|
|
ARIZONA HOUSE OF REPRESENTATIVES57th Legislature, 2nd Regular Session |
House: ST DP 5-4-0-0 |
HB 2134: critical infrastructure; foreign adversaries; prohibition
Sponsor: Representative Kupper, LD 25
Caucus & COW
Overview
Prohibits any software produced from a Chinese company from being used for critical communications and infrastructure in the state.
History
The Arizona Department of Administration (ADOA) must develop, implement and maintain a coordinated statewide plan for information technology, including evaluating specific information technology projects relating to the approved budget unit and statewide information technology plans in consultation with the statewide information security and privacy office in the Arizona Department of Homeland Security (AZDOHS). ADOA must manage enterprise-level information technology infrastructure, except that the information security and privacy office in the AZDOHS must manage the information security aspects of the infrastructure, and temporarily suspend access to information technology infrastructure when directed by AZDOHS and consult with AZDOHS regarding security policies, standards and procedures (A.R.S. § 18-104).
Critical infrastructure means systems and assets, whether physical or virtual, that are so vital to this state and the United States that the incapacity or destruction of those systems and assets would have a debilitating impact on security, economic security, public health or safety (A.R.S. § 41-1801).
The United States (U.S.) Secretary of Commerce has determined that the following foreign governments or foreign non-government persons have engaged in a long-term pattern or serious instances of conduct significantly adverse to the national security of the U.S. or security and safety of U.S. persons and constitute foreign adversaries:
1) The People's Republic of China, including the Hong Kong Special Administrative Region;
2) Republic of Cuba;
3) Islamic Republic of Iran;
4) Democratic People's Republic of Korea;
5) Russian Federation; and
6) Venezuelan politician Nicolás Maduro (15 C.F.R. § 791.4).
Provisions
1. Prohibits any software used for critical infrastructure in the state from being produced by a Chinese company. (Sec. 1)
2. Requires any critical communications infrastructure provider (Communications Provider) to certify, by January 1 of each year, to the Arizona Corporation Commission (ACC) any instance of prohibited critical communications infrastructure equipment along with the geographical coordinates of the area served. (Sec. 1)
3. Instructs a communications provider, certified by the ACC, to submit a status report to the ACC at the same time a report is sent to the federal government. (Sec. 1)
4. Requires the ACC, each quarter, to produce a map that details geographic areas serviced by critical communications infrastructure and equipment manufactured by a Chinese company. (Sec. 1)
5. Excludes Communication Providers who have removed, discontinued or replaced any prohibited equipment from obtaining an additional permit from any state agency or political subdivision. (Sec. 1)
6. Prohibits a government entity or critical infrastructure service provider (Service Provider) from entering into a new or renew a contract with a Chinese company with access to critical infrastructure. (Sec. 1)
7. Mandates each government entity and service provider to certify to the ACC that the provider is not connected to any operating system or attached to any additional technology that is prohibited by the ACC by March 31, 2027. (Sec. 1)
8. Instructs the ACC to publish and post a list of all technologies that are prohibited from being attached to critical infrastructure or connected to an operating system on the ACC website by December 31, 2026. (Sec. 1)
9. Instructs the ACC to publish the following list of prohibited technologies by December 31, 2026:
a. any WI-FI routers or modems systems;
b. any camera based school bus infraction detections system;
c. speed detection system;
d. traffic infraction detector system;
e. battery technology or smart meter technology;
f. solar inverters; and
g. any product that contains cellular internet-of-things modules produced by a Chinese company. (Sec. 1)
10. Directs a government entity and Service Provider to remove any technologies, if monies are appropriated and distributed with the intention of removing any technology, that are included on the prohibited list provided by the ACC. (Sec. 1)
11. Allows a government entity and service provider to continue usage or purchase of prohibited technology if all the following apply:
a. there are no other reasonable providers of the prohibited technology;
b. the purchase is preapproved by the ACC; and
c. not purchasing the technology would present a risk to the state. (Sec. 1)
12. Prohibits a government entity or a publicly regulated utility from entering into an agreement or contract involving critical infrastructure with the People's Republic of China if under the agreement or contract the People's Republic of China, directly or remotely, can access or control critical infrastructure. (Sec. 2)
13. Allows a government entity and publicly regulated utility to continue usage or purchase of prohibited technology if the following applies:
a. no other reasonable option exists for addressing a need that is relevant to the critical infrastructure;
b. agreement or contract is preapproved by the ACC; and
c. not entering into the agreement would present a risk to the state. (Sec. 2)
14. Instructs the ACC to establish a secure and dedicated communications channel for critical infrastructure providers and military installations across the state to connect with the ACC and Governor's office in case of an emergency that damages critical communications infrastructure. (Sec. 2)
15. Cites this legislation as the Arizona Critical Infrastructure Protection Act. (Sec. 3)
16. Defines key terms. (Sec. 1)
---------- DOCUMENT FOOTER ---------
Initials TM HB 2134
1/28/2026 Page 0 Caucus & COW
---------- DOCUMENT FOOTER ---------