’s digital transformation goals, demonstrating how their solutions can accelerate the transition from manual, paper-based processes to integrated digital workflows that enhance efficiency and effectiveness. Proposals should emphasize cost-effectiveness and operational improvements, providing quantifiable metrics that demonstrate how contractor solutions deliver superior value compared to status quo approaches or competing alternatives. With the DoD likely to consolidate contract vehicles as part of its efficiency initiatives, contractors should prepare for potential bundling of previously separate contracts, potentially necessitating new teaming arrangements or capability expansions to remain competitive in this evolving procurement environment.
Risk mitigation represents another critical consideration for contractors navigating this transformation. Portfolio diversification should be a priority, reducing exposure to contracts supporting non-essential functions that may face elimination or significant reduction. Contractors should conduct comprehensive reviews of existing agreements to assess vulnerability to consolidation or elimination, developing contingency plans for at-risk contracts while identifying opportunities to expand in growth areas. Relationship management becomes increasingly important in this environment, with contractors needing to strengthen engagement with program offices likely to gain importance in the reorganization while developing relationships with emerging decision-makers in priority capability areas.
Finally, contractors should develop agile delivery models with flexible staffing and delivery approaches to accommodate the DoD’s evolving needs. This includes the ability to rapidly scale services up or down as requirements change, provide hybrid on-site/remote delivery options, and integrate seamlessly with government and other contractor teams in increasingly complex delivery ecosystems. Contractors who demonstrate this agility and responsiveness will have significant advantages in capturing new opportunities while maintaining existing business relationships through the transformation period.
Strategic Outlook
The DoD’s workforce transformation represents a fundamental shift in how the Department structures its workforce and delivers on its mission. Rather than a simple cost-reduction exercise, it reflects a strategic realignment aimed at creating a more lethal, responsive, and technologically advanced defense establishment capable of prevailing in increasingly complex and contested operational environments. This transformation will reshape the defense contracting landscape for years to come, creating new opportunities for innovative, mission-focused companies while challenging traditional business models and relationships.
Contractors who proactively align with this vision—emphasizing mission impact, digital capabilities, and operational efficiency—will find significant opportunities in this evolving landscape. Those who continue with business-as-usual approaches may face increasing challenges as the DoD reshapes its contractor relationships to match its new organizational reality. The most successful contractors will be those who position themselves as strategic partners in the transformation journey, offering solutions that directly advance the DoD’s core objectives while demonstrating exceptional value and performance. As this initiative unfolds over the coming years, it will fundamentally reshape the relationship between the Department and its industrial base, creating a more integrated, efficient, and effective defense enterprise capable of meeting the complex security challenges of the 21st century.

New USTR Measures Target Chinese Maritime Sector: What You Need to Know

The Office of the United States Trade Representative (“USTR”) issued a detailed notice on April 17, 2025, regarding actions and proposed actions in response to China’s alleged targeting of the maritime, logistics, and shipbuilding sectors for dominance. The measures, USTR argues, will “disincentivize the use of Chinese shipping and Chinese-built ships, thereby providing leverage on China to change its acts, policies, and practices, and send a critically needed demand signal for U.S.-built ships.” Below, we break down the key elements of the notice and their potential impacts.
Background
The USTR launched an investigation under Section 301 of the Trade Act of 1974 (“Trade Act”) following a petition received by five national labor unions on March 12, 2024. The petition alleged that China’s policies unfairly harm U.S. commerce by targeting dominance in critical maritime-related sectors. Following a review, USTR determined that these practices displace foreign firms, reduce opportunities for U.S. businesses, and weaken supply chain resilience due to dependencies on China’s controlled sectors. As a result, in the closing days of the Biden administration, USTR issued a determination that these actions are unreasonable and actionable under the Trade Act.
The investigation revealed that China’s dominance strategy restricts U.S. competition, undermines supply chain security, and creates vulnerabilities in critical economic sectors. In response, on February 21, 2025, the USTR issued a Federal Register notice proposing certain responsive actions, including service fees and restrictions on certain maritime transport services, which resulted in the USTR convening a two-day public hearing and receiving nearly 600 public comments from industry stakeholders. USTR published its determination on responsive actions on April 17, 2025, Notice of Action and Proposed Action in Section 301 Investigation of China’s Targeting the Maritime, Logistics, and Shipbuilding Sectors for Dominance, Request for Comments.
Key Elements of the Notice of Action
Restrictions on Chinese Vessel Operators, Owners, and Chinese-Built Vessels. The plan includes a first phase with a 180-day grace period, after which fees will be implemented on Chinese vessel owners and operators calling in the United States based on net tonnage. Chinese operators and owners will face a port fee of $50 per net ton beginning on October 14, 2025, which will increase by $30 a year over the next three years.
Chinese-built vessels that are not Chinese-owned or controlled will face a lower phased fees of $18 per net ton or $120 per discharged container, whichever is higher. Those fees will also increase by $5 per net ton annually until 2028, with container fees increasing proportionally.
The fees will be applied per U.S. voyage, and not at each U.S. port call, as had been initially proposed, remedying objections raised by smaller U.S. ports. The fees will also only be levied up to five times per year on any given ship.
All Liquified Natural Gas (“LNG”) carrier vessels (whether Chinese-built or Chinese-owned or operated) are exempt from the new fees, but the carriage of LNG from U.S. ports is subject to separate cargo reservation requirements outlined below.
A number of exemptions were adopted to address objections raised in the March comment period by various U.S. shippers, ports, terminals, and regional carriers. These exemptions are only available Chinese-built vessels that are not Chinese-owned or operated. They include:

