U.S. WeChat Users Alliance et al, No. 3:2020cv05910 - Document 134 (N.D. Cal. 2020)
Court Description: ORDER. Pursuant to the court's order at ECF No. 133, the court refiles its previous order denying stay that reflects Tencent's proposed redactions. Signed by Judge Laurel Beeler on 11/24/2020. (lblc5S, COURT STAFF) (Filed on 11/24/2020)
Download PDF
<![CDATA[
U.S. WeChat Users Alliance et al Doc. 134 Case 3:20-cv-05910-LB Document 134 Filed 11/24/20 Page 1 of 18 1 2 3 4 5 6 7 8 UNITED STATES DISTRICT COURT 9 NORTHERN DISTRICT OF CALIFORNIA 10 San Francisco Division United States District Court Northern District of California 11 U.S. WECHAT USERS ALLIANCE, et al., Case No. 20-cv-05910-LB Plaintiffs, 12 ORDER DENYING MOTION TO STAY v. 13 Re: ECF No. 68 14 DONALD J. TRUMP, et al., Defendants. 15 16 17 INTRODUCTION 18 The government moves to stay the court’s preliminary injunction enjoining the government 19 from (allegedly) effectively banning WeChat, a messaging, social-media, and mobile-payment app 20 owned by the Chinese company Tencent Holdings Ltd.1 The government’s ban — implemented in 21 the Secretary’s “Identification of Prohibited Transactions to Implement Executive Order 13943” — 22 prohibited internet-services transactions (such as hosting services or distribution-and-maintenance 23 services for downloads or updates) that enable WeChat’s functioning.2 The court preliminarily 24 enjoined the Secretary’s ban because the plaintiffs (U.S.-based users of WeChat) met the standards 25 for a preliminary injunction: they raised “serious questions going to the merits” of their First 26 27 28 1 Mot. – ECF No. 68; Order – ECF No. 59 at 16–17. Citations refer to material in the Electronic Case File (“ECF”); pinpoint citations are to the ECF-generated page numbers at the top of documents. 2 Order – ECF No. 59 at 10–11. ORDER – No. 20-cv-05910-LB Dockets.Justia.com Case 3:20-cv-05910-LB Document 134 Filed 11/24/20 Page 2 of 18 1 Amendment claims, established that the “balance of hardships tip[ped] sharply” in their favor, and 2 satisfied the other elements for injunctive relief.3 Alliance for Wild Rockies v. Cottrell, 632 F.3d 3 1127, 1131–35 (9th Cir. 2011). The government moved to stay the preliminary injunction, and it submitted additional 4 5 information (that it could not have reasonably submitted earlier) that the Secretary of Commerce 6 considered in identifying the prohibited transactions.4 The plaintiffs submitted additional 7 information too. On this record, the court denies the motion to stay. The government’s additional 8 evidence does not alter the court’s previous holding that the plaintiffs are entitled to a preliminary 9 injunction. STATEMENT 10 This section summarizes new information that the parties submitted as part of their briefing on United States District Court Northern District of California 11 12 the motion to stay: (1) additional information about national-security concerns that the Secretary 13 considered in identifying the prohibited transactions; (2) Tencent’s mitigation proposal; and (3) 14 other evidence about the prohibited transactions, degradation of the user experience, and security 15 measures. 16 17 1. Additional National-Security Information The Secretary of Commerce considered additional information about the Chinese 18 19 government’s influence over companies such as Tencent, the Chinese government’s espionage 20 efforts against the U.S., the Chinese government’s requirements that private Chinese companies 21 assist in its intelligence and surveillance efforts, Tencent’s history of assisting the Chinese 22 government, WeChat’s collection of and access to user data and personal information, its security 23 vulnerabilities, its surveillance of users, its censorship of critiques about the Chinese government, 24 and its provision of a platform to the Chinese government to espouse its propaganda.5 25 26 27 3 Id. at 15–18, 20–21. 4 Mot. – ECF No. 68. 5 28 Memorandum for the Secretary, Ex. A to Costello Decl. – ECF No. 76-1 at 5–16; Id., Ex. A to Costello Supp. Decl. – ECF No. 94-4 at 3–16. ORDER – No. 20-cv-05910-LB 2 Case 3:20-cv-05910-LB Document 134 Filed 11/24/20 Page 3 of 18 Case 3:20-cv-05910-LB Document 134 Filed 11/24/20 Page 4 of 18 Case 3:20-cv-05910-LB Document 134 Filed 11/24/20 Page 5 of 18 Case 3:20-cv-05910-LB Document 134 Filed 11/24/20 Page 6 of 18 1 Memorandum on the proposed prohibited transactions; (2) the plaintiffs’ submissions; and (3) the 2 Department of Commerce’s subsequent filings. For context, the Secretary’s prohibited transactions — also set forth in the court’s preliminary- 3 4 injunction order — are as follows. 