14 Search Results

January 11, 2019 |
2018 Year-End German Law Update

Click for PDF Looking back at the past year’s cacophony of voices in a world trying to negotiate a new balance of powers, it appeared that Germany was disturbingly silent, on both the global and European stage. Instead of helping shape the new global agenda that is in the making, German politics focused on sorting out the vacuum created by a Federal election result which left no clear winner other than a newly formed right wing nationalist populist party mostly comprised of so called Wutbürger (the new prong for “citizens in anger”) that managed to attract 12.6 % of the vote to become the third strongest party in the German Federal Parliament. The relaunching of the Grand-Coalition in March after months of agonizing coalition talks was followed by a bumpy start leading into another session of federal state elections in Bavaria and Hesse that created more distraction. When normal business was finally resumed in November, a year had passed by with few meaningful initiatives formed or significant business accomplished. In short, while the world was spinning, Germany allowed itself a year’s time-out from international affairs. The result is reflected in this year’s update, where the most meaningful legal developments were either triggered by European initiatives, such as the General Data Protection Regulation (“GDPR”) (see below section 4.1) or the New Transparency Rules for Listed German Companies (see below section 1.2), or as a result of landmark rulings of German or international higher and supreme courts (see below Corporate M&A sections 1.1 and 1.4; Tax – sections 2.1 and 2.2 and Labor and Employment – section 4.2). In fairness, shortly before the winter break at least a few other legal statutes have been rushed through parliament that are also covered by this update. Of the changes that are likely to have the most profound impact on the corporate world, as well as on the individual lives of the currently more than 500 million inhabitants of the EU-28, the GDPR, in our view, walks away with the first prize. The GDPR has created a unified legal system with bold concepts and strong mechanisms to protect individual rights to one’s personal data, combined with hefty fines in case of the violation of its rules. As such, the GDPR stands out as a glowing example for the EU’s aspiration to protect the civic rights of its citizens, but also has the potential to create a major exposure for EU-based companies processing and handling data globally, as well as for non EU-based companies doing business in Europe. On a more strategic scale, the GDPR also creates a challenge for Europe in the global race for supremacy in a AI-driven world fueled by unrestricted access to data – the gold of the digital age. The German government could not resist infection with the virus called protectionism, this time around coming in the form of greater scrutiny imposed on foreign direct investments into German companies being considered as “strategic” or “sensitive” (see below section 1.3 – Germany Tightens Rules on Foreign Takeovers Even Further). Protecting sensitive industries from “unwanted” foreign investors, at first glance, sounds like a laudable cause. However, for a country like Germany that derives most of its wealth and success from exporting its ideas, products and services, a more liberal approach to foreign investments would seem to be more appropriate, and it remains to be seen how the new rules will be enforced in practice going forward. The remarkable success of the German economy over the last twenty five years had its foundation in the abandoning of protectionism, the creation of an almost global market place for German products, and an increasing global adoption of the rule of law. All these building blocks of the recent German economic success have been under severe attack in the last year. This is definitely not the time for Germany to let another year go by idly. We use this opportunity to thank you for your trust and confidence in our ability to support you in your most complicated and important business decisions and to help you form your views and strategies to deal with sophisticated German legal issues. Without our daily interaction with your real-world questions and tasks, our expertise would be missing the focus and color to draw an accurate picture of the multifaceted world we are living in. In this respect, we thank you for making us better lawyers – every day. ________________________ TABLE OF CONTENTS 1.      Corporate, M&A 2.      Tax 3.      Financing and Restructuring 4.      Labor and Employment 5.      Real Estate 6.      Compliance 7.      Antitrust and Merger Control 8.      Litigation 9.      IP & Technology 10.    International Trade, Sanctions and Export Controls ________________________ 1.       Corporate, M&A 1.1       Further Development regarding D&O Liability of the Supervisory Board in a German Stock Corporation In its famous “ARAG/Garmenbeck”-decision in 1997, the German Federal Supreme Court (Bundesgerichtshof – BGH) first established the obligation of the supervisory board of a German Stock Corporation (Aktiengesellschaft) to pursue the company’s D&O liability claims in the name of the company against its own management board after having examined the existence and enforceability of such claims. Given the very limited discretion the court has granted to the supervisory board not to bring such a claim and the supervisory board’s own liability arising from inactivity, the number of claims brought by companies against their (former) management board members has risen significantly since this decision. In its recent decision dated September 18, 2018, the BGH ruled on the related follow-up question about when the statute of limitations should start to run with respect to compensation claims brought by the company against a supervisory board member who has failed to pursue the company’s D&O liability claims against the board of management within the statutory limitation period. The BGH clarified that the statute of limitation applicable to the company’s compensation claims against the inactive supervisory board member (namely ten years in case of a publicly listed company, otherwise five years) should not begin to run until the company’s compensation claims against the management board member have become time-barred themselves. With that decision, the court adopts the view that in cases of inactivity, the period of limitations should not start to run until the last chance for the filing of an underlying claim has passed. In addition, the BGH in its decision confirmed the supervisory board’s obligation to also pursue the company’s claims against the board of management in cases where the management board member’s misconduct is linked to the supervisory board’s own misconduct (e.g. through a violation of supervisory duties). Even in cases where the pursuit of claims against the board of management would force the supervisory board to disclose its own misconduct, such “self-incrimination” does not release the supervisory board from its duty to pursue the claims given the preponderance of the company’s interests in an effective supervisory board, the court reasoned. In practice, the recent decision will result in a significant extension of the D&O liability of supervisory board members. Against that backdrop, supervisory board members are well advised to examine the existence of the company’s compensation claims against the board of management in a timely fashion and to pursue the filing of such claims, if any, as soon as possible. If the board of management’s misconduct is linked to parallel misconduct of the supervisory board itself, the relevant supervisory board member – if not exceptionally released from pursuing such claim and depending on the relevant facts and circumstances – often finds her- or himself in a conflict of interest arising from such self-incrimination in connection with the pursuit of the claims. In such a situation, the supervisory board member might consider resigning from office in order to avoid a conflict of interest arising from such self-incrimination in connection with the pursuit of the claims. Back to Top 1.2       Upcoming New Transparency Rules for Listed German Companies as well as Institutional Investors, Asset Managers and Proxy Advisors In mid-October 2018, the German Federal Ministry of Justice finally presented the long-awaited draft for an act implementing the revised European Shareholders’ Rights Directive (Directive (EU) 2017/828). The Directive aims to encourage long-term shareholder engagement by facilitating the communication between shareholders and companies, in particular across borders, and will need to be implemented into German law by June 10, 2019 at the latest. The new rules primarily target listed German companies and provide some major changes with respect to the “say on pay” provisions, as well as additional approval and disclosure requirements for related party transactions, the transmission of information between a stock corporation and its shareholders and additional transparency and reporting requirements for institutional investors, asset managers and proxy advisors. “Say on pay” on directors’ remuneration: remuneration policy and remuneration report Under the current law, the shareholders determine the remuneration of the supervisory board members at a shareholder meeting, whereas the remuneration of the management board members is decided by the supervisory board. The law only provides for the possibility of an additional shareholder vote on the management board members’ remuneration if such vote is put on the agenda by the management and supervisory boards in their sole discretion. Even then, such vote has no legal effects whatsoever (“voluntary say on pay”). In the future, shareholders of German listed companies will have two options. First, the supervisory board will have to prepare a detailed remuneration policy for the management board, which must be submitted to the shareholders if there are major changes to the remuneration, and in any event at least once every four years (“mandatory say on pay”). That said, the result of the vote on the policy will continue to remain only advisory. However, if the supervisory board adopts a remuneration policy that has been rejected by the shareholders, it will then be required to submit a reviewed (not necessarily revised) remuneration policy to the shareholders at the next shareholders’ meeting. With respect to the remuneration of supervisory board members, the new rules require a shareholders vote at least once every four years. Second, at the annual shareholders’ meeting the shareholders will vote ex post on the remuneration report (which is also reviewed by the statutory auditor) which contains the remuneration granted to the present and former members of the management board and the supervisory board in the past financial year. Again, the shareholders’ vote, however, will only be advisory. Both the remuneration report including the audit report, as well as the remuneration policy will have to be made public on the company’s website for at least ten years. Related party transactions German stock corporation law already provides for various safeguard mechanisms to protect minority shareholders in cases of transactions with major shareholders or other related parties (e.g. the capital maintenance rules and the laws relating to groups of companies). In the future, in the case of listed companies, these mechanisms will be supplemented by a detailed set of approval and transparency requirements for transactions between the company and related parties. Material transactions exceeding certain thresholds will require prior supervisory board approval. A rejection by the supervisory board can be overcome by shareholder vote. Furthermore, a listed company must publicly disclose any such material related party transaction, without undue delay over media providing for a Europe-wide distribution. Identification of shareholders and facilitation of the exercise of shareholders’ rights Listed companies will have the right to request information on the identity of their shareholders, including the name and both a postal and electronic address, from depositary banks, thus allowing for a direct communication line, also with respect to bearer shares (“know-your-shareholder”). Furthermore, depositary banks and other intermediaries will be required to pass on important information from the company to the shareholders and vice versa, e.g. with respect to voting in shareholders’ meetings and the exercise of subscription rights. Where there is more than one intermediary in a chain, the intermediaries are required to pass on the respective information within the chain. In addition, companies will be required to confirm the votes cast at the request of the shareholders thus enabling them to be certain that their votes have been effectively cast, including in particular across borders. Transparency requirements for institutional investors, asset managers and proxy advisors German domestic institutional investors and asset managers with Germany as their home member state (as defined in the applicable sector-specific EU law) will be required (i) to disclose their engagement policy, including how they monitor, influence and communicate with the investee companies, exercise shareholders’ rights and manage actual and potential conflicts of interests, and (ii) to report annually on the implementation of their engagement policy and disclose how they have cast their votes in the general meetings of material investee companies. Institutional investors will further have to disclose (iii) consistency between the key elements of their investment strategy with the profile and duration of their liabilities and how they contribute to the medium to long-term performance of their assets, and, (iv) if asset managers are involved, to disclose the main aspects of their arrangement with the asset manager. The new disclosure and reporting requirements, however, only apply on a “comply or explain” basis. Thus, investors and asset managers may choose not to make the above disclosures, provided they give an explanation as to why this is the case. Proxy advisors will have to publicly disclose on an annual basis (i) whether and how they have applied their code of conduct based again on the “comply or explain” principle, and (ii) information on the essential features, methodologies and models they apply, their main information sources, the qualification of their staff, their voting policies for the different markets they operate in, their interaction with the companies and the stakeholders as well as how they manage conflicts of interests. These rules, however, do not apply to proxy advisors operating from a non-EEA state with no establishment in Germany. The present legislative draft is still under discussion and it is to be expected that there will still be some changes with respect to details before the act becomes effective in mid-2019. Due to transitional provisions, the new rules on “say on pay” will have no effect for the majority of listed companies in this year’s meeting season. Whether the new rules will actually promote a long-term engagement of shareholders and have the desired effect on the directors’ remuneration of listed companies will have to be seen. In any event, both listed companies as well as the other addressees of the new transparency rules should make sure that they are prepared for the new reporting and disclosure requirements. Back to Top 1.3       Germany Tightens Rules on Foreign Takeovers Even Further After the German government had imposed stricter rules on foreign direct investment in 2017 (see 2017 Year-End German Law Update under 1.5), it has now even further tightened its rules with respect to takeovers of German companies by foreign investors. The latest amendment of the rules under the German Foreign Trade and Payments Ordinance (Außenwirtschaftsverordnung, “AWV“) enacted in 2018 was triggered, among other things, by the German government’s first-ever veto in August 2018 regarding the proposed acquisition of Leifeld Metal Spinning, a German manufacturer of metal forming machines used in the automotive, aerospace and nuclear industries, by Yantai Taihai Corporation, a privately-owned industry group from China, on the grounds of national security. Ultimately, Yantai withdrew its bid shortly after the German government had signaled that it would block the takeover. On December 29, 2018, the latest amendment of the Foreign Trade and Payments Ordinance came into force. The new rules provide for greater scrutiny of foreign direct investments by lowering the threshold for review of takeovers of German companies by foreign investors from the acquisition of 25% of the voting rights down to 10% in circumstances where the target operates a critical infrastructure or in sensitive security areas (defense and IT security industry). In addition, the amendment also expands the scope of the Foreign Trade and Payments Ordinance to also apply to certain media companies that contribute to shaping the public opinion by way of broadcasting, teleservices or printed materials and stand out due to their special relevance and broad impact. While the lowering of the review threshold as such will lead to an expansion of the existing reporting requirements, the broader scope is also aimed at preventing German mass media from being manipulated with disinformation by foreign investors or governments. There are no specific guidelines published by the German government as it wants the relevant parties to contact, and enter into a dialog with, the authorities about these matters. While the German government used to be rather liberal when it came to foreign investments in the past, the recent veto in the case of Leifeld as well as the new rules show that in certain circumstances, it will become more cumbersome for dealmakers to get a deal done. Finally, it is likely that the rules on foreign investment control will be tightened even further going forward in light of the contemplated EU legislative framework for screening foreign direct investment on a pan-European level. Back to Top 1.4       US Landmark Decision on MAE Clauses – Consequences for German M&A Deals Fresenius wrote legal history in the US with potential consequences also for German M&A deals in which “material adverse effect” (MAE) clauses are used. In December 2018, for the first time ever, the Supreme Court of Delaware allowed a purchaser to invoke the occurrence of an MAE and to terminate the affected merger agreement. The agreement included an MAE clause, which allocated certain business risks concerning the target (Akorn) for the time period between signing and closing to Akorn. Against the resistance of Akorn, Fresenius terminated the merger agreement based on the alleged MAE, arguing that the target’s EBITDA declined by 86%. The decision includes a very detailed analysis of an MAE clause by the Delaware courts and reaffirms that under Delaware law there is a very high bar to establishing an MAE. Such bar is based both on quantitative and qualitative parameters. The effects of any material adverse event need to be substantial as well as lasting. In most German deals, the parties agree to arbitrate. For this reason, there have been no German court rulings published on MAE clauses so far. Hence, all parties to an M&A deal face uncertainty about how German courts or arbitration tribunals would define “materiality” in the context of an MAE clause. In potential M&A litigation, sellers may use this ruling to support the argument that the bar for the exercise of the MAE right is in fact very high in line with the Delaware standard. It remains to be seen whether German judges will adopt the Delaware decision to interpret MAE clauses in German deals. Purchasers, who seek more certainty, may consider defining materiality in the MAE clause more concretely (e.g., by reference to the estimated impact of the event on the EBITDA of the company or any other financial parameter). Back to Top 1.5       Equivalence of Swiss Notarizations? The question whether the notarization of various German corporate matters may only be validly performed by German notaries or whether some or all of these measures may also be notarized validly by Swiss notaries has long since been the topic of legal debate. Since the last major reform of the German Limited Liability Companies Act (Gesetz betreffend Gesellschaften mit beschränkter Haftung – GmbHG) in 2008 the number of Swiss notarizations of German corporate measures has significantly decreased. A number of the newly introduced changes and provisions seemed to cast doubt on the equivalence and capacity of Swiss notaries to validly perform the duties of a German notary public who are not legally bound by the mandatory, non-negotiable German fee regime on notarial fees. As a consequence and a matter of prudence, German companies mostly stopped using Swiss notaries despite the potential for freely negotiated fee arrangements and the resulting significant costs savings in particular in high value matters. However, since 2008 there has been an increasing number of test cases that reach the higher German courts in which the permissibility of a Swiss notarization is the decisive issue. While the German Federal Supreme Court (Bundesgerichtshof – BGH) still has not had the opportunity to decide this question, in 2018 two such cases were decided by the Kammergericht (Higher District Court) in Berlin. In those cases, the court held that both the incorporation of a German limited liability company in the Swiss Canton of Berne (KG Berlin, 22 W 25/16 – January 24, 2018 = ZIP 2018, 323) and the notarization of a merger between two German GmbHs before a notary in the Swiss Canton of Basle (KG Berlin, 22 W 2/18 – July 26, 2018 = ZIP 2018, 1878) were valid notarizations under German law, because Swiss notaries were deemed to be generally equivalent to the qualifications and professional standards of German-based notaries. The reasons given in these decisions are reminiscent of the case law that existed prior to the 2008 corporate law reform and can be interpreted as indicative of a certain tendency by the courts to look favorably on Swiss notarizations as an alternative to German-based notarizations. Having said that and absent a determinative decision by the BGH, using German-based notaries remains the cautious default approach for German companies to take. This is definitely the case in any context where financing banks are involved (e.g. either where share pledges as loan security are concerned or in an acquisition financing context of GmbH share sales and transfers). On the other hand, in regions where such court precedents exist, the use of Swiss notaries for straightforward intercompany share transfers, mergers or conversions might be considered as an alternative on a case by case basis. Back to Top 1.6       Re-Enactment of the DCGK: Focus on Relevance, Function, Management Board’s Remuneration and Independence of Supervisory Board Members Sixteen years after it has first been enacted, the German Corporate Governance Code (Deutscher Corporate Governance Kodex, DCGK), which contains standards for good and responsible governance for German listed companies, is facing a major makeover. In November 2018, the competent German government commission published a first draft for a radically revised DCGK. While vast parts of the proposed changes are merely editorial and technical in nature, the draft contains a number of new recommendations, in particular with respect to the topics of management remuneration and independence of supervisory board members. With respect to the latter, the draft now provides a catalogue of criteria that shall act as guidance for the supervisory board as to when a shareholder representative shall no longer be regarded as independent. Furthermore, the draft also provides for more detailed specifications aiming for an increased transparency of the supervisory board’s work, including the recommendation to individually disclose the members’ attendance of meetings, and further tightens the recommendations regarding the maximum number of simultaneous mandates for supervisory board members. Moreover, in addition to the previous concept of “comply or explain”, the draft DCGK introduces a new “apply and explain” concept, recommending that listed companies also explain how they apply certain fundamental principles set forth in the DCGK as a new third category in addition to the previous two categories of recommendations and suggestions. The draft DCGK is currently under consultation and the interested public is invited to comment upon the proposed amendments until the end of January 2019. Since some of the proposed amendments provide for a rather fundamentally new approach to the current regime and would introduce additional administrative burdens, it remains to be seen whether all of the proposed amendments will actually come into force. According to the current plan, following a final consultancy of the Government Commission, the revised version of the DCGK shall be submitted for publication in April 2019 and would take effect shortly thereafter. Back to Top 2.         Tax On November 23, 2018, the German Federal Council (Bundesrat) approved the German Tax Reform Act 2018 (Jahressteuergesetz 2018, the “Act”), which had passed the German Federal Parliament (Bundestag) on November 8, 2018. Highlights of the Act are (i) the exemption of restructuring gains from German income tax, (ii) the partial abolition of and a restructuring exemption from the loss forfeiture rules in share transactions and (iii) the extension of the scope of taxation for non-German real estate investors investing in Germany. 2.1       Exemption of Restructuring Gains The Act puts an end to a long period of uncertainty – which has significantly impaired restructuring efforts – with respect to the tax implications resulting from debt waivers in restructuring scenarios (please see in this regard our 2017 Year-End German Law Update under 3.2). Under German tax law, the waiver of worthless creditor claims creates a balance sheet profit for the debtor in the amount of the nominal value of the payable. Such balance sheet profit is taxable and would – without any tax privileges for such profit – often outweigh the restructuring effect of the waiver. The Act now reinstates the tax exemption of debt waivers with retroactive effect for debt waivers after February 8, 2017; upon application debt waivers prior to February 8, 2017 can also be covered. Prior to this legislative change, a tax exemption of restructuring gains was based on a restructuring decree of the Federal Ministry of Finance, which has been applied by the tax authorities since 2003. In 2016, the German Federal Fiscal Court (Bundesfinanzgerichtshof) held that the restructuring decree by the Federal Ministry of Finance violates constitutional law since a tax exemption must be legislated by statute and cannot be based on an administrative decree. Legislation was then on hold pending confirmation from the EU Commission that a legislative tax exemption does not constitute illegal state aid under EU law. The EU Commission finally gave such confirmation by way of a comfort letter in August 2018. The Act is largely based on the conditions imposed by a restructuring decree issued by the Federal Ministry of Finance on the tax exemption of a restructuring gain. Under the Act, gains at the level of the debtor resulting from a full or partial debt relief are exempt from German income tax if the relief is granted to recapitalize and restructure an ailing business. The tax exemption only applies if at the time of the debt waiver (i) the business is in need of restructuring and (ii) capable of being restructured, (iii) the waiver results in a going-concern of the restructured business and (iv) the creditor waives the debt with the intention to restructure the business. The rules apply to German corporate income and trade tax and benefit individuals, partnerships and corporations alike. Any gains from the relief must first be reduced by all existing loss-offsetting potentials before the taxpayer can benefit from tax exemptions on restructuring measures. Back to Top 2.2       Partial Abolition of Loss Forfeiture Rules/Restructuring Exception Under the current Loss Forfeiture Rules, losses of a German corporation will be forfeited on a pro rata basis if within a period of five years more than 25% but not more than 50% of the shares in the German loss-making corporation are transferred (directly or indirectly) to a new shareholder or group of shareholders with aligned interests. If more than 50% are transferred, losses will be forfeited in total. There are exceptions to this rule for certain intragroup restructurings, built-in gains and business continuations, especially in the venture capital industry. On March 29, 2017, the German Federal Constitutional Court (Bundesverfassungsgericht – BVerfG) ruled that the pro rata forfeiture of losses (a share transfer of more than 25% but not more than 50%) is incompatible with the constitution. The court has asked the German legislator to amend the Loss Forfeiture Rules retroactively for the period from January 1, 2008 until December 31, 2015 to bring them in line with the constitution. Somewhat surprisingly, the legislator has now decided to fully cancel the pro rata forfeiture of losses with retroactive effect and with no reference to a specific tax period. Currently pending before the German Federal Constitutional Court is the question whether the full forfeiture of losses is constitutional. A decision by the Federal Constitutional Court is expected for early 2019, which may then result in another legislative amendment of the Loss Forfeiture Rules. The Act has also reinstated a restructuring exception from the forfeiture rules – if the share transfer occurs in order to restructure the business of an ailing corporation. Similar to the exemption of restructuring gains, this legislation was on hold until the ECJ’s decision (European Court of Justice) on June 28, 2018 that the restructuring exception does not violate EU law. Existing losses will not cease to exist following a share transfer if the restructuring measures are appropriate to avoid or eliminate the illiquidity or the over-indebtedness of the corporation and to maintain its basic operational structure. The restructuring exception applies to share transfers after December 31, 2007. Back to Top 2.3       Investments in German Real Estate by Non-German Investors So far, capital gains from the disposal of shares in a non-German corporation holding German real estate were not subject to German tax. In a typical structure, in which German real estate is held via a Luxembourg or Dutch entity, a value appreciation in the asset could be realized by a share deal of the holding company without triggering German income taxes. Under the Act, the sale of shares in a non-German corporation is now taxable if, at some point within a period of one year prior to the sale of shares, 50 percent of the book value of the assets of the company consisted of German real estate and the seller held at least 1 percent of the shares within the last five years prior to the sale. The Act is now in line with many double tax treaties concluded by Germany, which allow Germany to tax capital gains in these cases. The new law applies for share transfers after December 31, 2018. Capital gains are only subject to German tax to the extent the value has been increased after December 31, 2018. Until 2018, a change in the value of assets and liabilities, which are economically connected to German real estate, was not subject to German tax. Therefore, for example, profits from a waiver of debt that was used to finance German real estate was not taxable in Germany whereas the interest paid on the debt was deductible for German tax purposes. That law has now changed and allows Germany to tax such profit from a debt waiver if the loan was used to finance German real estate. However, only the change in value that occurred after December 31, 2018 is taxable. Back to Top 3.         Financing and Restructuring – Test for Liquidity Status Tightened On December 19, 2017, the German Federal Supreme Court (Bundesgerichtshof – BGH) handed down an important ruling which clarifies the debt and payable items that should be taken into account when determining the “liquidity” status of companies. According to the Court, the liquidity test now requires managing directors and (executive) board members to determine whether a liquidity gap exceeding 10% can be overcome by incoming liquidity within a period of three weeks taking into account all payables which will become due in those three weeks. Prior to the ruling, managing directors had often argued successfully that only those payables that were due at the time when the test is applied needed be taken into account while expected incoming payments within a three week term could be considered. This mismatch in favor of the managing directors has now been rectified by the Court to the disadvantage of the managing directors. If, for example, on June 1 the company liquidity status shows due payables amounting to EUR 100 and plausible incoming receivables in the three weeks thereafter amounting to EUR 101, no illiquidity existed under the old test. Under the new test confirmed by the Court, payables of EUR 50 becoming due in the three week period now also have to be taken into account and the company would be considered illiquid. For companies and their managing directors following a cautious approach, the implications of this ruling are minor. Going forward, however, even those willing to take higher risks will need to follow the court determined principles. Otherwise, delayed insolvency filings could ensue. This not only involves a managing directors and executive board members’ personal liability for payments made on behalf of the company while illiquid but also potential criminal liability for a delayed insolvency filing. Managing directors are thus well advised to properly undertake and also document the required test in order to avoid liability issues. Back to Top 4.         