In plain terms. IEEPA is the statute the President uses to regulate or prohibit international commercial and financial transactions after declaring a national emergency to deal with an "unusual and extraordinary" threat that originates substantially outside the United States. It is the legal engine behind most modern technology-and-data sanctions: the President declares an emergency by executive order, and agencies (Treasury's OFAC, Commerce, and DOJ) write rules under that authority. In the cyber and supply-chain context, IEEPA underpins EO 13873 (securing the ICT supply chain), EO 14117 (restricting bulk sensitive personal data transfers to countries of concern), and a range of entity- and country-based restrictions. Its reach is broad but not unlimited — it does not authorize regulation of purely domestic conduct, and it excludes certain "informational materials" and personal communications.
Citation. Pub. L. 95-223, Title II (Dec. 28, 1977); 50 U.S.C. §§ 1701–1708.