1. Any provision of services to distribute or maintain the WeChat mobile application, constituent code, or mobile application updates through an online mobile application store, or any online marketplace where mobile users within the land or maritime borders of the United States and its territories may download or update applications for use on their mobile devices; 5 6 7 8 2. Any provision of internet hosting services enabling the functioning or optimization of the WeChat mobile application, within the land and maritime borders of the United States and its territories; 9 10 3. Any provision of content delivery services enabling the functioning or optimization of the WeChat mobile application, within the land and maritime borders of the United States and its territories; United States District Court Northern District of California 11 12 4. Any provision of directly contracted or arranged internet transit or peering services enabling the functioning or optimization of the WeChat mobile application, within the land and maritime borders of the United States and its territories; 13 14 5. Any provision of services through the WeChat mobile application for the purpose of transferring funds or processing payments to or from parties within the land or maritime borders of the United States and its territories; 15 16 6. Any utilization of the WeChat mobile application’s constituent code, functions, or services in the functioning of software or services developed and/or accessible within the land and maritime borders of the United States and its territories; or 17 18 7. Any other transaction that is related to WeChat by any person, or with respect to any property, subject to the jurisdiction of the United States, with Tencent Holdings Ltd., or any subsidiary of that entity, as may be identified at a future date under the authority delegated under Executive Order 13943. 19 20 The identified prohibitions herein only apply to the parties to business-to-business transactions, and apply except to the extent provided by statutes, or in regulations, orders, directives, or licenses that may be issued pursuant to Executive Order 13943, and notwithstanding any contract entered into or any license or permit granted before the date of Executive Order 13943. Any other transaction with Tencent Holdings Ltd. or its subsidiaries is permitted under Executive Order 13943, as implemented by the Secretary, unless identified as prohibited or otherwise contrary to law.14 21 22 23 24 25 26 27 14 28 Secretary’s Identification of Prohibited Transactions, Ex. C to Costello Decl. – ECF No. 68-1 at 34– 35. ORDER – No. 20-cv-05910-LB 6 Case 3:20-cv-05910-LB Document 134 Filed 11/24/20 Page 7 of 18 1 3.1 2 In the September 17, 2020 memorandum to the Secretary of Commerce, John Costello — the 3 Department of Commerce’s Deputy Assistant Secretary for Intelligence and Security — 4 characterized the overall effect of the prohibitions, effective September 20, 2020: 5 The [] prohibitions on certain business-to-business transactions deny access to and reduce the functionality of the WeChat mobile app within the land or maritime borders of the United States with the objective of preventing collection, transmission, and aggregation of U.S. user data by the WeChat app, Tencent, and PRCISS [Chinese Intelligence and Security Services]. Note that these transactions do not directly prohibit the downloading or use of the WeChat app and are not directly targeted at users of the WeChat app. While these prohibitions may ultimately make the application less effective and may be challenging for U.S.-based WeChat uses, [] they are necessary for the protection of U.S. national security. We hope that other communications platforms may take its place.15 6 7 8 9 10 The memorandum states that the September 20 compliance date “offer[ed] a short timeframe 11 United States District Court Northern District of California The Department of Commerce’s Assessment 12 for compliance,” but the “feasibility of compliance” was high because Tencent has a relatively 13 small infrastructure in the United States.16 14 Mr. Costello then addressed the effect of the individual prohibited transactions. 