Labor and Employment 4.1       GDPR Has Tightened Workplace Privacy Rules The EU General Data Protection Regulation (“GDPR”) started to apply on May 25, 2018. It has introduced a number of stricter rules for EU countries with regard to data protection which also apply to employee personal data and employment relationships. In addition to higher sanctions, the regulation provides for extensive information, notification, deletion, and documentation obligations. While many of these data privacy rules had already been part of the previous German workplace privacy regime under the German Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG), the latter has also been amended and provides for specific rules applicable to employee data protection in Germany (e.g. in the context of internal investigations or with respect to employee co-determination). However, the most salient novelty is the enormous increase in potential sanctions under the GDPR. Fines for GDPR violations can reach up to the higher of EUR 20 million or 4% of the group’s worldwide turnover. Against this backdrop, employers are well-advised to handle employee personnel data particularly careful. This is also particularly noteworthy as the employer is under an obligation to prove compliance with the GDPR – which may result in a reversal of the burden of proof e.g. in employment-related litigation matters involving alleged GDPR violations. Back to Top 4.2       Job Adverts with Third Gender Following a landmark decision by the German Federal Constitutional Court in 2017, employers are gradually inserting a third gender into their job advertisements. The Federal Constitutional Court (Bundesverfassungsgericht – BVerfG) decided on October 10, 2017 that citizens who do not identify as either male or female were to be registered as “diverse” in the birth register (1 BvR 2019/16). As a consequence of this court decision, many employers in Germany have broadened gender notations in job advertisements from previously “m/f” to “m/f/d”. While there is no compelling legal obligation to do so, employers tend to signal their open-mindedness by this step, but also mitigate the potential risk of liability for a discrimination claim. Currently, such liability risk does not appear alarming due to the relative rarity of persons identifying as neither male nor female and the lack of a statutory stipulation for such adverts. However, employers might be well-advised to follow this trend, particularly after Parliament confirmed the existence of a third gender option in birth registers in mid-December. Back to Top 4.3       Can Disclosure Obligation Reduce Gender Pay-Gap? In an attempt to weed out gender pay gaps, the German lawmaker has introduced the so-called Compensation Transparency Act in 2017. It obliges employers, inter alia, to disclose the median compensation of comparable colleagues of the opposite gender with comparable jobs within the company. The purpose is to give a potential claimant (usually a female employee) an impression of how much her comparable male colleagues earn in order for her to consider further steps, e.g. a claim for more money. However, the new law is widely perceived as pointless. First, the law itself and its processes are unduly complex. Second, even after making use of the law, the respective employee would still have to sue the company separately in order to achieve an increase in her compensation, bearing the burden of proof that the opposite-gender employee with higher compensation is comparable to her. Against this background, the law has hardly been used in practice and will likely have only minimal impact. Back to Top 4.4       Employers to Contribute 15% to Deferred Compensation Schemes In order to promote company pension schemes, employers are now obliged to financially support deferred compensation arrangements. So far, employer contributions to any company pension scheme had been voluntary. In the case of deferred compensation schemes, companies save money as a result of less social security charges. The flipside of this saving was a financial detriment to the employee’s statutory pension, as the latter depends on the salary actually paid to the employee (which is reduced as a result of the deferred compensation). To compensate the employee for this gap, the employer is now obliged to contribute up to 15% of the respective deferred compensation. The actual impact of this new rule should be limited, as many employers already actively support deferred compensation schemes. As such, the new obligatory contribution can be set off against existing employer contributions to the same pension scheme. Back to Top 5.         Real Estate – Notarization Requirement for Amendments to Real Estate Purchase Agreements Purchase agreements concerning German real estate require notarization in order to be effective. This notarization requirement relates not only to the purchase agreement as such but to all closely related (side) agreements. The transfer of title to the purchaser additionally requires an agreement in rem between the seller and the purchaser on the transfer (conveyance) and the subsequent registration of the transfer in the land register. To avoid additional notarial fees, parties usually include the conveyance in the notarial real estate purchase agreement. Amendment agreements to real estate purchase agreements are quite common (e.g., the parties subsequently agree on a purchase price adjustment or the purchaser has special requests in a real estate development scenario). Various Higher District Courts (Oberlandesgerichte), together with the prevailing opinion in literature, have held in the past that any amendments to real estate purchase agreements also require notarization unless such an amendment is designed to remove unforeseeable difficulties with the implementation of the agreement without significantly changing the parties’ mutual obligations. Any amendment agreement that does not meet the notarization requirement may render the entire purchase agreement (and not only the amendment agreement) null and void. With its decision on September 14, 2018, the German Federal Supreme Court (Bundesgerichtshof – BGH) added another exception to the notarization requirement and ruled that notarization of an amendment agreement is not required once the conveyance has become binding and the amendment does not change the existing real estate transfer obligations or create new ones. A conveyance becomes binding once it has been validly notarized. Before this new decision of the BGH, amendments to real estate purchase agreements were often notarized for the sake of precaution because it was difficult to determine whether the conditions for an exemption from the notarization requirement had been met. This new decision of the BGH gives the parties clear guidance as to when amendments to real estate purchase agreements require notarization. It should, however, be borne in mind that notarization is still required if the amendment provides for new transfer obligations concerning the real property or the conveyance has not become effective yet (e.g., because third party approval is still outstanding). Back to Top 6.         Compliance 6.1       Government Plans to Introduce Corporate Criminal Liability and Internal Investigations Act Plans of the Federal Government to introduce a new statute concerning corporate criminal liability and internal investigations are taking shape. Although a draft bill had already been announced for the end of 2018, pressure to respond to recent corporate scandals seems to be rising. With regard to the role and protection of work product generated during internal investigations, the highly disputed decisions of the Federal Constitutional Court (Bundesverfassungsgericht – BVerfG) in June 2018 (BVerfG, 2 BvR 1405/17, 2 BvR 1780/17 – June 27, 2018) (see 2017 Year-End German Law Update under 7.3) call for clearer statutory rules concerning the search of law firm premises and the seizure of documents collected in the course of an internal investigation. In its dismissal of complaints brought by Volkswagen and its lawyers from Jones Day, the Federal Constitutional Court made remarkable obiter dicta statements in which it emphasized the following: (1) the legal privilege enjoyed for the communication between the individual defendant (Beschuldigter) and its criminal defense counsel is limited to their communication only; (2) being considered a foreign corporate body, the court denied Jones Day standing in the proceedings, because the German constitution only grants rights to corporate bodies domiciled in Germany; and (3) a search of the offices of a law firm does not affect individual constitutional rights of the lawyers practicing in that office, because the office does not belong to the lawyers’ personal sphere, but only to their law firm. The decision and the additional exposure caused by it by making attorney work product created in the course of an internal investigation accessible was a major blow to German corporations’ efforts to foster internal investigations as a means to efficiently and effectively investigate serious compliance concerns. Because it does not appear likely that an entirely new statute concerning corporate criminal liability will materialize in the near future, the legal press expects the Federal Ministry of Justice to consider an approach in which the statutes dealing with questions around internal investigations and the protection of work product created in the course thereof will be clarified separately. In the meantime, the following measures are recommended to maximize the legal privilege for defense counsel (Verteidigerprivileg): (1) Establish clear instructions to an individual criminal defense lawyer setting forth the scope and purpose of the defense; (2) mark work product and communications that have been created in the course of the defense clearly as confidential correspondence with defense counsel (“Vertrauliche Verteidigerkorrespondenz”); and (3) clearly separate such correspondence from other correspondence with the same client in matters that are not clearly attributable to the criminal defense mandate. While none of these measures will guarantee that state prosecutors and courts will abstain from a search and seizure of such material, at least there are good and valid arguments to defend the legal privilege in any appeals process. However, with the guidance provided to courts by the recent constitutional decision, until new statutory provisions provide for clearer guidance, companies can expect this to become an up-hill battle. Back to Top 6.2       Update on the European Public Prosecutor’s Office and Proposed Cross-Border Electronic Evidence Rules Recently the European Union has started tightening its cooperation in the field of criminal procedure, which was previously viewed as a matter of national law under the sovereignty of the 28 EU member states. Two recent developments stand out that illustrate that remarkable new trend: (1) The introduction of the European Public Prosecutor’s Office (“EPPO”) that was given jurisdiction to conduct EU-wide investigations for certain matters independent of the prosecution of these matters under the national laws of the member states, and (2) the proposed EU-wide framework for cross-border access to electronically stored data (“e-evidence”) which has recently been introduced to the European Parliament. As reported previously (see 2017 Year-End German Law Update under 7.4), the European Prosecutor’s Office’s task is to independently investigate and prosecute severe crimes against the EU’s financial interests such as fraud against the EU budget or crimes related to EU subsidies. Corporations receiving funds from the EU may therefore be the first to be scrutinized by this new EU body. In 2018 two additional EU member states, the Netherlands and Malta, decided to join this initiative, extending the number of participating member states to 22. The EPPO will presumably begin its work by the end of 2020, because the start date may not be earlier than three years after the regulation’s entry into force. As a further measure to leverage multi-jurisdictional enforcement activities, in April 2018 the European Commission proposed a directive and a regulation that will significantly facilitate expedited cross-border access to e-evidence such as texts, emails or messaging apps by enforcement agencies and judicial authorities. The proposed framework would allow national enforcement authorities in accordance with their domestic procedure to request e-evidence directly from a service provider located in the jurisdiction of another EU member state. That other state’s authorities would not have the right to object to or to review the decision to search and seize the e-evidence sought by the national enforcement authority of the requesting EU member state. Companies refusing delivery risk a fine of up to 2% of their worldwide annual turnover. In addition, providers from a third country which operate in the EU are obliged to appoint a legal representative in the EU. The proposal has reached a majority vote in the Council of the EU and will now be negotiated in the European Parliament. Further controversial discussions between the European Parliament and the Commission took place on December 10, 2018. The Council of the EU aims at reaching an agreement between the three institutions by the end of term of the European Parliament in May 2019. Back to Top 7.         Antitrust and Merger Control 7.1       Antitrust and Merger Control Overview 2018 In 2018, Germany celebrated the 60th anniversary of both the German Act against Restraints of Competition (Gesetz gegen Wettbewerbsbeschränkungen -GWB) as well as the German federal cartel office (Bundeskartellamt) which were both established in 1958 and have since played a leading role in competition enforcement worldwide. The celebrations notwithstanding, the German antitrust watchdog has had a very active year in substantially all of its areas of competence. On the enforcement side, the Bundeskartellamt concluded a number of important cartel investigations. According to its annual review, the Bundeskartellamt carried out dawn raids at 51 companies and imposed fines totaling EUR 376 million against 22 companies or associations and 20 individuals from various industries including the steel, potato manufacturing, newspapers and rolled asphalt industries. Leniency applications remained an important source for the Bundeskartellamt‘s antitrust enforcement activities with a total of 21 leniency applications received in 2018 filling the pipeline for the next few months and years. On the merger control side, the Bundeskartellamt reviewed approximately 1,300 merger cases in 2018 – only 1% of which (i.e. 13 merger filings) required an in-depth phase 2 review. No mergers were prohibited but in one case only conditional clearance was granted and three filings were withdrawn in phase 2. In addition, the Bundeskartellamt had its first full year of additional responsibilities in the area of consumer protection, concluded a sector inquiry into internet comparison portals, and started a sector inquiry into the online marketing business as well as a joint project with the French competition authority CNIL regarding algorithms in the digital economy and their competitive effects. Back to Top 7.2       Cartel Damages Over the past few years, antitrust damages law has advanced in Germany and the European Union. One major legislative development was the EU Directive on actions for damages for infringements of competition law, which was implemented in Germany as part of the 9th amendment to the German Act against Restraints of Competition (Gesetz gegen Wettbewerbsbeschränkungen -GWB). In addition, there has also been some noteworthy case law concerning antitrust damages. To begin with, the German Federal Supreme Court (Bundesgerichtshof, BGH) strengthened the position of plaintiffs suing for antitrust damages in its decision Grauzementkartell II in 2018. The decision brought to an end an ongoing dispute between several Higher District Courts and District Courts, which had disagreed over whether a recently added provision of the GWB that suspends the statute of limitations in cases where antitrust authorities initiate investigations would also apply to claims that arose before the amendment entered into force (July 1, 2015). The Federal Supreme Court affirmed the suspension of the statute of limitations, basing its ruling on a well-established principle of German law regarding the intertemporal application of statutes of limitation. The decision concerns numerous antitrust damage suits, including several pending cases concerning trucks, rails tracks, and sugar cartels. Furthermore, recent case law shows that European domestic courts interpret arbitration agreements very broadly and also enforce them in cases involving antitrust damages. In 2017, the England and Wales High Court and the District Court Dortmund (Landgericht Dortmund) were presented with two antitrust disputes where the parties had agreed on an arbitration clause. Both courts denied jurisdiction because the antitrust damage claims were also covered by the arbitration agreements. They argued that the parties could have asserted claims for contractual damages instead, which would have been covered by the arbitration agreement. In the courts’ view, it would be unreasonable, however, if the choice between asserting a contractual or an antitrust claim would give the parties the opportunity to influence the jurisdiction of a court. As a consequence, the use of arbitration clauses (in particular if inconsistently used by suppliers or purchasers) may add significant complexity to antitrust damages litigation going forward. Thus, companies are well advised to examine their international supply agreements to determine whether included arbitration agreements will also apply to disputes about antitrust damages. Back to Top 7.3       Appeals against Fines Risky? In German antitrust proceedings, there is increasing pressure for enterprises to settle. Earlier this year, Radeberger, a producer of lager beer, withdrew its appeal against a significant fine of EUR 338 million, which the Bundeskartellamt had imposed on the company for its alleged participation in the so-called “beer cartel”. With this dramatic step, Radeberger paid heed to a worrisome development in German competition law. Repeatedly, enterprises have seen their cartel fines increased by staggering amounts on appeal (despite such appeals sometimes succeeding on some substantive legal issues). The reason for these “appeals for the worse” – as seen in the liquefied gas cartel (increase of fine from EUR 180 million to EUR 244 million), the sweets cartel (average increase of approx. 50%) and the wallpaper cartel (average increase of approx. 35%) – is the different approach taken by the Bundeskartellamt and the courts to calculating fines. As courts are not bound by the administrative practice of the Bundeskartellamt, many practitioners are calling for the legislator to step in and address the issue. Back to Top 7.4       Luxury Products on Amazon – The Coty Case In July 2018, the Frankfurt Higher District Court (Oberlandesgericht Frankfurt) delivered its judgement in the case Coty / Parfümerie Akzente, ruling that Coty, a luxury perfume producer, did not violate competition rules by imposing an obligation on its selected distributors to not sell on third-party platforms such as Amazon. The judgment followed an earlier decision of the Court of Justice of the European Union (ECJ) of December 2017, by which the ECJ had replied to the Frankfurt court’s referral. The ECJ had held that a vertical distribution agreement (such as the one in place between Coty and its distributor Parfümerie Akzente) did not as such violate Art. 101 of the Treaty on the Functioning of the European Union (TFEU) as long as the so-called Metro criteria were fulfilled. These criteria stipulate that distributors must be chosen on the basis of objective and qualitative criteria that are applied in a non-discriminatory fashion; that the characteristics of the product necessitate the use of a selective distribution network in order to preserve their quality; and, finally, that the criteria laid down do not go beyond what is necessary. Regarding the platform ban in question, the ECJ held that it was not disproportionate. Based on the ECJ’s interpretation of the law, the Frankfurt Higher District Court confirmed that the character of certain products may indeed necessitate a selective distribution system in order to preserve their prestigious reputation, which allowed consumers to distinguish them from similar goods, and that gaps in a selective distribution system (e.g. when products are sold by non-selected distributors) did not per se make the distribution system discriminatory. The Higher District Court also concluded that the platform ban in question was proportional. However, interestingly, it did not do so based on its own reasoning but based on the fact that the ECJ’s detailed analysis did not leave any scope for its own interpretation and, hence, precluded the Higher District Court from applying its own reasoning. Pointing to the European Commission’s E-Commerce Sector Inquiry, according to which sales platforms play a more important role in Germany than in other EU Member States, the Higher District Court, in fact, voiced doubts whether Coty’s sales ban could not have been imposed in a less interfering manner. Back to Top 8.         Litigation 8.1       The New German “Class Action” On November 1, 2018, a long anticipated amendment to the German Code of Civil Procedure (Zivilprozessordnung, ZPO) entered into force, introducing a new procedural remedy for consumers to enforce their rights in German courts: a collective action for declaratory relief. Although sometimes referred to as the new German “class action,” this new German action reveals distinct differences to the U.S.-American remedy. Foremost, the right to bring the collective action is limited to consumer protection organizations or other “qualified institutions” (qualifizierte Einrichtung) who can only represent “consumers” within the meaning of the German Code of Civil Procedure. In addition, affected consumers are not automatically included in the action as part of a class but must actively opt-in by registering their claims in a “claim index” (Klageregister). Furthermore, the collective action for declaratory relief does not grant any monetary relief to the plaintiffs which means that each consumer still has to enforce its claim in an individual suit to receive compensation from the defendant. Despite these differences, the essential and comparable element of the new legal remedy is its binding effect. Any other court which has to decide an individual dispute between the defendant and a registered consumer that is based on the same facts as the collective action is bound by the declaratory decision of the initial court. At the same time, any settlement reached by the parties has a binding effect on all registered consumers who did not decide to specifically opt-out. As a result, companies must be aware of the increased litigation risks arising from the introduction of the new collective action for declaratory relief. Even though its reach is not as extensive as the American class action, consumer protection organizations have already filed two proceedings against companies from the automotive and financial industry since the amendment has entered into force in November 2018, and will most likely continue to make comprehensive use of the new remedy in the future. Back to Top 8.2       The New 2018 DIS Arbitration Rules On March 1, 2018, the new 2018 DIS Arbitration Rules of the German Arbitration Institute (DIS) entered into force. The update aims to make Germany more attractive as a place for arbitration by adjusting the rules to international standards, promoting efficiency and thereby ensuring higher quality for arbitration proceedings. The majority of the updated provisions and rules are designed to accelerate the proceedings and thereby make arbitration more attractive and cost-effective for the parties. There are several new rules on time limitations and measures to enhance procedural efficiency, i.e. the possibility of expedited proceedings or the introduction of case management conferences. Furthermore, the rules now also allow for consolidation of several arbitrations and cover multi-party and multi-contract arbitration. Another major change is the introduction of the DIS Arbitration Council which, similar to the Arbitration Council of the ICC (International Chamber of Commerce), may decide upon challenges of an arbitrator and review arbitral awards for formal defects. This amendment shows that the influence of DIS on their arbitration proceedings has grown significantly. All in all, the modernized 2018 DIS Arbitration Rules resolve the deficiencies of their predecessor and strengthen the position of the German Institution of Arbitration among competing arbitration institutions. Back to Top 9.         IP & Technology – Draft Bill of German Trade Secret Act The EU Trade Secrets Directive (2016/943/EU) on the protection of undisclosed know-how and business information (trade secrets) against their unlawful acquisition, use and disclosure has already been in effect since July 5, 2016. Even though it was supposed to be implemented into national law by June 9, 2018 to harmonize the protection of trade secrets in the EU, the German legislator has so far only prepared and published a draft of the proposed German Trade Secret Act. Arguably, the most important change in the draft bill to the existing rules on trade secrets in Germany will be a new and EU-wide definition of trade secrets. This proposed definition requires the holder of a trade secret to take reasonable measures to keep a trade secret confidential in order to benefit from its protection – e.g. by implementing technical, contractual and organizational measures that ensure secrecy. This requirement goes beyond the current standard pursuant to which a manifest interest in keeping an information secret may be sufficient. Furthermore, the draft bill provides for additional protection of trade secrets in litigation matters. Last but not least, the draft bill also provides for increased protection of whistleblowers by reducing the barriers for the disclosure of trade secrets in the public interest and to the media. As a consequence, companies would be advised to review their internal procedures and policies regarding the protection of trade secrets at this stage, and may want to adapt their existing whistleblowing and compliance-management-systems as appropriate. Back to Top 10.       International Trade, Sanctions and Export Controls – The Conflict between Complying with the Re-Imposed U.S. Iran Sanctions and the EU Blocking Statute On May 8, 2018, President Donald Trump announced his decision to withdraw from the Joint Comprehensive Plan of Action (JCPOA) and re-impose U.S. nuclear-related sanctions. Under the JCPOA, General License H had permitted U.S.-owned or -controlled non-U.S. entities to engage in business with Iran. But with the end of the wind-down periods provided for in President Trump’s decision on November 5, 2018, such non-U.S. entities are now no longer broadly permitted to provide goods, services, or financing to Iranian counterparties, not even under agreements executed before the U.S. withdrawal from the JCPOA. In response to the May 8, 2018 decision, the EU amended the EU Blocking Statute on August 6, 2018. The effect of the amended EU Blocking Statute is to prohibit compliance by so-called EU operators with the re-imposed U.S. sanctions on Iran. Comparable and more generally drafted anti-blocking statutes had already existed in the EU and several of its member states which prohibited EU domiciled companies to commit to compliance with foreign boycott regulations. These competing obligations under EU and U.S. laws are a concern for U.S. companies that own or seek to acquire German companies that have a history of engagement with Iran – as well as for the German company itself and its management and the employees. But what does the EU prohibition against compliance with the re-imposed U.S. sanctions on Iran mean in practice? Most importantly, it must be noted that the EU Blocking Statute does not oblige EU operators to start or continue Iran related business. If, for example, an EU operator voluntarily decides, e.g. due to lack of profitability, to cease business operations in Iran and not to demonstrate compliance with the U.S. sanctions, the EU Blocking Statute does not apply. Obviously, such voluntary decision must be properly documented. Procedural aspects also remain challenging for companies: In the event a Germany subsidiary of a U.S. company were to decide to start or continue business with Iran, it would usually be required to reach out to the U.S. authorities to request a specific license for a particular transaction with Iran. Before doing so, however, EU operators must first contact the EU Commission directly (not the EU member state authorities) to request authorization to apply for such a U.S. special license. Likewise, if a Germany subsidiary were to decide not to start or to cease business with Iran for the sole reason of being compliant with the re-imposed U.S. Iran sanctions, it would have to apply for an exception from the EU Blocking Statute and would have to provide sufficient evidence that non-compliance would cause serious damage to at least one protected interest. The hurdles for an exception are high and difficult to predict. The EU Commission will e.g. consider, “(…) whether the applicant would face significant economic losses, which could for example threaten its viability or pose a serious risk of bankruptcy, or the security of supply of strategic goods or services within or to the Union or a Member State and the impact of any shortage or disruption therein.” As such, any company caught up in this conflict of interests between the re-imposed U.S. sanctions and the EU Blocking Statute should be aware of a heightened risk of litigation. Third parties, such as Iranian counterparties, might successfully sue for breach of contract with the support of the EU Blocking Regulation in cases of non-performance of contracts as a result of the re-imposed U.S. nuclear sanctions. Finally, EU operators are required to inform the EU Commission within 30 days from the date on which information is obtained that the economic and/or financial interests of the EU operator are affected, directly or indirectly, by the re-imposed U.S. Iran sanctions. If the EU operator is a legal person, this obligation is incumbent on its directors, managers and other persons with management responsibilities of such legal person. Back to Top The following Gibson Dunn lawyers assisted in preparing this client update:  Birgit Friedl, Marcus Geiss, Silke Beiter, Lutz Englisch, Daniel Gebauer, Kai Gesing, Maximilian Hoffmann, Philipp Mangini-Guidano, Jens-Olrik Murach, Markus Nauheim, Dirk Oberbracht, Richard Roeder, Martin Schmid, Annekatrin Schmoll, Jan Schubert, Benno Schwarz, Balthasar Strunz, Michael Walther, Finn Zeidler, Mark Zimmer, Stefanie Zirkel and Caroline Ziser Smith. Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding the issues discussed in this update. The two German offices of Gibson Dunn in Munich and Frankfurt bring together lawyers with extensive knowledge of corporate, tax, labor, real estate, antitrust, intellectual property law and extensive compliance / white collar crime experience. The German offices are comprised of seasoned lawyers with a breadth of experience who have assisted clients in various industries and in jurisdictions around the world. Our German lawyers work closely with the firm’s practice groups in other jurisdictions to provide cutting-edge legal advice and guidance in the most complex transactions and legal matters. For further information, please contact the Gibson Dunn lawyer with whom you work or any of the following members of the German offices: General Corporate, Corporate Transactions and Capital Markets Lutz Englisch (+49 89 189 33 150), lenglisch@gibsondunn.com) Markus Nauheim (+49 89 189 33 122, mnauheim@gibsondunn.com) Ferdinand Fromholzer (+49 89 189 33 121, ffromholzer@gibsondunn.com) Dirk Oberbracht (+49 69 247 411 510, doberbracht@gibsondunn.com) Wilhelm Reinhardt (+49 69 247 411 520, wreinhardt@gibsondunn.com) Birgit Friedl (+49 89 189 33 180, bfriedl@gibsondunn.com) Silke Beiter (+49 89 189 33 121, sbeiter@gibsondunn.com) Marcus Geiss (+49 89 189 33 122, mgeiss@gibsondunn.com) Annekatrin Pelster (+49 69 247 411 521, apelster@gibsondunn.com Finance, Restructuring and Insolvency Sebastian Schoon (+49 89 189 33 160, sschoon@gibsondunn.com) Birgit Friedl (+49 89 189 33 180, bfriedl@gibsondunn.com) Alexander Klein (+49 69 247 411 518, aklein@gibsondunn.com) Marcus Geiss (+49 89 189 33 122, mgeiss@gibsondunn.com) Tax Hans Martin Schmid (+49 89 189 33 110, mschmid@gibsondunn.com) Labor Law Mark Zimmer (+49 89 189 33 130, mzimmer@gibsondunn.com) Real Estate Peter Decker (+49 89 189 33 115, pdecker@gibsondunn.com) Daniel Gebauer (+49 89 189 33 115, dgebauer@gibsondunn.com) Technology Transactions / Intellectual Property / Data Privacy Michael Walther (+49 89 189 33 180, mwalther@gibsondunn.com) Kai Gesing (+49 89 189 33 180, kgesing@gibsondunn.com) Corporate Compliance / White Collar Matters Benno Schwarz (+49 89 189 33 110, bschwarz@gibsondunn.com) Michael Walther (+49 89 189 33 180, mwalther@gibsondunn.com) Mark Zimmer (+49 89 189 33 130, mzimmer@gibsondunn.com) Finn Zeidler (+49 69 247 411 530, fzeidler@gibsondunn.com) Antitrust Michael Walther (+49 89 189 33 180, mwalther@gibsondunn.com) Jens-Olrik Murach (+32 2 554 7240, jmurach@gibsondunn.com) Kai Gesing (+49 89 189 33 180, kgesing@gibsondunn.com) Litigation Michael Walther (+49 89 189 33 180, mwalther@gibsondunn.com) Mark Zimmer (+49 89 189 33 130, mzimmer@gibsondunn.com) Finn Zeidler (+49 69 247 411 530, fzeidler@gibsondunn.com) Kai Gesing (+49 89 189 33 180, kgesing@gibsondunn.com) International Trade, Sanctions and Export Control Michael Walther (+49 89 189 33 180, mwalther@gibsondunn.com) Richard Roeder (+49 89 189 33 218, rroeder@gibsondunn.com) © 2019 Gibson, Dunn & Crutcher LLP, 333 South Grand Avenue, Los Angeles, CA 90071 Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

