Opinion
Case No. 20-cv-05910-LB
10-23-2020
U.S. WECHAT USERS ALLIANCE, et al., Plaintiffs, v. DONALD J. TRUMP, et al., Defendants.
ORDER DENYING MOTION TO STAY
Re: ECF No. 68
INTRODUCTION
The government moves to stay the court's preliminary injunction enjoining the government from (allegedly) effectively banning WeChat, a messaging, social-media, and mobile-payment app owned by the Chinese company Tencent Holdings Ltd. The government's ban — implemented in the Secretary's "Identification of Prohibited Transactions to Implement Executive Order 13943" — prohibited internet-services transactions (such as hosting services or distribution-and-maintenance services for downloads or updates) that enable WeChat's functioning. The court preliminarily enjoined the Secretary's ban because the plaintiffs (U.S.-based users of WeChat) met the standards for a preliminary injunction: they raised "serious questions going to the merits" of their First Amendment claims, established that the "balance of hardships tip[ped] sharply" in their favor, and satisfied the other elements for injunctive relief. Alliance for Wild Rockies v. Cottrell, 632 F.3d 1127, 1131-35 (9th Cir. 2011).
Mot. - ECF No. 68; Order - ECF No. 59 at 16-17. Citations refer to material in the Electronic Case File ("ECF"); pinpoint citations are to the ECF-generated page numbers at the top of documents.
Order - ECF No. 59 at 10-11.
Id. at 15-18, 20-21.
The government moved to stay the preliminary injunction, and it submitted additional information (that it could not have reasonably submitted earlier) that the Secretary of Commerce considered in identifying the prohibited transactions. The plaintiffs submitted additional information too. On this record, the court denies the motion to stay. The government's additional evidence does not alter the court's previous holding that the plaintiffs are entitled to a preliminary injunction.
Mot. - ECF No. 68.
STATEMENT
This section summarizes new information that the parties submitted as part of their briefing on the motion to stay: (1) additional information about national-security concerns that the Secretary considered in identifying the prohibited transactions; (2) Tencent's mitigation proposal; and (3) other evidence about the prohibited transactions, degradation of the user experience, and security measures.
1. Additional National-Security Information
The Secretary of Commerce considered additional information about the Chinese government's influence over companies such as Tencent, the Chinese government's espionage efforts against the U.S., the Chinese government's requirements that private Chinese companies assist in its intelligence and surveillance efforts, Tencent's history of assisting the Chinese government, WeChat's collection of and access to user data and personal information, its security vulnerabilities, its surveillance of users, its censorship of critiques about the Chinese government, and its provision of a platform to the Chinese government to espouse its propaganda.
Memorandum for the Secretary, Ex. A to Costello Decl. - ECF No. 76-1 at 5-16; Id., Ex. A to Costello Supp. Decl. - ECF No. 94-4 at 3-16.
The Department of Homeland Security's Cybersecurity and Infrastructure Agency identified similar concerns about WeChat, including censorship of content related to the Chinese government and national-security issues (such as the potential for security issues from the insertion of malicious code through the WeChat app, the risk of exposure, misuse, and theft of data, and the potential WeChat has for engaging in disinformation campaigns that benefit the Chinese government). The agency recommended that the government not permit use of WeChat "on the devices of State, Local, Tribal, and Territorial (SLTT) partners and critical infrastructure operators" and identified other steps — but not an outright ban — to address the security risks from data exposure, such as steps to limit location-data exposure.
Cybersecurity and Infrastructure Assessment, Ex. B to Costello Decl. - ECF No. 68-1 at 24-27 (also addressed issues about TikTok, a video-sharing app that is the subject of Executive Order 13942); see Tiktok Inc. v. Trump, No. 1:20-cv-02658 (CJN), 2020 WL 5763634, at *1-4 (D.D.C. Sept. 27, 2020).
Cybersecurity and Infrastructure Assessment, Ex. B to Costello Decl. - ECF No. 68-1 at 24, 27.
2. Tencent's Mitigation Proposal
In response to the Executive Order, Tencent proposed solutions to mitigate the security and privacy concerns about WeChat.