15 Prohibited transaction 1 would remove the WeChat app from U.S. based mobile app stores, 16 preventing mobile users from being able to download the app to their devices or receive updates. 17 Users could download the app outside of the United States. The prohibition does not require 18 removal of the app from devices, but the inability to update the app “render[s it] less effective and 19 functional.” The prohibition limits the app’s availability but it does not prevent the transmission of 20 user data from devices in the United States to WeChat data centers.17 Prohibited transaction 2 prohibits hosting WeChat data in the U.S. Tencent does not host 21 22 WeChat data in the U.S. It has U.S. data centers but says it does not store WeChat data there. This 23 prohibition ensures that Tencent cannot host WeChat user data in the U.S. in its data centers or 24 through leased hosting services.18 25 15 Memorandum for the Secretary, Ex. A to Costello Supp. Decl. – ECF No. 94-4 at 14–15. 16 Id. at 15. 27 17 Id 28 18 Id. 26 ORDER – No. 20-cv-05910-LB 7 Case 3:20-cv-05910-LB Document 134 Filed 11/24/20 Page 8 of 18 Prohibited transaction 3 would terminate Tencent’s contracts with its content-delivery network 1 2 providers, which speed delivery and optimize service for users in the U.S. (Content-delivery 3 services “copy, save, and deliver content, for a fee, from geographically dispersed servers to end- 4 users for the purposes of enabling faster delivery of content.”) Prohibited transaction 4 would 5 terminate Tencent’s peering contracts with companies that speed delivery and optimize service for 6 U.S.-based users. (“Peering means a relationship between Internet Service providers (ISP) where 7 the parties directly interconnect to exchange Internet traffic, most often on a no-cost basis.”) The 8 termination of both sets of contracts “will likely reduce functionality and usability of the apps for 9 users” in the U.S.19 Prohibited transaction 5 — WeChat’s “pay” functionality — is not available in the U.S. This United States District Court Northern District of California 10 11 prohibition ensures that financial institutions will not be able to process payments to or from 12 parties in the U.S. if the functionality becomes available or if a user finds a way to access the 13 functionality.20 14 Prohibited transaction 6 prevents any circumvention of prohibited transactions 1 through 5 15 because it prevents servicing WeChat code, functions, and services through a separate mobile app. 16 It also prevents “interoperability” with third-party apps that utilize WeChat functions and services, 17 thus reducing the incidental collection of U.S. user data and its provision to Tencent.21 18 3.2 The Plaintiffs’ Response to the Department’s Assessment 19 In response to Mr. Costello’s memorandum, the plaintiffs submitted declarations from Adam 20 Roach and Joe Hildebrand about the effect of the prohibitions on user experience, data issues, and 21 best practices for data security.22 22 23 24 25 19 Id. at 16 & nn. 86–87. 20 Id. at 16. 27 21 Id. 28 22 Roach Decl. – ECF No. 84-1; Hildebrand Decl. – ECF No. 78-3. 26 ORDER – No. 20-cv-05910-LB 8 Case 3:20-cv-05910-LB Document 134 Filed 11/24/20 Page 9 of 18 1 Adam Roach, a network engineer with 25 years’ experience, including (for the past eight 2 years) his work as the principal engineer for Mozilla, addressed how the prohibited transactions 3 degrade WeChat’s delivery of services and effectively shuts down the WeChat app.23 Prohibited transaction 1 bars entities from allowing the distribution or updates of the WeChat 4 5 app through downloads from online app stores (meaning, Google and Apple, given that Android 6 and iOS are effectively 100 percent of the global smartphone market). The updates address 7 security vulnerabilities, and prohibiting updates makes users vulnerable to cyberattacks from 8 malicious actors (including identity theft, password exfiltration, unauthorized financial 9 transactions, data theft, and location monitoring).24 Prohibited transactions 2 and 3 — directed at internet-hosting and content-delivery services to United States District Court Northern District of California 10 11 the extent that they are “enabling the functioning or optimization” of WeChat in the U.S. — will 12 likely make WeChat less functional, slower, and less responsible, but they “do not limit the 13 availability of WeChat users’ information to Tencent or the People’s Republic of China, and 14 instead only serve to eliminate U.S. visibility into Tencent’s behavior.” Functions such as voice 15 and video calls “may be severely limited.” The prohibitions “will force all WeChat servers to 16 operate outside of U.S. jurisdiction, and the U.S. government completely loses all ability to 17 monitor WeChat’s operations to determine whether collection of private user data is occurring.” 