Deleted User, Author at Gibson Dunn

Recent amendments to Mexico’s Hydrocarbon Law (“Hydrocarbon Reform”) and Electricity Industry Law (“Electricity Reform”) may have a significant impact on the operations of foreign investors in the energy sector in Mexico. The recent legislative amendments curtail the market power of private electricity, and oil and gas producers in Mexico and discriminate against foreign investors.

The Hydrocarbon Reform grants the Government broad discretion to suspend or refuse to renew existing permits granted to private companies, with corresponding provisions granting State-owned company Petróleos Mexicanos (“Pemex”) the right to take over the facilities of private companies who no longer have a permit without compensation.[1] At its core, the Hydrocarbon Reform aims to recalibrate the existing regulatory framework to revive the dominance of Pemex and limit the prevalence of privately owned oil and gas companies in Mexico.[2]

Similarly, the Electricity Reform disadvantages private electricity providers by granting dispatch preference to electricity generated by State-owned company Comisión Federal de Electricidad (“CFE”).[3] Prior to this amendment, Mexico’s electrical grid rules prioritized dispatch on the basis of the least expensive generated electricity.[4] The Electricity Reform has been developed to consolidate CFE’s market participation to the detriment of private producers, many of whom generate wind and solar energy.[5]

A judge in Mexico has ordered an indefinite suspension on the implementation of the Reforms pending resolution as to their constitutionality under domestic law.[6] If the suspension is lifted, foreign investors may well have an investment treaty claim as set out further herein.

Mexico’s reforms to the energy sector may violate investment treaty protections

The Hydrocarbon and Electricity Reforms may violate investment treaty protections owed by Mexico to foreign investors who have invested in the State and are protected by an applicable investment treaty. For example, investors from the United States and Canada can arbitrate claims directly against Mexico for breaches of the protections granted by the investment chapter in the Agreement between the United States of America, the United Mexican States, and Canada (“USMCA”) and its predecessor the North American Free Trade Agreement (“NAFTA”).[7] In fact, in response to Mexico’s ongoing discriminatory treatment of foreign investors, three U.S. companies filed claims on 12 May 2021 before the International Centre for Settlement of Investment Disputes (“ICSID”)—Finley Resources Inc, MWS Management Inc and Prize Permanent Holdings LLC—on the basis that Mexico had breached its obligations under Chapter 14 of the USMCA and Chapter 11 of NAFTA.

In addition, investors from Australia, Brunei, Canada, Chile, Japan, Malaysia, New Zealand, Peru, Singapore and Vietnam may also have a claim against Mexico pursuant to the investment chapter in the Comprehensive and Progressive Agreement for Trans-Pacific Partnership (“CPTPP”). Mexico is also party to a number of bilateral investment treaties with more than 20 States that provide for recourse to international arbitration.[8]

The right to national treatment

Investment treaties commonly include a protection that requires the host State to treat investments of foreign investors no less favorably than it treats domestic investors in “like circumstances.”[9] Arbitral tribunals considering the meaning of “like circumstances” have found that this has “a wide connotation” that requires an assessment of whether “a non-national investor complaining of less favourable treatment is in the same ‘sector’ as the national investor. . . . [this] includes the concepts of ‘economic sector’ and ‘business sector.’”[10]

While it is not necessary to prove an intent to discriminate, tribunals have held that a State measure which “on its face, appears to favour its nationals over non-nationals” is a “factor[ that] should be taken into account.”[11] Arbitral tribunals have added that “[d]iscrimination does not cease to be discrimination, nor to attract the international liability stemming therefrom, because it is undertaken to achieve a laudable goal or because the achievement of that goal can be described as necessary.”[12] A previous tribunal found Mexico liable for breach of the national treatment protection where a controversial tax “was enacted for the purpose of protecting the domestic Mexican sugar industry from foreign competitors.”[13] The tribunal awarded the investor in excess of US$ 33.5 million in damages.[14]

Mexico’s Reforms are facially discriminatory to foreign investors operating side-by-side with State-owned operators Pemex and CFE, with the laws being structured in a manner that the adverse impact will be felt almost exclusively by foreign investors. President Andrés Manuel López Obrador and other members of the Government have likewise stated publicly that the purpose of the Reforms is to reestablish State control over the energy sector.[15] As a consequence, it is questionable whether Mexico is complying with its obligation to provide national treatment under various investment treaties to which it is Party.

The right to fair and equitable treatment

Most investment treaties also include a protection granting investors the right to fair and equitable treatment by host States. This includes a right to “protection of [a foreign investor’s] legitimate expectations, protection against arbitrary and discriminatory treatment, transparency and consistency.”[16]

Many of Mexico’s investment treaties require Mexico to treat the investments of a foreign investor fairly and equitably.[17] Arbitral tribunals have held that host States like Mexico cannot exercise legislative power “to act in an arbitrary or discriminatory manner, or to disguise measures targeted against a protected investor under the cloak of general legislation.”[18]

Given the targeted purpose and impact of the Reforms, impacted foreign investors may arguably have a claim that Mexico has breached its fair and equitable treatment obligation by arbitrarily discriminating against foreign investors. The changes in the legislative framework affecting hydrocarbon permitting and electricity distribution may likewise amount to a violation of foreign investors’ legitimate expectations.

* * *

Investment treaties can offer important protections to foreign investors operating in markets that present significant political and legal risks. Gibson Dunn lawyers have extensive experience advising clients in disputes against States for breaches of investment treaties. If you have any questions about how your company can take advantage of such protections, or if you think your company has an investment treaty claim based on Mexico’s Hydrocarbon or Electricity Reforms, we would be pleased to assist you.

____________________

[1] See here.

[2] See here.

[3] See here.

[4] See here.

[5] See here.

[6] See here and here.

[7] Canadian and U.S. investors in Mexico are able to file claims against Mexico before July 1, 2023 pursuant to the investor-State dispute settlement provisions available under the USMCA’s predecessor, NAFTA, provided that the dispute arises out of investments made when NAFTA was still in force and remained “in existence” on July 1, 2020. See USMCA, Annex 14-C. Thereafter, Canadian investors can seek recourse against Mexico under the CPTPP, and U.S. investors can seek recourse under Annex 14-D and Annex 14-E of the USMCA.

[8] See, e.g., Kuwait-Mexico BIT, Article 10; China-Mexico BIT, Article 12; Republic of Korea-Mexico BIT, Article 8.

[9] See, e.g., Bahrain-Mexico BIT, Article 3 (“Each Contracting Party shall accord to investors of the other Contracting Party and their investments, treatment no less favourable than that it accords, in like circumstances, to its own investors”); Belarus-Mexico BIT, Article 3 (“Each Contracting Party shall accord to investors of the other Contracting Party treatment no less favourable than that it accords, in like circumstances, to its own investors”); Mexico-Slovakia BIT, Article 3 (same).

[10] S.D. Myers, Inc. v. Government of Canada, UNCITRAL, Partial Award, 13 November 2000, ¶ 250.