[Redacted]
Tencent Mitigation Proposal, Ex. A to Swearingen Decl. - ECF No. 85-5 at 6-8.
Id. at 8-9.
Id. at 9.
[Redacted]
Id. at 9-10.
The Department of Commerce summarized the mitigation proposal and its reasons for rejecting it:
Barring a complete divestiture of Tencent from the WeChat application, WeChat presents an immitigable risk to the national security, foreign policy, and economy of the United States. While WeChat has presented the Department of Commerce with a proposal to mitigate the concerns identified in EO 13943, we do not believe that this or any other mitigation proposal would be sufficient to address the aforementioned national security risk presented by WeChat under Tencent ownership. Tencent's mitigation proposal specifically sought to create a new U.S. version of the app, deploy specific security measures to protect the new app's source code, partner with a U.S. cloud provider for user data store, and manage the new app through a U.S.-based entity with a USG approved governance structure. Additionally, the Department considered additional mitigations to include escrow and review of WeChat's source code, regular compliance audits and notifications, and stringent approvals over management and personnel with access to user data.
However, all of these proposals still allowed TenCent to retain ownership of WeChat and would therefore not address our concerns regarding Tencent.
Memorandum for the Secretary, Ex. A to Costello Decl. - ECF No. 76-1 at 14.
The Department recommended rejecting the mitigation proposal on the ground that it required a "baseline level of trust" that was lacking because of Tencent's ties to the Chinese government, the applicability of Chinese law to Tencent's operations outside of China, Tencent's "support [of] ongoing efforts to support [Chinese] surveillance and censorship," and China's ongoing espionage to collect "U.S. person information."
Id.
3. Other Evidence
The parties submitted additional evidence about the effect of the prohibited transactions on the functionality of the WeChat app for users in the United States: (1) the Department of Commerce's Memorandum on the proposed prohibited transactions; (2) the plaintiffs' submissions; and (3) the Department of Commerce's subsequent filings.
For context, the Secretary's prohibited transactions — also set forth in the court's preliminary-injunction order — are as follows.
1. Any provision of services to distribute or maintain the WeChat mobile application, constituent code, or mobile application updates through an online mobile application store, or any online marketplace where mobile users within the land or maritime borders of the United States and its territories may download or update applications for use on their mobile devices;
2. Any provision of internet hosting services enabling the functioning or optimization of the WeChat mobile application, within the land and maritime borders of the United States and its territories;
3. Any provision of content delivery services enabling the functioning or optimization of the WeChat mobile application, within the land and maritime borders of the United States and its territories;
4. Any provision of directly contracted or arranged internet transit or peering services enabling the functioning or optimization of the WeChat mobile application, within the land and maritime borders of the United States and its territories;
5. Any provision of services through the WeChat mobile application for the purpose of transferring funds or processing payments to or from parties within the land or maritime borders of the United States and its territories;
6. Any utilization of the WeChat mobile application's constituent code, functions, or services in the functioning of software or services developed and/or accessible within the land and maritime borders of the United States and its territories; or
7. Any other transaction that is related to WeChat by any person, or with respect to any property, subject to the jurisdiction of the United States, with Tencent Holdings Ltd., or any subsidiary of that entity, as may be identified at a future date under the authority delegated under Executive Order 13943.
The identified prohibitions herein only apply to the parties to business-to-business transactions, and apply except to the extent provided by statutes, or in regulations, orders, directives, or licenses that may be issued pursuant to Executive Order 13943, and notwithstanding any contract entered into or any license or permit granted before the date of Executive Order 13943. Any other transaction with Tencent Holdings Ltd. or its subsidiaries is permitted under Executive Order 13943, as implemented by the Secretary, unless identified as prohibited or otherwise contrary to law.
Secretary's Identification of Prohibited Transactions, Ex. C to Costello Decl. - ECF No. 68-1 at 34-35.