18 The “net effect” of prohibited transactions 2 and 3 “will be to exacerbate, rather than address, the 19 data security concerns expressed in the preface of the Executive Order.”25 20 Prohibited transaction 4 prohibits the provision of internet-transit or peering services, which is 21 “an unprecedented and overbroad interference of the operation of the global internet.” The short of 22 the prohibition is that it prevents U.S. “internet backbone providers” (responsible for forming 23 peering arrangements for the global routing of internet traffic) from pairing with the Chinese 24 backbone providers China Unicom and China Telecom, effectively ending all direct internet traffic 25 26 23 Roach Decl. – ECF No. 84-1 at 3–5 (¶¶ 4–13) (ban will effectively shut down WeChat) 27 24 Id. at 3–4 (¶¶ 4–7). 28 25 Id. at 4–5 (¶ 8). ORDER – No. 20-cv-05910-LB 9 Case 3:20-cv-05910-LB Document 134 Filed 11/24/20 Page 10 of 18 1 between the U.S. and China. Tencent and WeChat could choose peering with Europe-based 2 backbone providers, but that could be construed as evading or avoiding the prohibition. This 3 means that “a reasonable interpretation is that WeChat will be shut down under this prohibition.”26 Prohibited transaction 5 “may limit the financial information exposed to WeChat,” but it does United States District Court Northern District of California 4 5 not address the concerns in the Executive Order about the collection of the contents of users’ 6 messages.27 7 Prohibited transaction 6 would cause substantial portions of the U.S. software-development 8 industry to move its development operations offshore. Modern software generally is created by 9 existing software components — known as libraries — as part of the application’s constituent 10 code and functions. The prohibition would disallow the use of the libraries for software developed 11 in the U.S.28 12 In sum, the prohibitions as a whole are “highly likely” to seriously degrade WeChat services 13 and effectively shut down WeChat when they are implemented. They would force companies in 14 the U.S. to block WeChat on their computers and wi-fi networks. Except for prohibited transaction 15 5 (which may limit exposure of users’ financial information), the prohibitions do not limit 16 WeChat’s ability to collect user information, do not address any concern about data security, and 17 instead are aimed at shutting down WeChat for U.S. users.29 Joe Hildebrand, an executive-level engineer with 30 years’ experience, including (for the past 18 19 four years) as Vice President of Engineering at Mozilla and (for eight years before that) as a 20 Distinguished Engineer at Cisco and the overall architectural lead for WebEx, submitted a 21 declaration about data security and best practices that can mitigate data-security issues.30 Those 22 practices include segmenting and controlling access to a company’s sensitive data, maintaining 23 and auditing access logs to detect and address deviations including unauthorized access, and 24 26 Id. at 5 (¶¶ 9–10). 27 Id. at 5–6 (¶ 11). 28 Id. at 6 (¶ 12). 27 29 Id. (¶ 13). 28 30 Hildebrand Decl. – ECF No. 78-3. 25 26 ORDER – No. 20-cv-05910-LB 10 Case 3:20-cv-05910-LB Document 134 Filed 11/24/20 Page 11 of 18 1 encrypting data through end-to-end encryption. He identifies four targeted measures to address the 2 government’s concerns about WeChat. First, WeChat could partner with a U.S. cloud provider to 3 store data, which would allow a relatively secure place for user data and easy audits to detect 4 unauthorized access to data. Second, regular compliance audits would mitigate data-security risks. 5 Third, it is industry best practice to have stringent corporate or external oversight over 6 management and personnel with access to user data. Fourth, WeChat could use end-to-end 7 encryption. These measures do not eliminate all risks of data leaks to the Chinese government, but 8 they meet the industry’s current standards.31 Mr. Hildebrand notes that the government’s concern about WeChat’s surveillance capabilities United States District Court Northern District of California 9 10 could be addressed by an independent third party’s review and audit of WeChat’s source codes. 