DHS Issues Guidance on “Essential Workers” During the COVID-19 Pandemic

As public health officials and elected leaders at all levels of government grapple with unprecedented and unexpected challenges, and race to mitigate the spread of the novel coronavirus (COVID-19) in the United States through directives to “stay at home” or “shelter in place” and other important measures, the Department of Homeland Security (DHS) issued guidance to help these leaders carve out exceptions for workers essential for the support of U.S. critical infrastructure industries.

On March 19, Christopher Krebs, the Director of the Cybersecurity and Infrastructure Security Agency (CISA), an agency within DHS, issued Guidance on the Essential Critical Infrastructure Workforce and a related memorandum including a list identifying “workers who conduct a range of operations and services that are essential to continued critical infrastructure viability.”  (CISA updated this guidance with Version 2.0 on March 28.)  This memorandum builds upon the President’s March 16 guidance that “[i]f you work in a critical infrastructure industry as defined by the Department of Homeland Security[1]…you have a special responsibility to maintain your normal work schedule.”

CISA developed an initial list of “Essential Critical Infrastructure Workers” to help State and local officials as they work to protect their communities, while ensuring continuity of functions critical to public health and safety, as well as economic and national security. The list can also inform critical infrastructure community decision-making to determine the sectors, sub-sectors, segments, or critical functions that should continue normal operations, appropriately modified to account for Centers for Disease Control (CDC) workforce and customer protection guidance.

The list is intended to be advisory only and is not a federal directive.

We recently highlighted the importance of communications services and noted some of steps underway to maintain connectivity and ease regulatory burdens that could slow or stymie important activity within the communications sector.  The new DHS guidance includes communications sector and information technology sector employees,[2] including, among others:

• Employees at that perform maintenance of communications infrastructure—including privately owned and maintained communication systems—supported by technicians, operators, call-centers, wireline and wireless providers, cable service providers, satellite operations, undersea cable landing stations, Internet Exchange Points, and manufacturers and distributors of communications equipment.

• Installation, maintenance and repair technicians that establish, support or repair service as needed.

• Central office personnel to maintain and operate central office, data centers, and other network office facilities.

• Workers responding to cyber incidents involving critical infrastructure, including medical facilities, SLTT governments and federal facilities, energy and utilities, and banks and financial institutions, and other critical infrastructure categories and personnel.

• Workers supporting the provision of essential global, national and local infrastructure for computing services (including cloud computing services), business infrastructure, web-based services, and critical manufacturing.

• Workers supporting communications systems and information technology used by law enforcement, public safety, medical, energy and other critical industries.

The guidance notes that State, local, tribal, and territorial (SLTT) governments are ultimately in charge of implementing and executing response activities in communities under their jurisdiction, while the federal government is in a supporting role.  Further, CISA notes that it is offering the list as a means of prioritizing activities related to continuity of operations and incident response.  States are already incorporating the guidance into official actions, as California Governor Gavin Newsom did in Executive Order N-33-20, ordering “all individuals living in the State of California to stay home or at their place of residence except as needed to maintain continuity of operations of the federal critical infrastructure sectors,” citing the DHS guidance and memorandum.

We are truly in uncharted waters and the status of the pandemic and our federal, state, and local governments’ response are all fluid, Wiley lawyers are standing by to assist companies in making sense of government directives and other guidance that is changing at a rapid pace.  

[1] DHS identifies 16 critical infrastructure sectors “whose assets, systems, and networks, whether physical or virtual, are considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof.” Presidential Policy Directive 21 (PPD-21) identifies 16 critical infrastructure sectors: Chemical Sector; Commercial Facilities Sector; Communications Sector; Critical Manufacturing Sector; Dams Sector;  Defense Industrial Base Sector; Emergency Services Sector; Energy Sector; Financial Services Sector;  Food and Agriculture Sector; Government Facilities Sector;  Healthcare and Public Health Sector; Information Technology Sector;  Nuclear Reactors, Materials, and Waste Sector; Transportation Systems Sector; and the Water and Wastewater Systems Sector.

[2] See DHS, Guidance on Essential Critical Infrastructure Workforce: Ensuring Community and National Resilience in COVID-19 Response (Version 1.0) at pages 9-10 (March 19, 2020) available at: https://www.cisa.gov/sites/default/files/publications/CISA-Guidance-on-Essential-Critical-Infrastructure-Workers-1-20-508c.pdf.