3.1 The Department of Commerce's Assessment
In the September 17, 2020 memorandum to the Secretary of Commerce, John Costello — the Department of Commerce's Deputy Assistant Secretary for Intelligence and Security — characterized the overall effect of the prohibitions, effective September 20, 2020:
The [] prohibitions on certain business-to-business transactions deny access to and reduce the functionality of the WeChat mobile app within the land or maritime borders of the United States with the objective of preventing collection, transmission, and aggregation of U.S. user data by the WeChat app, Tencent, and PRCISS [Chinese Intelligence and Security Services]. Note that these transactions do not directly prohibit the downloading or use of the WeChat app and are not directly targeted at users of the WeChat app. While these prohibitions may ultimately make the application less effective and may be challenging for U.S.-based WeChat uses, [] they are necessary for the protection of U.S. national security. We hope that other communications platforms may take its place.
Memorandum for the Secretary, Ex. A to Costello Supp. Decl. - ECF No. 94-4 at 14-15.
The memorandum states that the September 20 compliance date "offer[ed] a short timeframe for compliance," but the "feasibility of compliance" was high because Tencent has a relatively small infrastructure in the United States.
Id. at 15.
Mr. Costello then addressed the effect of the individual prohibited transactions.
Prohibited transaction 1 would remove the WeChat app from U.S. based mobile app stores, preventing mobile users from being able to download the app to their devices or receive updates. Users could download the app outside of the United States. The prohibition does not require removal of the app from devices, but the inability to update the app "render[s it] less effective and functional." The prohibition limits the app's availability but it does not prevent the transmission of user data from devices in the United States to WeChat data centers.
Id
Prohibited transaction 2 prohibits hosting WeChat data in the U.S. Tencent does not host WeChat data in the U.S. It has U.S. data centers but says it does not store WeChat data there. This prohibition ensures that Tencent cannot host WeChat user data in the U.S. in its data centers or through leased hosting services.
Id.
Prohibited transaction 3 would terminate Tencent's contracts with its content-delivery network providers, which speed delivery and optimize service for users in the U.S. (Content-delivery services "copy, save, and deliver content, for a fee, from geographically dispersed servers to end-users for the purposes of enabling faster delivery of content.") Prohibited transaction 4 would terminate Tencent's peering contracts with companies that speed delivery and optimize service for U.S.-based users. ("Peering means a relationship between Internet Service providers (ISP) where the parties directly interconnect to exchange Internet traffic, most often on a no-cost basis.") The termination of both sets of contracts "will likely reduce functionality and usability of the apps for users" in the U.S.
Id. at 16 & nn. 86-87.
Prohibited transaction 5 — WeChat's "pay" functionality — is not available in the U.S. This prohibition ensures that financial institutions will not be able to process payments to or from parties in the U.S. if the functionality becomes available or if a user finds a way to access the functionality.
Id. at 16.
Prohibited transaction 6 prevents any circumvention of prohibited transactions 1 through 5 because it prevents servicing WeChat code, functions, and services through a separate mobile app. It also prevents "interoperability" with third-party apps that utilize WeChat functions and services, thus reducing the incidental collection of U.S. user data and its provision to Tencent.
Id.
3.2 The Plaintiffs' Response to the Department's Assessment
In response to Mr. Costello's memorandum, the plaintiffs submitted declarations from Adam Roach and Joe Hildebrand about the effect of the prohibitions on user experience, data issues, and best practices for data security.
Roach Decl. - ECF No. 84-1; Hildebrand Decl. - ECF No. 78-3.
Adam Roach, a network engineer with 25 years' experience, including (for the past eight years) his work as the principal engineer for Mozilla, addressed how the prohibited transactions degrade WeChat's delivery of services and effectively shuts down the WeChat app.
Roach Decl. - ECF No. 84-1 at 3-5 (¶¶ 4-13) (ban will effectively shut down WeChat)
Prohibited transaction 1 bars entities from allowing the distribution or updates of the WeChat app through downloads from online app stores (meaning, Google and Apple, given that Android and iOS are effectively 100 percent of the global smartphone market). The updates address security vulnerabilities, and prohibiting updates makes users vulnerable to cyberattacks from malicious actors (including identity theft, password exfiltration, unauthorized financial transactions, data theft, and location monitoring).
Id. at 3-4 (¶¶ 4-7).