October 17, 2018 |
SEC Warns Public Companies on Cyber-Fraud Controls

Click for PDF On October 16, 2018, the Securities and Exchange Commission issued a report warning public companies about the importance of internal controls to prevent cyber fraud.  The report described the SEC Division of Enforcement’s investigation of multiple public companies which had collectively lost nearly $100 million in a range of cyber-scams typically involving phony emails requesting payments to vendors or corporate executives.[1] Although these types of cyber-crimes are common, the Enforcement Division notably investigated whether the failure of the companies’ internal accounting controls to prevent unauthorized payments violated the federal securities laws.  The SEC ultimately declined to pursue enforcement actions, but nonetheless issued a report cautioning public companies about the importance of devising and maintaining a system of internal accounting controls sufficient to protect company assets. While the SEC has previously addressed the need for public companies to promptly disclose cybersecurity incidents, the new report sees the agency wading into corporate controls designed to mitigate such risks.  The report encourages companies to calibrate existing internal controls, and related personnel training, to ensure they are responsive to emerging cyber threats.  The report (issued to coincide with National Cybersecurity Awareness Month) clearly intends to warn public companies that future investigations may result in enforcement action. The Report of Investigation Section 21(a) of the Securities Exchange Act of 1934 empowers the SEC to issue a public Report of Investigation where deemed appropriate.  While SEC investigations are confidential unless and until the SEC files an enforcement action alleging that an individual or entity has violated the federal securities laws, Section 21(a) reports provide a vehicle to publicize investigative findings even where no enforcement action is pursued.  Such reports are used sparingly, perhaps every few years, typically to address emerging issues where the interpretation of the federal securities laws may be uncertain.  (For instance, recent Section 21(a) reports have addressed the treatment of digital tokens as securities and the use of social media to disseminate material corporate information.) The October 16 report details the Enforcement Division’s investigations into the internal accounting controls of nine issuers, across multiple industries, that were victims of cyber-scams. The Division identified two specific types of cyber-fraud – typically referred to as business email compromises or “BECs” – that had been perpetrated.  The first involved emails from persons claiming to be unaffiliated corporate executives, typically sent to finance personnel directing them to wire large sums of money to a foreign bank account for time-sensitive deals. These were often unsophisticated operations, textbook fakes that included urgent, secret requests, unusual foreign transactions, and spelling and grammatical errors. The second type of business email compromises were harder to detect. Perpetrators hacked real vendors’ accounts and sent invoices and requests for payments that appeared to be for otherwise legitimate transactions. As a result, issuers made payments on outstanding invoices to foreign accounts controlled by impersonators rather than their real vendors, often learning of the scam only when the legitimate vendor inquired into delinquent bills. According to the SEC, both types of frauds often succeeded, at least in part, because responsible personnel failed to understand their company’s existing cybersecurity controls or to appropriately question the veracity of the emails.  The SEC explained that the frauds themselves were not sophisticated in design or in their use of technology; rather, they relied on “weaknesses in policies and procedures and human vulnerabilities that rendered the control environment ineffective.” SEC Cyber-Fraud Guidance Cybersecurity has been a high priority for the SEC dating back several years. The SEC has pursued a number of enforcement actions against registered securities firms arising out of data breaches or deficient controls.  For example, just last month the SEC brought a settled action against a broker-dealer/investment-adviser which suffered a cyber-intrusion that had allegedly compromised the personal information of thousands of customers.  The SEC alleged that the firm had failed to comply with securities regulations governing the safeguarding of customer information, including the Identity Theft Red Flags Rule.[2] The SEC has been less aggressive in pursuing cybersecurity-related actions against public companies.  However, earlier this year, the SEC brought its first enforcement action against a public company for alleged delays in its disclosure of a large-scale data breach.[3] But such enforcement actions put the SEC in the difficult position of weighing charges against companies which are themselves victims of a crime.  The SEC has thus tried to be measured in its approach to such actions, turning to speeches and public guidance rather than a large number of enforcement actions.  (Indeed, the SEC has had to make the embarrassing disclosure that its own EDGAR online filing system had been hacked and sensitive information compromised.[4]) Hence, in February 2018, the SEC issued interpretive guidance for public companies regarding the disclosure of cybersecurity risks and incidents.[5]  Among other things, the guidance counseled the timely public disclosure of material data breaches, recognizing that such disclosures need not compromise the company’s cybersecurity efforts.  The guidance further discussed the need to maintain effective disclosure controls and procedures.  However, the February guidance did not address specific controls to prevent cyber incidents in the first place. The new Report of Investigation takes the additional step of addressing not just corporate disclosures of cyber incidents, but the procedures companies are expected to maintain in order to prevent these breaches from occurring.  The SEC noted that the internal controls provisions of the federal securities laws are not new, and based its report largely on the controls set forth in Section 13(b)(2)(B) of the Exchange Act.  But the SEC emphasized that such controls must be “attuned to this kind of cyber-related fraud, as well as the critical role training plays in implementing controls that serve their purpose and protect assets in compliance with the federal securities laws.”  The report noted that the issuers under investigation had procedures in place to authorize and process payment requests, yet were still victimized, at least in part “because the responsible personnel did not sufficiently understand the company’s existing controls or did not recognize indications in the emailed instructions that those communications lacked reliability.” The SEC concluded that public companies’ “internal accounting controls may need to be reassessed in light of emerging risks, including risks arising from cyber-related frauds” and “must calibrate their internal accounting controls to the current risk environment.” Unfortunately, the vagueness of such guidance leaves the burden on companies to determine how best to address emerging risks.  Whether a company’s controls are adequate may be judged in hindsight by the Enforcement Division; not surprisingly, companies and individuals under investigation often find the staff asserting that, if the controls did not prevent the misconduct, they were by definition inadequate.  Here, the SEC took a cautious approach in issuing a Section 21(a) report highlighting the risk rather than publicly identifying and penalizing the companies which had already been victimized by these scams. However, companies and their advisors should assume that, with this warning shot across the bow, the next investigation of a similar incident may result in more serious action.  Persons responsible for designing and maintaining the company’s internal controls should consider whether improvements (such as enhanced trainings) are warranted; having now spoken on the issue, the Enforcement Division is likely to view corporate inaction as a factor in how it assesses the company’s liability for future data breaches and cyber-frauds.    [1]   SEC Press Release (Oct. 16, 2018), available at www.sec.gov/news/press-release/2018-236; the underlying report may be found at www.sec.gov/litigation/investreport/34-84429.pdf.    [2]   SEC Press Release (Sept. 16, 2018), available at www.sec.gov/news/press-release/2018-213.  This enforcement action was particularly notable as the first occasion the SEC relied upon the rules requiring financial advisory firms to maintain a robust program for preventing identify theft, thus emphasizing the significance of those rules.    [3]   SEC Press Release (Apr. 24, 2018), available at www.sec.gov/news/press-release/2018-71.    [4]   SEC Press Release (Oct. 2, 2017), available at www.sec.gov/news/press-release/2017-186.    [5]   SEC Press Release (Feb. 21, 2018), available at www.sec.gov/news/press-release/2018-22; the guidance itself can be found at www.sec.gov/rules/interp/2018/33-10459.pdf.  The SEC provided in-depth guidance in this release on disclosure processes and considerations related to cybersecurity risks and incidents, and complements some of the points highlighted in the Section 21A report. Gibson Dunn’s lawyers are available to assist with any questions you may have regarding these issues.  For further information, please contact the Gibson Dunn lawyer with whom you usually work in the firm’s Securities Enforcement or Privacy, Cybersecurity and Consumer Protection practice groups, or the following authors: Marc J. Fagel – San Francisco (+1 415-393-8332, mfagel@gibsondunn.com) Alexander H. Southwell – New York (+1 212-351-3981, asouthwell@gibsondunn.com) Please also feel free to contact the following practice leaders and members: Securities Enforcement Group: New York Barry R. Goldsmith – Co-Chair (+1 212-351-2440, bgoldsmith@gibsondunn.com) Mark K. Schonfeld – Co-Chair (+1 212-351-2433, mschonfeld@gibsondunn.com) Reed Brodsky (+1 212-351-5334, rbrodsky@gibsondunn.com) Joel M. Cohen (+1 212-351-2664, jcohen@gibsondunn.com) Lee G. Dunst (+1 212-351-3824, ldunst@gibsondunn.com) Laura Kathryn O’Boyle (+1 212-351-2304, loboyle@gibsondunn.com) Alexander H. Southwell (+1 212-351-3981, asouthwell@gibsondunn.com) Avi Weitzman (+1 212-351-2465, aweitzman@gibsondunn.com) Lawrence J. Zweifach (+1 212-351-2625, lzweifach@gibsondunn.com) Washington, D.C. Richard W. Grime – Co-Chair (+1 202-955-8219, rgrime@gibsondunn.com) Stephanie L. Brooker  (+1 202-887-3502, sbrooker@gibsondunn.com) Daniel P. Chung (+1 202-887-3729, dchung@gibsondunn.com) Stuart F. Delery (+1 202-887-3650, sdelery@gibsondunn.com) Patrick F. Stokes (+1 202-955-8504, pstokes@gibsondunn.com) F. Joseph Warin (+1 202-887-3609, fwarin@gibsondunn.com) San Francisco Marc J. Fagel – Co-Chair (+1 415-393-8332, mfagel@gibsondunn.com) Winston Y. Chan (+1 415-393-8362, wchan@gibsondunn.com) Thad A. Davis (+1 415-393-8251, tdavis@gibsondunn.com) Charles J. Stevens (+1 415-393-8391, cstevens@gibsondunn.com) Michael Li-Ming Wong (+1 415-393-8234, mwong@gibsondunn.com) Palo Alto Paul J. Collins (+1 650-849-5309, pcollins@gibsondunn.com) Benjamin B. Wagner (+1 650-849-5395, bwagner@gibsondunn.com) Denver Robert C. Blume (+1 303-298-5758, rblume@gibsondunn.com) Monica K. Loseman (+1 303-298-5784, mloseman@gibsondunn.com) Los Angeles Michael M. Farhang (+1 213-229-7005, mfarhang@gibsondunn.com) Douglas M. Fuchs (+1 213-229-7605, dfuchs@gibsondunn.com) Privacy, Cybersecurity and Consumer Protection Group: Alexander H. Southwell – Co-Chair, New York (+1 212-351-3981, asouthwell@gibsondunn.com) M. Sean Royall – Dallas (+1 214-698-3256, sroyall@gibsondunn.com) Debra Wong Yang – Los Angeles (+1 213-229-7472, dwongyang@gibsondunn.com) Christopher Chorba – Los Angeles (+1 213-229-7396, cchorba@gibsondunn.com) Richard H. Cunningham – Denver (+1 303-298-5752, rhcunningham@gibsondunn.com) Howard S. Hogan – Washington, D.C. (+1 202-887-3640, hhogan@gibsondunn.com) Joshua A. Jessen – Orange County/Palo Alto (+1 949-451-4114/+1 650-849-5375, jjessen@gibsondunn.com) Kristin A. Linsley – San Francisco (+1 415-393-8395, klinsley@gibsondunn.com) H. Mark Lyon – Palo Alto (+1 650-849-5307, mlyon@gibsondunn.com) Shaalu Mehra – Palo Alto (+1 650-849-5282, smehra@gibsondunn.com) Karl G. Nelson – Dallas (+1 214-698-3203, knelson@gibsondunn.com) Eric D. Vandevelde – Los Angeles (+1 213-229-7186, evandevelde@gibsondunn.com) Benjamin B. Wagner – Palo Alto (+1 650-849-5395, bwagner@gibsondunn.com) Michael Li-Ming Wong – San Francisco/Palo Alto (+1 415-393-8333/+1 650-849-5393, mwong@gibsondunn.com) Ryan T. Bergsieker – Denver (+1 303-298-5774, rbergsieker@gibsondunn.com) © 2018 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

October 10, 2018 |
Artificial Intelligence and Autonomous Systems Legal Update (3Q18)

Click for PDF We are pleased to provide the following update on recent legal developments in the areas of artificial intelligence, machine learning, and autonomous systems (or “AI” for short), and their implications for companies developing or using products based on these technologies.  As the spread of AI rapidly increases, legal scrutiny in the U.S. of the potential uses and effects of these technologies (both beneficial and harmful) has also been increasing.  While we have chosen to highlight below several governmental and legislative actions from the past quarter, the area is rapidly evolving and we will continue to monitor further actions in these and related areas to provide future updates of potential interest on a regular basis. I.       Increasing Federal Government Interest in AI Technologies The Trump Administration and Congress have recently taken a number of steps aimed at pushing AI forward on the U.S. agenda, while also treating with caution foreign involvement in U.S.-based AI technologies.  Some of these actions may mean additional hurdles for cross-border transactions involving AI technology.  On the other hand, there may also be opportunities for companies engaged in the pursuit of AI technologies to influence the direction of future legislation at an early stage. A.       White House Studies AI In May, the Trump Administration kicked off what is becoming an active year in AI for the federal government by hosting an “Artificial Intelligence for American Industry” summit as part of its designation of AI as an “Administration R&D priority.”[1] During the summit, the White House also announced the establishment of a “Select Committee on Artificial Intelligence” to advise the President on research and development priorities and explore partnerships within the government and with industry.[2]  This Select Committee is housed within the National Science and Technology Council, and is chaired by Office of Science and Technology Policy leadership. Administration officials have said that a focus of the Select Committee will be to look at opportunities for increasing federal funds into AI research in the private sector, to ensure that the U.S. has (or maintains) a technological advantage in AI over other countries.  In addition, the Committee is to look at possible uses of the government’s vast store of taxpayer-funded data to promote the development of advanced AI technologies, without compromising security or individual privacy.  While it is believed that there will be opportunities for private stakeholders to have input into the Select Committee’s deliberations, the inaugural meeting of the Committee, which occurred in late June, was not open to the public for input. B.       AI in the NDAA for 2019 More recently, on August 13th, President Trump signed into law the John S. McCain National Defense Authorization Act (NDAA) for 2019,[3] which specifically authorizes the Department of Defense to appoint a senior official to coordinate activities relating to the development of AI technologies for the military, as well as to create a strategic plan for incorporating a number of AI technologies into its defense arsenal.  In addition, the NDAA includes the Foreign Investment Risk Review Modernization Act (FIRRMA)[4] and the Export Control Reform Act (ECRA),[5] both of which require the government to scrutinize cross-border transactions involving certain new technologies, likely including AI-related technologies. FIRRMA modifies the review process currently used by the Committee on Foreign Investment in the United States (CFIUS), an interagency committee that reviews the national security implications of investments by foreign entities in the United States.  With FIRRMA’s enactment, the scope of the transactions that CFIUS can review is expanded to include those involving “emerging and foundational technologies,” defined as those that are critical for maintaining the national security technological advantage of the United States.  While the changes to the CFIUS process are still fresh and untested, increased scrutiny under FIRRMA will likely have an impact on available foreign investment in the development and use of AI, at least where the AI technology involved is deemed such a critical technology and is sought to be purchased or licensed by foreign investors. Similarly, ECRA requires the President to establish an interagency review process with various agencies including the Departments of Defense, Energy, State and the head of other agencies “as appropriate,” to identify emerging and foundational technologies essential to national security in order to impose appropriate export controls.  Export licenses are to be denied if the proposed export would have a “significant negative impact” on the U.S. defense industrial base.  The terms “emerging and foundational technologies” are not expressly defined, but it is likely that AI technologies, which are of course “emerging,” would receive a close look under ECRA and that ECRA might also curtail whether certain AI technologies can be sold or licensed to foreign entities. The NDAA also established a National Security Commission on Artificial Intelligence “to review advances in artificial intelligence, related machine learning developments, and associated technologies.”  The Commission, made up of certain senior members of Congress as well as the Secretaries of Defense and Commerce, will function independently from other such panels established by the Trump Administration and will review developments in AI along with assessing risks related to AI and related technologies to consider how those methods relate to the national security and defense needs of the United States.  The Commission will focus on technologies that provide the U.S. with a competitive AI advantage, and will look at the need for AI research and investment as well as consider the legal and ethical risks associated with the use of AI.  Members are to be appointed within 90 days of the Commission being established and an initial report to the President and Congress is to be submitted by early February 2019. C.       Additional Congressional Interest in AI/Automation While a number of existing bills with potential impacts on the development of AI technologies remain stalled in Congress,[6] two more recently-introduced pieces of legislation are also worth monitoring as they progress through the legislative process. In late June, Senator Feinstein (D-CA) sponsored the “Bot Disclosure and Accountability Act of 2018,” which is intended to address  some of the concerns over the use of automated systems for distributing content through social media.[7] As introduced, the bill seeks to prohibit certain types of bot or other automated activity directed to political advertising, at least where such automated activity appears to impersonate human activity.  The bill would also require the Federal Trade Commission to establish and enforce regulations to require public disclosure of the use of bots, defined as any “automated software program or process intended to impersonate or replicate human activity online.”  The bill provides that any such regulations are to be aimed at the “social media provider,” and would place the burden of compliance on such providers of social media websites and other outlets.  Specifically, the FTC is to promulgate regulations requiring the provider to take steps to ensure that any users of a social media website owned or operated by the provider would receive “clear and conspicuous notice” of the use of bots and similar automated systems.  FTC regulations would also require social media providers to police their systems, removing non-compliant postings and/or taking other actions (including suspension or removal) against users that violate such regulations.  While there are significant differences, the Feinstein bill is nevertheless similar in many ways to California’s recently-enacted Bot disclosure law (S.B. 1001), discussed more fully in our previous client alert located here.[8] Also of note, on September 26th, a bipartisan group of Senators introduced the “Artificial Intelligence in Government Act,” which seeks to provide the federal government with additional resources to incorporate AI technologies in the government’s operations.[9] As written, this new bill would require the General Services Administration to bring on technical experts to advise other government agencies, conduct research into future federal AI policy, and promote inter-agency cooperation with regard to AI technologies.  The bill would also create yet another federal advisory board to advise government agencies on AI policy opportunities and concerns.  In addition, the newly-introduced legislation seeks to require the Office of Management and Budget to identify ways for the federal government to invest in and utilize AI technologies and tasks the Office of Personal Management with anticipating and providing training for the skills and competencies the government requires going-forward for incorporating AI into its overall data strategy. II.       Potential Impact on AI Technology of Recent California Privacy Legislation Interestingly, in the related area of data privacy regulation, the federal government has been slower to respond, and it is the state legislatures that are leading the charge.[10] Most machine learning algorithms depend on the availability of large data sets for purpose of training, testing, and refinement.  Typically, the larger and more complete the datasets available, the better.  However, these datasets often include highly personal information about consumers, patients, or others of interest—data that can sometimes be used to predict information specific to a particular person even if attempts are made to keep the source of such data anonymous. The European Union’s General Data Protection Regulation, or GDPR, which went into force on May 25, 2018, has deservedly garnered a great deal of press as one of the first, most comprehensive collections of data privacy protections. While we’re only months into its effective period, the full impact and enforcement of the GDPR’s provisions have yet to be felt.  Still, many U.S. companies, forced to take steps to comply with the provisions of GDPR at least with regard to EU citizens, have opted to take many of those same steps here in the U.S., despite the fact that no direct U.S. federal analogue to the GDPR yet exists.[11] Rather than wait for the federal government to act, several states have opted to follow the lead of the GDPR and enact their own versions of comprehensive data privacy laws.  Perhaps the most significant of these state-legislated omnibus privacy laws is the California Consumer Privacy Act (“CCPA”), signed into law on June 28, 2108, and slated to take effect on January 1, 2020.[12]  The CCPA is not identical to the GDPR, differing in a number of key respects.  However there are many similarities, in that the CCPA also has broadly defined definitions of personal information/data, and seeks to provide a right to notice of data collection, a right of access to and correction of collected data, a right to be forgotten, and a right to data portability.  But how do the CCPA’s requirements differ from the GDPR for companies engaged in the development and use of AI technologies?  While there are many issues to consider, below we examine several of the key differences of the CCPA and their impact on machine learning and other AI-based processing of collected data. A.       Inferences Drawn from Personal Information The GDPR defines personal data as “any information relating to an identified or identifiable natural person,” such as “a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identify of that nature person.”[13]  Under the GDPR, personal data has implications in the AI space beyond just the data that is actually collected from an individual.  AI technology can be and often is used to generate additional information about a person from collected data, e.g., spending habits, facial features, risk of disease, or other inferences that can be made from the collected data.  Such inferences, or derivative data, may well constitute “personal data” under a broad view of the GDPR, although there is no specific mention of derivative data in the definition. By contrast, the CCPA goes farther and specifically includes “inferences drawn from any of the information identified in this subdivision to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, preferences, predispositions, behavior, attitudes, intelligence, abilities and aptitudes.”[14]  An “inference” is defined as “the derivation of information, data, assumptions, or conclusions from evidence, or another source of information or data.”[15] Arguably the primary purpose of many AI systems is to draw inferences from a user’s information, by mining data, looking for patterns, and generating analysis.  Although the CCPA does limit inferences to those drawn “to create a profile about a consumer,” the term “profile” is not defined in the CCPA.  However, the use of consumer information that is “deidentified” or “aggregated” is permitted by the CCPA.  Thus, one possible solution may be to take steps to “anonymize” any personal data used to derive any inferences.  As a result, when looking to CCPA compliance, companies may want to carefully consider the derivative/processed data that they are storing about a user, and consider additional steps that may be required for CCPA compliance. B.       Identifying Categories of Personal Information The CCPA also requires disclosures of the categories of personal information being collected, the categories of sources from which personal information is collected, the purpose for collecting and selling personal information, and the categories of third parties with whom the business shares personal information. [16]  Although these categories are likely known and definable for static data collection, it may be more difficult to specifically disclose the purpose and categories for certain information when dynamic machine learning algorithms are used.  This is particularly true when, as discussed above, inferences about a user are included as personal information.  In order to meet these disclosure requirements, companies may need to carefully consider how they will define all of the categories of personal information collected or the purposes of use of that information, particularly when machine learning algorithms are used to generate additional inferences from, or derivatives of, personal data. C.       Personal Data Includes Households The CCPA’s definition of “personal data” also includes information pertaining to non-individuals, such as “households” – a term that the CCPA does not further define.[17]  In the absence of an explicit definition, the term “household” would seem to target information collected about a home and its inhabits through smart home devices, such as thermostats, cameras, lights, TVs, and so on.  When looking to the types of personal data being collected, the CCPA may also encompass information about each of these smart home devices, such as name, location, usage, and special instructions (e.g., temperature controls, light timers, and motion sensing).  Furthermore, any inferences or derivative information generated by AI algorithms from the information collected from these smart home devices may also be covered as personal information.  Arguably, this could include information such as conversations with voice assistants or even information about when people are likely to be home determined via cameras or motion sensors.  Companies developing smart home, or other Internet of Things, devices thus should carefully consider whether the scope and use they make of any information collected from “households” falls under the CCPA requirements for disclosure or other restrictions. III.       Continuing Efforts to Regulate Autonomous Vehicles Much like the potential for a comprehensive U.S. data privacy law, and despite a flurry of legislative activity in Congress in 2017 and early 2018 towards such a national regulatory framework, autonomous vehicles continue to operate under a complex patchwork of state and local rules with limited federal oversight.  We previously provided an update (located here)[18] discussing the Safely Ensuring Lives Future Deployment and Research In Vehicle Evolution (SELF DRIVE) Act[19], which passed the U.S. House of Representatives by voice vote in September 2017 and its companion bill (the American Vision for Safer Transportation through Advancement of Revolutionary Technologies (AV START) Act).[20]  Both bills have since stalled in the Senate, and with them the anticipated implementation of a uniform regulatory framework for the development, testing and deployment of autonomous vehicles. As the two bills languish in Congress, ‘chaperoned’ autonomous vehicles have already begun coexisting on roads alongside human drivers.  The accelerating pace of policy proposals—and debate surrounding them—looks set to continue in late 2018 as virtually every major automaker is placing more autonomous vehicles on the road for testing and some manufacturers prepare to launch commercial services such as self-driving taxi ride-shares[21] into a national regulatory vacuum. A.       “Light-touch” Regulation The delineation of federal and state regulatory authority has emerged as a key issue because autonomous vehicles do not fit neatly into the existing regulatory structure.  One of the key aspects of the proposed federal legislation is that it empowers the National Highway Traffic Safety Administration (NHTSA) with the oversight of manufacturers of self-driving cars through enactment of future rules and regulations that will set the standards for safety and govern areas of privacy and cybersecurity relating to such vehicles.  The intention is to have a single body (the NHTSA) develop a consistent set of rules and regulations for manufacturers, rather than continuing to allow the states to adopt a web of potentially widely differing rules and regulations that may ultimately inhibit development and deployment of autonomous vehicles.  This approach was echoed by safety guidelines released by the Department of Transportation (DoT) for autonomous vehicles.  Through the guidelines (“a nonregulatory approach to automated vehicle technology safety”),[22] the DoT avoids any compliance requirement or enforcement mechanism, at least for the time being, as the scope of the guidance is expressly to support the industry as it develops best practices in the design, development, testing, and deployment of automated vehicle technologies. Under the proposed federal legislation, the states can still regulate autonomous vehicles, but the guidance encourages states not to pass laws that would “place unnecessary burdens on competition and innovation by limiting [autonomous vehicle] testing or deployment to motor vehicle manufacturers only.”[23]  The third iteration of the DoT’s federal guidance, published on October 4, 2018, builds upon—but does not replace—the existing guidance, and reiterates that the federal government is placing the onus for safety on companies developing the technologies rather than on government regulation. [24]  The guidelines, which now include buses, transit and trucks in addition to cars, remain voluntary. B.       Safety Much of the delay in enacting a regulatory framework is a result of policymakers’ struggle to balance the industry’s desire to speed both the development and deployment of autonomous vehicle technologies with the safety and security concerns of consumer advocates. The AV START bill requires that NHTSA must construct comprehensive safety regulations for AVs with a mandated, accelerated timeline for rulemaking, and the bill puts in place an interim regulatory framework that requires manufacturers to submit a Safety Evaluation Report addressing a range of key areas at least 90 days before testing, selling, or commercialization of an driverless cars.  But some lawmakers and consumer advocates remain skeptical in the wake of highly publicized setbacks in autonomous vehicle testing.[25]  Although the National Safety Transportation Board (NSTB) has authority to investigate auto accidents, there is still no federal regulatory framework governing liability for individuals and states.[26]  There are also ongoing concerns over cybersecurity risks[27], the use of forced arbitration clauses by autonomous vehicle manufacturers,[28] and miscellaneous engineering problems that revolve around the way in which autonomous vehicles interact with obstacles commonly faced by human drivers, such as emergency vehicles,[29] graffiti on road signs or even raindrops and tree shadows.[30] In August 2018, the Governors Highway Safety Association (GHSA) published a report outlining the key questions that manufacturers should urgently address.[31]  The report suggested that states seek to encourage “responsible” autonomous car testing and deployment while protecting public safety and that lawmakers “review all traffic laws.”  The report also notes that public debate often blurs the boundaries between the different levels of automation the NHTSA has defined (ranging from level 0 (no automation) to level 5 (fully self-driving without the need for human occupants)), remarking that “most AVs for the foreseeable future will be Levels 2 through 4.  Perhaps they should be called ‘occasionally self-driving.'”[32] C.       State Laws Currently, 21 states and the District of Columbia have passed laws regulating the deployment and testing of self-driving cars, and governors in 10 states have issued executive orders related to them.[33]  For example, California expanded its testing rules in April 2018 to allow for remote monitoring instead of a safety driver inside the vehicle.[34]  However, state laws differ on basic terminology, such as the definition of “vehicle operator.” Tennessee SB 151[35] points to the autonomous driving system (ADS) while Texas SB 2205[36] designates a “natural person” riding in the vehicle.  Meanwhile, Georgia SB 219[37] identifies the operator as the person who causes the ADS to engage, which might happen remotely in a vehicle fleet. These distinctions will affect how states license both human drivers and autonomous vehicles going forward.  Companies operating in this space accordingly need to stay abreast of legal developments in states in which they are developing or testing autonomous vehicles, while understanding that any new federal regulations may ultimately preempt those states’ authorities to determine, for example, crash protocols or how they handle their passengers’ data. D.       ‘Rest of the World’ While the U.S. was the first country to legislate for the testing of automated vehicles on public roads, the absence of a national regulatory framework risks impeding innovation and development.  In the meantime, other countries are vying for pole position among manufacturers looking to test vehicles on roads.[38]  KPMG’s 2018 Autonomous Vehicles Readiness Index ranks 20 countries’ preparedness for an autonomous vehicle future. The Netherlands took the top spot, outperforming the U.S. (3rd) and China (16th).[39]  Japan and Australia plan to have self-driving cars on public roads by 2020.[40]  The U.K. government has announced that it expects to see fully autonomous vehicles on U.K. roads by 2021, and is introducing legislation—the Automated and Electric Vehicles Act 2018—which installs an insurance framework addressing product liability issues arising out of accidents involving autonomous cars, including those wholly caused by an autonomous vehicle “when driving itself.”[41] E.       Looking Ahead While autonomous vehicles operating on public roads are likely to remain subject to both federal and state regulation, the federal government is facing increasing pressure to adopt a federal regulatory scheme for autonomous vehicles in 2018.[42]  Almost exactly one year after the House passed the SELF DRIVE Act, House Energy and Commerce Committee leaders called on the Senate to advance automated vehicle legislation, stating that “[a]fter a year of delays, forcing automakers and innovators to develop in a state-by-state patchwork of rules, the Senate must act to support this critical safety innovation and secure America’s place as a global leader in technology.”[43]  The continued absence of federal regulation renders the DoT’s informal guidance increasingly important.  The DoT has indicated that it will enact “flexible and technology-neutral” policies—rather than prescriptive performance-based standards—to encourage regulatory harmony and consistency as well as competition and innovation.[44]  Companies searching for more tangible guidance on safety standards at federal level may find it useful to review the recent guidance issued alongside the DoT’s announcement that it is developing (and seeking public input into) a pilot program for ‘highly or fully’ autonomous vehicles on U.S. roads.[45]  The safety standards being considered include technology disabling the vehicle if a sensor fails or barring vehicles from traveling above safe speeds, as well as a requirement that NHTSA be notified of any accident within 24 hours. [1] See https://www.whitehouse.gov/wp-content/uploads/2018/05/Summary-Report-of-White-House-AI-Summit.pdf; note also that the Trump Administration’s efforts in studying AI technologies follow, but appear largely separate from, several workshops on AI held by the Obama Administration in 2016, which resulted in two reports issued in late 2016 (see Preparing for the Future of Artificial Intelligence, and Artificial Intelligence, Automation, and the Economy). [2] Id. at Appendix A. [3] See https://www.mccain.senate.gov/public/index.cfm/2018/8/senate-passes-the-john-s-mccain-national-defense-authorization-act-for-fiscal-year-2019.  The full text of the NDAA is available at https://www.congress.gov/bill/115th-congress/house-bill/5515/text.  For additional information on CFIUS reform implemented by the NDAA, please see Gibson Dunn’s previous client update at https://www.gibsondunn.com/cfius-reform-our-analysis/. [4] See id.; see also https://www.treasury.gov/resource-center/international/Documents/FIRRMA-FAQs.pdf. [5] See https://foreignaffairs.house.gov/wp-content/uploads/2018/02/HR-5040-Section-by-Section.pdf.   [6] See, e.g. infra., Section III discussion of SELF DRIVE and AV START Acts, among others. [7] S.3127, 115th Congress (2018). [8] https://www.gibsondunn.com/new-california-security-of-connected-devices-law-and-ccpa-amendments/. [9] S.3502, 115th Congress (2018). [10] See also, infra., Section III for more discussion of specific regulatory efforts for autonomous vehicles. [11] However, as 2018 has already seen a fair number of hearings before Congress relating to digital data privacy issues, including appearances by key executives from many major tech companies, it seems likely that it may not be long before we see the introduction of a “GDPR-like” comprehensive data privacy bill.  Whether any resulting federal legislation would actually pre-empt state-enacted privacy laws to establish a unified federal framework is itself a hotly-contested issue, and remains to be seen. [12] AB 375 (2018); Cal. Civ. Code §1798.100, et seq. [13] Regulation (EU) 2016/679 (General Data Protection Regulation), Article 4 (1). [14] Cal. Civ. Code §1798.140(o)(1)(K). [15] Id.. at §1798.140(m). [16] Id. at §1798.110(c). [17] Id. at §1798.140(o)(1). [18] https://www.gibsondunn.com/accelerating-progress-toward-a-long-awaited-federal-regulatory-framework-for-autonomous-vehicles-in-the-united-states/. [19]   H.R. 3388, 115th Cong. (2017). [20]   U.S. Senate Committee on Commerce, Science and Transportation, Press Release, Oct. 24, 2017, available at https://www.commerce.senate.gov/public/index.cfm/pressreleases?ID=BA5E2D29-2BF3-4FC7-A79D-58B9E186412C. [21]   Sean O’Kane, Mercedes-Benz Self-Driving Taxi Pilot Coming to Silicon Valley in 2019, The Verge, Jul. 11, 2018, available at https://www.theverge.com/2018/7/11/17555274/mercedes-benz-self-driving-taxi-pilot-silicon-valley-2019. [22]   U.S. Dept. of Transp., Automated Driving Systems 2.0: A Vision for Safety 2.0, Sept. 2017, https://www.nhtsa.gov/sites/nhtsa.dot.gov/files/documents/13069a-ads2.0_090617_v9a_tag.pdf. [23]   Id., at para 2. [24]   U.S. DEPT. OF TRANSP., Preparing for the Future of Transportation: Automated Vehicles 3.0, Oct. 4, 2018, https://www.transportation.gov/sites/dot.gov/files/docs/policy-initiatives/automated-vehicles/320711/preparing-future-transportation-automated-vehicle-30.pdf. [25]   Sasha Lekach, Waymo’s Self-Driving Taxi Service Could Have Some Major Issues, Mashable, Aug. 28, 2018, available at https://mashable.com/2018/08/28/waymo-self-driving-taxi-problems/#dWzwp.UAEsqM. [26]   Robert L. Rabin, Uber Self-Driving Cars, Liability, and Regulation, Stanford Law School Blog, Mar. 20, 2018, available at https://law.stanford.edu/2018/03/20/uber-self-driving-cars-liability-regulation/. [27]   David Shephardson, U.S. Regulators Grappling with Self-Driving Vehicle Security, Reuters. Jul. 10, 2018, available at https://www.reuters.com/article/us-autos-selfdriving/us-regulators-grappling-with-self-driving-vehicle-security-idUSKBN1K02OD. [28]   Richard Blumenthal, Press Release, Ten Senators Seek Information from Autonomous Vehicle Manufacturers on Their Use of Forced Arbitration Clauses, Mar. 23, 2018, available at https://www.blumenthal.senate.gov/newsroom/press/release/ten-senators-seek-information-from-autonomous-vehicle-manufacturers-on-their-use-of-forced-arbitration-clauses. [29]   Kevin Krewell, How Will Autonomous Cars Respond to Emergency Vehicles, Forbes, Jul. 31, 2018, available at https://www.forbes.com/sites/tiriasresearch/2018/07/31/how-will-autonomous-cars-respond-to-emergency-vehicles/#3eed571627ef. [30]   Michael J. Coren, All The Things That Still Baffle Self-Driving Cars, Starting With Seagulls, Quartz, Sept. 23, 2018, available at https://qz.com/1397504/all-the-things-that-still-baffle-self-driving-cars-starting-with-seagulls/. [31]   ghsa, Preparing For Automated Vehicles: Traffic Safety Issues For States, Aug. 2018, available at https://www.ghsa.org/sites/default/files/2018-08/Final_AVs2018.pdf. [32]   Id., at 7. [33]   Brookings, The State of Self-Driving Car Laws Across the U.S., May 1, 2018, available at https://www.brookings.edu/blog/techtank/2018/05/01/the-state-of-self-driving-car-laws-across-the-u-s/. [34]   Aarian Marshall, Fully Self-Driving Cars Are Really Truly Coming to California, Wired, Feb. 26, 2018, available at, https://www.wired.com/story/california-self-driving-car-laws/; State of California, Department of Motor Vehicles, Autonomous Vehicles in California, available at https://www.dmv.ca.gov/portal/dmv/detail/vr/autonomous/bkgd. [35]   SB 151, available at http://www.capitol.tn.gov/Bills/110/Bill/SB0151.pdf. [36]   SB 2205, available at https://legiscan.com/TX/text/SB2205/2017. [37]   SB 219, available at http://www.legis.ga.gov/Legislation/en-US/display/20172018/SB/219. [38]   Tony Peng & Michael Sarazen, Global Survey of Autonomous Vehicle Regulations, Medium, Mar. 15, 2018, available at https://medium.com/syncedreview/global-survey-of-autonomous-vehicle-regulations-6b8608f205f9. [39]   KPMG, Autonomous Vehicles Readiness Index: Assessing Countries’ Openness and Preparedness for Autonomous Vehicles, 2018, (“The US has a highly innovative but largely disparate environment with little predictability regarding the uniform adoption of national standards for AVs. Therefore the prospect of  widespread driverless vehicles is unlikely in the near future. However, federal policy and regulatory guidance could certainly accelerate early adoption . . .”), p. 17, available at https://assets.kpmg.com/content/dam/kpmg/nl/pdf/2018/sector/automotive/autonomous-vehicles-readiness-index.pdf. [40]   Stanley White, Japan Looks to Launch Autonomous Car System in Tokyo by 2020, Automotive News, Jun. 4, 2018, available at http://www.autonews.com/article/20180604/MOBILITY/180609906/japan-self-driving-car; National Transport Commission Australia, Automated vehicles in Australia, available at https://www.ntc.gov.au/roads/technology/automated-vehicles-in-australia/. [41]   The Automated and Electric Vehicles Act 2018, available at http://www.legislation.gov.uk/ukpga/2018/18/contents/enacted; Lexology, Muddy Road Ahead Part II: Liability Legislation for Autonomous Vehicles in the United Kingdom, Sept. 21, 2018,  https://www.lexology.com/library/detail.aspx?g=89029292-ad7b-4c89-8ac9-eedec3d9113a; see further Anne Perkins, Government to Review Law Before Self-Driving Cars Arrive on UK Roads, The Guardian, Mar. 6, 2018, available at https://www.theguardian.com/technology/2018/mar/06/self-driving-cars-in-uk-riding-on-legal-review. [42]   Michaela Ross, Code & Conduit Podcast: Rep. Bob Latta Eyes Self-Driving Car Compromise This Year, Bloomberg Law, Jul. 26, 2018, available at https://www.bna.com/code-conduit-podcast-b73014481132/. [43]   Freight Waves, House Committee Urges Senate to Advance Self-Driving Vehicle Legislation, Sept. 10, 2018, available at https://www.freightwaves.com/news/house-committee-urges-senate-to-advance-self-driving-vehicle-legislation; House Energy and Commerce Committee, Press Release, Sept. 5, 2018, available at https://energycommerce.house.gov/news/press-release/media-advisory-walden-ec-leaders-to-call-on-senate-to-pass-self-driving-car-legislation/. [44]   See supra n. 24, U.S. DEPT. OF TRANSP., Preparing for the Future of Transportation: Automated Vehicles 3.0, Oct. 4, 2018, iv. [45]   David Shephardson, Self-driving cars may hit U.S. roads in pilot program, NHTSA says, Automotive News, Oct. 9, 2018, available at http://www.autonews.com/article/20181009/MOBILITY/181009630/self-driving-cars-may-hit-u.s.-roads-in-pilot-program-nhtsa-says. Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments.  Please contact the Gibson Dunn lawyer with whom you usually work, or the authors: H. Mark Lyon – Palo Alto (+1 650-849-5307, mlyon@gibsondunn.com) Claudia M. Barrett – Washington, D.C. (+1 202-887-3642, cbarrett@gibsondunn.com) Frances Annika Smithson – Los Angeles (+1 213-229-7914, fsmithson@gibsondunn.com) Ryan K. Iwahashi – Palo Alto (+1 650-849-5367, riwahashi@gibsondunn.com) Please also feel free to contact any of the following: Automotive/Transportation: Theodore J. Boutrous, Jr. – Los Angeles (+1 213-229-7000, tboutrous@gibsondunn.com) Christopher Chorba – Los Angeles (+1 213-229-7396, cchorba@gibsondunn.com) Theane Evangelis – Los Angeles (+1 213-229-7726, tevangelis@gibsondunn.com) Privacy, Cybersecurity and Consumer Protection: Alexander H. Southwell – New York (+1 212-351-3981, asouthwell@gibsondunn.com) Public Policy: Michael D. Bopp – Washington, D.C. (+1 202-955-8256, mbopp@gibsondunn.com) Mylan L. Denerstein – New York (+1 212-351-3850, mdenerstein@gibsondunn.com) © 2018 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