11 Banning WeChat downloads is dangerous because it increases security risks to users: software 12 needs updates to fix bugs, and if bugs are not fixed, WeChat users’ devices and data are subject to 13 attack. Security concerns about government employees are addressed through narrower bans of 14 those employees’ use of the WeChat app. Otherwise, data protection generally requires best 15 practices such as end-to-end encryption, protecting consumer data and metadata (in the manner of 16 Europe’s General Data Protection Regulation or California’s Consumer Privacy Act), and 17 supporting research into making traffic analysis more difficult. Tech companies such as Facebook 18 and Google, which collect data and sell it to data brokers, also pose surveillance concerns. If 19 China wants U.S. users’ private information, it can buy it from those data brokers. Effectively 20 banning WeChat does not protect U.S. user data from criminals or China.32 21 3.3 22 Mr. Costello, the Deputy Assistant Secretary for Intelligence and Security, responded on 23 The Department of Commerce’s Subsequent Filings October 20, 2020 to Adam Roach’s opinions about the effect of the prohibited transactions.33 24 25 26 31 Id. at 3–5 (¶¶ 7–10). 27 32 Id. at 5–6 (¶¶ 11–13). 28 33 Costello Supp. Decl. – ECF No. 94-3 at 2 (¶ 4). ORDER – No. 20-cv-05910-LB 11 Case 3:20-cv-05910-LB Document 134 Filed 11/24/20 Page 12 of 18 Prohibited transaction 1 does not immediately prevent persons from using any already- United States District Court Northern District of California 1 2 installed WeChat app. It prevents updates, which makes the app less effective and functional over 3 time, but the prohibition alone is not likely to have any short-term effect on the continued use of 4 the app. Over time, after enough missed updates, certain features would be impaired, users might 5 find the app incompatible with newer versions of operating systems for their mobile devices, and 6 the WeChat app might not migrate to any new device. “In this way, the app would gradually 7 become unusable to the point that users in the United States would not be able to use it to 8 communicate or transmit data and would remove it from their devices.” Even if users did not 9 remove the app, the impaired functionality would reduce the collection and transmission of user 10 data and mitigate the damage from a “hypothetical malicious attack.” The decreased functionality 11 would create incentives for users to use other apps. It is impossible to predict how long it would 12 take for the app to become obsolete, but Mr. Costello’s best estimate, “based on current 13 circumstances,” is that it would take one to two years to degrade to the point that a dedicated 14 WeChat user would stop using the app and delete it.34 15 Mr. Costello disagrees with Mr. Roach’s assessment that the inability to update the app poses 16 “an undue security risk” to 19 million U.S. WeChat users. He considered the risk and determined 17 that the security benefit of the prohibition “vastly outweighed” the risks of an unpatched security 18 vulnerability. He deems “the chance of an urgent software vulnerability in the WeChat app” to be 19 small during the one to two years that it will take for WeChat to degrade to obsolescence. He 20 disagrees that any vulnerability will affect 19 million users because users likely will transition to 21 other mobile apps such as Facebook, Facebook Messenger, Google, Line, Telegram, Signal, 22 Snapchat, Zoom, Skype, iChat, and WhatsApp. (He concedes that China through its “Great 23 Firewall” policy excludes many of the apps, thereby precluding communication with persons in 24 China, but he identifies apps that China allows: Signal, iMessage, Line, Wickr, Xiaomi Mitalk, 25 Zoom, and Skype. Users can also use the telephone or email.). Also, other apps are safer than 26 WeChat, which does not use robust encryption protocols and has ties — through Tencent — to the 27 28 34 Id. at 3–4 (¶¶ 5, 8). ORDER – No. 20-cv-05910-LB 12 Case 3:20-cv-05910-LB Document 134 Filed 11/24/20 Page 13 of 18 1 Chinese government. In sum, the security benefits of encouraging users to transition to safer 2 platforms