[11] S.D. Myers, Inc. v. Government of Canada, UNCITRAL, Partial Award, 13 November 2000, ¶ 252.

[12] Corn Products International Inc. v. United Mexican States, ICSID Case No. ARB(AF)/04/1, Decision on Responsibility, 15 January 2008, ¶ 142; Quiborax S.A. and Non Metallic Minerals S.A. v. Plurinational State of Bolivia, ICSID Case No. ARB/06/2, Award, 16 September 2015, ¶ 253.

[13] Archer Daniels Midland Co. & Tate Lyle Ingredients Americas, Inc. v. United Mexican States, ICSID Case No. ARB(AF)/04/05, Award, 21 November 2007, ¶ 210.

[14] Archer Daniels Midland Co. & Tate Lyle Ingredients Americas, Inc. v. United Mexican States, ICSID Case No. ARB(AF)/04/05, Award, 21 November 2007, ¶ 293.

[15] See here and here.

[16] Crystallex International Corporation v Bolivarian Republic of Venezuela, ICSID Case No. ARB(AF)/11/2, Award, 4 April 2016, ¶ 543.

[17] See, e.g., United Arab Emirates-Mexico BIT, Article 4 (“Each Contracting Party shall accord to investments . . . fair and equitable treatment . . .); Turkey-Mexico BIT, Article 4 (same).

[18] Rusoro Mining Ltd. v. Bolivarian Republic of Venezuela, ICSID Case No. ARB(AF)/12/5, Award, 22 August 2016, ¶ 525.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these issues. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s International Arbitration Practice Group, or any of the following:

Penny Madden – London (+44 (0) 20 7071 4226, pmadden@gibsondunn.com)
Cyrus Benson – London (+44 (0) 20 7071 4239, cbenson@gibsondunn.com)
Jeffrey Sullivan – London (+44 (0) 20 7071 4231, jeffrey.sullivan@gibsondunn.com)
Graham Lovett – Dubai (+971 (0) 4 318 4620, glovett@gibsondunn.com)
Rahim Moloo – New York (+1 212-351-2413, rmoloo@gibsondunn.com)
Lindsey D. Schmidt – New York (+1 212-351-5395, lschmidt@gibsondunn.com)
Marryum Kahloon – New York (+1 212-351-3867, mkahloon@gibsondunn.com)
Maria L. Banda – Washington, D.C. (+1 202-887-3678, mbanda@gibsondunn.com)

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

On Friday, May 28, 2021, the EEOC updated its technical assistance on vaccinations (the “Guidance”). Among other items summarized below, the Guidance states that employers may mandate vaccines under federal EEO laws, explains how to resolve requests for accommodations from employees who cannot be vaccinated for a protected reason under Title VII of the Civil Rights Act of 1964 (“Title VII”) or the Americans with Disabilities Act (“ADA”), and clarifies that employers may request documentation of vaccination.

Employer-Mandated Vaccination

Although the EEOC’s previous guidance from December 16, 2020, strongly implied that employers could mandate vaccines, this updated Guidance clearly states that nothing in the EEO laws prevents an “employer from requiring all employees physically entering the workplace to be vaccinated for COVID-19, subject to the reasonable accommodation provisions of Title VII and the ADA and other EEO considerations.” This is true whether the employee receives the vaccine from the employer or a third party, although if the employer or its agent provides vaccines pursuant to a mandatory-vaccination policy, the employer may only ask pre-vaccination screening questions if it has “a reasonable belief, based on objective evidence, that an employee who does not answer the questions and, therefore, cannot be vaccinated, will pose a direct threat to the employee’s own health or safety or to the health and safety of others in the workplace.”

Employers may also require confirmation, including documentation, of vaccination, but under the ADA, “documentation or other confirmation of vaccination provided by the employee to the employer is medical information about the employee and must be kept confidential” and maintained in a separate location from the employees’ personnel files. The Guidance does not address state data privacy laws and requirements, which may impose additional obligations.

The Guidance explains that when deciding on and implementing a vaccination policy, employers should be mindful that, “because some individuals or demographic groups may face greater barriers to receiving a COVID-19 vaccination than others, some employees may be more likely to be negatively impacted by a vaccination requirement.” An employer may not adopt a vaccination policy that discriminates on the basis of any protected characteristic.

When introducing a vaccination policy, employers should, “as a best practice,” notify employees that they may request an accommodation if they are unable to be vaccinated due to a disability or religious belief, practice, or observance. Managers and/or supervisors tasked with implementing the vaccination policy should know how to recognize an accommodation request (which does not require employees to use any particular verbiage) and should know to whom any requests should be referred for resolution.

Accommodations Process under the ADA and Title VII

Under the ADA, if an employee cannot be vaccinated due to a disability, the employer may not “require compliance” from the employee unless “the individual would pose a ‘direct threat’ to the health or safety of the employee or others in the workplace.” To determine whether the individual is a direct threat, the employer must “make an individualized assessment of the employee’s present ability to safely perform the essential functions of the job,” based on “(1) the duration of the risk; (2) the nature and severity of the potential harm; (3) the likelihood that the potential harm will occur; and (4) the imminence of the potential harm.”

The direct threat assessment “should be based on a reasonable medical judgment that relies on the most current medical knowledge about COVID-19.” The Guidance identifies the following as relevant to whether an unvaccinated employee would present a direct threat:

“the level of community spread at the time of the assessment”;
“the type of work environment,” including:
- “whether the employee works alone or with others”;
- whether the employee works inside or outside;
- available ventilation;
- “the frequency and duration of direct interaction the employee typically will have with other employees and/or non-employees”;
- “the number of partially or fully vaccinated individuals already in the workplace”;
- “whether other employees are wearing masks or undergoing routine screening testing”; and
- “the space available for social distancing.”

If the employer determines that the unvaccinated employee would present a direct threat to others or themselves, the employer must determine whether there is a reasonable accommodation for the employee. Possible reasonable accommodations include the following:

Requiring the employee to
- wear a mask;
- work a staggered shift;
- work at a distance from coworkers or non-employees; and/or
- get periodic tests for COVID-19
“making changes in the work environment (such as improving ventilation systems or limiting contact with other employees and non-employees )”;
“permitting telework if feasible”; or
“reassigning the employee to a vacant position in a different workspace.”

An accommodation request may only be denied if there is no accommodation option that “does not pose an undue hardship, meaning [under the ADA] a significant difficulty or expense.” As with the direct threat assessment, “[e]mployers may rely on CDC recommendations when deciding whether an effective accommodation is available that would not pose an undue hardship.” The undue-hardship assessment should consider the “proportion of employees in the workplace who already are partially or fully vaccinated against COVID-19” and the “extent of employee contact with non-employees, who may be ineligible for a vaccination or whose vaccination status may be unknown.”