June 21, 2017 |
Channeling the Channel-Partner Risk: Addressing Anti-Corruption Risk with Channel Partners in the Technology Sector

​Orange County partner Nicola Hanna, Los Angeles partner Michael Farhang, Washington, D.C. associate Pedro Soto and Orange Country associate Caitlin Peters are the authors of "Channeling the Channel-Partner Risk: Addressing Anti-Corruption Risk with Channel Partners in the Technology Sector," [PDF] published in FCPA Report on June 21, 2017.

March 7, 2017 |
Analysis of March 6, 2017 Executive Order on Immigration

Gibson Dunn previously issued several client alerts regarding President Trump’s January 27, 2017, Executive Order restricting entry into the United States for individuals from certain nations and making other immigration-related policy changes. This client alert addresses the replacement Executive Order entitled "Protecting the Nation from Foreign Terrorist Entry into the United States," signed on March 6, 2017.[1]  It also addresses a recent announcement suspending expedited processing of H-1B visas. I.          Overview of March 6, 2017 Replacement Executive Order The new order is in some regards narrower than the prior order, and its scope appears to be more clearly defined.  However, there is still some ambiguity as to the process for obtaining waivers, and the order continues to provide for the possible extension or expansion of the travel ban.  The order and the accompanying official statements also include considerably more material seeking to justify the provisions than contained in the prior order.[2] The Department of Homeland Security has released detailed Q&As[3] and a fact sheet regarding the new order;[4] additional guidance from the Department of State is expected.[5]  Key features of the new order include: Effective Date.  The effective date of the order is deferred for 10 days; the order goes into effect at 12:01 am ET on March 16, 2017.  Sec. 14. Status of Prior Order.  The new order fully rescinds and replaces the January 27 order.  Sec. 13. Travel Ban For 6 Countries.  Like the prior order, the new order suspends for 90 days entry for nationals of a number of Muslim-majority countries: Iran, Libya, Somalia, Sudan, Syria, and Yemen.  Sec. 1(e). Exclusions and Exceptions to Travel Ban.  The travel ban and related provisions have been narrowed and clarified in various respects: Iraq.  Iraq is no longer identified among the affected countries.  The other six nations designated in the original order are still covered.  However, the order specifically calls for additional review when an Iraqi national who holds a visa applies for "admission," meaning upon arrival to the U.S.  Secs. 1(g), 4.   Lawful Permanent Residents.  Lawful permanent residents (green-card holders) are explicitly excluded from the order.  Sec. 3(b)(i). Current Visa Holders.  Existing visas are not revoked by the order, and they can be used during the 90-day period otherwise covered by the order by the visa-holders under their existing terms, regardless of whether the visa-holder has previously been to the United States or is arriving for the first time.  Those who had a visa physically marked as cancelled as result of the January order are also entitled to admission.  Secs. 3(a), 12(c)-(d); Q&As 3, 5, 7. Dual-Citizens.  Dual citizens of one of the designated nations are also explicitly excluded from the order provided that they are travelling on a passport of a country other than the six designated.  For example, a dual-citizen of Somalia and the United Kingdom would still be eligible for admission to the United States if travelling on his U.K. passport.  Sec. 3(b)(iv). Refugees, Asylees, and Convention Against Torture.  Foreign nationals who are granted asylum status prior to the March 16 effective date, refugees already admitted, and those granted withholding of removal, advance parole, or protection under the Convention Against Torture are not barred from entry into the U.S. Sec. 3(b)(vi).  Note, however, that under existing law, individuals with those statuses may need certain advance permission or authorization if they wish to leave and return to the United States without jeopardizing that status. Certain Diplomatic and Related Visas.  As in the January order, diplomatic and diplomatic-type visas, NATO visas, C-2 (United Nations) visas, and G-1 through G-4 visas are excluded from the order.  Sec. 3(b)(v) Travel Ban Waivers.  The new order provides authority to certain Department of State and Homeland Security officials to grant waivers to the travel ban’s limitations on a case-by-case basis.  The new order identifies nine scenarios in which such treatment "could be appropriate."  These include a variety of hardship scenarios which arose under the January order, such as those needing urgent medical care or those who can document that they have "provided faithful and valuable service" to the United States government (e.g. foreign translators).  Sec. 3(c).  Importantly, these are still case-by-case waivers, not automatic exemptions.  It is also not yet clear if individuals seeking waivers will be allowed to board flights to the U.S. Suspension of Visa Interview Waiver Program.  As before, the Visa Interview Waiver program (often used by repeat business travelers from certain nations) is suspended.  Sec. 9. Suspension of Refugee Admission Program.  As in the January order, the Refugee Admission Program is suspended for 120 days, with a cap of 50,000 entrants for the current fiscal year upon resumption.  Sec. 6.  Unlike the January order, the new order does not indefinitely halt refugee admissions from Syria or prioritize religious minorities upon resumption.  The treatment of those already granted refugee status but not yet in the United States is somewhat unclear.  The DHS Q&A says such individuals "whose travel was already formally scheduled by the Department of State … are permitted to travel to the United States and seek admission," and they are covered by the text of the carve-out in Section 3(b)(vi). See Q&A 10.  But the Q&A also says those individuals "are exempt from the Executive Order."  Q&A 27.  Admission thus may require a case-by-case waiver. Possible Expansion and Extension.  Like the prior order, this order requires a global review to identify categories of individuals appropriate for further limitations.  Secs. 2(e)-(f).  Another provision requires re-alignment of any visa reciprocity programs, under which the United States offers visas of similar validity period and type (e.g. multiple-entry) on the basis of those offered to U.S. citizens.  Sec. 10. II.        Impact on Current Litigation There are approximately 20 active lawsuits challenging aspects of the January order.  Additional, key parts of that Order are currently subject to a preliminary injunction issued by the United States District Court for the Western District of Washington.  The Ninth Circuit declined to temporarily stay that injunction pending a fuller appeal.[6]  The Eastern District of Virginia has also issued a preliminary injunction against certain parts of the January order as it applies to Virginia residents and institutions. There are hearings and briefing deadlines scheduled in both the Washington and Ninth Circuit proceedings, as well as in many of the other cases.  Because the new order rescinds the old order, effective March 16, those challenges may become moot, and the Department of Justice has said it will be seeking dismissal.[7]  However, it is highly likely that some of the existing complaints and requests for relief will be amended to challenge the new ban.  New challenges to the newly announced Executive Order are also anticipated.  It is difficult to predict how the courts will approach litigation, either substantively or procedurally.  Given that the new order does not go into effect until March 16, there will be opportunity for more substantive (although expedited) proceedings than was the case with the original order.  Gibson Dunn will continue to monitor challenges for possible impacts on the new order. III.       Issues for Companies to Consider As with the January order, there is no "one size fits all" approach for companies addressing employee and business issues related to the new Executive Order. Accordingly, companies should again evaluate whether they will need to develop strategies to deal with the impact of the replacement Executive Order, both internally and as it relates to potential shareholder and business relations. In the immediate term, companies should consider outreach to their employees, particularly those who are or may be affected by the Executive Order.  Companies should also consider whether plans or policies are needed for travel by executives, employees, or other stakeholders.  In many ways, the new order is clearer than the January order, but as we describe in more detail below it not clear how all aspects of the order will be implemented.  Accordingly, employers may want to consider the following: Outreach to employees who may be affected.  Companies should consider proactively identifying and reaching out to all employees who may be affected.  As noted above, the Executive Order, on its face, applies to both immigrants and non-immigrants from the six covered countries.  Thus, employees traveling for business or leisure may be equally affected.  Note that different employees’ immigration statuses may compel differing guidance on how to approach any issues that arise in the enforcement of the Order. Outreach to employees who may have family members affected.  It is important to remember that some of your employees, even if not directly impacted by the Executive Order, will have family and loved ones who are or may be impacted.  Companies may consider providing counseling and support for employees with these concerns. Communicating with employees.  Companies should consider identifying employees who frequently travel to and from the affected countries or who are visa holders from affected countries, to explain company plans with respect to the Executive Order.  Given issues that arose for travelers in connection with the implementation of the original Executive Order in January, employees from affected countries who are currently outside the United States, but have a legal right to enter, should be advised to stay in communication with individuals in the United States about their travel plans, in the event they have difficulty re-entering the country, and have a plan to obtain appropriate assistance in that event.  Identifying a point of contact.  Consider identifying a contact point for any employee questions or concerns regarding the Executive Order.  Furthermore, ensure that this contact is prepared to field questions from affected or potentially affected employees, to discuss visa renewal or travel to and from the affected countries, and to refer employees with specific issues to the appropriate resources. Communicating with shareholders, business partners and other stakeholders.  Companies should consider whether communications with shareholders, business partners or other stakeholders regarding potential impacts on business as a result of enforcement of the Executive Order are appropriate. Modifying travel and meeting obligations.  Companies should consider modifying (or allowing for employee choice regarding) employee travel obligations, as appropriate to the company’s business needs, to avoid potential difficulties with travel to and from the United States.  Likewise, if companies have board members or executives affected by the Executive Order, or business stakeholders who will not be able to enter the United States due to the Executive Order, consider whether meetings can be conducted remotely or outside the United States.  Companies involved in pending litigation that may require employee travel to the United States should consider seeking the advice of litigation counsel to determine what, if any, notice to the relevant court or parties may be advisable at this stage. Reviewing non-discrimination policies.  Companies may wish to send reminders of applicable equal employment policies.  Many employers included such statements in communications regarding the original Order.  Companies may also wish to consider how their policies apply to employment and hiring decisions in light of travel restrictions.  This list addresses just some of the issues that companies will face in light of the Executive Order.  Gibson, Dunn & Crutcher’s lawyers, including its employment, securities, administrative law, constitutional law, and sanctions teams, are available to assist clients with navigating these and other issues that arise with respect to enforcement of the March 6 Order. IV.       Suspension of Expedited Processing for H-1B Visas On March 3, U.S. Citizen and Immigration Services (USCIS) announced it will suspend "premium processing" of applications for H-1B visas.[8]  This change is effective April 3, 2017, the first date for filing FY18 applications.  The agency says that this is necessary to process back-logged petitions.  It also says that "expedited" processing is still available for applications meeting certain criteria, and subject to "the discretion of office leadership."  Applications that remain eligible for premium processing include those involving:  Severe financial loss to company or ​person​;​ Emergency situation;​ Humanitarian reasons;​ Nonprofit organization whose request is in furtherance of the cultural and social interests of the United States​;​ Department of Defense or ​national ​interest ​​situation; USCIS error; or​ compelling interest of USCIS.​[9] *      *      * Gibson Dunn will continue to monitor these rapidly developing issues closely.    [1]   "Executive Order Protecting The Nation From Foreign Terrorist Entry Into The United States," Mar. 6, 2017, https://www.whitehouse.gov/the-press-office/2017/03/06/executive-order-protecting-nation-foreign-terrorist-entry-united-states.    [2]   See, e.g., Letter from Attorney General and Sec’y of Homeland Security, Mar. 6, 2017, https://www.dhs.gov/sites/default/files/publications/17_0306_S1_DHS-DOJ-POTUS-letter.pdf    [3]   U.S. Dep’t of Homeland Security, "Q&A: Protecting the Nation From Foreign Terrorist Entry To The United States," Mar. 6, 2017, https://www.dhs.gov/news/2017/03/06/qa-protecting-nation-foreign-terrorist-entry-united-states.    [4]   U.S. Dep’t of Homeland Security, "Fact Sheet: Protecting the Nation From Foreign Terrorist Entry To The United States," Mar. 6, 2017, https://www.dhs.gov/news/2017/03/06/fact-sheet-protecting-nation-foreign-terrorist-entry-united-states.    [5]   U.S. Dep’t of State, "Executive Order on Visas," Mar. 6, 2017, https://travel.state.gov/content/travel/en/news/important-announcement.html.    [6]   http://cdn.ca9.uscourts.gov/datastore/general/2017/02/27/17-35105%20-%20Motion%20Denied.pdf; https://cdn.ca9.uscourts.gov/datastore/opinions/2017/02/09/17-35105.pdf.    [7]   http://www.politico.com/story/2017/03/trump-releases-new-travel-ban-executive-order-235720.    [8]   U.S. Citizenship and Immigration Services, "USCIS Will Temporarily Suspend Premium Processing for All H-1B Petitions," Mar. 3, 2017 https://www.uscis.gov/news/alerts/uscis-will-temporarily-suspend-premium-processing-all-h-1b-petitions.    [9]   U.S. Citizenship and Immigration Services, "Expedite Criteria," https://www.uscis.gov/forms/expedite-criteria. Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments.  Please contact the Gibson Dunn lawyer with whom you usually work or any of the following: Theodore J. Boutrous, Jr. – Los Angeles (+1 213-229-7000, tboutrous@gibsondunn.com)Rachel S. Brass – San Francisco (+1 415-393-8293, rbrass@gibsondunn.com)Anne M. Champion – New York (+1 212-351-5361, achampion@gibsondunn.com)Ethan Dettmer – San Francisco (+1 415-393-8292, edettmer@gibsondunn.com) Theane Evangelis – Los Angeles (+1 213-229-7726, tevangelis@gibsondunn.com) Kirsten Galler – Los Angeles (+1 213-229-7681, kgaller@gibsondunn.com) Ronald Kirk – Dallas (+1 214-698-3295, rkirk@gibsondunn.com)Joshua S. Lipshutz – Washington D.C. (+1 202-955-8217, jlipshutz@gibsondunn.com) Katie Marquart, Pro Bono Counsel & Director – New York (+1 212-351-5261, kmarquart@gibsondunn.com) Samuel A. Newman – Los Angeles (+1 213-229-7644, snewman@gibsondunn.com) Jason C. Schwartz – Washington D.C. (+1 202-955-8242, jschwartz@gibsondunn.com) Kahn A. Scolnick – Los Angeles (+1 213-229-7656, kscolnick@gibsondunn.com) © 2017 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