outweigh the temporary risk of vulnerabilities that result from the prohibition of 3 updates.35 Prohibited transaction 2 will not make WeChat less functional because Tencent said — in 4 5 response to an administrative subpoena — that it does not host or store data in the U.S. The 6 prohibition thus is “forward-looking . . . and is not expected to impact the experiences of current 7 WeChat users.”36 Prohibited transaction 3 will reduce the functionality and usability of the app for U.S. users, 8 United States District Court Northern District of California 9 but the effects “are somewhat limited” because Tencent could use content-delivery services in 10 areas outside of the U.S. Even if data flowed through Hong Kong, the app “would likely still be 11 usable for most WeChat users, even if it operated more slowly.” Mr. Costello does not expect the 12 combined effect of prohibitions 3 and 4 to deter “otherwise dedicated users of WeChat from 13 continuing that use.” Mr. Roach said that prohibited transaction 3 will cause the U.S. government 14 to lose the ability to monitor whether WeChat is collecting user data. But he did not state “the 15 premise for the assumption that the Government presently possesses the ability” to monitor 16 WeChat, and he did not say how monitoring WeChat would give the U.S. government “visibility 17 into what is occurring in China.” Mr. Costello thus disagrees with Mr. Roach’s conclusion that the 18 prohibition acerbates data-security concerns, and he does not expect the prohibition “to have any 19 meaningful impact on the U.S. Government’s ability to monitor WeChat operations.”37 Prohibited transaction 4 will terminate Tencent’s peering contracts, but Tencent can contract 20 21 with ISPs for dedicated transmission of WeChat data outside of the U.S. Also, the prohibition 22 would not affect internet transit or peering services generally and affects only those “directly 23 contracted or arranged” by Tencent. Thus, “the overwhelming majority of Internet traffic, 24 including WeChat data, [would be] untouched.” The prohibition would not shut down all direct 25 26 35 Id. at 3–5 (¶¶ 6–10). 27 36 Id. at 5 (¶ 11). 28 37 Id. at 5–6 (¶¶ 12–13). ORDER – No. 20-cv-05910-LB 13 Case 3:20-cv-05910-LB Document 134 Filed 11/24/20 Page 14 of 18 1 internet traffic between the U.S. and China and instead would shut down “directly arranged” 2 internet traffic between Tencent and the U.S. The prohibition will “somewhat reduce the speed 3 and functionality of the WeChat app within the United States.” The combined effect of 4 prohibitions 3 and 4 is not “sufficient to inhibit or otherwise discourage WeChat users from using 5 the app.”38 Prohibited transaction 5 — prohibition of “WeChat Pay” — is prospective because U.S. users United States District Court Northern District of California 6 7 do not have access to this functionality. Mr. Costello disagrees with Mr. Roach’s view that the 8 functionality does not serve the security concerns in the Executive Order. It does because 9 prohibiting a key functionality discourages use of WeChat and thus limits its use in the U.S. Also, 10 if WeChat enabled the functionality for U.S. users, it would allow the transmission of user data 11 such as bank-account data and purchase history.39 Prohibited transaction 6 prohibits circumvention of the other prohibited transactions through 12 13 “any reservicing of the WeChat code in another app by a different name.” It also prevents 14 “interoperability” of third-party apps that utilize WeChat functions and services. That said, 15 “WeChat-interoperable third-party apps are not currently a major component of the U.S. software 16 industry,” and thus Mr. Costello does not expect the prohibition to “substantially impact either the 17 core functionalities used by most existing WeChat users or the U.S. software industry more 18 broadly.” He is not aware of any basis to conclude that the prohibition would cause any part of the 19 U.S. software industry to move operations offshore.40 “[T]he purpose of the prohibitions is to degrade, impair, and (as pertains to financial 20 21 transactions) prohibit the WeChat services that permit Tencent to surveil and monitor millions of 22 U.S. persons, with the goal of encouraging and eventually requiring U.S.-based WeChat users to 23 transition to alternative platforms.” Mr. Costello’s best estimate — again — is that it will take one 24 to two year “for the WeChat app to be impaired to the extent that it will no longer function.”41 25 38 Id. at 6–7 (¶¶ 14–15). 