The Guidance suggests that the employer’s first option should be an accommodation that would “allow the unvaccinated employee to be physically present to perform his or her current job without posing a direct threat.” If no such option is possible, the employer “must consider if telework is an option for that particular job as an accommodation” and, as a “last resort,” determine “whether reassignment to another position is possible.”

Employers must also provide reasonable accommodations for employees who cannot be vaccinated due to “an employee’s sincerely held religious belief, practice, or observance” and must do so “according to the same standards that apply to other accommodation requests.” The Guidance notes that “the definition of religion is broad and protects beliefs, practices, and observances with which the employer may be unfamiliar” and that “the employer should ordinarily assume that an employee’s request for religious accommodation is based on a sincerely held religious belief, practice, or observance,” unless the employer has an objective basis to question the sincerity or religious nature of an employee’s accommodation request. Under Title VII, employers are not required to accommodate employees who are unable to be vaccinated due to religious beliefs, practices, or observances if doing so would impose “more than minimal cost or burden on the employer,” which “is an easier standard for employers to meet than the ADA’s undue hardship standard.”

Finally, the Guidance explains that employees who “seek job adjustments” or request exemptions from a vaccination requirement due to pregnancy “may be entitled to job modifications, including telework, changes to work schedules or assignments, and leave to the extent such modifications are provided for other employees who are similar in their ability or inability to work.”

Incentives

Employers may “offer an incentive to employees to voluntarily provide documentation or other confirmation that they received a vaccination on their own from a pharmacy, public health department, or other health care provider in the community.” The employer may also offer an incentive for employees to receive a vaccination from the employer or its agent, but only if vaccination is voluntary. This is because of the “pre-vaccination disability-related screening questions” that accompany the vaccine, which employers generally cannot compel their employees to answer. Therefore, if the employer (or its agent) provides the vaccine, the employer may not offer such a large incentive that employees would feel “pressured to disclose protected medical information” to the employer in connection with those screening questions.

Employers also may not offer incentives for employees’ family members to receive the vaccine from the employer or its agent, again because of the pre-screening questions, which would lead to the employer’s receipt of genetic information in the form of family medical history of the employee. But employers may (1) provide vaccines to employees’ family members without offering any incentive or (2) offer incentives “to employees to provide documentation or other confirmation from a third party not acting on the employer’s behalf, such as a pharmacy or health department, that employees or their family members have been vaccinated.”

Emergency Use Authorization

The Guidance no longer references the obligations of the Food and Drug Administration (“FDA”) with regard to the Emergency Use Authorization (“EUA”) status of the COVID-19 vaccines. Previously, the EEOC had indicated that the FDA had an obligation to ensure recipients of the vaccine received informed consent, but it now states that it “is beyond the EEOC’s jurisdiction to discuss the legal implications of EUA or the FDA approach.”

Gibson Dunn lawyers are available to assist in addressing any questions you may have about these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Labor and Employment practice group, or the following authors:

Jessica Brown – Denver (+1 303-298-5944, jbrown@gibsondunn.com)
Hannah Regan-Smith – Denver (+1 303-298-5761, hregan-smith@gibsondunn.com)

Please also feel free to contact the following practice leaders:

Jason C. Schwartz – Co-Chair, Washington, D.C. (+1 202-955-8242, jschwartz@gibsondunn.com)
Katherine V.A. Smith – Co-Chair, Los Angeles (+1 213-229-7107, ksmith@gibsondunn.com)

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

The UAE Commercial Companies Law (the “CCL”) has been amended to permit 100% foreign ownership of companies incorporated in the UAE under the CCL, commonly known as “onshore” companies (“Onshore Companies”). The UAE Ministry of Economy announced that the foreign ownership amendment would be effective on 1 June 2021. We previously discussed the amendment in our earlier Client Alert.

The requirement that a minimum of 51% of the shares in an Onshore Company be held by one or more UAE nationals, being natural or legal persons, has been removed from Article 10 of the CCL. Foreign ownership restrictions are a key concern for foreign investors, including private equity and venture capital funds, and cause additional complexity and barriers to investments in Onshore Companies. Foreign investors may now own and control Onshore Companies without the need to employ nominee or similar structures, thus avoiding cumbersome arrangements, additional costs and legal uncertainty. Furthermore, single-shareholder entities, which previously had to be wholly-owned by UAE national(s), are now eligible to be 100% owned by foreign investors.

The Department of Economic Development (“DED”) of each Emirate will specify business activities open to 100% foreign ownership. The Abu Dhabi DED has issued a list of license activities which may be conducted by a foreign-owned Onshore Company encompassing more than 1,100 activities and covering a range of sectors. While “trading” does not appear on the current list, the Abu Dhabi DED may expand the list of license activities in the future to include this activity. The Dubai DED has announced that its list will include more than 1,000 commercial and industrial license activities. The discretion of each Emirate’s DED in determining which activities may be conducted by a foreign owned-Onshore Company may result in different foreign ownership regimes applying to companies operating in the same sector, depending on which one of the Emirates an entity is incorporated in.

Foreign ownership limitations remain in respect of companies carrying out activities of strategic importance, as determined by the UAE Council of Ministers. Companies carrying out such activities will be subject to local ownership and board participation requirements to be determined by the UAE Council of Ministers.

We expect the amended CCL to strengthen the UAE’s standing as an international investment destination. It remains to be seen whether the UAE’s free-zones will decline in popularity with foreign investors as a result.

We would be happy to help clients consider and review their current ownership and governance arrangements to assess the impact of the amended CCL on their business and also discuss investment opportunities with clients.

Gibson Dunn’s Middle East practice focuses on regional and global multijurisdictional transactions and disputes whilst also acting on matters relating to financial and investment regulation. Our lawyers, a number of whom have spent many years in the region, have the experience and expertise to handle the most complex and innovative deals and disputes across different sectors, disciplines and jurisdictions throughout the Middle East and Africa.

Our corporate team is a market leader in MENA mergers and acquisitions as well as private equity transactions, having been instructed on many of the region’s highest-profile buy-side and sell-side transactions for corporates, sovereigns and the most active regional private equity funds. In addition, we have a vibrant finance practice, representing both lenders and borrowers, covering the full range of financial products including acquisition finance, structured finance, asset-based finance and Islamic finance. We have the region’s leading fund formation practice, successfully raising capital for our clients in a difficult fundraising environment.

For further information, please contact the Gibson Dunn lawyer with whom you usually work, or the following authors in the firm’s Dubai office, with any questions, thoughts or comments arising from this update.