U.S.-owned vessels, where the U.S. entity owning the vessel is controlled by U.S. persons and is at least 75 percent beneficially owned by U.S. persons;
Vessels arriving at U.S. ports empty or in ballast (to avoid impacts to U.S. exports);
Smaller and medium-size vessels (with a capacity equal to or less than 4,000 Twenty-Foot Equivalent Units (“TEU”), 55,000 Deadweight Tonnage (“DWT”), or individual bulk capacity of 80,000 DWT);
Vessels engaged in shortsea shipping (entering a U.S. port in the continental United States from a voyage of less than 2,000 nautical miles from a foreign port or point);
Specialized chemical tanker vessels; and
Vessels enrolled in certain U.S. Maritime Administration sealift programs

Restrictions on Foreign-Built Vehicle Carriers and LNG Exports. Non-U.S.-built vehicle carriers will face fees based on Car Equivalent Unit (“CEU”) capacity, starting at $0 for the first 180 days and rising to $150 per CEU capacity thereafter. Beginning April 17, 2028, phased restrictions will require a growing percentage of U.S. LNG exports to be transported on U.S.-built, U.S.-flagged, and U.S.-operated vessels. This percentage will increase gradually over 22 years.
Proposed Tariffs on Ship-to-Shore Cranes and Cargo Handling Equipment. The notice proposes additional duties of up to 100 percent on cranes manufactured, assembled, or made with components of Chinese origin. Certain cargo handling equipment, including specific containers, chassis, and chassis parts from China, will also face tariffs ranging from 20 percent to 100 percent.
Significant Takeaways from the Proposed Actions
No Cumulative Fees. The Notice of Action clarified that the fees are not cumulative or stacked. A vessel will only be charged one fee per voyage/string of voyages and is limited to five charges per year.
Phased Tonnage-Based Fee on Chinese Vessel Operators and Owners. The February Proposed Action proposed a flat rate fee of up to U.S. $1,000,000 per vessel entrance to a U.S. port or up to U.S. $1,000 per net tonnage (“NT”) of the vessel’s capacity. The Notice of Action contains a fee of U.S. $50 per NT (after the first 180 days), which will increase incrementally. While the burden on smaller ships is reduced, under the new formula fees on large tankers and containerships could be more than double the flat fees proposed in February.
No Fees Based on Chinese Fleet Composition. The Notice of Action did away with one of the most controversial aspects of the February proposal, i.e., fees based on fleet composition for maritime transport operators with fleets comprised of Chinese-built vessels or maritime transport operators with prospective orders for Chinese vessels.
Expansive Definition of Chinese Owners and Operators, Including Minority Shareholding Test. The Notice of Action includes multiple alternative tests for determining if a vessel owner or operator is Chinese for the purpose of the fee schedule. Chinese owner or operator status can be triggered by country of citizenship or organization, ownership, control, headquarters location, principal place of business, and other factors. An entity will be deemed a Chinese owner or operator even if only 25 percent of the entity’s outstanding voting interest, board seats, or equity interest is held directly or indirectly by an entity that is a national or resident of China, Hong Kong, or Macau, or organized under the laws of those jurisdictions, or has its principal place of business there. The 25 percent threshold may pose new challenges for publicly traded and widely held companies and funds outside China that have some China-linked investor participation.
Lack of Clarity Regarding Other Key Definitions. “Owner” and “Operator” are defined in the notice by reference to Customs and Border Protection (“CBP”) Form 1300 (Vessel Entrance or Clearance Statement); however, those terms are not actually defined in that CBP form or any accompanying rules. Accordingly, uncertainty about these key terms remains—regarding, for example, the “owner” status of lease-finance title holders and owners pro hac vice (i.e., bareboat charterers); and the “operator” status of technical managers, commercial managers, document of compliance holders, and others that share responsibility for vessel activities and compliance.
Fees on Vessel Operators of All Foreign Vehicle Carriers (not just Chinese-Built Ships). These fees are imposed any non-U.S. built vehicle carrier and are not limited to those vehicle carriers built in China. Like the cargo reservation provisions for LNG, this action is likely to draw protests and challenges that it exceeds USTR’s authority, as new fees on European, Korean, and Japanese car carriers have no apparent nexus to alleged Chinese shipbuilding and maritime practices.
Cargo Reservation Requirements for LNG Exports. While USTR previously proposed a requirement that a mandatory percentage (increasing over time) of all U.S. exports be carried on U.S.-flagged, U.S.-built vessels, the current notice limits this cargo reservation requirement to LNG cargo only. Also, some exporters favor expanding the notice’s special treatment of LNG to other types of liquified gas and natural gas liquids exports.
Public Participation and Deadlines.
The comment period to the proposed tariff action opened on April 17, 2025. While USTR only solicited feedback on the tariff proposal, the docket is likely to attract commentary on the broader range of new remedies and issues introduced in the notice. USTR also will hold a public hearing on this proposed action on May 19, 2025, at the U.S. International Trade Commission in Washington, D.C. Requests to appear at the public hearing must be submitted by May 8, 2025, with written comments due by May 19, 2025. Rebuttal comments to the public hearing must be submitted within seven calendar days after the last day of the hearing.
Conclusion and Next Steps
The USTR’s notice introduces significant measures targeting China’s position in the maritime, logistics, and shipbuilding sectors. Key actions include the imposition of fees on Chinese maritime transport services, restrictions on U.S. LNG exports, fees on all non-U.S. car carriers, and proposed tariffs on vital shipping equipment. Stakeholders are encouraged to review the proposed measures and submit comments or requests to appear at the hearing by the specified deadlines. Companies involved in maritime transportation should begin preparing for the phased implementation of fees and restrictions.
For additional information, stakeholders can contact the USTR Section 301 support line at (202) 395-5725.