39 Id. at 7–8 (¶¶ 16–17). 27 40 Id. at 8 (¶ 18). 28 41 Id. at 8–9 (¶ 19). 26 ORDER – No. 20-cv-05910-LB 14 Case 3:20-cv-05910-LB Document 134 Filed 11/24/20 Page 15 of 18 The government also lodged a classified document on September 25, 2020 and filed a redacted United States District Court Northern District of California 1 2 version of the document on October 21, 2020.42 It is the Director of National Intelligence’s 3 Counterintelligence Risk Assessment of WeChat. It describes WeChat’s functionalities: sharing 4 images and videos, making payments and transferring money, ride hailing, finding friends through 5 geolocation data, playing games, and delivering ads, among other functionalities. It identifies 6 China, Russia, and Iran as three of the most capable and active cyber actors tied to economic 7 espionage and the potential theft of U.S. trade secrets and proprietary information. It describes 8 China’s and Russia’s use of software-supply-chain attacks and the Chinese Intelligence and 9 Security Services’ willingness to use the supply chain for malicious cyber operations. As an 10 example, two Chinese hackers associated with the Ministry of State Security have been indicted 11 for illegal computer intrusions targeting more than 45 U.S. technology companies and U.S. 12 government agencies. The memo says the following about WeChat: The legitimate functionality within the WeChat ecosystem presents inherent vulnerabilities. For example, mobile devices store and share device geolocation data by design and many apps — including WeChat — request permission for location and other resources that are not needed for the function of the app. Additionally, WeChat only uses client-to-server encryption, vice end-to-end encryption, which allows the service provider, Tencent, to sit between the sender and the receiver and have full access to message content and related data. The broad suite of data the app garners, including location data, phone usage data, captured image metadata, and network connectivity data, are accessible to PRCISS if that data transits China or is stored within its borders.43 13 14 15 16 17 18 STANDARD OF REVIEW 19 20 During “the pendency of an interlocutory appeal,” the court “may suspend, modify, restore, or 21 grant an injunction.” Fed. R. Civ. P. 62(d); Mayweathers v. Newland, 258 F.3d 930, 935 (9th Cir. 22 2001). The preliminary-injunction standard applies to a motion to stay. Tribal Village of Akutan v. 23 Hodel, 859 F.2d 662, 663 (9th Cir. 1988). The court considers the following four factors: (1) 24 whether the movant has made a strong showing that it is likely to succeed on the merits; (2) the 25 movant will be irreparably harmed absent a stay; (3) issuance of a stay will not substantially injure 26 27 42 Notice of Redacted Version – ECF No. 97 at 1. 28 43 Counterintelligence Risk Assessment– ECF No. 97-1 at 1–2. ORDER – No. 20-cv-05910-LB 15 Case 3:20-cv-05910-LB Document 134 Filed 11/24/20 Page 16 of 18 1 the other party; and (4) a stay is in the public interest. Nken v. Holder, 556 U.S. 418, 434 (2009); 2 accord Sierra Club v. Trump, No. 19-cv-00892-HSG, 2019 WL 2305341, at *1 (N.D. Cal. May 3 30, 2019). The first two factors “are the most critical.” Nken, 556 U.S at 434. The factors for 4 “assessing the harm to the opposing party and weighing the public interest . . . merge when the 5 Government is the opposing party.” Nken, 556 U.S. at 435. 6 7 ANALYSIS 8 The government contends that that the threat to national security means that the balance of United States District Court Northern District of California 9 equities strongly supports a stay of the injunction.44 It also contends that the government and the 10 public interest will suffer irreparable harm absent a stay, and that it is likely to succeed on the 11 merits of the claims because its prohibition of internet services is content neutral and survives 12 intermediate scrutiny under the First Amendment.45 The government’s new evidence does not 13 meaningfully alter its earlier submissions. The court’s assessment of the First Amendment analysis 14 and the risks to national security — on this record — are unchanged. The government’s additional evidence illuminates the threat that Tencent (through WeChat) 15 16 poses to national security. But as the