Hardeep Plahe (+971 (0) 4 318 4611, hplahe@gibsondunn.com)
Fraser Dawson (+971 (0) 4 318 4619, fdawson@gibsondunn.com)
Aly Kassam (+971 (0) 4 318 4641, akassam@gibsondunn.com)
Hanna Chalhoub (+971 (0) 4 318 4634, hchalhoub@gibsondunn.com)
Thomas Barker (+971 (0) 4 3184623, tbarker@gibsondunn.com)
Galadia Constantinou (+971 (0) 4 318 4663, gconstantinou@gibsondunn.com)
Sarah Keryakas (+971 (0) 4 318 4626, skeryakas@gibsondunn.com)

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Gibson, Dunn & Crutcher LLP is pleased to announce with Global Legal Group the release of the International Comparative Legal Guide to: Anti-Money Laundering 2021. Gibson Dunn partners Stephanie L. Brooker and Joel M. Cohen were again contributing editors to the publication which covers issues including criminal enforcement, regulatory and administrative enforcement and requirements for financial institutions and other designated businesses. The Guide, comprised of 4 expert analysis chapters and 28 jurisdictions, is live and FREE to access HERE.

Ms. Brooker and Gibson Dunn partner M. Kendall Day co-authored “The Anti-Money Laundering Act of 2020’s Corporate Transparency Act.” Senior Associates Ella Alves Capone and Ben Belair provided invaluable assistance with the article.

In addition, Mr. Cohen co-authored with Gibson Dunn Of Counsel Linda Noonan the jurisdiction chapter on “USA: Anti-Money Laundering 2021.”

You can view these informative and comprehensive chapters via the links below:

CLICK HERE to view The Anti-Money Laundering Act of 2020’s Corporate Transparency Act

CLICK HERE to view USA: Anti-Money Laundering 2021

About Gibson Dunn’s Anti-Money Laundering Practice: Gibson Dunn’s Anti-Money Laundering practice provides legal and regulatory advice to all types of financial institutions and nonfinancial businesses with respect to compliance with federal and state anti-money laundering laws and regulations, including the U.S. Bank Secrecy Act. We represent clients in criminal and regulatory government investigations and enforcement actions. We also conduct internal investigations involving money laundering and Bank Secrecy Act violations for a wide range of clients in the financial services industry and companies with multinational operations.

For further information, please visit our practice page and feel free to contact Stephanie L. Brooker in Washington, D.C. (+1 202.887.3502, sbrooker@gibsondunn.com), Joel M. Cohen in New York (+1 212.351.2664, jcohen@gibsondunn.com) or M. Kendall Day in Washington, D.C. (+1 202.955.8220, kday@gibsondunn.com).

Stephanie Brooker is Co-Chair of Gibson Dunn’s White Collar Defense and Investigations and Financial Institutions Practice Groups. She also co-leads the firm’s Anti-Money Laundering practice. She is the former Director of the Enforcement Division at FinCEN, and previously served as the Chief of the Asset Forfeiture and Money Laundering Section in the U.S. Attorney’s Office for the District of Columbia and as a DOJ trial attorney for several years. Ms. Brooker’s practice focuses on internal investigations, regulatory enforcement defense, white-collar criminal defense, and compliance counseling. She handles a wide range of white collar matters, including representing financial institutions, multi-national companies, and individuals in connection with criminal, regulatory, and civil enforcement actions involving sanctions; anti-corruption; anti-money laundering (AML)/Bank Secrecy Act (BSA); securities, tax, and wire fraud; foreign influence; “me-too;” cryptocurrency; and other legal issues. Ms. Brooker’s practice also includes BSA/AML and FCPA compliance counseling and deal due diligence and asset forfeiture matters. Ms. Brooker has been named a Global Investigations Review “Top 100 Women in Investigations” and National Law Journal White Collar Trailblazer.

Joel M. Cohen, a trial lawyer and former New York federal prosecutor, is Co-Chair of Gibson Dunn’s White Collar Defense and Investigations Practice Group, and a member of its Securities Litigation, Class Actions and Antitrust & Competition Practice Groups. He has been lead or co-lead counsel in 24 civil and criminal trials in federal and state courts, and he is equally comfortable in leading confidential investigations, managing crises or advocating in court proceedings. Mr. Cohen is a top-ranked litigator by Chambers and other leading legal services reviewers. His experience includes all aspects of AML, FCPA/anticorruption issues, securities fraud, insider trading, sanctions, and tax fraud, in addition to financial institution litigation and other international disputes and discovery.

M. Kendall Day is Co-Chair of Gibson Dunn’s Financial Institutions Practice Group, co-leads the firm’s Anti-Money Laundering practice, and is a member of the White Collar Defense and Investigations Practice Group. Prior to joining Gibson Dunn, Kendall was a white collar prosecutor for 15 years, eventually rising to become an Acting Deputy Assistant Attorney General, the highest level of career official in the Criminal Division at DOJ. He represents financial institutions; fintech, crypto-currency, and multi-national companies; and individuals in connection with criminal, regulatory, and civil enforcement actions involving anti-money laundering (AML)/Bank Secrecy Act (BSA), sanctions, FCPA and other anti-corruption, securities, tax, wire and mail fraud, unlicensed money transmitter, false claims act, and sensitive employee matters. Mr. Day’s practice also includes BSA/AML compliance counseling and due diligence, and the defense of forfeiture matters.

Linda Noonan is Of Counsel in the Washington, D.C. office and a member of the firm’s Financial Institutions and White Collar Defense and Investigations Practice Groups. She joined the firm from the U.S. Department of the Treasury, Office of General Counsel, where she had been Senior Counsel for Financial Enforcement. In that capacity, she was the principal legal advisor to Treasury officials on domestic and international money laundering and related financial enforcement issues. She specializes in BSA/AML enforcement and compliance issues for financial institutions and non-financial businesses.

Ella Alves Capone is a senior associate in the Washington, D.C. office, where she is a member of the White Collar Defense and Investigations and Anti-Money Laundering practice groups. Her practice focuses primarily in the areas of white collar criminal defense, internal investigations, regulatory enforcement defense, and compliance counseling. Ms. Capone regularly conducts internal investigations and advises multinational corporations and financial institutions, including major banks, virtual currency businesses, and casinos, on anti-corruption, Bank Secrecy Act/anti-money laundering, and sanctions compliance.

Ben Belair is an associate in the Washington, D.C. office, where he is a member of the White Collar Defense and Investigations practice group. His practice focuses primarily in the areas of white collar criminal defense, government and internal investigations, and compliance counseling.

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Decided May 24, 2021

Guam v. United States, No. 20-382

Yesterday, the Supreme Court held 9-0 that only the resolution of CERCLA-specific liability could give rise to a contribution claim under the Superfund statute. The Court’s decision revives Guam’s cost recovery action against the U.S. Navy for the cleanup of hazardous waste on the island.

Background:
Section 113(f)(3)(B) of the Comprehensive Environmental Response, Compensation, and Liability Act of 1980 (CERCLA) allows a party to seek contribution from other responsible parties for costs incurred in cleaning up a contaminated site. The provision states that “[a] person who has resolved its liability to the United States … in an administrative or judicially approved settlement” may bring a contribution claim for some or all of the costs of a “response action” under that settlement, no later than threeyears after the settlement is entered. 42 U.S.C. § 9613(f)(3)(B).