February 10, 2017 |
Ninth Circuit Court of Appeals Issues Opinion Upholding Nationwide TRO of January 27 Immigration-Related Executive Order

On Monday, January 30, 2017, Gibson Dunn issued a client alert regarding President Trump’s January 27 Executive Order restricting entry into the United States for individuals from certain nations, and making other immigration-related policy changes.  On February 1, Gibson Dunn issued an updated client alert, covering subsequent developments relating to the Executive Order including: (1) coverage of dual citizens; (2) provisional revocation of certain visas; and (3) reciprocal policy changes abroad.  This update describes yesterday’s Ninth Circuit decision in State of Washington v. Trump, which denied the Government’s request to stay the nationwide temporary restraining order, as well as other recent developments relating to the various legal challenges to the Executive Order.  On February 10, the Ninth Circuit issued a sua sponte request that the parties brief whether en banc review by the Ninth Circuit is appropriate.  At the same time, news reports indicate that the Trump administration may issue a revised executive order, rather than appeal the decision.[1]  This update also provides considerations for companies and others as they continue to deal with the aftereffects of the Executive Order and the various court challenges to it.  This alert is informational only, and you should, of course, seek legal advice specific to any particular situation. I.      Ninth Circuit Decision in State of Washington v. Trump, No. 2:17-cv-141 On February 3, in an action brought by the State of Washington and the State of Minnesota, the United States District Court for the Western District of Washington (Hon. James L. Robart) issued a nationwide temporary restraining order against enforcement of the Executive Order.  The next day the federal defendants filed an emergency motion for an immediate administrative stay and for a stay pending appeal.  The Ninth Circuit denied an immediate stay and held telephonic oral argument on Tuesday, February 7.  On Thursday, February 9, the three-judge panel issued its unanimous opinion holding that, "the Government has not shown a likelihood of success on the merits of its appeal, nor has it shown that failure to enter a stay would cause irreparable injury, and we therefore deny its emergency motion for a stay."  Opinion at 3.[2]             A.      Jurisdiction and Standing  The Court determined it had appellate jurisdiction due to the extraordinary circumstances of the case, even though it generally does not review temporary restraining orders.  The Court rejected the Government’s argument that the plaintiff States lack Article III standing, finding that, for purposes of this stage of the proceedings, the States adequately alleged that the Executive Order caused concrete harm to their state universities, faculty and students.  Opinion at 12.             B.      Reviewability of the Executive Order While recognizing the deference owed to the executive branch on matters of immigration and national security, the Court rejected the Government’s argument that the Executive Order was not subject to judicial review, stating that such a claim "runs contrary to the fundamental structure of our constitutional democracy."  Opinion at 14.  The Court went on to cite a number of instances in which federal courts have reviewed and, in some instances invalidated, executive actions taken in the name of national security.  Opinion at 14-18.             C.      Legal Reasoning and Opinion In deciding whether to stay the temporary restraining order, the Court examined four factors:  (1) whether the federal government was likely to succeed on the merits; (2) whether the federal government would be irreparably harmed absent a stay; (3) whether the stay would irreparably injure the plaintiff States; and (4) what is in the public interest. As to success on the merits, the Court concluded that the federal government had not demonstrated that it was likely to succeed on the merits, at least with respect to the States’ due process claims.  With respect to the due process claims, the federal government failed to show that the Executive Order provided notice and a hearing prior to restricting an individual’s ability to travel.  The Court rejected the federal government’s assertion that the Executive Order no longer applies to lawful permanent residents, as that clarification came from the White House counsel, who is "not known to be in the chain of command for any of the Executive Departments."  Opinion at 22.  With respect to those without legal status, the court found potential claims of due process violations existed as well.  The Court also noted that the States’ religious discrimination claims raised "serious allegations and present significant constitutional questions," but reserved consideration of those claims until the merits are fully briefed.  Opinion at 26.  With respect to the likelihood of irreparable harm, the Court found that the federal government failed to show that a stay was necessary to avoid unnecessary injury stating, "the Government submitted no evidence to rebut the States’ argument that the district court’s order merely returned the nation temporarily to the position it has occupied for many previous years."  Opinion at 26.  The Court found that the States had offered ample evidence of irreparable harm, including separating families and stranding individuals traveling abroad.  Opinion at 28.  Finally, the court found that there were competing public interests at play here such that irreparable harm alone could not justify a stay.  Opinion at 28-29. The Court also declined the federal government’s proposed alternative relief, including modification or narrowing of the existing temporary restraining order either in geographic scope or as to what categories of covered individuals.  Opinion at 23-24.      On the day after the Ninth Circuit issued its ruling, it issued an order that the parties submit simultaneous briefs setting forth their positions on whether en banc review by an 11-judge panel of the Ninth Circuit is appropriate.  At the same time, as stated above, recent news reports indicate that the White House may not seek to appeal the decision and will instead draft and issue a revised executive order.[3] II.      Status of Other Legal Challenges Since the January 27 Executive Order was issued, dozens of legal challenges have been brought in an effort to stay or invalidate the Executive Order.  Many of these suits have resulted in orders staying or limiting the Executive Order itself, including by judges in Massachusetts, Brooklyn, and Virginia.  See, e.g., Louhghalam v. Trump, No. 1:17-cv-10154-NMG (D. Mass. Feb 3, 2017); Darweesh v. Trump, 17 Civ. 480 (AMD) (E.D.N.Y. Jan. 28, 2017); Aziz v. Trump, No. 1:17-cv-116 (E.D.Va. Jan. 28, 2017).   One decision refused to offer temporary injunctive relief against the effectiveness of the Executive Order.  Louhghalam, 2017 WL 479779 (D. Mass. Feb. 3, 2017).  At least one case seeking to enjoin enforcement of the Executive Order has been stayed pending today’s decision by the Ninth Circuit.  State of Hawaii v. Donald J. Trump et al., No. 1:17-cv-50 (D. Haw. February 3, 2017). Other lawsuits filed over the course of the last week have sought to challenge the Executive Order as whole, as well as its impact on specific populations.  See, e.g., Pars Equality Ctr. v. Trump, No. 1:17-cv-255 (D.D.C. Feb. 9, 2017) (suit by several Iranian-American groups seeking a broad permanent injunction and alleging that the Executive Order reflects "invidious discrimination"); Int’l Refugee Assistance Project v. Trump, No. 8:17-cv-00361 (D. Md. Feb. 7, 2017) (seeking declaration that "the entire Executive Order is unlawful and invalid"). III.      Issues for Consideration  Despite the temporary clarity provided by the Ninth Circuit’s ruling, there are, as described above, multiple legal challenges still outstanding and the likelihood of further appeals of the Ninth Circuit decision issued on Thursday, February 9.  As such, companies and others should still consider the guidance provided in our earlier client alerts on this topic, until the courts or the administration provide more certainty on this issue.  For example, companies should still consider modifying (or allowing for employee choice regarding) employee travel obligations, as appropriate to the company’s business needs, to avoid potential difficulties with travel to and from the United States.  Likewise, if companies have officers, employees, contractors, or others affected by the Executive Order, or business stakeholders who will not be able to enter the United States due to the Executive Order, consider whether meetings can be conducted remotely or outside the United States.      [1]   http://www.cnn.com/2017/02/10/politics/immigration-executive-order-white-house/index.html    [2]   In addition to the filings by the parties, 20 amicus briefs were filed by a variety of entities and individuals.  Sixteen of the briefs supported the States, and were submitted by various nonprofit organizations, several other states, labor organizations, a group of law professors, and a group of over 120 technology companies.  Three briefs filed by a variety of nonprofit organizations support the government.  These briefs are available on the Ninth Circuit’s website, at https://www.ca9.uscourts.gov/content/view.php?pk_id=0000000860.       [3]   http://www.cnn.com/2017/02/10/politics/immigration-executive-order-white-house/index.html Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments.  Please contact the Gibson Dunn lawyer with whom you usually work or any of the following: Theodore J. Boutrous, Jr. – Los Angeles (+1 213-229-7000, tboutrous@gibsondunn.com)Rachel S. Brass – San Francisco (+1 415-393-8293, rbrass@gibsondunn.com)Anne M. Champion – New York (+1 212-351-5361, achampion@gibsondunn.com)Ethan Dettmer – San Francisco (+1 415-393-8292, edettmer@gibsondunn.com) Theane Evangelis – Los Angeles (+1 213-229-7726, tevangelis@gibsondunn.com) Kirsten Galler – Los Angeles (+1 213-229-7681, kgaller@gibsondunn.com) Ronald Kirk – Dallas (+1 214-698-3295, rkirk@gibsondunn.com)Joshua S. Lipshutz – Washington D.C. (+1 202-955-8217, jlipshutz@gibsondunn.com) Katie Marquart, Pro Bono Counsel & Director – New York (+1 212-351-5261, kmarquart@gibsondunn.com) Samuel A. Newman – Los Angeles (+1 213-229-7644, snewman@gibsondunn.com) Jason C. Schwartz – Washington D.C. (+1 202-955-8242, jschwartz@gibsondunn.com) Kahn A. Scolnick – Los Angeles (+1 213-229-7656, kscolnick@gibsondunn.com) © 2017 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

February 1, 2017 |
Recent Developments Regarding Executive Order on Immigration

On Monday, January 30, 2017, Gibson Dunn issued a client alert regarding President Trump’s January 27 Executive Order restricting entry into the United States for individuals from certain nations and making other immigration-related policy changes.  This update describes further developments relating to the Executive Order involving (1) coverage of dual citizens; (2) provisional revocation of certain visas; and (3) reciprocal policy changes abroad.  It also provides updates on the status of various legal challenges to the Executive Order.[1]  In particular, it describes a decision from earlier today that broadly prohibits enforcement of the Executive Order, on an interim basis. I.     Coverage of Dual Citizens, Certain Special Immigrants Clarified The Department of Homeland Security ("DHS") announced that dual citizens are not affected by the ban on entry of individuals from the seven countries covered by the Executive Order.  According to new guidance, "travelers are being treated according to the travel document they present," and will be admitted if they "apply for entry based on their citizenship from one of the countries NOT on the list" and are otherwise eligible.[2]  The Acting Commissioner of Customs & Border Protection stated that "[t]ravelers will be assessed … based on the passport they present, not any dual-national status.  So if you’re a citizen of the United Kingdom, you present your United Kingdom passport and the executive order does not apply to you upon arrival."[3] However, as a practical matter, travelers who are also nationals of one of the seven covered countries may be subject to additional screening both when applying for a visa (if applicable) under their non-affected passport, or upon arrival in the United States. Relatedly, DHS announced that holders of "special immigrant visas" (which could include translators for the U.S. armed forces in Iraq), will be treated similarly to lawful permanent residents from the covered countries.  Although covered by the ban, they will generally be allowed entry under the "case-by-case" waiver provision.[4] II.     Revocation of Existing Visas On Tuesday, January 31, in one of the cases challenging the Executive Order, the government publicly filed a January 27 Department of State order that "provisionally revoke[d] all valid nonimmigrant and immigrant visas of nationals of Iraq, Iran, Libya, Somalia, Sudan, Syria, and Yemen."[5]  It is not currently clear to what extent this order is being enforced. Like the Executive Order, this State Department order recognizes the possibility of exceptions made on a "case-by-case" basis, but does not provide information on the process for obtaining such an exception.  While application of this order remains unclear, revocation of a visa has potentially significant implications.  For example, once a nonimmigrant visa is revoked, the visa holder becomes deportable.[6]  The rule regarding immigrant visas is less clear, although there is some risk that an immigrant whose visa has been revoked could be subject to deportation.[7]  If the government seeks to deport an individual on the basis of a visa revocation, that individual has the right to judicial review prior to removal.[8]   While no guidance has been issued, the order may mean that individuals who entered on a valid multi-entry visa prior to the Executive Order will not be able to enter again under the same visa, even after the 90-day ban expires.  Instead, individuals in this category will likely need to obtain a new visa, or a waiver from the revocation.  In addition, individuals in the United States under a previously issued visa may be deported.  III.     Reciprocal Action in Other Nations At least two of the seven nations covered by the Executive Order are implementing or moving toward reciprocal bans on travel from the United States, although details of the scope of these bans, and possible exceptions, are unclear at this time.  Iran has announced a ban.[9]  Iraq’s parliament has passed a non-binding recommendation to take similar action if the U.S. ban remains in effect, in line with criticism of the Executive Order from the foreign ministry there.[10] IV.     Status of Legal Challenges              A.        Badr Dhaifallah Ahmed Mohammed et al v. United States of America et al, 2:17-cv-00786 (C.D. Cal. January 31, 2017) On January 31, the United States District Court for the Central District of California (Hon. André Birotte Jr.) entered an Order enjoining the President, DHS, CBP, and other defendants from enforcing the Executive Order "by removing, detaining, or blocking the entry of Plaintiffs, or any other person from" the seven countries named in the Executive Order "with a valid immigrant visa." The court further: (i) enjoined the defendants from cancelling the plaintiffs’ validly obtained and issued visas; (ii) ordered the defendants, and the State Department in particular, to return "to Plaintiffs their passports containing validly issued immigrant visas so that Plaintiffs may travel to the United States on said visas,"; and (iii) ordered defendants to immediately "inform all relevant airport, airline, and other authorities at Los Angeles International Airport and International Airport in Djibouti that Plaintiffs are permitted to travel to the United States on their valid immigrant visas." Although the court’s order prohibits the "blocking of entry" of anyone from the seven countries who possesses "a valid immigrant visa," regardless of whether the individual is a plaintiff in the case, it is unclear what impact this will have beyond the named plaintiffs in light of the Department of State’s order provisionally revoking all such visas as discussed above.               B.        State Government Actions Four state governments have also sued to enjoin the Executive Order or moved to intervene in cases challenging the Order, one new class action was filed challenging the Executive Order, and two potentially significant hearings are scheduled for this Friday.  Several States have gone to court to challenge the ban.  The State of Washington filed a challenge in the Western District of Washington.[11]  Similarly, Massachusetts,[12] Virginia,[13] and New York,[14] moved to join existing lawsuits pending in federal court in their states. The Northwest Immigrant Rights Project filed a class action in the Western District of Washington seeking invalidation of the Executive Order.  Abdiaziz v. Trump, No. 2:17-cv-135. Finally, two hearings are set for this Friday, February 3.  The District of Massachusetts hearing in Tootkaboni v. Trump, No. 17-cv-10154, will further consider the temporary restraining order that court entered last weekend.  The Western District of Washington will consider the state government’s request for a temporary restraining order in its recently filed case, State of Washington v. Trump, No. 2:14-cv-141. *      *      * Gibson Dunn will continue to closely monitor these rapidly developing issues.                 [1]     On January 30, shortly after the release of our earlier client alert, the Acting Attorney General announced guidance that the Justice Department would not defend the Executive Order, explaining that she is not "convinced that the Executive Order is lawful."  (http://documents.latimes.com/message-acting-attorney-general).  The White House relieved the Acting Attorney General of her duties, stating that the Acting Attorney General had "betrayed the Department of Justice by refusing to enforce a legal order designed to protect the citizens of the United States."  See White House, Statement on the Appointment of Dana Boente as Acting Attorney General, Jan. 30, 2017 (https://www.whitehouse.gov/the-press-office/2017/01/30/statement-appointment-dana-boente-acting-attorney-general).  The new Acting Attorney General promptly announced that he was rescinding his predecessor’s guidance regarding the Executive Order.  See U.S. Dept. of Justice, "Acting Attorney General Boente Issues Guidance to Department on Executive Order," Jan. 30, 2017 (https://www.justice.gov/opa/pr/acting-attorney-general-boente-issues-guidance-department-executive-order).                 [2]     U.S. Customs & Border Protection, "Protecting the Nation from Foreign Terrorist Entry into the United States," Jan. 31, 2017 (https://www.cbp.gov/border-security/protecting-nation-foreign-terrorist-entry-united-states).                 [3]     U.S. Dept. of Homeland Security, "Transcript of Media Availability on Executive Order with Secretary Kelly & DHS Leadership," Jan. 31, 2017 (https://www.dhs.gov/news/2017/01/31/transcript-media-availability-executive-order-secretry-kelly-and-dhs-leadership).                 [4]     U.S. Dept. of Homeland Security, "Transcript of Media Availability on Executive Order with Secretary Kelly & DHS Leadership," Jan. 31, 2017 (https://www.dhs.gov/news/2017/01/31/transcript-media-availability-executive-order-secretry-kelly-and-dhs-leadership).                 [5]     U.S. Dept. of State, Order, Jan. 27, 2017.  This document is not currently available on a government website, but can be found at http://www.politico.com/f/?id=00000159-f6bd-d173-a959-ffff671a0001 .                 [6]     See 8 U.S.C. § 1227(a)(1)(B) ("Any alien who is present in the United States in violation of this chapter or any other law of the United States, or whose nonimmigrant visa (or other documentation authorizing admission into the United States as a nonimmigrant) has been revoked under section 1201(i) of this title, is deportable.").                 [7]     See 8 U.S.C.  § 1201(i); 22 C.F.R. § 42.82(b); see also 8 U.S.C. § 1227(4)(c)(i) ("An alien whose presence or activities in the United States the Secretary of State has reasonable ground to believe would have potentially serious adverse foreign policy consequences for the United States is deportable.").                 [8]     8 U.S.C. § 1201(i) ("There shall be no means of judicial review … of a revocation … except in the context of a removal proceeding if such revocation provides the sole ground for removal…").                  [9]     Asas Fitch, et al., "Iran Halts Visas to Americans As Iraq Keeps Doors Open," Wall Street J., Jan. 31, 2017 (https://www.wsj.com/articles/iran-stops-issuing-visas-to-americans-1485870515).                 [10]     Qassim Abdul-Zahra, "Iraqi Lawmakers Urge Ban On Americans After Trump Order," Associated Press, Jan. 30, 2017 (http://www.kcbd.com/story/34378139/iraqi-lawmakers-urge-ban-on-americans-after-trump-order).                 [11]     Washington State Office of the Attorney General, "AG Ferguson Seeks Halt to Trump’s Immigration Executive Order," Jan. 30, 2017 (http://www.atg.wa.gov/news/news-releases/ag-ferguson-seeks-halt-trump-s-immigration-executive-order).                 [12]     Attorney General of Massachusetts, "AG Healey Announces Lawsuit Against President Trump’s Executive Order on Immigration," Jan. 31, 2017 (http://www.mass.gov/ago/news-and-updates/press-releases/2017/2017-01-31-ag-lawsuit-president-eo.html).                 [13]     Attorney General of Virginia, "Virginia Brings Action Against President Trump for Unlawful and Unconstitutional Executive Order on Immigration," Jan. 31, 2017 (http://www.oag.state.va.us/media-center/news-releases/879-january-31-2017-virginia-brings-action-against-president-trump-for-unlawful-and-unconstitutional-executive-order-on-immigration).                 [14]     Attorney General of New York State, "A.G. Schneiderman Joins Lawsuit Against President Trump’s Immigration Executive Order, Jan. 31, 2017 (https://ag.ny.gov/press-release/ag-schneiderman-joins-lawsuit-against-president-trumps-immigration-executive-order). Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments.  Please contact the Gibson Dunn lawyer with whom you usually work or any of the following: Theodore J. Boutrous, Jr. – Los Angeles (+1 213-229-7000, tboutrous@gibsondunn.com)Rachel S. Brass – San Francisco (+1 415-393-8293, rbrass@gibsondunn.com)Anne M. Champion – New York (+1 212-351-5361, achampion@gibsondunn.com)Ethan Dettmer – San Francisco (+1 415-393-8292, edettmer@gibsondunn.com) Theane Evangelis – Los Angeles (+1 213-229-7726, tevangelis@gibsondunn.com) Kirsten Galler – Los Angeles (+1 213-229-7681, kgaller@gibsondunn.com) Ronald Kirk – Dallas (+1 214-698-3295, rkirk@gibsondunn.com)Joshua S. Lipshutz – Washington D.C. (+1 202-955-8217, jlipshutz@gibsondunn.com) Katie Marquart, Pro Bono Counsel & Director – New York (+1 212-351-5261,kmarquart@gibsondunn.com) Samuel A. Newman – Los Angeles (+1 213-229-7644, snewman@gibsondunn.com) Jason C. Schwartz – Washington D.C. (+1 202-955-8242, jschwartz@gibsondunn.com) Kahn A. Scolnick – Los Angeles (+1 213-229-7656, kscolnick@gibsondunn.com) © 2017 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