Prohibited transactions 2 and 3 — directed at internet-hosting and content-delivery services to the extent that they are "enabling the functioning or optimization" of WeChat in the U.S. — will likely make WeChat less functional, slower, and less responsible, but they "do not limit the availability of WeChat users' information to Tencent or the People's Republic of China, and instead only serve to eliminate U.S. visibility into Tencent's behavior." Functions such as voice and video calls "may be severely limited." The prohibitions "will force all WeChat servers to operate outside of U.S. jurisdiction, and the U.S. government completely loses all ability to monitor WeChat's operations to determine whether collection of private user data is occurring." The "net effect" of prohibited transactions 2 and 3 "will be to exacerbate, rather than address, the data security concerns expressed in the preface of the Executive Order."
Id. at 4-5 (¶ 8).
Prohibited transaction 4 prohibits the provision of internet-transit or peering services, which is "an unprecedented and overbroad interference of the operation of the global internet." The short of the prohibition is that it prevents U.S. "internet backbone providers" (responsible for forming peering arrangements for the global routing of internet traffic) from pairing with the Chinese backbone providers China Unicom and China Telecom, effectively ending all direct internet traffic between the U.S. and China. Tencent and WeChat could choose peering with Europe-based backbone providers, but that could be construed as evading or avoiding the prohibition. This means that "a reasonable interpretation is that WeChat will be shut down under this prohibition."
Id. at 5 (¶¶ 9-10).
Prohibited transaction 5 "may limit the financial information exposed to WeChat," but it does not address the concerns in the Executive Order about the collection of the contents of users' messages.
Id. at 5-6 (¶ 11).
Prohibited transaction 6 would cause substantial portions of the U.S. software-development industry to move its development operations offshore. Modern software generally is created by existing software components — known as libraries — as part of the application's constituent code and functions. The prohibition would disallow the use of the libraries for software developed in the U.S.
Id. at 6 (¶ 12).
In sum, the prohibitions as a whole are "highly likely" to seriously degrade WeChat services and effectively shut down WeChat when they are implemented. They would force companies in the U.S. to block WeChat on their computers and wi-fi networks. Except for prohibited transaction 5 (which may limit exposure of users' financial information), the prohibitions do not limit WeChat's ability to collect user information, do not address any concern about data security, and instead are aimed at shutting down WeChat for U.S. users.
Id. (¶ 13).
Joe Hildebrand, an executive-level engineer with 30 years' experience, including (for the past four years) as Vice President of Engineering at Mozilla and (for eight years before that) as a Distinguished Engineer at Cisco and the overall architectural lead for WebEx, submitted a declaration about data security and best practices that can mitigate data-security issues. Those practices include segmenting and controlling access to a company's sensitive data, maintaining and auditing access logs to detect and address deviations including unauthorized access, and encrypting data through end-to-end encryption. He identifies four targeted measures to address the government's concerns about WeChat. First, WeChat could partner with a U.S. cloud provider to store data, which would allow a relatively secure place for user data and easy audits to detect unauthorized access to data. Second, regular compliance audits would mitigate data-security risks. Third, it is industry best practice to have stringent corporate or external oversight over management and personnel with access to user data. Fourth, WeChat could use end-to-end encryption. These measures do not eliminate all risks of data leaks to the Chinese government, but they meet the industry's current standards.
Hildebrand Decl. - ECF No. 78-3.
Id. at 3-5 (¶¶ 7-10).
Mr. Hildebrand notes that the government's concern about WeChat's surveillance capabilities could be addressed by an independent third party's review and audit of WeChat's source codes. Banning WeChat downloads is dangerous because it increases security risks to users: software needs updates to fix bugs, and if bugs are not fixed, WeChat users' devices and data are subject to attack. Security concerns about government employees are addressed through narrower bans of those employees' use of the WeChat app. Otherwise, data protection generally requires best practices such as end-to-end encryption, protecting consumer data and metadata (in the manner of Europe's General Data Protection Regulation or California's Consumer Privacy Act), and supporting research into making traffic analysis more difficult. Tech companies such as Facebook and Google, which collect data and sell it to data brokers, also pose surveillance concerns. If China wants U.S. users' private information, it can buy it from those data brokers. Effectively banning WeChat does not protect U.S. user data from criminals or China.
Id. at 5-6 (¶¶ 11-13).