Guam sued the United States to recover response costs it spent remediating the Ordot Dump, a landfill containing hazardous waste formerly used by the U.S. Navy. The D.C. Circuit agreed with the United States that Guam’s suit was time-barred under Section 113(f)(3)(B)’s three-year statute of limitations, since Guam’s cleanup around the Ordot Dump was part of its obligations under a 2004 consent decree for Clean Water Act violations. The court reasoned that, although the consent decree did not involve any CERCLA claims and resolved liability only under the Clean Water Act, it still gave rise to, and started the clock for, a contribution claim within the meaning of Section 113(f)(3)(B), which expired in 2007.

Issue:
Whether a non-CERCLA settlement can give rise to a contribution action under Section 113(f)(3)(B).

Court’s Holding:
No. A settlement must resolve a CERCLA liability to trigger Section 113(f)(3)(B)’s contribution right.

“The most natural reading of [CERCLA] § 113(f)(3)(B) is that a party may seek contribution under CERCLA only after settling a CERCLA-specific liability.”

Justice Thomas, writing for the Court

What It Means:

Focusing on the statutory text and “interlocking” structure of Section 113(f), the Court explained that the contribution provision is “best understood only with reference to the CERCLA regime.” Slip op. at 5–6. The Court noted that Section 113(f)(3)(B)’s use of the CERCLA-specific term “‘response action,’ express cross-reference to another CERCLA provision, and placement in the statutory scheme” make clear that the provision is not a “free-roving contribution right,” but instead “is concerned only with the distribution of CERCLA liability.” Id. at 4, 5, 8.
As the Court itself recognized, its decision “provid[es] clarity” on when a settlement gives rise to a Section 113(f)(3)(B) contribution right. Id. at 8 n.4. “Rather than requiring parties … to estimate whether a prior settlement was close enough to CERCLA” that it might trigger contribution, the new, “far simpler approach” asks only “whether the settlement expressly discharged a CERCLA liability.” Id. at 8.
Because the Court held that the 2004 consent decree did not give rise to a Section 113(f)(3)(B) contribution claim, it found unnecessary to decide whether parties possessing such a claim are prohibited from proceeding under CERCLA Section 107(a) instead. That provision, like Section 113(f), allows a person to recoup some or all of its cleanup costs from other responsible parties, but provides for a more forgiving limitations period—six years after the cleanup effort begins, rather than three years after the qualifying settlement is entered. For its part, the D.C. Circuit concluded that “if a party can assert a contribution claim under § 113(f), it cannot assert a cost-recovery claim under § 107(a).” Id. at 3. The Court declined to reach this question.
The Court’s decision will allow Guam to proceed with its suit against the Navy for the recovery of cleanup costs associated with the Ordot Dump under Section 107(a), a separate CERCLA provision that permits a person to recoup cleanup costs from other responsible parties within six years after the cleanup begins.

The Court’s opinion is available here.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding developments at the Supreme Court. Please feel free to contact the following practice leaders:

Appellate and Constitutional Law Practice

Allyson N. Ho
+1 214.698.3233
aho@gibsondunn.com

Mark A. Perry
+1 202.887.3667
mperry@gibsondunn.com

Lucas C. Townsend
+1 202.887.3731
ltownsend@gibsondunn.com

Bradley J. Hamburger
+1 213.229.7658
bhamburger@gibsondunn.com

Related Practice: Environmental Litigation and Mass Tort

Daniel W. Nelson
+1 202.887.3687
dnelson@gibsondunn.com

Stacie B. Fletcher
+1 202.887.3627
sfletcher@gibsondunn.com

David Fotouhi
+1 202.955.8502
dfotouhi@gibsondunn.com

Spring 2021 brought two key developments to the UK tax landscape. There was the Budget announcement delivered on 3 March (together with the Finance Bill 2021 published on 11 March), setting out medium-term tax and spending plans as the UK economy emerges from the COVID-19 coronavirus. This was followed by “Tax Day” on 23 March through which more than 30 tax policies and consultations were published with the aim to modernise UK tax administration and policy development.

It is perhaps too early to comment on the long-term effects of the COVID-19 coronavirus, however the UK government appears to be alert to the need for both short-term investment incentives to businesses, as well as longer-term increases in taxes to finance a broadening UK budget deficit. With the Chancellor agreeing to hold the Conservative Party’s 2019 “triple tax lock” manifesto pledge not to increase the rates of income tax, national insurance and VAT, it is not surprising then that UK corporation tax was in the spotlight for this year’s Budget. The main rate is set to increase from April 2023 to 25% on profits over £250,000 (whilst the rate for small profits under £50,000 will remain at 19%, with relief for businesses with profits under £250,000 so that they pay less than the main rate). Interestingly, the threshold rate of tax for meeting the excluded territories exemption under the UK’s controlled foreign company rules would rise from 14.25% to 18.75%. In line with the increase in the main rate, the UK Diverted Profits Tax rate will also rise to 31% from April 2023.

What is more surprising, however, is the absence of broader changes to the UK capital gains tax regime in the Budget this year. In May, the Office of Tax Simplification (“OTS”) published the second report in their two-stage review of the UK capital gains regime. Following publication of the first report in November 2020, in which they recommended significant changes (see our previous Alert), the OTS’ second report considers key practical, technical and administrative issues associated with the current regime. Fourteen recommendations have been made, relating to (i) the treatment of deferred consideration; (ii) the treatment of corporate bonds; and (iii) the current reporting and payment processes. Despite expectations from observers, the government has not yet implemented any recommendations from the first report and so it remains unclear whether (and to what extent) the UK government will adopt the recommendations in the future. The details of the second report will be covered in further detail in the next Quarterly Alert. “Tax Day” also came with an open consultation on the government’s tax administration framework, which sought to explore ways in which the interaction of taxpayers with the tax system (from registration to payment of tax) could be updated and simplified as the UK’s tax system becomes increasingly digital.

At the international level, it remains to be seen whether the OECD’s Inclusive Framework’s aim of reaching consensus on its Pillar I and II initiatives by mid-2021 remains achievable. US treasury secretary Janet Yellen’s speech on 5 April calling for countries to agree on a global minimum corporation tax rate for large companies, and reports earlier this year that she had dropped the former proposal under the Trump administration to allow US companies to opt in to any new system for allocating taxing rights, will however provide fresh impetus for an agreement to be reached. Agreement however among EU nations on proposals for a 21% global minimum corporate tax rate would not be easy. Although higher tax countries such as France and Germany have initially been supportive, corporate tax rates vary significantly across the continent with countries such as Ireland already making it clear it will not amend its current 12.5% corporate tax rate.