January 30, 2017 |
President Trump Issues Executive Order on Immigration

Click for PDF On Friday January 27, 2017, President Trump issued an Executive Order entitled “Protecting the Nation from Foreign Terrorist Entry into the United States Executive Order.”  (Available here.) The Executive Order imposes, among other things, a 90-day ban on entry into the United States for any purpose by non-U.S. citizens from Iran, Iraq, Libya, Somalia, Sudan, Syria, and Yemen.  The State Department has advised individuals from the affected countries seeking visas to enter the United States not to schedule or attend interviews, or pay fees for such visas, until further notice.[i]  Over the weekend, three federal courts blocked implementation of various parts of the Executive Order.  Additionally, the Administration has announced that implementation of the Executive Order will be somewhat relaxed for U.S. lawful permanent residents.  However, confusion persists at airports both here and abroad.  For example, it has been reported that some individuals have not been permitted to board U.S.-bound flights, and that upon arrival in the United States, other individuals have been subjected to inconsistent treatment, including detention by Customs and Border Protection (“CBP”) officers or often lengthy screenings.  Additionally, in some cases, individuals are reportedly unable to communicate with their family members or legal counsel. Although the legal landscape is continuing to evolve, as we describe below, this Client Alert provides an overview of the Executive Order, the district court decisions enjoining portions of the Executive Order, and guidance that may assist companies and others impacted by the Executive Order.  As we understand that responding to inquiries involving the Order may be our clients’ most pressing concern, we start with a brief background of the Executive Order and provide guidance companies may want to consider.  We then provide an overview of the legal landscape that exists as of Monday, January 30, 2017.  This alert is informational only, and you should, of course, seek legal advice specific to any particular situation.  Please note that we have published a supplement to this Client Alert regarding later relevant events, which is available here. I.     Overview of the Executive Order The Executive Order has the stated purpose of “protect[ing] the American people from terrorist attacks by foreign nationals admitted to the United States.”  Among its provisions are the restriction of “immigrant and nonimmigrant” entry of non-citizens from seven countries for 90 days, suspension of all refugee admission for 120 days, and indefinite prohibition of refugees from Syria.      A.     Individuals Covered and Not Covered by the 90-day Ban Section 3(c) of the Executive Order “suspend[s] entry into the United States, as immigrants and nonimmigrants” for 90 days of “aliens” from Iran, Iraq, Libya, Somalia, Sudan, Syria, and Yemen.  Subject to certain exceptions, this suspension applies regardless of travel origin, type of visa, or U.S. immigration status. The Executive Order provides that the “the Secretaries of State and Homeland Security may, on a case-by-case basis, and when in the national interest, issue visas or other immigration benefits to nationals of countries for which visas and benefits are otherwise blocked.”  Sec. 3(g).  The Executive Order also explicitly exempts only certain categories of visas for diplomats, NATO business, United Nations business (C-2), and international organization staff (G-1, G-2, G-3, G-4)).  Sec. 3(c). The Executive Order is drafted broadly enough to cover lawful permanent residents (i.e., green-card holders), and there are reports that in the first 36 hours of implementation, the CBP officers denied re-entry to such individuals.  However, on Sunday, January 29, the Department of Homeland Security (“DHS”) announced that “absent significant derogatory information indicating a serious threat to public safety and welfare, lawful permanent resident status will be a dispositive factor in our case-by-case determinations” under Section 3(g) of the Order.[ii]  Since that announcement, reports from across the country suggest that such individuals are now being admitted under this discretionary authority, after extended screening upon arrival. The Executive Order also implicates dual citizens who are not U.S. citizens.  However, exactly how such individuals will be addressed by CBP is uncertain.  There are some indications that such individuals will be treated similarly to green-card holders–subject to increased scrutiny, but generally admitted.  However, admission appears to be discretionary, and, as of now, there is no clearly announced policy.  The United Kingdom Foreign Office announced on Sunday, January 29 that the United States is not applying the ban to individuals who are dual citizens of the United Kingdom and one of the banned countries, if such individuals are travelling from the United Kingdom.[iii]  On Monday, January 30, the U.S. Embassy & Consulates in the United Kingdom made a similar announcement, confirming that “[d]ual nationals of the United Kingdom and one of [the seven covered] countries are exempt from the Executive Order when travelling on a valid United Kingdom passport and U.S. visa.”[iv]  In addition, various news outlets have reported–quoting Canadian government officials–that the United States is not applying the ban to individuals who are dual citizens of Canada and one of the banned countries.[v]  U.S. officials, however, have yet to make a similar announcement. U.S. citizens are not covered by the language of the Executive Order.  As described below, however, non-U.S. citizens from countries other than the seven covered countries may still be affected by the Executive Order’s suspension of the Visa Interview Waiver Program.  Suspension of this program is likely to increase the time necessary for issuance of U.S. visas.      B.     Other Provisions A few other provisions of the Executive Order should also be noted, as they may hinder travel to the United States by those not directly affected by the country-specific ban. The Executive Order suspends the Visa Interview Waiver Program, which allows those renewing certain types of visas to skip a consular interview under certain circumstances.  See Sec. 8(a).  This program is commonly used by low-risk travelers, including many employment-based visa applicants, in order to expedite the time in which visas are obtained for travel to the United States.  Suspension of this program is likely to slow, perhaps significantly, the process of renewing a visa, as it appears to impose a requirement that all visa applicants be interviewed in person. The Executive Order requires the Secretary of State to review “all non-immigrant visa reciprocity agreements.”  Sec. 9.  This raises the prospect that certain visas will be scaled back in the future, such as by reducing the number of allowed visits in a period or the length of an allowed stay under a visa. The Executive Order suspends the U.S. Refugee Admissions Program for 120 days (Sec. 5), and indicates certain priority for religious minorities upon its limited resumption.  This is generally understood to apply to Christian refugees from Muslim-majority nations. Finally, it is possible that the list of affected countries will expand after the 90-day ban period.  The Executive Order directs the DHS to submit for inclusion a list of any other countries that “do not provide adequate information” regarding admission of their citizens.  Sec. 3(b).  At the end of the 90-day period, DHS or the State Department may also “submit to the President the names of any additional countries recommended for similar treatment.”  Sec. 3(f). II.     Issues for Companies to Consider There is no “one size fits all” approach for companies addressing employee and business issues related to the Executive Order.  In the immediate term, companies should consider preparing a uniform communications plan for their employees, particularly those who are or may be affected by the Executive Order.  Companies should also consider whether plans or policies are needed for travel by executives, employees, or other stakeholders.  Although this situation is fluid and continues to develop, as further described below, we believe companies should also be mindful of whether they will need to develop strategies to deal with the impact of the Executive Order, both internally and as it relates to potential shareholder and business relations. Specific questions that companies may want to consider with respect to the Executive Order include: Outreach to employees who may be affected.  Although the administrative and judicial interpretation of the Executive Order continues to evolve, meaning that the full scope of individuals who may be affected is in flux, companies should consider proactively identifying and reaching out to all employees who may be affected.  As noted above, the Executive Order, on its face, applies to both immigrants and non-immigrants from the seven covered countries.  Thus, employees traveling for business or leisure may be equally affected.  In addition, as discussed above, there have been indications that lawful permanent residents may be subject to additional questioning when entering the United States from one of the seven covered countries, even if those individuals are not subject to detention.  Note that different employees’ immigration statuses may compel differing guidance on how to approach any issues that arise in the enforcement of the Order. Outreach to employees who may have family members affected.  It is important to remember that for some of your employees, even if they are not directly impacted by the Executive Order, they will have family and loved ones who are directly impacted.  We have received reports of many family members detained and separated from other family members upon arrival at an airport.  We have heard reports about family members traveling abroad who are now fearful of not being able to return home to reunite with a family member.  Companies may consider providing counseling and support for your employees who are facing these concerns. Communicating with employees.  Companies should consider identifying employees who frequently travel to and from the affected countries or who are visa holders from affected countries, to explain company plans with respect to the Executive Order.  In particular, employees from affected countries who are currently outside the United States, but have a legal right to re-enter, should be advised to stay in communication with individuals in the United States about their travel plans, in the event they have difficulty re-entering the country, and have a plan to obtain appropriate assistance in that event.  For employees currently in the United States but who are from the affected countries or frequently travel to the affected countries, consider whether travel abroad is necessary before the full scope of enforcement of the Executive Order is known and understood. Identifying a point of contact.  Consider identifying a contact point for any employee questions or concerns regarding the Executive Order.  Furthermore, ensure that this contact is prepared to field questions from affected or potentially affected employees, to discuss visa renewal or travel to and from the affected countries, and to refer employees with specific issues to the appropriate resources. Communicating with shareholders, business partners and other stakeholders.  Companies should consider whether communications with shareholders, business partners or other stakeholders regarding potential impacts on business as a result of enforcement of the Executive Order are appropriate. Modifying travel and meeting obligations.  Companies should consider modifying (or allowing for employee choice regarding) employee travel obligations, as appropriate to the company’s business needs, to avoid potential difficulties with travel to and from the United States.  Likewise, if companies have board members or executives affected by the Executive Order, or business stakeholders who will not be able to enter the United States due to the Executive Order, consider whether meetings can be conducted remotely or outside the United States.  Companies involved in pending litigations that may require employee travel to the United States, should consider seeking the advice of litigation counsel to determine what, if any, notice to the relevant court or parties may be advisable at this stage. Reviewing non-discrimination policies.  Companies may wish to send reminders of applicable equal employment policies.  Many employers have included such statements in communications regarding the Order.  Companies may also wish to consider how their policies apply to employment and hiring decisions in light of travel restrictions. This list addresses just some of the issues that companies will face in light of the Executive Order.  Gibson, Dunn & Crutcher’s lawyers, including its employment, securities, administrative law, constitutional law, and sanctions teams, are available to assist clients with navigating these and other issues that arise with respect to enforcement of the Order. III.     District Court Orders Blocking Implementation of the Executive Order As of the morning of January 30, three district courts–in New York, Massachusetts, and Virginia–have issued orders of varying general applicability temporarily (a) halting deportations resulting from the Executive Order and (b) providing certain other relief.  Other federal courts, including those in the Central District of California and the Western District of Washington have issued relief specific to individual applicants.      A.     Nationwide Stay of Removal–Darweesh v. Trump, No. 17 Civ. 480 (AMD) (E.D.N.Y. Jan. 28, 2017). On Saturday, January 28, two visa holders of Iraqi origin detained at JFK Airport in New York filed suit relief on behalf of themselves and others similarly situated, along with a petition for writ of habeas corpus.  They also asked the court for an emergency stay of removal of similarly situated people nationwide. Judge Ann Donnelly of the Eastern District of New York granted relief that evening, enjoining the President, DHS, CBP, and other respondents from removing (i) refugees, (ii) visa-holders, and (iii) individuals from the nations affected by the Executive Order. The court found that the petitioners–two individuals who were detained at JFK, along with all others similarly situated–“have a strong likelihood of success” with respect to their Due Process and Equal Protection challenges to the Executive Order.  The court also found that, absent the stay, there was an “imminent danger that . . . there will be substantial and irreparable injury” to those subject to the Executive Order. On Sunday, January 29, petitioners filed a motion for clarification and enforcement of the order.  The motion cited reports that similarly situated people “have been placed on planes, possibly deported, and subject to intimidation to sign removal orders after the issuance of the Court’s Order.”  Among other things, petitioners seek confirmation that the court’s order applies to all similarly situated people nationwide. On Monday, January 30, the case was assigned to Judge Carol Bagley Amon.       B.     Nationwide Stay of Removal and Detention —Tootkaboni v. Trump, No. 17-cv-10154 (D. Mass. Jan. 29, 2017).  On Saturday, January 28, two lawful permanent residents of Iranian origin who were detained at Logan Airport in Boston filed a similar action for relief, and also applied for an emergency stay on a nationwide basis. Early Sunday, Judge Allison D. Burroughs and Magistrate Judge Judith Dein of the District of Massachusetts issued a temporary restraining order (“TRO”) prohibiting removal and detention of those subject to the Executive Order (i.e., refugees, visa-holders, and individuals from the affected nations).  The court made the same findings as the Darweesh Court, described above.  The TRO is in effect for seven days, with the court to set a further hearing date prior to its expiration. The court also directed respondents to limit secondary screening–an airport security measure that some critics have associated with profiling–to comply with the regulations and statutes in effect prior to the Executive Order, including 8 U.S.C. § 1101(a)(13)(C), the statute providing the standards by which a lawful permanent resident may be regarded as “seeking admission” into the United States.  The court also issued instructions to CBP, apparently intended to address the issue of airlines turning away passengers on international flights destined for Logan Airport, stating that CBP “shall notify airlines that have flights arriving at Logan Airport of this Order and the fact that individuals on these flights will not be detained or returned based solely on the basis of the Executive Order.”      C.     Stay of Removal of Lawful Permanent Residents at Dulles–Mohammed Aziz v. Trump, No. 1:17-cv-116 (E.D. Va. Jan. 28, 2017) On Saturday, January 28, two brothers of Yemeni origin detained at Dulles International Airport filed an emergency application seeking a stay of removal on behalf of themselves as lawful permanent residents and others similarly situated at that same airport, as well as seeking access to counsel. Judge Leonie M. Brinkema of the Eastern District of Virginia issued a TRO forbidding removal of any lawful permanent residents from Dulles for seven days.  The court also directed that respondents “shall permit lawyers access to all legal permanent residents being detained at Dulles International Airport.” On January 30, petitioners filed a First Amended Complaint, adding new allegations that they were coerced into surrendering their green cards and then flown to Addis Ababa airport in Ethiopia.[vi]      D.     Other Court Actions and Orders Individuals seeking relief on an individual basis only, and not on behalf of others similarly situated, have sought habeas corpus and/or other relief in a number of other district courts with jurisdiction over relevant international airports. For instance, on Saturday, January 28, a visa holder of Iranian origin detained at LAX in Los Angeles filed suit in the Central District of California, seeking habeas corpus, declaratory, and injunctive relief.  See Vayeghan v. Kelly, No. CV 17-0702 (C.D. Cal. Jan. 28, 2016).  Before the court could consider the emergency application for a TRO, however, “he was placed on a flight to Dubai to be removed to Iran.”  But Judge Dolly M. Gee issued a TRO on January 29, directing respondents to “transport Petitioner back to the United States and admit him under the terms of his previously approved visa.”  The court found, among other things, “a strong likelihood of success” on the petitioner’s claims under the Equal Protection Clause, Establishment Clause, and Immigration and Nationality Act, and also pointed to “the public interest in upholding constitutional rights.”  The court set a hearing to show cause regarding preliminary injunctive relief for Friday, February 10. On Saturday, January 28, Judge Thomas S. Zilly of the Western District of Washington granted an emergency stay of removal with respect to two petitioners being detained at Seattle-Tacoma International Airport.  A full hearing on the stay is set for Friday, February 3.  The matter is Doe v. Trump, No. C17-126 (W.D. Wash. Jan. 28, 2017). In addition, there are at least two broad-based suits being filed today.  First the Council on American-Islamic Relations (“CAIR”) has filed suit in the Eastern District of Virginia, focusing on the Executive Order’s “apparent purpose and underlying motive . . . to ban people of the Islamic faith from Muslim-majority countries from entering the United States.”[vii]  The case  raises challenges under the Establishment, Free Exercise, and Due Process Clauses, and seeks broad injunctive relief against most aspects of the Executive Order restricting travel to the United States.  See Sarsour v. Trump, No. 1:17-cv-00120 (E.D. Va. Jan. 30, 2017).  Second, the attorney general of Washington State has announced he will file a suit in the Western District of Washington, also seeking to have key provisions declared unconstitutional and requesting injunctive relief.[viii] Finally, we are aware of other actions being filed in the Northern District of Illinois (Chicago O’Hare International Airport); the Northern District of California (San Francisco International Airport); the Central District of California (LAX); and the Northern District of Texas (Dallas-Fort Worth International Airport).  Additionally, there are at least fifteen actions pending in the Eastern District of New York, including the Darweesh matter discussed above. IV.     On-the-Ground Observations at Airports Nationwide Although deportations appear to have stopped and DHS has indicated it will comply with the court orders described above, reports from airport observers indicate that confusion continues regarding the implementation of the Executive Order and compliance with these court orders.  The Administration, however, has contradicted these reports, but has acknowledged that some individuals were affected and slowed down in their travel.[ix] Attorneys at various airports around the country have reported denial of access to detainees.  Despite court orders mandating attorney access to potential clients, CBP has reportedly refused to allow some detainees to speak in person with counsel.[x]  Other lawyers have reported that CBP has been averse to inquiries for information.  In Los Angeles, for example, CBP closed its airport office, making it difficult to determine the number, identity, and legal status of potential detainees. Detainees have reported extensive examinations and confiscations of luggage and personal belongings.[xi]  Multiple reports circulated detailing investigations into detainees’ social media accounts and corresponding questioning regarding personal religious beliefs and political views, particularly related to President Trump and his administration.  Some detainees stated that individuals wearing headscarves were targeted for additional vetting.  Wait times varied widely, from half a day or longer to an hour or less.  There have also been reports that some detainees have been pressured into renouncing their lawful status under threat of being banned from re-entry for up to five years.[xii] Finally, many individuals have reported undergoing more rigorous screening at the point of embarkment.  As part of that process, individuals may be denied permission to board if there is an expectation they will not be admitted to the United States upon arrival.[xiii] *          *          * The issues described in this Client Alert are rapidly changing.  Gibson Dunn is dedicated to staying at the forefront of these issues for the benefit of our friends and clients, and will update you with significant developments. [i] U.S. State Dept., “Urgent Notice: Executive Order on Protecting the Nation from Terrorist Attacks by Foreign Nationals,” Jan. 27, 2017 (https://travel.state.gov/content/visas/en/news/executive-order-on-protecting-the-nation-from-terrorist-attacks-by-foreign-nationals.html). [ii] U.S. Dept. of Homeland Security, “DHS Statement On Compliance With Court Orders And The President’s Executive Order,” Jan. 29, 2017 (https://www.dhs.gov/news/2017/01/29/dhs-statement-compliance-court-orders-and-president%E2%80%99s-executive-orders). [iii] U.K. Foreign & Commonwealth Office, “Press Release, Presidential Executive Order on Inbound Migration to United States,” Jan. 29, 2017 (https://www.gov.uk/government/news/presidential-executive-order-on-inbound-migration-to-us). [iv] U.S. Embassy & Consulates in the U.K., “Updated Guidance on Executive Order on Protecting the Nation from Terrorist Attacks by Foreign Nationals,” Jan. 30, 2017 (https://uk.usembassy.gov/updated-guidance-executive-order-protecting-nation-terrorist-attacks-foreign-nationals/). [v] See, e.g., Daniel Dale & Emily Mathieu, “Canadian dual citizens exempted from Trump’s travel ban,” Toronto Star, Jan. 28, 2017 (https://www.thestar.com/news/world/2017/01/28/passport-holders-of-7-muslim-majority-countries-cant-board-air-canada-flights-to-us.html). [vi] As of Sunday night, it is unclear how the matters in Massachusetts and Virginia, brought by lawful permanent residents, are affected by DHS’s statement on January 29 that “the entry of lawful permanent residents is in the national interest.” [vii] Council on American-Islamic Relations, “CAIR to Announce Constitutional Challenge to Trump’s ‘Muslim Ban’ Executive Order,” Jan. 27, 2017 (https://www.cair.com/press-center/press-releases/14062-cair-to-announce-constitutional-challenge-to-trump-s-muslim-ban-executive-order.html). [viii] KOMO Staff, “State attorney general to file lawsuit against Trump immigration order,” KOMO News, Jan. 30, 2017 (http://komonews.com/news/local/state-attorney-general-plans-major-announcement-on-trump-immigration-plan). [ix] E.g., Berkeley Lovelace Jr, “White House spokesman Sean Spicer says immigration ban ‘small price to pay’ for safety,” CNBC, Jan. 30, 2017 (http://www.cnbc.com/2017/01/30/white-house-spokesman-sean-spicer-immigration-ban.html). [x] See, e.g., Edward Helmore, et al., “Border agents defy courts on Trump travel ban, congressmen and lawyers say,” Guardian, Jan. 29, 2017 (https://www.theguardian.com/us-news/2017/jan/29/customs-border-protection-agents-trump-muslim-country-travel-ban). [xi] See, e.g., Nadel Issa, et al., “As hundreds protest, attorneys seek info on how many are detained,” Chicago Sun-Times, Jan. 29, 2017 (http://chicago.suntimes.com/politics/calm-before-the-storm-ohare-quiet-sunday-morning/). [xii] See, e.g., Joseph Goldstein, et al., “Lives Rewritten With the Stroke of a Pen,” New York Times, Jan. 29, 2017 (https://www.nytimes.com/interactive/2017/01/29/nyregion/detainees-trump-travel-ban.html?_r=0). [xiii] See, e.g., Evan Perez, et al., “Inside the confusion of the Trump executive order and travel ban,” CNN, Jan. 30, 2017 (http://www.cnn.com/2017/01/28/politics/donald-trump-travel-ban/).   Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments.  Please contact the Gibson Dunn lawyer with whom you usually work or any of the following: Theodore J. Boutrous, Jr. – Los Angeles (+1 213-229-7000, tboutrous@gibsondunn.com) Rachel S. Brass – San Francisco (+1 415-393-8293, rbrass@gibsondunn.com) Anne M. Champion – New York (+1 212-351-5361, achampion@gibsondunn.com) Ethan Dettmer – San Francisco (+1 415-393-8292, edettmer@gibsondunn.com) Theane Evangelis – Los Angeles (+1 213-229-7726, tevangelis@gibsondunn.com) Kirsten Galler – Los Angeles (+1 213-229-7681, kgaller@gibsondunn.com) Ronald Kirk – Dallas (+1 214-698-3295, rkirk@gibsondunn.com) Joshua S. Lipshutz – Washington D.C. (+1 202-955-8217, jlipshutz@gibsondunn.com) Katie Marquart, Pro Bono Counsel & Director – New York (+1 212-351-5261,kmarquart@gibsondunn.com) Samuel A. Newman – Los Angeles (+1 213-229-7644, snewman@gibsondunn.com) Jason C. Schwartz – Washington D.C. (+1 202-955-8242, jschwartz@gibsondunn.com) Kahn A. Scolnick – Los Angeles (+1 213-229-7656, kscolnick@gibsondunn.com)   © 2016 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

January 3, 2017 |
Supreme Court to Review Federal Circuit’s Decisions in Heartland and Lexmark