3.3 The Department of Commerce's Subsequent Filings
Mr. Costello, the Deputy Assistant Secretary for Intelligence and Security, responded on October 20, 2020 to Adam Roach's opinions about the effect of the prohibited transactions.
Costello Supp. Decl. - ECF No. 94-3 at 2 (¶ 4).
Prohibited transaction 1 does not immediately prevent persons from using any already-installed WeChat app. It prevents updates, which makes the app less effective and functional over time, but the prohibition alone is not likely to have any short-term effect on the continued use of the app. Over time, after enough missed updates, certain features would be impaired, users might find the app incompatible with newer versions of operating systems for their mobile devices, and the WeChat app might not migrate to any new device. "In this way, the app would gradually become unusable to the point that users in the United States would not be able to use it to communicate or transmit data and would remove it from their devices." Even if users did not remove the app, the impaired functionality would reduce the collection and transmission of user data and mitigate the damage from a "hypothetical malicious attack." The decreased functionality would create incentives for users to use other apps. It is impossible to predict how long it would take for the app to become obsolete, but Mr. Costello's best estimate, "based on current circumstances," is that it would take one to two years to degrade to the point that a dedicated WeChat user would stop using the app and delete it.
Id. at 3-4 (¶¶ 5, 8).
Mr. Costello disagrees with Mr. Roach's assessment that the inability to update the app poses "an undue security risk" to 19 million U.S. WeChat users. He considered the risk and determined that the security benefit of the prohibition "vastly outweighed" the risks of an unpatched security vulnerability. He deems "the chance of an urgent software vulnerability in the WeChat app" to be small during the one to two years that it will take for WeChat to degrade to obsolescence. He disagrees that any vulnerability will affect 19 million users because users likely will transition to other mobile apps such as Facebook, Facebook Messenger, Google, Line, Telegram, Signal, Snapchat, Zoom, Skype, iChat, and WhatsApp. (He concedes that China through its "Great Firewall" policy excludes many of the apps, thereby precluding communication with persons in China, but he identifies apps that China allows: Signal, iMessage, Line, Wickr, Xiaomi Mitalk, Zoom, and Skype. Users can also use the telephone or email.). Also, other apps are safer than WeChat, which does not use robust encryption protocols and has ties — through Tencent — to the Chinese government. In sum, the security benefits of encouraging users to transition to safer platforms outweigh the temporary risk of vulnerabilities that result from the prohibition of updates.
Id. at 3-5 (¶¶ 6-10).
Prohibited transaction 2 will not make WeChat less functional because Tencent said — in response to an administrative subpoena — that it does not host or store data in the U.S. The prohibition thus is "forward-looking . . . and is not expected to impact the experiences of current WeChat users."
Id. at 5 (¶ 11).
Prohibited transaction 3 will reduce the functionality and usability of the app for U.S. users, but the effects "are somewhat limited" because Tencent could use content-delivery services in areas outside of the U.S. Even if data flowed through Hong Kong, the app "would likely still be usable for most WeChat users, even if it operated more slowly." Mr. Costello does not expect the combined effect of prohibitions 3 and 4 to deter "otherwise dedicated users of WeChat from continuing that use." Mr. Roach said that prohibited transaction 3 will cause the U.S. government to lose the ability to monitor whether WeChat is collecting user data. But he did not state "the premise for the assumption that the Government presently possesses the ability" to monitor WeChat, and he did not say how monitoring WeChat would give the U.S. government "visibility into what is occurring in China." Mr. Costello thus disagrees with Mr. Roach's conclusion that the prohibition acerbates data-security concerns, and he does not expect the prohibition "to have any meaningful impact on the U.S. Government's ability to monitor WeChat operations."
Id. at 5-6 (¶¶ 12-13).
Prohibited transaction 4 will terminate Tencent's peering contracts, but Tencent can contract with ISPs for dedicated transmission of WeChat data outside of the U.S. Also, the prohibition would not affect internet transit or peering services generally and affects only those "directly contracted or arranged" by Tencent. Thus, "the overwhelming majority of Internet traffic, including WeChat data, [would be] untouched." The prohibition would not shut down all direct internet traffic between the U.S. and China and instead would shut down "directly arranged" internet traffic between Tencent and the U.S. The prohibition will "somewhat reduce the speed and functionality of the WeChat app within the United States." The combined effect of prohibitions 3 and 4 is not "sufficient to inhibit or otherwise discourage WeChat users from using the app."