***

A. UK Budget 2021

Amendments to the hybrid and other mismatches regime
Loss carry-back extension
Capital allowances “super deduction” and extension of the annual investment allowance
Off-payroll working rules

B. UK Consultations

UK asset holding company regime (second stage consultation)
UK funds review consultation
Uncertain tax treatment consultation
Transfer pricing documentation consultation

C. Other UK Developments

Deferral of HMRC’s VAT treatment of compensation and termination payments and VAT grouping consultation update
Brexit developments: EU/UK social security co-ordination and repeal of UK’s implementation of the EU Interest and Royalties Directive
UK property-rich collective investment vehicles – limited portfolio exemption for offshore CIVs
Draft regulations to implement OECD Mandatory Disclosure Rules
Possible changes to UK stamp duty procedures

D. International Developments

EU consultation on VAT rules for financial and insurance services
EU public country-by-country reporting
New OECD COVID-19-related guidance

E. Notable Cases

Danske Bank A/S v Skatteverket (C‑812/19) and The Commissioners for Her Majesty’s Revenue & Customs v Wellcome Trust Ltd (C-459/19)
HMRC v Development Securities PLC and Others [2020] EWCA Civ 1705
Odey Asset Management LLP v HMRC [2021] UKFTT 31 (TC)

A. UK Budget 2021

I. Amendments to the hybrid and other mismatches regime

The Finance Bill 2021 included significant changes to the UK hybrid and other mismatches regime. It addresses many, albeit not all, of the issues raised by respondents during last year’s consultation. It is expected that the new measures will serve to simplify application of the relevant rules. Groups may wish to revisit their existing structures to assess the impact of the changes and to consider whether to elect certain rules to apply retrospectively.

The UK hybrid and other mismatches regime (the “Regime”) was introduced in 2017 to counter arrangements that give rise to hybrid mismatch outcomes and generate a tax mismatch. As discussed in our previous December 2020 Quarterly Alert, HMRC published responses to its consultation on certain aspects of the Regime in November 2020 paving the way for wider reforms and further draft legislation to follow.

The Finance Bill 2021 included key provisions making significant amendments to the Regime addressing many (if not all) of the concerns raised with HMRC by taxpayers, advisers and industry bodies. Most of these provisions reflect the announcements and draft legislation previously published by HMRC in November 2020 (see our previous Alert), although there are some changes. The following elements in particular are worth noting:

Retrospective widening of “dual inclusion income”

The previously proposed widening of the concept of “dual inclusion income” (broadly a single amount of ordinary income that is recognised twice for tax purposes where the relevant entities and jurisdictions involved correspond to those that benefit from a double deduction) which was due to have mandatory retrospective effect from when the Regime was introduced in 2017, will now have effect from Royal Assent of the Finance Bill, although companies will be able to elect to apply the changes retrospectively.

The new dual inclusion income construct widens the existing rules, by capturing income taxed in the hands of a payee in the UK, but for which there is no deduction obtained by the payer in any jurisdiction, and that non-deductibility arises from the hybridity of the UK payee. The new definition introduces the concept of inclusion/no deduction income that may be treated as dual inclusion income when determining to what extent a double deduction mismatch should be counteracted. It will be welcome news for groups that receive income that is brought into account for tax purposes in the UK without generating a tax deduction in any other jurisdiction. This should however be read alongside the extension of the targeted anti-avoidance rule under the Regime to regard steps taken to engineer something to be treated as dual inclusion income as a relevant tax advantage under the rule.

We had previously discussed potential issues with the then current application of the double deduction mismatch rules (where section 259ID did not obviously apply). In particular, an intra-group payment by a US parent company to a UK subsidiary (that is disregarded for US federal income tax purposes) may give rise to a disallowance for an otherwise deductible expense incurred by the UK subsidiary – resulting in taxation on profits it does not economically possess. The above described changes however will now render the intra-group payment as deemed dual inclusion income. Although the wider dual inclusion income concept is to be welcomed, certain groups may continue to face double economic taxation. In particular, where the intra-group payment is instead made by a non-UK sister company to the UK subsidiary (i.e. where sister company is also wholly owned by a US parent and disregarded). As there must be no deduction obtained by the payer in any jurisdiction, the deductibility of the payment by the sister company in the jurisdiction in which it is established will prevent the intra-group payment from being treated as deemed dual inclusion income. This is disappointing given that a number of multinational group structures are arranged in this way and under the proposed rules will continue to be subject to double economic taxation. Restructuring around this issue may be costly and administratively burdensome, at a time when other jurisdictions (notably Ireland) take a more pragmatic approach to their implementation of hybrid mismatch rules by preventing a counteraction in circumstances where economic double taxation can be demonstrated.

Intra-group surrenders of “surplus” dual inclusion income

In addition to the intra-group surrender mechanism stipulated in November 2020 for “surplus” dual inclusion income where there is a shortfall in another group entity, administrative requirements for the making, withdrawing or replacing consent to such claims for “surplus” dual inclusion income to be surrendered, have now been provided. Notably, such claims will need to be submitted to HMRC. The new mechanism will nevertheless help taxpayers whose group structure results in income arising in the “wrong” entity (compared to relevant expenses). The change is effective from 1 January 2021.

Illegitimate overseas deduction

Amendments have been made to the rules regarding illegitimate overseas deductions so that they will only disallow UK tax relief where the relevant double deduction is utilised for overseas tax purposes by an entity other than the UK corporation tax paying company or its investors. The change which takes effect from the date of Royal Assent of the Finance Bill should allow the Regime to operate more proportionately and are likely to assist US groups with disregarded UK subsidiaries.

Acting together threshold

It had been proposed in November 2020 that the definition of “acting together” should be amended to exclude any investor holding less than 10% of a partnership that is a collective investment scheme (subject to certain rules preventing partners from artificially fragmenting their interests to fall below the threshold). Instead, that proposal has been replaced with specific provisions to ensure that counteractions under the Regime are simply disapplied where they arise in respect of participants in transparent funds who hold less than a 10% interest. So although investors in a fund will be treated as acting together, a similar position is reached by ignoring interests of relevant minority investors when calculating the size of any mismatch.

Helpfully, “fund” is defined to include any collective investment scheme or alternative investment fund for UK financial services law purposes, with no requirement that it be widely held. Such funds will be transparent if they are treated as transparent for UK income tax purposes. As such, funds structured as UK limited partnerships, Luxembourg SCSps or Cayman limited partnerships should benefit. The changes will have effect from the date of Royal Assent of the Finance Bill.

In line with the proposals in November, the definition of “acting together” will be amended to exclude cases where a party has a direct or indirect equity stake in a paying entity no greater than 5%, including votes and economic entitlements.

Retrospective changes to definition of “hybrid entity”

Changes to the definition of a “hybrid entity” were originally intended to operate so that it only tests whether an entity is transparent by reference to the laws where it and its opaque investors are established/resident. The status of the potential hybrid entity under UK law would no longer be considered, unless the entity or a relevant entity in its ownership structure is in the UK.