This past month the Supreme Court decided to review two cases that could change the patent litigation landscape in important ways, and that may have broad implications for the licensing and distribution of patented goods, domestically and internationally.  They have the potential to narrow the range of venues available to patent plaintiffs, and to broaden the geographic scope of the exhaustion defense for patent defendants.  Below, we review the issues presented in each case, and how the Court’s decisions may affect business interests in the United States and abroad.  Our intellectual property, appellate, and technology transactions attorneys are available to discuss further and to advise on these issues at your convenience.    I.     Executive Summary On December 14, 2016, the Supreme Court announced that it had granted certiorari in TC Heartland LLC v. Kraft Food Brands Group LLC, No. 16-341 (Fed. Cir., 821 F.3d 1338).  The Heartland case concerns the range of venues available to patent plaintiffs.  Specifically, the issue is whether a plaintiff may sue a corporation for patent infringement in any district where the defendant is subject to personal jurisdiction (as the United States Court of Appeals for the Federal Circuit has long held), or only in the districts where the defendant is incorporated, or has committed acts of infringement and has a regular and established place of business (as the petitioner and several amici have argued).  Under the current approach to venue, patent plaintiffs have enjoyed relatively broad latitude in choosing a forum, and many have gravitated to certain districts such as the Eastern District of Texas and the District of Delaware.  The Supreme Court is being asked to interpret a jurisdictional statute to restrict the available venues in patent cases, an invitation which, if accepted, could lead to a dramatic change in where such suits are filed.         The Supreme Court’s decision to review Heartland comes just shortly after the Court granted certiorari in Impression Products, Inc. v. Lexmark International, Inc., No. 15-1189 (Fed. Cir., 816 F.3d 721; cert. granted Dec. 2, 2016).  The Lexmark case concerns patent exhaustion, a doctrine that limits a patentee’s rights regarding activities that occur after the initial authorized sale of a patented item.  The exhaustion doctrine is analogous to the first-sale doctrine in copyright law, which allows buyers of books and other copyrighted materials to resell them without risk of copyright liability (provided that the initial purchase was authorized by the copyright owner).  In a recent decision, the Supreme Court held that the first-sale doctrine applies to copyrighted items made or sold abroad, not only to items made or sold in the United States.  Kirtsaeng v. John Wiley & Sons, Inc., 133 S. Ct. 1351, 1363 (2013).  One issue now before the Court in Lexmark is whether the patent exhaustion doctrine likewise applies to foreign sales, such that an authorized sale of a patented article outside of the United States exhausts the U.S. patent rights in that article.  The Federal Circuit held below that patent exhaustion does not apply to foreign sales–notwithstanding Kirstsaeng–and the Supreme Court will review that holding.  The second issue before the Court in Lexmark is whether a patentee can avoid the patent exhaustion doctrine by employing a "conditional sale" that transfers title to the patented item while specifying post-sale restrictions on the article’s use or resale. Below, we provide more information about Heartland and Lexmark, and the implications that different outcomes could have for the business community. II.     Heartland – Venue in Patent Infringement Cases In Heartland, the Supreme Court has decided to consider where venue is proper in a patent infringement case against a corporate defendant.  Before addressing the facts and possible outcomes in Heartland, it is useful to review the statutory venue framework at issue and how it has been interpreted to date.             A.     Venue Before Heartland The United States Code contains a special venue statute for patent cases (28 U.S.C. § 1400(b)), and a general venue statute for federal cases (28 U.S.C. § 1391).  The patent-specific venue statute provides that "[a]ny civil action for patent infringement may be brought in the judicial district where the defendant resides, or where the defendant has committed acts of infringement and has a regular and established place of business."  28 U.S.C. § 1400(b). In 1957, the Supreme Court held in the Fourco case that the patent-specific venue statute is controlling, and that the general venue statute does not apply to patent cases.  Fourco Glass Co. v. Transmirra Prods. Corp., 353 U.S. 222, 229 (1957) ("We hold that 28 U.S.C. § 1400(b) is the sole and exclusive provision controlling venue in patent infringement actions, and that it is not to be supplemented by the provisions of 28 U.S.C. § 1391(c).").  The Court also clarified in Fourco that for corporate defendants, the language "where the defendant resides" (in the patent-specific statute) refers to the corporation’s place of incorporation.  Thus, under Fourco, venue in a patent case against a corporate defendant is limited to (1) the defendant’s state of incorporation, or (2) where the defendant has committed acts of infringement and has a regular and established place of business. Fourco remained settled law for over three decades.  Then, in 1988, Congress amended the general venue statute to provide that "[f]or purposes of venue under this chapter, a defendant that is a corporation shall be deemed to reside in any judicial district in which it is subject to personal jurisdiction at the time the action is commenced."  28 U.S.C. § 1391(c) (1988).  Two years later, the Federal Circuit held in the VE Holding case that this 1988 amendment superseded the Fourco decision, and supplied a definition of where a corporate defendant "resides" for purposes of not only the general venue statute, but also the patent-specific venue statute in section 1400(b).  VE Holding Corp. v. Johnson Gas Appliance Co., 917 F.2d 1574, 1579 (Fed. Cir. 1990) ("Section 1391(c) as it was in Fourco is no longer."); id. at 1580 ("[As amended,] Section 1391(c) applies to all of chapter 87 of title 28, and thus to § 1400(b), as expressed by the words ‘For purposes of venue under this chapter.’").  Thus, under VE Holding, venue in a patent case against a corporate defendant is proper not only in the districts identified by Fourco, but also in any other district where the defendant is subject to personal jurisdiction at the time the action is commenced.  Many corporations sell products that reach most, and often all, districts of the United States, and such corporations can expect to be held subject to personal jurisdiction in patent cases in a wide range of districts.  See, e.g., Beverly Hills Fan Co. v. Royal Sovereign Corp., 21 F.3d 1558, 1566 (Fed. Cir. 1994).  Under VE Holding, venue is proper in any such district – i.e., once personal jurisdiction is established, venue is automatically proper.   Twenty-one years after VE Holding, in 2011, Congress again amended the general venue statute.  The provision "[f]or purposes of venue under this chapter," was replaced with "[f]or all venue purposes" in section 1391(c), and a new provision "Applicability of Section. – Except as otherwise provided by law" was added in section 1391(a).  28 U.S.C. § 1391.  These latest amendments are at issue in the Heartland case, explained below.             B.     Heartland and the Issue Under Review The defendant in the Heartland case, TC Heartland LLC, is incorporated and headquartered in the state of Indiana.  The plaintiff, Kraft Foods Group Brands LLC, sued Heartland for infringement of three Kraft patents in the United States District Court for the District of Delaware.  Kraft Foods Grp. Brands LLC v. TC Heartland, LLC, No. 14-28-LPS (D. Del. Aug. 13, 2005).  Heartland moved to dismiss the case for lack of personal jurisdiction, and to dismiss for improper venue or alternatively to transfer venue to the Southern District of Indiana.  In relevant part, Heartland argued that Congress’ 2011 amendments to the general venue statute nullified VE Holding and re-confirmed the narrower venue rule of Fourco, under which venue for this suit would not be proper in the District of Delaware.  The district court denied Heartland’s motions, and Heartland then petitioned the Federal Circuit for a writ of mandamus.  In re TC Heartland LLC, 821 F.3d 1338 (Fed. Cir. 2016).  The Federal Circuit denied Heartland’s petition, holding in relevant part that the VE Holding decision from 1990 is still controlling and was not displaced by the 2011 amendments.  Id. at 1341-43.  Specifically, the Federal Circuit held that the definition of corporate residency in section 1391(c) continues to apply in patent infringement actions despite the 2011 amendments, and therefore venue in a patent suit against a corporate defendant is proper anywhere the defendant is subject to personal jurisdiction.  Id.  After the Federal Circuit denied its mandamus petition, Heartland petitioned the Supreme Court for a writ of certiorari.  Heartland argued that the Federal Circuit’s venue decision in VE Holding conflicts with Fourco and should be overruled.  Heartland also argued that Congress’ 2011 amendments eliminated any basis for the Federal Circuit to continue relying on VE Holding, in two ways:  First, Congress removed the general venue introductory language "[f]or purposes of venue under this chapter" (which the Federal Circuit had relied on in VE Holding) and replaced it with "[f]or all venue purposes" (which is closer to the statutory language "for venue purposes" that existed at the time of Fourco).  Second, Congress added a new provision that the general venue statute applies "[e]xcept as otherwise provided by law."  Heartland argued that the patent-specific venue statute, as interpreted by the Supreme Court in Fourco, satisfies this exception and thus controls over the general venue statute. Gibson Dunn filed a brief for amici Dell Inc. and the Software & Information Industry Association in support of Heartland’s petition.  Several other amici also filed briefs urging review, and on December 14, 2016, the Supreme granted certiorari.  TC Heartland LLC, No. 16-341.             C.     Possible Effects of Supreme Court Review in Heartland Looking ahead, depending on how the Supreme Court rules on the merits of the venue question in Heartland, the patent landscape could change in important ways for patentees and corporate defendants.  Under the Federal Circuit’s existing interpretation of venue in VE Holding, patent plaintiffs have many options for where to file infringement suits, and often gravitate to certain districts perceived to be plaintiff-friendly, such as the Eastern District of Texas.  Corporate defendants often move for transfer out of such districts and into districts that are more convenient for their employees and witnesses.  But the transfer analysis is complex, and district courts retain discretion to deny transfer motions in many cases, such that defendants are often required to litigate in districts that they contend have little or no connection to the facts and witnesses at issue.  If the Supreme Court affirms in Heartland, this regime will continue. However, if the Supreme Court reverses the Federal Circuit in Heartland, then patent plaintiffs may not be able to file as often in their preferred districts.  Instead, plaintiffs will have to file either where the defendants are incorporated, or where the defendants have both committed acts of infringement and have regular and established places of business.  That may mean that new patent cases will be spread more evenly across a broader range of districts than they are at present.  But it may also encourage the concentration of cases in certain districts.  For example, the District of Delaware is already a popular venue for patent cases, but it may become even more so if the Supreme Court reinstates Fourco, as many potential defendants are incorporated in Delaware even if they do not maintain regular places of business there.  Alternatively, or in addition, some patent plaintiffs may decide to continue filing in their preferred districts regardless of Heartland, by invoking the "regular and established place of business" prong of the patent-specific venue statute.  This approach risks dismissal for improper venue, however, depending on how this prong of the statute is applied on a case-by-case basis.  See, e.g., In re Cordis Corp., 769 F.2d 733, 737 (Fed. Cir. 1985) (denying petition for mandamus seeking dismissal for improper venue) ("[I]n determining whether a corporate defendant has a regular and established place of business in a district, the appropriate inquiry is whether the corporate defendant does its business in that district through a permanent and continuous presence there and not as Cordis argues, whether it has a fixed physical presence in the sense of a formal office or store."). Finally, regardless of how the Court resolves the venue question on the existing statutes, Congress may adjust venue in patent cases by legislation; affirmance in Heartland could give further impetus to legislative change.  Bills are currently pending in both the House and the Senate which could result in modifications to the patent venue statute.  See H.R. 9, 114th Cong. § 3(g) (2015); S. 2733, 114th Cong. § 2 (2016).  Previous bills addressing the issue have failed to pass both houses, however.  See H.R. 1908, 110th Cong. § 10(c) (2007) (proposing corporate residence be defined under section 1400 as the "judicial district in which the corporation has its principal place of business or in the State in which the corporation is incorporated"); S. 3818, 109th Cong. § 8 (2006) (same).  III.     Lexmark – Patent Exhaustion In Lexmark, the Supreme Court will consider (1) whether patent exhaustion applies to foreign authorized sales, and (2) whether a patentee may contract around exhaustion via a "conditional sale."  As with Heartland, the Court’s decision on the merits of Lexmark could change the patent landscape in the United States.  But it could also affect business interests abroad.  These cases also present the Court an opportunity to provide guidance on critical patent licensing issues in light of Quanta and Kirtsaeng. Below, we review the exhaustion doctrine, the key facts and issues in Lexmark, and possible outcomes.             A.     Exhaustion Before Lexmark Under the common law patent exhaustion doctrine, the initial authorized sale of a patented article generally extinguishes the patentee’s right to bring an infringement action as to post-sale use of that article.  Nonetheless, judicial decisions have articulated limits on the scope of the doctrine in particular contexts.  As relevant to the Lexmark case, certain conditional sales have been held not to trigger exhaustion.  In 1938, the U.S. Supreme Court held in General Talking Pictures Corp. v. Western Electric Co. that a patentee’s rights are not exhausted by a licensee’s unauthorized sale when the licensee knows the sale is outside the scope of its license.  See 304 U.S. 175, 181-83 (1938).  In 1992, the Federal Circuit held in Mallinckrodt, Inc. v. Medipart, Inc. that a patentee may also preserve its rights to bring an infringement action after the first sale by imposing, and clearly communicating, a single-use or resale restriction on the patented article.  976 F.2d 700, 709 (Fed. Cir. 1992).  However, in 2008 the U.S. Supreme Court held in Quanta Computer, Inc. v. LG Electronics, Inc. that a patentee’s right to bring an infringement action was exhausted upon a licensee’s sale of a product substantially embodying the patentee’s method patent when the patentee had granted the licensee unrestricted authorization to make, use, or sell products embodying the patent, notwithstanding separate obligations upon the licensee to notify  downstream customers of purported post-sale restrictions on combinations of the licensed products.  553 U.S. 617, 636-37 (2008) (distinguishing General Talking Pictures, 304 U.S. 175). Further, the exhaustion doctrine has historically been focused on domestic sales.  As early as 1890, the U.S. Supreme Court observed in Boesch v. Graff that "[t]he sale of articles in the United States under a United States patent cannot be controlled by foreign laws."  133 U.S. 697, 703 (1890).  Relatedly, in 2001, the Federal Circuit held in Jazz Photo Corp. v. International Trade Commission that the foreign sale of a U.S. patented article does not exhaust U.S. patent rights.  264 F.3d 1094, 1105 (Fed. Cir. 2001) (citing Boesch, 133 U.S. at 703).  However, without reference to Jazz Photo or the patent exhaustion doctrine, in 2013 the Supreme Court held in Kirtsaeng v. John Wiley & Sons, Inc. that a copyright owner’s rights over a copy of its copyrighted work are exhausted under the first-sale doctrine in section 109(a) of the Copyright Act even when the copy is manufactured abroad.  133 S. Ct. at 1355-56.             B.     The Lexmark Case Plaintiff Lexmark International, Inc. owns a variety of patents covering certain printer cartridges and their use.  Lexmark manufactures and sells the patented cartridges both in the United States and abroad.  Some of the cartridges sold by Lexmark are subject to express post-sale restrictions on reuse and resale.  Without affirmative authorization from Lexmark, defendant Impression Products, Inc. acquired restricted Lexmark cartridges, some of which had been modified to enable refilling and reuse, and resold the cartridges in the United States.  A number of the cartridges resold by Impression were acquired abroad and imported into the United States.  Lexmark brought suit against Impression alleging infringement based on the reuse and resale of the restricted cartridges acquired both in the United States and abroad.  Lexmark Int’l, Inc. v. Impression Products, Inc., 816 F.3d 721, 727-28 (Fed. Cir. 2016). The district court dismissed Lexmark’s infringement claim regarding cartridges Lexmark initially sold in the United States, but denied Impression’s motion to dismiss as to the cartridges Impression acquired abroad.  See generally Lexmark Int’l, Inc. v. Ink Techs. Printer Supplies, LLC, No. 1:10-CV-564, 2014 WL 1276133 (S.D. Ohio Mar. 27, 2014); Lexmark Int’l, Inc. v. Ink Techs. Printer Supplies, LLC, 9 F. Supp. 3d 830 (S.D. Ohio 2014).  The district court first held that, despite imposing post-sale restrictions, Lexmark’s patent rights were exhausted at the initial domestic sale.  Lexmark, 2014 WL 1276133, at *6-7 (citing Quanta, 533 U.S. 617).  However, relying on the Federal Circuit’s 2001 decision in Jazz Photo, the district court held that Lexmark’s foreign sales of the cartridges did not exhaust its patent rights.  Lexmark, 9 F. Supp. 3d at 833; see also Jazz Photo, 264 F.3d 1094.  The parties agreed to a stipulated final judgment and cross-appealed to the Federal Circuit.  After oral argument, the Federal Circuit sua sponte decided to review the Lexmark case en banc.  The en banc court then reversed the district court in part, holding that a patentee can retain patent law rights after the sale of a patented article by expressly specifying restrictions on post-sale use or resale, but affirmed the district court’s analysis of Jazz Photo, holding that, regardless of whether restrictions are attached, foreign sales of a U.S.-patented article do not exhaust United States patent rights.  Lexmark, 816 F.3d at 726-27.             1.     Post-Sale Restrictions In reaching its decision that a patentee may preserve certain exclusive rights by imposing post-sale restrictions on its initial sale of a patented article, the Federal Circuit noted that the patent exhaustion doctrine arises under section 271(a) of the Patent Act, which provides that infringement occurs when an individual "without authority" makes, uses, or sells a patented article in the United States.  Lexmark, 816 F.3d at 742.  The court reasoned that by imposing express post-sale restrictions, a patent owner withholds "authority" from the purchaser (or licensee), and therefore preserves its right to bring a subsequent infringement action under section 271(a).  See id. at 742-43 (noting that absent an express restriction, the sale presumptively grants authority to the purchaser to use and resell the patented article). The Federal Circuit’s holding reaffirmed its prior decision in Mallinckrodt that a clearly communicated restriction imposed on the first sale of a patented article can preserve the patentee’s right to later bring an infringement action.  Id. at 726.  The court rejected the district court’s determination that Mallinckrodt had been implicitly overruled by the Supreme Court’s 2008 decision in Quanta.  The Federal Circuit distinguished Quanta in affirming its Mallinckrodt rule, noting that in Quanta there were no restrictions on the licensee’s sales.  Id. at 737-38.  The Federal Circuit held that the Mallinckrodt rule therefore applied, and that the doctrine of patent exhaustion does not foreclose a patentee’s right to bring an infringement action after the initial sale of a patented article that was subject to a clearly communicated and otherwise lawful post-sale restriction.  Id. at 735.            2.     Foreign Sales The Federal Circuit then affirmed the district court’s holding that a patentee’s foreign sale neither conclusively nor presumptively waives the patentee’s U.S. patent rights under the exhaustion doctrine.  Id. at 753-54.  In reaching this determination, the court reaffirmed its earlier decision in Jazz Photo, and rejected Impression’s argument that Jazz Photo had been overruled by the Supreme Court’s recent decision in Kirtsaeng.  Id. at 754-56.  The Federal Circuit reasoned that Kirtsaeng’s holding was limited to the copyright context, and therefore did not affect the exhaustion doctrine under the Patent Act.  Id. at 757-58.  Therefore, the court affirmed the Jazz Photo rule, and held that a foreign sale does not foreclose U.S. patent rights under the exhaustion doctrine.  Id. at 754.             C.     Possible Effects of Supreme Court Review in Lexmark The Supreme Court’s decision to review Lexmark has the potential to affect a variety of industries and markets, including secondary markets for patented goods generally, and markets for products containing components designed, manufactured, or assembled abroad. First, the Court’s decision could significantly affect secondary markets for patented goods.  Generally, the patent exhaustion doctrine protects participants in these secondary markets by limiting a patentee’s ability to bring an infringement claim for downstream use or resale after the patentee’s own sale (or an authorized sale) of the patented good.  However, the Federal Circuit’s decisions in Lexmark and Mallinckrodt permit patent holders to retain the right to bring such claims if they impose post-sale restrictions at the time of the initial sale.  If the Supreme Court reverses this Federal Circuit holding, then a patent holder’s right to enforce use or resale restrictions could be curtailed.  Patentees might still be able to assert breach-of-contract claims against parties who fail to abide by contractual restrictions on post-sale activity, but would no longer be able to assert patent infringement claims based on secondary market sales.  As some commentators have noted, if relief is limited to contract claims, then patentees may face challenges establishing standing against downstream buyers, and injunctive relief may be harder to obtain.  The Court’s decision in Lexmark could provide guidance regarding the requirements for purported post-sale restrictions to be effective. Second, the Court’s decision to review Lexmark could affect the markets for products sold at different prices in different countries, and for products that include components purchased abroad (such as consumer electronics).  The Court may reverse the Federal Circuit’s holding in Lexmark and Jazz Photo regarding foreign sales, and may hold that foreign sales do indeed exhaust domestic patent rights, either conclusively or presumptively.  A brief filed by the Solicitor General on behalf of the United States advocates such a presumption.  See Brief for the U.S. as Amicus Curiae at 16-17, Impression Products, Inc. v. Lexmark Int’l, Inc., No. 15-1189, (filed Oct. 12, 2016).  Either would make it more difficult for patentees to maintain different prices for patented products in foreign versus domestic markets, by allowing others to engage in price arbitrage.  And while a reversal could align patent law with the copyright rule adopted in Kirtsaeng, it might have different effects on the markets for patented goods as compared to copyrighted works.  For example, many components of complex technology products sold in the United States are designed, manufactured, or sold abroad before assembly into the finished products.  A reversal of the Jazz Photo rule could affect the incentives for choosing where to manufacture or sell these components, as patentees consider how best to retain rights under a new exhaustion rule.  Patentees may consider expressly reserving their U.S. patent rights in future foreign sale contracts, to rebut the presumption of exhaustion if the Court adopts the Solicitor General’s proposed approach. IV.     Conclusion Between Heartland and Lexmark, the upcoming Supreme Court term has the potential to change the patent landscape significantly in ways that will affect courts, rights-holders, defendants, and indeed all participants in the intellectual property economy.  Our intellectual property, appellate, and technology transactions attorneys are available to advise on these issues at your convenience. The following Gibson Dunn lawyers assisted in the preparation of this client update:  Stuart Rosenberg and Emma Strong.   Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding the issues discussed in this update.  Please contact the Gibson Dunn lawyer with whom you usually work, author Stuart M. Rosenberg in Palo Alto (650-849-5389, srosenberg@gibsondunn.com), any member of the firm’s Intellectual Property,Appellate and Constitutional Law orTechnology Transactions practice groups, or the following practice leaders and members: Intellectual Property Group:Josh Krevitt – New York (212-351-4000, jkrevitt@gibsondunn.com)Wayne Barsky - Los Angeles (310-552-8500, wbarsky@gibsondunn.com)Mark Reiter – Dallas (214-698-3100, mreiter@gibsondunn.com) Appellate and Constitutional Law Group:Mark A. Perry – Washington, D.C. (202-887-3667, mperry@gibsondunn.com)James C. Ho – Dallas (214-698-3264, jho@gibsondunn.com) Caitlin J. Halligan – New York (212-351-4000, challigan@gibsondunn.com) Technology Transactions Group:David H. Kennedy – Palo Alto (650-849-5304, dkennedy@gibsondunn.com)Shaalu Mehra – Palo Alto (650-849-5282, smerhra@gibsondunn.com)John A. Squires – New York (212-351-4089, jsquires@gibsondunn.com)David Angel – New York (212-351-2329, dangel@gibsondunn.com)   © 2017 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

June 27, 2016 |
One Small Step or One Giant Leap? FAA Releases Final Rules on Commercial Drone Use in the United States

After more than a year of considering public comments on its February 23, 2015 proposed rules regulating the commercial use of small (weighing less than 55 pounds) unmanned aircraft systems ("UAS" or "drones"), the United States Federal Aviation Administration ("FAA") on June 22, 2016 issued its final rule, bringing the use of drones one step closer to mainstream commercial integration. While the personal and commercial use of drones has mushroomed in recent years, a practical regulatory framework has lagged behind the technological innovation and economic demand driving the boom.  Proponents of the commercial use of drones have argued that this regulatory lag was stifling the growth of a market that is estimated to generate over $80 billion in the U.S. economy by 2025. Under FAA regulations, drones fall under the broad definition of "aircraft," and therefore have been subject to the same regulations as a 747 passenger airliner.  These regulations include certification requirements for both the aircraft and the pilot before an aircraft can be operated in the national airspace, but the FAA acknowledged that the processes for obtaining these certifications were not designed for the unique considerations associated with small UAS.   In 2012, Congress passed the FAA Modernization and Reform Act of 2012 (Public Law 112-95) ("Reform Act") in part to address these issues.  Section 332 of the Reform Act directed the FAA to develop a regulatory framework for the civil use of small UAS.  And until the framework was finalized, Section 333 of the Reform Act allowed the agency to make determinations on a case-by-case basis that a standard FAA airworthiness certification would not be required for a particular use of small UAS. Although the Section 333 certification process was tailored specifically to address small UAS, and hence was a definite improvement over the general FAA airworthiness certification process, any commercial use of a small UAS still required a certification from the FAA nonetheless. On February 23, 2015, the FAA released its proposed rules pursuant to Section 332 of the Reform Act.  After considering public comments (over 4,600 comments, as reported by the agency), the FAA published the final rule on June 22, 2016, which will go into effect after a 60-day public comment period.    Overview of the Final Rule – Part 107 The FAA final rule adds a new Part 107 to Title 14 of the Code of Federal Regulations to allow routine commercial operations for small UAS without the need for airworthiness certification, exemption or other certificates of waiver or authorization (e.g., pursuant to Section 333).  In order to qualify for a Part 107 general authorization, the UAS and the UAS operator must satisfy several criteria set forth in the new regulations.  With a few exceptions, many of these criteria remain unchanged in their terms as set forth in the February 23, 2015 proposed rules.  Some of the key requirements are as follows:   As in the proposed rule, the UAS must weigh less than 55 pounds, and fly at groundspeeds of less than 100 miles/hour; The maximum altitude for authorized small UAS use was lowered in the final rule from 500 to 400 feet, with a new exception that the UAS can break the 400-foot ceiling if it remains within 400 feet of a structure (i.e., to allow drones to inspect structures taller than 400 feet); The UAS can only be operated within daylight hours, although the final rules make an allowance for operation during "civil twilight" hours (30 minutes prior to sunrise and 30 minutes post sunset) if the UAS utilizes anti-collision lighting; The minimum age of a drone pilot was lowered from 17 to 16; and UAS pilots must obtain a remote pilot certification in order to operate a small UAS (or operate under the supervision of a certified holder). Critically, particularly for certain segments of the commercial sector, the final rule did not change certain restrictions floated in the proposed rules which will have a significant limiting effect on the scope of commercial UAS use, namely: The UAS must be operated within the line-of-sight ("LOS") of the pilot or a "visual observer;" A UAS cannot be flown over persons not involved in the operation of the UAS; and If property is attached to the UAS, it cannot be flown across state or national boundaries, or the pilot would be deemed by the Department of Transportation to be an "air carrier" engaged in "air transportation," which is not covered by Part 107. Response from Industry: A Good First Step but More Is Needed Although the final rules have been fairly well received by drone manufacturers and industry trade associations as an important milestone in the commercialization of drone use, the general consensus even among proponents is that Part 107 is merely a first step in an ongoing process, and that much yet remains to be done in order to fully take advantage of and support growth of the burgeoning UAS sector.  To be sure, certain commercial users of drone technology, including those engaged in television and film production, agriculture, rural real estate development, and surveying and inspection activities, are more pleased with the current state of regulation under Part 107 than are others, as Part 107 largely authorizes their needs. Many other commercial players are not so content, particularly those who would like to use drones in some of the ways that have garnered more attention and discussion in the media – such as cross-country package delivery, an activity which arguably represents one of the largest potential growth areas for commercial use of UAS.  The current restrictions, particularly LOS restrictions, place these aspirations on hold for now. In addition, the current ‘overflight’ restrictions significantly curtail the use of drones in metropolitan areas for a wide variety of potential users, including journalists, media and entertainment companies, urban real estate developers, and many others. Many of those dissatisfied with the pace or results of regulatory change addressing UAS in the United States often point to parallel regulatory efforts in Europe by the European Aviation Safety Agency as both an example and a warning.  Set to be finalized later this year or in early 2017, the European legislation governing the commercial use of drones is expected to be more lenient than the rules set forth this week in Part 107, setting up (some argue) an uneven playing field for U.S. companies operating at home. Finally, in the United States, federal lawmakers and regulators are not the only game in town when it comes to regulating commercial use of UAS.  Various state and local authorities will continue to have their input as well, and in fact, in its final rule the FAA explicitly denied to invoke federal preemption, stating instead that "[p]reemption issues involving small UAS necessitate a case-specific analysis that is not appropriate in a rule of general applicability."  This lack of general federal preemption likely will create, at least in the short run, a potentially complex patchwork of federal and state regulations that commercial drone operators will need to navigate in the United States.  What’s Next:  Slow and Steady The limitations still present in Part 107 are in some measure intentional.  The FAA has acknowledged that the final rule does not address all of the current issues related to commercial use of small UAS, or the concerns of industry.  But rather than delay rulemaking further until a comprehensive framework could be developed (which to be fair may be a bit of a moving target considering the pace of technological change in the industry), the FAA has noted that its rulemaking is intended to be "incremental" "to enable certain small UAS operations to commence upon adoption of this rule and accommodate technologies as they evolve and mature." In addition, the waiver process for deviations from the standard Part 107 requirements still exists. Part 107 includes a process for obtaining ad hoc certificates of waiver from the FAA for proposed uses of small UAS outside the standard guidelines.  The FAA has noted it will be creating an online portal to enable and streamline this process. In addition, the release of the final rules marks commencement of another 60-day comment period, providing the public and industry with another opportunity to advocate for further last-minute amendments before the rule becomes effective in late August. Conclusion In sum, for many companies eager to reap the practical and economic benefits of UAS in the United States, the FAA’s final rules embodied in Part 107 represent a welcome step in the right direction by doing away with the certification requirement for drone use that stays within the firm guidelines.  However, LOS and overflight restrictions still contained in Part 107 likely will continue to act as a significant obstacle to full realization of the potential of commercial drone use in the United States. Industry will almost certainly want to continue to engage both federal and state regulators to advocate for broader authority in the commercial sector, particular if forthcoming European regulations addressing UAS create a marked disadvantage for companies in the United States. Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding the above developments.  Please contact the Gibson Dunn lawyer with whom you usually work, or the authors of this alert: Perlette Michèle Jura – Los Angeles (+1 213-229-7121, pjura@gibsondunn.com)William J. Peters – Los Angeles (+1 213-229-7515, wpeters@gibsondunn.com)David A. Wolber – Washington, D.C. (+1 202-887-3727, dwolber@gibsondunn.com) Please also feel free to contact any of the following leaders and members of the firm’s International Trade Practice Group: United States:Judith A. Lee – Co-Chair, Washington, D.C. (+1 202-887-3591, jalee@gibsondunn.com)Ronald Kirk – Co-Chair, Dallas (+1 214-698-3295, rkirk@gibsondunn.com)Jose W. Fernandez – New York (+1 212-351-2376, jfernandez@gibsondunn.com)Marcellus A. McRae – Los Angeles (+1 213-229-7675, mmcrae@gibsondunn.com)Alexander H. Southwell – New York (+1 212-351-3981, asouthwell@gibsondunn.com)Daniel P. Chung – Washington, D.C. (+1 202-887-3729, dchung@gibsondunn.com)Adam M. Smith – Washington, D.C. (+1 202-887-3547, asmith@gibsondunn.com)Mehrnoosh Aryanpour – Washington, D.C. (+1 202-955-8619, maryanpour@gibsondunn.com)David A. Wolber – Washington, D.C. (+1 202-887-3727, dwolber@gibsondunn.com)Nicholas A. Klein – Denver (+1 303-298-5795, nklein@gibsondunn.com)Kamola Kobildjanova – Palo Alto (+1 650-849-5291, kkobildjanova@gibsondunn.com)Lindsay M. Paulin – Washington, D.C. (+1 202-887-3701, lpaulin@gibsondunn.com) Asia:Robert S. Pé – Hong Kong (+852 2214 3768, rpe@gibsondunn.com) Europe:Peter Alexiadis – Brussels (+32 2 554 72 00, palexiadis@gibsondunn.com)Attila Borsos – Brussels (+32 2 554 72 10, aborsos@gibsondunn.com)Patrick Doris – London (+44 (0) 207 071 4276, pdoris@gibsondunn.com)Penny Madden – London (+44 (0) 20 7071 4226, pmadden@gibsondunn.com)Benno Schwarz – Munich (+49 (0) 89 189 33 110, bschwarz@gibsondunn.com)Mark Handley – London (+44 (0) 207 071 4277, mhandley@gibsondunn.com)   © 2016 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

