Late last week Congress passed and the President signed a $2 trillion spending bill to counter mass economic disruptions meant to slow the spread of COVID-19.
Part of this package includes $150 billion for state and local funds such as $13.5 billion for k-12 education, which could include buying technology to help students continue their education online. Moreover, Congress and the President’s advisors are already discussing yet another future stimulus bill; Speaker Pelosi has suggested to Treasury Secretary Steven Mnuchin that states and local governments will need even more funding assistance from the federal government.
So the feds will rush to send state and local governments and school districts buckets of money and these local governments will quickly look to spend the funds to aid their students – but who will ensure that the resources aren’t spent on technology that makes us more vulnerable to cyberattacks, IP theft, and compromised personal security?
The federal government has already taken steps to address spending on compromised equipment, as the 2020 National Defense Authorization Act (NDAA) orders the Pentagon to monitor “foreign ownership, control, or influence within the defense industrial base” and work on “mitigation of the risks” posed by purchasing such equipment. The NDAA also orders the Pentagon to follow Congressional guidelines regarding the securing of a “trusted supply chain” of microchips and other advanced electronics, as Chinese suppliers “at least sometimes ship with spyware.” This same language must be applied to stimulus spending at the state and local level; otherwise, governments risk the integrity of citizen and government data.
Our recent white paper, “Stealing from States: China’s Power Play in IT Contracts,” demonstrates how some states have already spent millions on products by Chinese-controlled technology companies that have been banned by U.S. military and intelligence agencies – including Lexmark and Lenovo. Our research shows that students in Arkansas, Delaware, Tennessee, and West Virginia all have products from these companies and, consequently, they are vulnerable.
The Main Point: Policymakers across the country are looking to boost the economy. Despite these good intentions, government purchasers – the procurement officials that will spend the money – must be careful not to buy tech equipment banned by U.S. military and intelligence agencies.