HMRC had explained that the alteration removes the need to make the previously announced changes in relation to US LLCs. That is, where an LLC is seen as transparent under its own tax law and that of all its investors, it will no longer be a hybrid entity, thus removing the risk of counteraction under the current Regime where the UK generally views an LLC as fiscally opaque (subject to the terms of its constitutional documents) and the US regards it as fiscally transparent (unless checked close) causing it to be treated as a hybrid entity. Having made the changes as part of the initial draft of the Finance Bill 2021, the government has since identified the draft legislation as having gone too far, with certain unintended consequences resulting. The government has decided to revisit the draft legislation in order to allow it to operate solely as intended – as a result the envisaged amendments will be postponed until the next Finance Bill. The changes (when they come) will be treated as having retrospective effect from when the Regime was introduced.

The many positive changes to the Regime resolve a number of issues, but not all of the problems experienced in relation to the existing rules. Certain requests from consultation respondents last year also remain unanswered. These include the addition of a tax avoidance motive to the Regime, an exclusion for small and medium-sized enterprises and the treatment of the US global intangible low-taxed income (“GILTI“) rules as an equivalent regime (so as to prevent a UK counteraction where a GILTI charge applies).

Groups may wish to revisit their existing structures to assess the impact of the changes and to consider whether to elect certain rules to apply retrospectively.

II. Loss carry-back extension

In order to provide further aid for businesses impacted by COVID-19 coronavirus, the UK government has extended the period for which trading losses may be carried back for tax relief purposes for relevant accounting periods ending between 1 April 2020 and 31 March 2022. As a result, taxpayers will be permitted to carry-back relevant losses to set against profits incurred in the three years leading up to the period in which the loss was incurred (rather than the one year currently).

As part of the new measures, there will be a £2 million cap on the amount that may be carried back more than one year for each relevant accounting period in which a loss is made, and the cap will apply on a group basis. As a result, businesses in the two year period that the extended relief is expected to be available may be eligible for a potential cash refund. The £2 million cap will not be pro-rated for short accounting periods and the new measures do not impact the amount of trading losses that may be carried back to the immediately preceding year (which remains unlimited for companies).

Such extended relief will need to be carried back to be offset against profits from the most recent years first. By way of example, a company that incurs a loss in the year to 31 December 2020 would, under the current rules, only be able to carry this loss back to set against profits of the year to 31 December 2019. Under the new rules, after 2019 profits are fully offset, up to £2 million of such losses may be carried back to first be set against profits arising in the previous year ended 31 December 2018 and then, if necessary, 31 December 2017. As the cap applies on a per tax year basis, a separate cap of £2 million would apply on the extended carry-back of losses incurred in accounting periods ending in the period 1 April 2021 to 31 March 2022.

Claims for such carry-back relief will be required to be made on a company tax return unless the losses available to be utilised more than one year before the beginning of the relevant period are below a de minimis of £200,000. Claims up to this amount may be made outside of a return so that the benefit is obtained without waiting to submit a company tax return for the period in which the loss is incurred.

As the £2 million cap applies at group level, groups that have a member making a claim in excess of the de minimis will be required to submit an allocation statement to HMRC showing how the £2 million cap has been allocated between group members. If no group company is able to make a claim in excess of the £200,000 de minimis, then no allocation statement will be needed.

The extension of the carry-back relief rules will be particularly useful for taxpayers in previously profitable sectors that have been heavily affected by COVID-19 coronavirus. Such businesses should consider seeking to utilise this extension as early as possible to help with cash flows, alongside other available reliefs.

III. Capital allowances “super deduction” and extension of the annual investment allowance

As part of the Spring Budget 2021 the UK government has provided for two temporary first-year capital allowances over the next two years to boost investment and productivity levels as the UK economy recovers from the COVID-19 coronavirus. These are a 130% first year capital allowance for qualifying plant and machinery assets (the “super deduction”) and a 50% first-year allowance for qualifying special rate assets. In addition, the annual investment allowance of £1 million will be extended to 31 December 2021. Although the announcement was headline-grabbing at the time, the measures viewed in light of the planned increase in the rate of corporation tax may be better described as a short-term incentive to bring forward investment spending plans in lieu of longer-term increases in tax.

From 1 April 2021 until 31 March 2023, companies investing in qualifying new plant and machinery assets will be able to claim a deduction against taxable profits at the following rates:

a 130% first year allowance on qualifying plant and machinery within the main rate pool (which under the current rules attract a writing down allowance of 18% per annum on a reducing balance basis); and
a 50% first-year allowance for qualifying special rate assets within the special rate pool (which under the current rules attract a writing down allowance of 6% per annum on a reducing balance basis). Special rate expenditure broadly includes integral features (including electrical systems, hot and cold water systems, heating, ventilation, lifts and solar shading) and certain long-life assets.

The £1 million rate of the annual investment allowance will also be extended to 31 December 2021, although it is due to revert to the previous limit of £200,000 as of 1 January 2022. The allowance gives relief for 100% of expenditure qualifying for capital allowances, up to the threshold, in the tax year in which the expenditure is incurred.

The draft rules for the new “super deduction” and 50% allowance specify a number of qualifying conditions in order for a company to be eligible. These include the following:

relief is only available to companies that are within the charge to UK corporation tax;
expenditure on qualifying plant and machinery must be new (i.e. not second-hand);
the expenditure is incurred between 1 April 2021 and 31 March 2023;
for expenditure incurred that is associated with a contract for plant and machinery, that contract was entered into on or after 3 March 2021; and
certain existing exclusions for first-year allowances under the current rules will continue to apply, notably this disallows connected party transactions and expenditure on assets for leasing (although following later stage amendments to the draft rules, property lessors would be able to claim the “super deduction” and 50% allowance on investments in background plant and machinery for a building).

Companies using finance to invest in plant and machinery through hire-purchase arrangements should also be able to access the “super deduction”, albeit subject to separate conditions, including that payments are made to actually acquire (rather than purely lease) the asset.

Taxpayers will need to carefully consider the timing of their asset purchases, with the new measures being strictly limited to expenditure incurred on or after 1 April 2021. Under existing rules for first year allowances, capital expenditure is generally incurred “as soon as there is an unconditional obligation to pay it” (rather than deemed to be incurred on the first day a trading activity is carried out). However, the Finance Bill provisions disapply this general rule where the expenditure is incurred pursuant to a contract entered into prior to 3 March 2021 (i.e. even if the unconditional obligation to pay arises after 1 April 2021). As a result certain expenditure incurred over the following two years will not be eligible for the new “super deduction” or the 50% allowance because it was already committed to before 3 March 2021.

At the other side of the two-year window, the “super deduction” for expenditure incurred in a chargeable period ending after 31 March 2023, is proportionately reduced according to the relevant number of days in the chargeable period that extend past 31 March 2023.

As first year allowances are not pooled for capital allowances purposes, disposals of relevant qualifying assets are subject to a “balancing charge” (i.e. treated as immediately taxable income), rather than reducing the balance of the pool. To prevent abuse of the new measures, the Finance Bill provides that if assets, for which a “super deduction” was previously claimed, is disposed of on or before to 31 March 2023, an additional claw back of relief is obtained by applying a time apportioned factor of 1.3 to the calculation of the balancing charge. Similar rules apply to the 50% allowance.