May 18, 2016 |
India – Legal and Regulatory Update

The Indian economy continues to be an attractive investment destination due to its sustained stable growth and implementation of further liberalization policies by the Government of India ("Government"). The Government’s focus remains on improving the ease of doing business in India and many effective steps have been taken in this direction. Following our nine-month update dated October 21, 2015 (which sets out an overview of key legal and regulatory developments in India from January 1, 2015 to September 30, 2015), this update provides a brief overview of the key legal and regulatory developments in India from October 1, 2015 to April 30, 2016. Key Legal and Regulatory Developments Foreign Direct Investment Policy 1.      November 2015 Amendments to the Foreign Direct Investment Policy: On November 24, 2015, the Government effected several important amendments[1] to India’s consolidated foreign direct investment policy ("FDI Policy"). These amendments enable increased levels of foreign direct investment in a number of business sectors and simplify various sector-specific conditions under the FDI Policy. For a detailed analysis, please refer to our client alert dated December 8, 2015 at http://www.gibsondunn.com/publications/pages/Indian-Government-Amends-Foreign-Direct-Investment-Policy-Dec2015.aspx. 2.      Foreign Direct Investment in Insurance[2]: Total foreign investment ownership through any means, including portfolio investment, in an Indian insurance company (which includes insurance brokers, insurance third party administrators, surveyors and loss assessors), directly or indirectly (through one or more holding companies), is now permitted up to 49% without the prior approval of the Government ("Automatic Route"). Previously, foreign investment not exceeding 26% was permitted under the Automatic Route and foreign investment beyond 26% and up to 49% required the prior approval of the Government (through the Foreign Investment Promotion Board ("FIPB"). Prior approval of the Insurance Regulatory and Development Authority is required in all circumstances where there is any change in shareholding of an Indian insurance company. The ownership and control of an Indian insurance company (including the appointment of the CEO) must remain in the hands of resident Indians at all times. "Control" is defined to mean the right to appoint a majority of the directors on the board of the company or the power to control the management or policy decisions of a company by virtue of shareholding, management rights, shareholders agreements or voting rights agreements. 3.             Foreign Direct Investment in Pension Funds[3]: In line with the policy on foreign investment in the insurance sector, the Government has permitted foreign investment in Indian pension funds up to 49% under the Automatic Route . Previously, 26% was permitted under the Automatic Route and foreign investment beyond 26% and up to 49% required the prior approval of the Government (through the FIPB). Foreign investment in the Indian pension sector continues to be subject to the conditions set out in the Pension Fund Regulatory and Development Authority Act, 2013.     4.             Foreign Investment in E-Commerce Activities[4]: The Government, on March 29, 2016, has clarified the position on foreign direct investment in e-commerce trading entities and e-commerce market place entities. There is no restriction on foreign investment in companies engaged in B2B e-commerce activities. In respect of companies engaged in B2C e-commerce activities, the key provisions are as follows: (a)          E-commerce has now been defined as the buying and selling of goods and services, including digital products, through a digital and electronic network. (b)          The term ‘digital and electronic network’ has been defined to include a ‘network of computers, television channels and any other internet application used in automated manner such as web pages, extranets, mobiles, etc.‘ (c)          The Government has drawn a distinction between an ‘inventory-based’ model of e-commerce ("Inventory Model") and a ‘marketplace based’ model of e-commerce ("Marketplace Model"). Inventory Model has been defined as an e-commerce business model where the inventory of goods and services is owned by an e-commerce entity and is sold to the consumers directly. Marketplace Model has been defined as the provision of an information technology platform by an e-commerce entity on a digital and electronic network to act as a facilitator between a buyer and a seller. (d)          The Government has clarified that foreign investment of up to 100% is permitted under the Automatic Route in companies that have a Marketplace Model. No foreign investment is permitted in companies that have an Inventory Model. (e)          Some of the key conditions that companies operating the Marketplace Model must comply with are: (i)                 Not more than 25% of the total sales of the company can be undertaken on its marketplace by a single vendor or such vendor’s group companies; (ii)               The company is permitted to provide support services to sellers in respect of warehousing, logistics, order fulfilment, call centres, payment collection and other similar services; and (iii)             The company cannot directly or indirectly influence the sale price of goods or services and are obligated to maintain a level playing field. While the above clarifications have removed ambiguities in relation to foreign investment in entities engaged in B2C ecommerce activities, there are certain grey areas that have arisen as a result of these clarifications. For example, (a) services have now been included within the definition of e-commerce – the presumption earlier was that this only includes goods, (b) there is also no guidance on what constitutes ‘influencing the sale price of goods directly or indirectly’ or how a ‘level playing field’ should be maintained by companies that have a Marketplace Model. Further clarity is required on these aspects. 5.             Foreign Investment in Asset Reconstruction Companies[5]: The Government has permitted foreign investment in asset reconstruction companies up to 100% under the Automatic Route. Previously, foreign investment of up to 49% was permitted under the Automatic Route and foreign investment beyond 49% and up to 100% required the prior approval of the Government (through the FIPB). Insurance On October 19, 2015, the Insurance Regulatory and Development Authority issued the "Guidelines on Indian Owned and Controlled" Insurance Companies (the "Guidelines") to further clarify the requirements with regard to Indian ownership and control of Indian insurance companies. The Guidelines apply to all Indian insurance companies that receive foreign investment. The Guidelines state that the ownership and control of an Indian insurance company (including the appointment of the CEO) must remain in the hands of resident Indians at all times. "Control" is defined to mean the right to appoint a majority of the directors on the board of the company or the power to control the management or policy decisions of a company by virtue of shareholding, management rights, shareholders agreements or voting rights agreements. For detailed analysis, please refer to our client alert dated October 22, 2015 at http://www.gibsondunn.com/publications/pages/Ownership-and-Control-of-Indian-Insurance-Companies-with-Foreign-Investment.aspx. Financing The Reserve Bank of India ("RBI") has promulgated the External Commercial Borrowings ("ECB") Policy-Revised Framework ("Revised Framework"). The Revised Framework lays down a more liberal approach for ECBs, whether they are long-term foreign currency denominated ECBs or Indian Rupee denominated ECBs. The Revised Framework expands the list of eligible borrowers, recognised lenders and reduces the restrictions on use of proceeds (i.e., end-use of the ECB). The Revised Framework became effective on December 2, 2015 with the publication of the relevant regulatory notifications in the Official Gazette of India. Borrowers were permitted to receive ECBs under the previous ECB regime until March 31, 2016 (if they had already executed the ECB agreement prior to the date of effectiveness of the Revised Framework). Additionally, borrowers that were in negotiations with lenders (at the time the Revised Framework became effective) were also permitted to execute ECB agreements under the previous ECB regime until March 31, 2016 for certain specific purposes such as working capital for airlines, loans for low cost affordable housing projects, etc. For detailed analysis, please refer to our client alert dated January 4, 2016 at http://www.gibsondunn.com/publications/Pages/Reserve-Bank-of-India-Introduces-Revised-ECB-Framework.aspx. Start-ups 1.             The Government launched a new initiative on January 17, 2016 aimed at providing various benefits to start-up companies in India. The following are key provisions in relation to start-up companies: (a)          A "start-up" has been defined to mean an entity incorporated/ registered in India  (i) for a period of up to 5 years from the date of its incorporation/ registration and (ii) its turnover in any financial year has not exceeded INR 250,000,000 (approx. USD 3.67 Million) and (iii) it is working towards innovation, development, deployment or commercialization of new products, processes or services driven by technology or intellectual property. (b)          The Government has clarified that a business would be considered a start-up only if it aims to develop and commercialize (i) a new product or service or (ii) significantly improves an existing product, service or process that will create and add value for customers. (c)          The RBI has made appropriate amendments to its foreign exchange regulations to state that  Foreign Venture Capital Investors ("FVCIs") are now permitted to invest in all start-ups, regardless of the sector that the start-up is engaged in. Prior to this amendment, FVCIs were permitted to only invest in a list of permissible sectors. Certain other benefits announced by the RBI for start-ups include (i) transfer of shares with deferred consideration, escrow or indemnity arrangements for a period of 18 months; (ii) simplification of the process for dealing with delayed reporting of FDI; (iii) easing access to rupee denominated loans under the ECB framework; and (iv) easing operational restrictions on overseas subsidiaries of start-ups. (d)          Start-ups are also exempted from certain statutory provisions relating to inspection under certain labour legislations in India by self-certifying compliance with such legislations. (e)          Eligible start-ups (established between April 2016 and March 2019) are entitled to a tax deduction of one hundred per cent of the profits and gains derived by them, for a period of three years, from a business involving innovation development, deployment or commercialisation of new products, processes or services driven by technology or intellectual property. Real Estate The Real Estate (Regulation and Development) Act, 2013 ("RERA") was notified on March 27, 2016. RERA seeks to establish a regulatory framework to govern transactions between buyers and promoters/sellers of real estate projects. It establishes state level regulatory authorities with the objective of  (a) ensuring that residential projects are registered, and their details uploaded on the authorities’ website; (b) ensuring that buyers, sellers, and agents comply with obligations under the RERA; and (c) advising the government on matters related to the development of real estate. RERA also imposes a requirement that at least 70% of the funds collected for a particular real estate project from buyers will be invested solely in such project. It seeks to protect buyers by prohibiting advertisements promoting real estate projects which have not obtained all regulatory approvals along with an additional provision for penalties for delay in construction. Antitrust On March 4, 2016, the Government, through the Ministry of Corporate Affairs issued a number of notifications (the "Notifications") which have substantially (a) amended and increased the merger control thresholds and, (b) amended as well as extended the existing target based exemption under the merger control regulations in India for another five years. 1.       Target Based Exemption: On March 4, 2011, the Government had introduced a de minimis target based exemption (i.e., based on the valuation of assets or turnover of the target company) which excluded certain transactions from the provisions of Section 5 of the [Indian] Competition Act, 2002 (the "Competition Act") for a period of five years. Transactions that fell below the threshold did not have to be notified to the Competition Commission of India ("CCI"). The Government, through the Notifications has extended the exemption for another five-year period, i.e., until March 4, 2021. The values of asset/turnover thresholds under this exemption have also been raised. 2.       Merger Control Thresholds: Section 5 of the Competition Act sets out the asset and turnover thresholds that are required to be satisfied for a transaction to qualify as a "combination". A qualifying combination is required to be mandatorily notified to the CCI for prior approval, unless the target based-exemption discussed above is applicable. The Notifications have amended and increased these thresholds. Please refer to our client alert dated March 15, 2016 for more details, including these revised thresholds: http://www.gibsondunn.com/publications/Pages/Indian-Government-Amends-Merger-Control-Regulations.aspx. Arbitration The Arbitration & Conciliation (Amendment) Ordinance, 2015 ("Ordinance") was promulgated on October 23, 2015 to introduce substantial changes to the [Indian] Arbitration & Conciliation Act, 1996 (the "Arbitration Act"). The Ordinance was approved by both houses of the Indian Parliament and was published in the official gazette on January 1, 2016 after receiving Presidential assent as the Arbitration and Conciliation (Amendment) Act, 2015 ("Amendment Act"). The primary objective of the Amendment Act is to encourage expeditious resolution of disputes and transparency in arbitration proceedings. The Amendment Act has reformed domestic arbitrations, foreign seated international commercial arbitrations (in so far as the Arbitration Act applies to them) and international commercial arbitrations seated in India by reducing delays and limiting the scope of judicial intervention. For detailed analysis, please refer to our client alert dated November 10, 2015 at  http://www.gibsondunn.com/publications/pages/Government-of-India-Amends-Indian-Arbitration-and-Conciliation-Act–1996.aspx. [1]       http://dipp.nic.in/English/acts_rules/Press_Notes/pn12_2015.pdf [2]       http://dipp.nic.in/English/acts_rules/Press_Notes/pn1_2016.pdf [3]       http://dipp.nic.in/English/acts_rules/Press_Notes/pn2_2016.pdf [4]       http://dipp.nic.in/English/acts_rules/Press_Notes/pn3_2016.pdf [5]       http://dipp.nic.in/English/acts_rules/Press_Notes/pn4_2016.pdf Gibson, Dunn & Crutcher lawyers are available to assist in addressing any questions you may have regarding these issues. For further details, please contact the Gibson Dunn lawyer with whom you usually work or the following authors in thefirm’s Singapore office: India Team:Jai S. Pathak (+65 6507 3683, jpathak@gibsondunn.com)Priya Mehra (+65 6507 3671, pmehra@gibsondunn.com)Bharat Bahadur (+65 6507 3634, bbahadur@gibsondunn.com)Karthik Ashwin Thiagarajan (+65 6507 3636, kthiagarajan@gibsondunn.com)Sidhant Kumar (+65 6507 3661, skumar@gibsondunn.com)  © 2016 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

May 26, 2015 |
Privacy and Data Security in Outsourcing

Gibson Dunn partners Palo Alto partner Dan Mummery,  Dallas partner Karl Nelson and New York partner Alex Southwell are authors of "Privacy and Data Security in Outsourcing" [PDF].

February 23, 2015 |
United States Drone Policy Stretches Its Wings

It has been a busy week for U.S. regulators and policymakers as they continue to wrestle with how to effectively manage the myriad issues related to the growing and evolving use of unmanned aerial systems ("UAS"), or "drones," both domestically and abroad.  Beginning February 15, 2015, the Obama Administration announced a series of new rules and policies affecting the commercial use of drones domestically, as well as the ability of U.S. manufacturers to export both commercial and military drones.  Federal Aviation Administration Rules On February 15, 2015, the Department of Transportation’s Federal Aviation Administration ("FAA") released long-awaited proposed rules for regulating the commercial use of UAS ("Proposed Rules").[1]  In the main, the Proposed Rules would authorize the use of commercial drones in the United States with some of the following restrictions: The drone must weigh less than 55 lbs. Flights must remain under a 500 feet ceiling and travel at speeds of under 100 mph. Flights can only occur in daylight and must remain in the line of sight of the operator or other visual observer at all times.[2] Operators of a drone must be at least 17 years in age, and must pass an initial aeronautical knowledge test administered at an FAA-approved testing center and be vetted by the Transportation Security Administration.  Once a UAS operator certificate is obtained, the operator would need to pass the aeronautical knowledge test every two years to remain certified.  However, a UAS operator would not be required to obtain a private pilot license. The Proposed Rules do not address model aircraft and do not affect previously issued FAA guidance related to the recreational use of drones. While the proposed rules are more lenient in certain respects than had been anticipated by many parties tracking developments in this area, they do not go as far as many in the commercial sector would have hoped, particularly in terms of the line-of-sight restrictions. The FAA will seek public comment to the Proposed Rules for 60 days from their publication in the Federal Register.  Until publication of the final rules, which many commentators do not expect until late 2015/early 2016, the FAA’s previous, more stringent unmanned aircraft rules remain in place. Presidential Memorandum on Privacy and Civil Rights Concurrently on February 15, 2015, President Obama issued a Presidential Memorandum ("Memorandum") to federal department and agency heads establishing policies intended to address privacy and civil liberty concerns in the Government’s use of drones.[3]  The Memorandum sets forth several guidelines that federal agencies utilizing UAS must establish and follow, particularly when concerning the collection, use and retention of personal data, and to safeguard First Amendment protections and other civil rights and liberties.[4] The Memorandum requires federal agencies, within 180 days, to provide a status report to the President on the implementation of these policies, and, within one year, to publish information on how the public can access these policies and procedures.[5] Finally, the Memorandum establishes "a multi-stakeholder engagement process to develop and communicate best practices for privacy, accountability, and transparency issues regarding commercial and private UAS use," and requires the Department of Commerce, National Telecommunications and Information Administration, to initiate the process within 90 days.[6] Export Policy Subsequent to the February 15 actions relating to the commercial use of drones within the U.S., the Department of State on February 17, 2015 announced that the U.S. Government was opening up its policy relating to the export of U.S.-origin military drones.[7]  Under this new policy, the details of which remain largely unpublished and partially classified, the Department of State will now allow exports of military drones, including armed drones, to certain foreign governments under strict conditions and on a case-by-case basis after undergoing Department of Defense Technology Security and Foreign Disclosure process reviews.   Decision-making for authorizing exports of military UAS would follow the guidelines and criteria set forth in the U.S. Conventional Arms Transfer Policy,[8] and authorizations would require end-use certification and monitoring from a purchasing nation that the drones will be used in compliance with international law, including human rights law, and will not be used in unlawful surveillance against their domestic population or unlawful use of force.[9] The State Department will maintain a strong presumption of denial for exports of UAS that meet certain specifications (UAS that are capable of a range of at least 300 kilometers and are capable of carrying a payload of at least 500 kilograms) as these drones may be restricted by current U.S. commitments made under the Missile Technology Control Regime ("MTCR").  Such exports would only be authorized in "rare occasions," as justified by guidelines contained in the MTCR.[10] The State Department announcement also notes that the new policy supplements and builds on the controls governing exports of commercial drones found in the Export Administration Regulations and administered and enforcement by the Department of Commerce, Bureau of Industry and Security.  However, at the time of publication of this alert, no further details could be found in Department of Commerce publicly available documents.    [1]   See Operation and Certification of Small Unmanned Aircraft Systems: Notice of Proposed Rulemaking, 80 Fed. Reg. 9543 (Dep’t of Transp. Feb. 15, 2015), available at http://www.gpo.gov/fdsys/pkg/FR-2015-02-23/pdf/2015-03544.pdf.    [2]   See FAA, Overview of Small UAS Notice of Proposed Rulemaking (Feb. 15, 2015), available at http://www.faa.gov/regulations_policies/rulemaking/media/021515_sUAS_Summary.pdf.    [3]   The White House, Presidential Memorandum: Promoting Economic Competitiveness While Safeguarding Privacy, Civil Rights, and Civil Liberties in Domestic Use of Unmanned Aircraft Systems (Feb. 15, 2015), available at http://www.whitehouse.gov/the-press-office/2015/02/15/presidential-memorandum-promoting-economic-competitiveness-while-safegua.    [4]   Id., Sec. 1(a)-(b).    [5]   Id., Sec. 1(e).    [6]   Id., Sec. 2.    [7]   See U.S. Dep’t of State, Fact Sheet U.S. Export Policy for Military Unmanned Aerial Systems (Feb. 17, 2015), available at http://www.state.gov/r/pa/prs/ps/2015/02/237541.htm.    [8]   The White House, Presidential Policy Directive/PPD-27 United States Conventional Arms Transfer Policy (Jan. 15, 2014), available at http://www.whitehouse.gov/the-press-office/2014/01/15/presidential-policy-directive-united-states-conventional-arms-transfer-p.    [9]   U.S. Dep’t of State Fact Sheet, supra note 7.   [10]   Id.    Gibson, Dunn & Crutcher’s lawyers are available to assist in addressing any questions you may have regarding the above developments.  Please contact the Gibson Dunn lawyer with whom you usually work, or the authors of this alert: Judith A. Lee – Washington, D.C. (202-887-3591, jalee@gibsondunn.com)William J. Peters – Los Angeles (213-229-7515, wpeters@gibsondunn.com)David A. Wolber – Washington, D.C. (202-887-3727, dwolber@gibsondunn.com) Please also feel free to contact any of the following members of the firm’s International Trade Practice Group: Jose W. Fernandez – New York (212-351-2376, jfernandez@gibsondunn.com)Marcellus A. McRae – Los Angeles (213-229-7675, mmcrae@gibsondunn.com)Alexander H. Southwell – New York (212-351-3981, asouthwell@gibsondunn.com)Daniel P. Chung – Washington, D.C. (202-887-3729, dchung@gibsondunn.com)Andrea Farr – Washington, D.C. (202-955-8680, afarr@gibsondunn.com)Eric B. Lorber – Washington, D.C. (202-887-3758, elorber@gibsondunn.com)Lindsay M. Paulin – Washington, D.C. (202-887-3701, lpaulin@gibsondunn.com)Michael Willes - Los Angeles (213-229-7094, mwilles@gibsondunn.com)     Annie Yan – Washington, D.C. (202-887-3547, ayan@gibsondunn.com) © 2015 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice. 

January 22, 2014 |
2013 Year-End Strategic Sourcing and Technology Transactions Update

2013 proved to be another active year in the outsourcing and technology transactions marketplace.  We continued to see a steady flow of traditional information technology outsourcing transactions mixed with an ever expanding variety of business process outsourcing transactions.  We also saw an increase in the adoption of cloud-based solutions, including SaaS, IaaS and PaaS.  Outlined below are a few trends we have observed during the past year and some considerations for the future.              Practice Observations on 2013 and Some Thoughts for 2014 S. 744 – Immigration Reform:  The U.S. Senate’s proposed "Border Security, Economic Opportunity, and Immigration Modernization Act" (S. 744) H-1B visa reform provisions would have significantly affected the U.S. outsourcing industry and India-based service providers in particular.  Among other requirements, S. 744 capped the percentage of an entity’s U.S.-based workforce that could consist of H-1B visa holders, increased the cost of obtaining H-1B visas and prohibited the deployment of H-1B visa holders at customer locations by certain H-1B-dependent service providers.  While gridlock in Washington prevented the bill from proceeding through the House, we anticipate that immigration reform generally, and H-1B visa reform in particular, is one area that may be ripe for political compromise in 2014. Data Security:  Popular interest in governmental and private sector data collection practices, media attention to data breaches and the correspondingly large notification and remediation costs have raised the stakes for both service providers and customers.  In 2013, these factors drove heavy negotiation of provisions allocating responsibility and authority for resolving data breaches, with provisions becoming increasingly customized to particular situations.  This trend will likely continue into 2014, and may accelerate if regulators increase enforcement efforts or if the plaintiffs’ bar is able to overcome hurdles to class certification for claims by data subjects. EU Data Privacy:  Data protection reform continues to advance in the European Parliament, with proponents hoping to see their 2012 proposal for changes to the EU Data Protection Directive enacted in 2014.  The contemplated changes would offer some benefits for global outsourcing deals, such as increased uniformity and "one stop shopping" in the EU (enabling global enterprises to work with a single data protection authority in the EU instead of many).  The potential downsides include significantly increased sanctions for non-compliance and the new "right to be forgotten," which may require substantial changes to technology and re-examination of existing agreements to allocate responsibility for implementation. Cloud Computing:  The ease of administration and attractive economics of cloud computing have led to more deals with cloud computing components, as even businesses with highly sensitive data are testing the waters with providers and services geared towards their needs.  We expect use of cloud computing to further expand in 2014, as more providers work through how to meet the needs of regulated businesses and adopt approaches that address the security challenges faced by their customers. SaaS:  Although SaaS providers remain more resistant to negotiating terms and conditions than traditional outsourcing providers, in 2013 we were increasingly successful in negotiating key legal terms for our clients.  As more activities migrate towards the SaaS model, we are seeing increased customization of both the services offered and the legal agreements that can be negotiated, and we expect this trend to continue into 2014.  Negotiation Results:  The notion that there would be a convergence among service providers in the outsourcing marketplace regarding terms and conditions was debunked once again in 2013.  We observed a wide-ranging difference in the terms and conditions service providers were willing to accept.  Additionally, customers who raised key terms and conditions earlier in the negotiating process (e.g., pre-down select) were generally able to obtain more favorable terms and to move to closing in a more expeditious manner. Solution Mix:  In 2013, customers continued to deploy multi-service provider, multi-platform solutions.  Moving beyond "anchor" service providers, we observed many clients implementing task-based or process-specific solutions, often leveraging SaaS or other cloud-based offerings.  We expect this trend to continue as customers gain comfort with more complex governance and data security concerns associated with the cloud. Disputes:  Our outsourcing disputes practice remained active in 2013.  The dueling forces of increased focus on contract governance and cost savings by customers and the rapid expansion and margin squeeze experienced by service providers have led to disputes that we have helped resolve successfully through negotiated settlements and restructurings.   Gibson Dunn’s Practice Gibson Dunn’s Strategic Sourcing and Technology Transactions Practice in particular enjoyed one of its busiest years ever and represented clients on some of the largest and most complex transactions completed in 2013.  In addition, the practice’s team of attorneys continued its steady expansion, adding members at both the partner and associate levels.  Below are some highlights regarding the practice in 2013. The practice was ranked by Chambers & Partners in Band 1 nationally. We are very pleased that Shaalu Mehra, as a partner, and three lateral associates, joined the practice in 2013, deepening our expertise in both technology transactions and outsourcing. In 2013, we advised on more than 50 significant strategic sourcing and technology transactions with a total contract value in excess of $2 billion. Our clients came from a wide variety of industries, including Apparel, Automotive, Chemical, Consumer Products, Energy, Financial Services, Food, Government, Healthcare, Hospitality, Insurance, Life Sciences, Pharmaceutical, Publishing and Technology.  Within the United States, we represented clients based in California, Colorado, Delaware, Georgia, Maryland, New Jersey, New York, Oregon, Tennessee, Texas, Washington and Wisconsin.  Looking outside the U.S., we represented clients based in Bahrain, Canada, Denmark, France, Germany, Ireland, Singapore, Switzerland and the United Kingdom and in several instances transactions that involved more than 65 countries.  Consistent with past years, in 2013, we worked with a broad range of clients, from mature public companies (over 35% of our clients were in the Fortune 500), to middle market and emerging growth companies. Last year marked one of our busiest years to date representing clients in technology transactions, including patent portfolio acquisitions, contract manufacturing, technology-related services arrangements and cloud-based services transactions. Below are some of the more notable transactions that Gibson Dunn’s practice handled in 2013. Information Technology Outsourcing Transactions A Fortune 500 hospitality company in a series of global IT outsourcing transactions with Accenture, IBM, Mindtree, TCS and Xerox. A Fortune 500 life sciences company in the renegotiation of a global application development and maintenance transaction with Accenture. A Fortune 500 energy services company in an IT outsourcing transaction. A global specialty chemicals company in a full scope IT outsourcing transaction with HCL. A global financial services and communications company in an application development and maintenance transaction with TCS. An international media company in a renegotiation of an IT infrastructure transaction with HCL. A Fortune 500 IT distributor in multiple enterprise software distribution agreements and telecommunications hardware distribution agreements. A Fortune 500 technology company in the outsourcing of certain application development and maintenance services to Capgemini. Business Process Outsourcing Transactions A Fortune 500 hospitality company in the sale of its captive shared services center and the outsourcing of its back-office support functions to Accenture. A Fortune 500 consumer products company in the outsourcing of certain financial and accounting services to Capgemini. A Fortune 500 insurance company in the outsourcing of certain claims processing services to Alliance-One Services (a subsidiary of CSC). A Fortune 500 financial services company in the outsourcing of its print procurement functions to Williams Lea. A hedge fund in the outsourcing of its back-office asset management services to SEI. A publisher in the outsourcing of its supply chain to RR Donnelley. A Fortune 500 company in the outsourcing of quality assurance services. Cloud/SaaS Transactions An international food distribution company in the implementation of a global cloud-based human resource information system with SuccessFactors Inc. (an SAP company). A Fortune 500 chemicals company in a global, cloud-based enterprise human resources SaaS transaction with Workday. A leading apparel retailer in connection with a cloud-based enterprise human resources SaaS transaction with Workday. A Fortune 500 technology company in its outbound cloud services agreements. A Fortune 500 technology company in a multinational telecommunications services agreement with British Telecom. Other Significant Technology Transactions An investment bank in a global asset management services agreement. A Fortune 500 office technology company in the sale and licensing-back of certain patents and related know-how. A manufacturer of high performance computing solutions in a contract manufacturing transaction with Jabil. A Fortune 500 technology company in multiple enterprise-wide  software licenses.     Gibson, Dunn & Crutcher lawyers are available to assist in addressing any questions you may have regarding the outsourcing and technology transactions marketplace.  Please contact the Gibson Dunn lawyer with whom you usually work, or any of the following members of the Strategic Sourcing and Technology Transactions Practice Group:  Daniel R. Mummery – Palo Alto (650-849-5318, dmummery@gibsondunn.com)William J. Peters – Los Angeles (213-229-7515, wpeters@gibsondunn.com)Stephen D. Nordahl – New York (212-351-2442, snordahl@gibsondunn.com)Shaalu Mehra – Palo Alto (650-849-5282, smerhra@gibsondunn.com)     © 2014 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.