Id. at 6-7 (¶¶ 14-15).
Prohibited transaction 5 — prohibition of "WeChat Pay" — is prospective because U.S. users do not have access to this functionality. Mr. Costello disagrees with Mr. Roach's view that the functionality does not serve the security concerns in the Executive Order. It does because prohibiting a key functionality discourages use of WeChat and thus limits its use in the U.S. Also, if WeChat enabled the functionality for U.S. users, it would allow the transmission of user data such as bank-account data and purchase history.
Id. at 7-8 (¶¶ 16-17).
Prohibited transaction 6 prohibits circumvention of the other prohibited transactions through "any reservicing of the WeChat code in another app by a different name." It also prevents "interoperability" of third-party apps that utilize WeChat functions and services. That said, "WeChat-interoperable third-party apps are not currently a major component of the U.S. software industry," and thus Mr. Costello does not expect the prohibition to "substantially impact either the core functionalities used by most existing WeChat users or the U.S. software industry more broadly." He is not aware of any basis to conclude that the prohibition would cause any part of the U.S. software industry to move operations offshore.
Id. at 8 (¶ 18).
"[T]he purpose of the prohibitions is to degrade, impair, and (as pertains to financial transactions) prohibit the WeChat services that permit Tencent to surveil and monitor millions of U.S. persons, with the goal of encouraging and eventually requiring U.S.-based WeChat users to transition to alternative platforms." Mr. Costello's best estimate — again — is that it will take one to two year "for the WeChat app to be impaired to the extent that it will no longer function."
Id. at 8-9 (¶ 19).
The government also lodged a classified document on September 25, 2020 and filed a redacted version of the document on October 21, 2020. It is the Director of National Intelligence's Counterintelligence Risk Assessment of WeChat. It describes WeChat's functionalities: sharing images and videos, making payments and transferring money, ride hailing, finding friends through geolocation data, playing games, and delivering ads, among other functionalities. It identifies China, Russia, and Iran as three of the most capable and active cyber actors tied to economic espionage and the potential theft of U.S. trade secrets and proprietary information. It describes China's and Russia's use of software-supply-chain attacks and the Chinese Intelligence and Security Services' willingness to use the supply chain for malicious cyber operations. As an example, two Chinese hackers associated with the Ministry of State Security have been indicted for illegal computer intrusions targeting more than 45 U.S. technology companies and U.S. government agencies. The memo says the following about WeChat:
Notice of Redacted Version - ECF No. 97 at 1.
The legitimate functionality within the WeChat ecosystem presents inherent vulnerabilities. For example, mobile devices store and share device geolocation data by design and many apps — including WeChat — request permission for location and other resources that are not needed for the function of the app. Additionally, WeChat only uses client-to-server encryption, vice end-to-end encryption, which allows the service provider, Tencent, to sit between the sender and the receiver and have full access to message content and related data. The broad suite of data the app garners, including location data, phone usage data, captured image metadata, and network connectivity data, are accessible to PRCISS if that data transits China or is stored within its borders.
Counterintelligence Risk Assessment- ECF No. 97-1 at 1-2.
STANDARD OF REVIEW
During "the pendency of an interlocutory appeal," the court "may suspend, modify, restore, or grant an injunction." Fed. R. Civ. P. 62(d); Mayweathers v. Newland, 258 F.3d 930, 935 (9th Cir. 2001). The preliminary-injunction standard applies to a motion to stay. Tribal Village of Akutan v. Hodel, 859 F.2d 662, 663 (9th Cir. 1988). The court considers the following four factors: (1) whether the movant has made a strong showing that it is likely to succeed on the merits; (2) the movant will be irreparably harmed absent a stay; (3) issuance of a stay will not substantially injure the other party; and (4) a stay is in the public interest. Nken v. Holder, 556 U.S. 418, 434 (2009); accord Sierra Club v. Trump, No. 19-cv-00892-HSG, 2019 WL 2305341, at *1 (N.D. Cal. May 30, 2019). The first two factors "are the most critical." Nken, 556 U.S at 434. The factors for "assessing the harm to the opposing party and weighing the public interest . . . merge when the Government is the opposing party." Nken, 556 U.S. at 435.