court held previously, the government’s prohibited 17 transactions are not narrowly tailored to address the government’s significant interest in national 18 security.46 The record reflects narrowly tailored approaches that advance the government’s 19 significant national-security interest, such as barring WeChat from government devices (as 20 Australia has done and as the Department of Homeland Security recommends) or adopting 21 mitigation procedures like those in Tencent’s mitigation proposal and Joe Hildebrand’s best 22 practices about data security.47 Requiring industry best practices as part of a mitigation plan would 23 allow the continued use of the platform, arguably addresses the government’s national-security 24 interests, and leaves open adequate channels for communication. Ward v. Rock Against Racism, 491 25 44 Mot. – ECF No. 68 at 8–9. 45 Id. at 9–24. 27 46 Order – ECF No. 59 at 18. 28 47 Id.; see supra Statement. 26 ORDER – No. 20-cv-05910-LB 16 Case 3:20-cv-05910-LB Document 134 Filed 11/24/20 Page 17 of 18 1 U.S. 781, 791 (1989); see Order – ECF No. 59 at 17 (no viable alternative platforms or apps for the 2 Chinese-speaking and Chinese-American community). In sum, the record does not support the 3 conclusion that the government has “narrowly tailored” the prohibited transactions to protect its 4 national-security interests. Instead, the record, on balance, supports the conclusion that the 5 restrictions “burden substantially more speech than is necessary to further the government’s 6 legitimate interests.” Ward, 491 U.S. at 799. Thus, at the preliminary-injunction stage, the plaintiffs 7 met the standards for a preliminary injunction: they raised “serious questions going to the merits” of 8 their First Amendment claims, established that the “balance of hardships tip[ped] sharply” in their 9 favor, and satisfied the other elements for injunctive relief.48 Alliance for Wild Rockies, 632 F.3d at United States District Court Northern District of California 10 1131–35. 11 In sum, the court denies the government’s motion to stay the preliminary injunction.49 12 The government also asks for a bond on appeal (though it did not ask for it when it opposed 13 the plaintiffs’ motion for a preliminary injunction).50 The court denies the request. 14 “The court may issue a preliminary injunction . . . only if the movant gives security in an 15 amount that the court considers proper to pay the costs and damages sustained by any party found 16 to have been wrongfully enjoined or restrained.” Fed. R. Civ. P. 65(c). The district court has “wide 17 discretion in setting the amount of the bond.” Conn. Gen. Life Ins. Co. v. New Images, 321 F.3d 18 878, 882 (9th Cir. 2003). The court has discretion to determine whether any security is required at 19 all. Jorgensen v. Cassiday, 320 F.3d 906, 919 (9th Cir. 2003). A court “may dispense with the 20 filing of a bond when it concludes there is no realistic likelihood of harm to the defendant from 21 enjoining his or her conduct.” Id. A bond is not appropriate here. Cf., e.g., Cal. ex rel. Van De Kamp v. Tahoe Reg’l Planning 22 23 Agency, 766 F.2d 1319, 1325 (9th Cir. 1985) (affirming lower court’s waiving of the bond 24 requirement for a non-profit environmental group that was unable to post a substantial bond); see 25 26 27 48 Order – ECF No. 59 at 16–18, 20–21. 49 Mot. – ECF No. 68 at 23. 50 28 Opp’n – ECF No. 22 at 12–51; Opp’n – ECF No. 51 at 1–14; 9/19/20 Tr.– ECF No. 65 at 45:10–22 (raising issue for the first time). ORDER – No. 20-cv-05910-LB 17 Case 3:20-cv-05910-LB Document 134 Filed 11/24/20 Page 18 of 18 1 TikTok Inc. v. Trump, No. 1:20-cv-02658 (CJN), 2020 WL 5763634, at *9 n.4 (D.D.C. Sept. 27, 2 2020) (waiving bond). CONCLUSION 3 4 5 The court denies the government’s motion to stay the preliminary injunction. This disposes of ECF No. 68. 6 IT IS SO ORDERED. 7 Dated: October 23, 2020 ______________________________________ LAUREL BEELER United States Magistrate Judge 8 9 10 United States District Court Northern District of California 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 ORDER – No. 20-cv-05910-LB 18
]]>
Some case metadata and case summaries were written with the help of AI, which can produce inaccuracies. You
should read the full case before relying on it for legal research purposes.
This site is protected by reCAPTCHA and the Google
Privacy Policy and
Terms of Service apply.
