New York § 163-E Restriction on purchasing certain technology which poses a security threat

New York Statutes

§ 163-E — Restriction on purchasing certain technology which poses a security threat

New York § 163-E

Law STFState Finance

Art. 11State Purchasing

This text of New York § 163-E (Restriction on purchasing certain technology which poses a security threat) is published on Counsel Stack Legal Research, covering New York primary law. Counsel Stack provides free access to over 12 million legal documents including statutes, case law, regulations, and constitutions.

Bluebook

N.Y. State Finance § 163-E (2026).

Text

* § 163-e. Restriction on purchasing certain technology which poses a\nsecurity threat. 1.

(a)Notwithstanding any inconsistent provision of\nlaw, the state and any department, bureau, board, commission, authority,\nand any other agency or instrumentality of the state shall not enter\ninto or renew any contract or agreement to procure information and\ncommunications technology, including hardware, systems, devices,\nsoftware, or services that include embedded or incidental information\ntechnology, which are prohibited from federal procurement pursuant to\nsection 889 of Public Law 115-232 of 2018.\n (b) The term "information and communications technology" means:\n (i) information technology, as defined in section 11101 of title 40;\n (ii) information systems, as defined in 44 U.S.C. 3

Free access — add to your briefcase to read the full text and ask questions with AI

* § 163-e. Restriction on purchasing certain technology which poses a\nsecurity threat. 1. (a) Notwithstanding any inconsistent provision of\nlaw, the state and any department, bureau, board, commission, authority,\nand any other agency or instrumentality of the state shall not enter\ninto or renew any contract or agreement to procure information and\ncommunications technology, including hardware, systems, devices,\nsoftware, or services that include embedded or incidental information\ntechnology, which are prohibited from federal procurement pursuant to\nsection 889 of Public Law 115-232 of 2018.\n (b) The term "information and communications technology" means:\n (i) information technology, as defined in section 11101 of title 40;\n (ii) information systems, as defined in 44 U.S.C. 3502; and\n (iii) telecommunications equipment and telecommunications services, as\nthose terms are defined in section 3 of the Communications Act of 1934\n(47 U.S.C. 153).\n (c) The term "information and communications technology" shall not\ninclude automated-decision making systems.\n 2. The chief information officer shall, in consultation with the\ndivision of homeland security and emergency services and the office of\ngeneral services, establish and update regularly a list of restricted\ninformation and communications technology. Technology on this list shall\nnot be procured by any state agency, state or local authority, or\npolitical subdivision unless a waiver is issued pursuant to subdivision\nthree of this section or the chief information officer determines that\nthe technology shall only be restricted in limited circumstances.\n The list shall:\n (a) contain information and communications technologies that pose a\nsecurity risk to the state of New York or its political subdivisions. In\ndetermining whether information and communications technology poses such\na risk, the chief information officer shall consult relevant federal\nsources, including the department of defense inspector general report\nno. DODIG-2019-106, as well as any other source that shall be determined\nto be relevant;\n (b) describe the scope of each restriction, such as whether it is\ngenerally prohibited or prohibited in certain circumstances or from\ncertain entities;\n (c) include an explanation as to why items were included on the list;\nand\n (d) be published online and communicated to all relevant procurement\nofficers in all state agencies, state authorities, and political\nsubdivisions.\n 3. The commissioner of homeland security and emergency services, the\ncommissioner of the office of general services, the adjutant general,\nthe chief information officer, the chief cyber officer, the chief\ntechnology officer of the city of New York and any federal agency\nauthorized under section 889 of Public Law 115-232 of 2018, may provide\na waiver from this section if:\n (a) any such entity determines the waiver is in the interests of the\nstate or political subdivision;\n (b) no compliant product or service is available to be procured as,\nand when, needed at United States market prices or a price that is not\nconsidered prohibitively expensive; and\n (c) such waiver could not reasonably be expected to compromise the\nsecurity or integrity of a computer network operated by an\ninstrumentality of the state.\n 4. Nothing in this section shall be construed:\n (a) to require any information and communications technology resident\nin equipment, systems, or services as of the day before the effective\ndate of this section to be removed or replaced;\n (b) to prohibit or limit the utilization of such information and\ncommunications technology throughout the lifecycle of such existing\nequipment; or\n (c) to require the recipient of a state contract, grant, loan, or loan\nguarantee to replace information and communications technology resident\nin equipment, systems, or services before the effective date of this\nsection.\n * NB Effective December 19, 2027\n