ANALYSIS
The government contends that that the threat to national security means that the balance of equities strongly supports a stay of the injunction. It also contends that the government and the public interest will suffer irreparable harm absent a stay, and that it is likely to succeed on the merits of the claims because its prohibition of internet services is content neutral and survives intermediate scrutiny under the First Amendment. The government's new evidence does not meaningfully alter its earlier submissions. The court's assessment of the First Amendment analysis and the risks to national security — on this record — are unchanged.
Mot. - ECF No. 68 at 8-9.
Id. at 9-24.
The government's additional evidence illuminates the threat that Tencent (through WeChat) poses to national security. But as the court held previously, the government's prohibited transactions are not narrowly tailored to address the government's significant interest in national security. The record reflects narrowly tailored approaches that advance the government's significant national-security interest, such as barring WeChat from government devices (as Australia has done and as the Department of Homeland Security recommends) or adopting mitigation procedures like those in Tencent's mitigation proposal and Joe Hildebrand's best practices about data security. Requiring industry best practices as part of a mitigation plan would allow the continued use of the platform, arguably addresses the government's national-security interests, and leaves open adequate channels for communication. Ward v. Rock Against Racism, 491 U.S. 781, 791 (1989); see Order - ECF No. 59 at 17 (no viable alternative platforms or apps for the Chinese-speaking and Chinese-American community). In sum, the record does not support the conclusion that the government has "narrowly tailored" the prohibited transactions to protect its national-security interests. Instead, the record, on balance, supports the conclusion that the restrictions "burden substantially more speech than is necessary to further the government's legitimate interests." Ward, 491 U.S. at 799. Thus, at the preliminary-injunction stage, the plaintiffs met the standards for a preliminary injunction: they raised "serious questions going to the merits" of their First Amendment claims, established that the "balance of hardships tip[ped] sharply" in their favor, and satisfied the other elements for injunctive relief. Alliance for Wild Rockies, 632 F.3d at 1131-35.
Order - ECF No. 59 at 18.
Id.; see supra Statement.
Order - ECF No. 59 at 16-18, 20-21.
In sum, the court denies the government's motion to stay the preliminary injunction.
Mot. - ECF No. 68 at 23.
The government also asks for a bond on appeal (though it did not ask for it when it opposed the plaintiffs' motion for a preliminary injunction). The court denies the request.
Opp'n - ECF No. 22 at 12-51; Opp'n - ECF No. 51 at 1-14; 9/19/20 Tr.- ECF No. 65 at 45:10-22 (raising issue for the first time).
"The court may issue a preliminary injunction . . . only if the movant gives security in an amount that the court considers proper to pay the costs and damages sustained by any party found to have been wrongfully enjoined or restrained." Fed. R. Civ. P. 65(c). The district court has "wide discretion in setting the amount of the bond." Conn. Gen. Life Ins. Co. v. New Images, 321 F.3d 878, 882 (9th Cir. 2003). The court has discretion to determine whether any security is required at all. Jorgensen v. Cassiday, 320 F.3d 906, 919 (9th Cir. 2003). A court "may dispense with the filing of a bond when it concludes there is no realistic likelihood of harm to the defendant from enjoining his or her conduct." Id.
A bond is not appropriate here. Cf., e.g., Cal. ex rel. Van De Kamp v. Tahoe Reg'l Planning Agency, 766 F.2d 1319, 1325 (9th Cir. 1985) (affirming lower court's waiving of the bond requirement for a non-profit environmental group that was unable to post a substantial bond); see TikTok Inc. v. Trump, No. 1:20-cv-02658 (CJN), 2020 WL 5763634, at *9 n.4 (D.D.C. Sept. 27, 2020) (waiving bond).
CONCLUSION
The court denies the government's motion to stay the preliminary injunction. This disposes of ECF No. 68.
IT IS SO ORDERED.
Dated: October 23, 2020
/s/_________
LAUREL BEELER
United States Magistrate Judge