Without a cap on the amount of relief available under the new “super deduction” and 50% allowance, there are clear incentives for businesses to bring forward their investment plans to take advantage. Taxpayers will be wise however to carefully consider the timing of their investments, the conditions required to qualify and the interaction of these first-year allowances with other tax reliefs.

IV. Off-payroll working rules

Planned reforms to the off-payroll working rules (IR35) have been introduced with effect from 6 April 2021, after being postponed by 12 months owing to the COVID-19 coronavirus. The new reforms require medium and large size private sector organisations to assess whether individuals falling within the scope of IR35 and employed through an intermediary are “deemed employees”, and if so, to deduct income tax and National Insurance Contributions from any fees paid. This switches the burden of the determination from the intermediary to the client who ultimately receives the services from the individual.

On 6 April 2021, the planned reforms to the off-payroll working rules came into effect. This follows a decision made by the UK government on 17 March 2020 to postpone the introduction of the reforms to the private sector due to the impact of the COVID-19 coronavirus.[1]

The off-payroll working rules ensure that individuals who are employed through their own limited company (“personal service company”) or other intermediary, but who would otherwise be treated as an employee if services were provided directly to the client, are treated as “deemed employees” and will be liable to pay income tax and National Insurance Contributions (“NICs”) as if the individual was an employee.

The former IR35 regime required the intermediary to determine whether the individual would be a “deemed employee”. Making a determination of whether an individual is a “deemed employee” requires a consideration of the terms of the contract between the client and the intermediary and the working arrangements in practice. If the individual is within the scope of IR35 and a “deemed employee”, the intermediary was required to operate payroll, make deductions for income tax and NICs and make employer contributions for NICs on fees received for the services.

In April 2017, similar reforms were introduced in the public sector which switched the requirement to determine whether an individual providing services through an intermediary is a “deemed employee” from the intermediary to the client.[2] The factors used to make this determination have not changed. Following the 2017 reforms, if the individual’s contract fell within the scope of IR35 and a public sector organisation regarded the individual as a “deemed employee”, it would then be responsible for deducting income tax and NICs.

The changes in effect from 6 April 2021 have extended the 2017 reforms to clients in medium or large size private sector organisations. Accordingly, medium or large private sector organisations that employ individuals through a limited company or other intermediary must now determine if the individual should be regarded as a “deemed employee”, issuing a “Status Determination Statement” to set out and explain their decision where the rules are found to apply. There is no change for contractors working for small, private sector clients, who will still be required to make the determination themselves. If the contracted individual falls within the scope of IR35, the medium or large size private sector client will retain the obligation to account to HMRC for any employment taxes associated with the contractor’s services fee (i.e. as if it was a salary payment).

Contractors engaged through an agency or umbrella company (which itself engages the contractor as its employee and pays them subject to employment taxes) should not be subject to the new rules. That is, such an agency or umbrella company should not be treated as an “intermediary” under the IR35 rules according to a clarificatory statement issued by HMRC on 15 October 2020.

Whilst applying a decision to a group of off-payroll workers with the same role, working conditions and contractual terms may be appropriate in some circumstances, HMRC guidance stresses the importance to end-clients of making determinations on a factual case-by-case basis.[3]

B. UK Consultations

I. UK asset holding company regime (second stage consultation)

In December 2020, the government published its second stage consultation on the tax treatment of asset holding companies in alternative investment funds. Interestingly, the government has opted for a new standalone regime for eligible asset holding companies (rather than individual changes to existing rules). Responding positively to many of the concerns respondents raised during the first stage last year, the proposals will be welcome news for investors and asset managers.

We previously reported on the UK government’s initial stage consultation on the tax treatment of asset holding companies (“AHCs”) in alternative investment funds, including some of the issues inherent under the existing rules, as part of our April 2020 Quarterly Alert (see here). In December 2020, HM Treasury published its response to that consultation and, recognising there is a strong case for change in this area, sought views on more detailed design features for a more internationally competitive tax regime for AHCs. The consultation response, although positive, is the first in a number of expected consultations on potential changes to the tax treatment of UK funds and fund structures.

Most respondents to the March 2020 consultation agreed that a key aim of such funds is to ensure that its investors do not achieve a significantly worse tax outcome (including timing and administrative requirements) than if they had invested in the underlying investment directly. Identifying that a closely defined concept of an AHC would, in any event, be required if individual changes to existing rules were implemented, the government has instead opted for a new standalone tax regime for AHCs. The key features of the proposed regime are described below:

Eligibility

According to the response paper, the bespoke regime is intended to apply to the use of AHCs “in structures where capital from diverse or institutional investors is pooled and managed by an independent, regulated or authorised asset manager in which the AHC plays an intermediate, facilitative role”. Accordingly, eligibility criteria will need to identify: (i) criteria for investors making investments via an AHC, (ii) how investors should be identified, (iii) criteria to identify the asset manager, and (iv) the character and activities of the AHC, with the government seeking feedback on how best to achieve the relevant aims. In respect of criteria (iv) above, the government wants to restrict the regime to entities that serve to facilitate flows of capital, income and gains between investors and investment assets. It should not apply to funds that otherwise meet the above criteria but carries on activities that form part of the trade of a portfolio company.

It is anticipated that a company would need to elect into the AHC regime as part of its company tax return.

AHC taxation

The government has proposed that any taxable profit of an AHC should be proportionate to its intermediary role. The proposed AHC regime does not propose a fully tax exempt AHC, which may be helpful to funds seeking to access benefits under the UK’s double tax treaty network.

In respect of deductions against taxable profits at the AHC level, provided the AHC practices the return of its profits to its investors, it is proposed that the AHC should be able to obtain relief against its taxable income (albeit, limited in accordance with transfer pricing principles). On the other hand, given the additional deductions available to an AHC under the regime, it is proposed that an AHC should not be able to surrender or claim losses as group relief.

The response paper provides little in the way of detail in respect of transfer pricing approaches, instead requesting feedback from respondents. Given the need of funds to accurately predict their taxable margins, this will be an important development.

Disposals of investment assets by an AHC would be subject to a new relief (instead of the existing substantial shareholding exemption) from taxation at the AHC level. An exception to the relief would be for UK land and assets that derive 75% or more of their value from UK land in accordance with existing rules. The government anticipates that gains not reinvested will be taxed when returned to UK investors (or on those investors when they dispose of their interest in the AHC), with the intention that the AHC regime should not be used to artificially defer tax on capital gains.

The government is also considering a specific exemption under the AHC regime from withholding tax on interest paid by an AHC to its investors, unusually, by reference to a purpose test to disapply the exemption where a main purpose is the escaping of tax imposed by any jurisdiction.

Taxation of investors

Under the proposals, the AHC rules should operate so that for investors within the scope of UK tax:

amounts deductible from taxable income of an AHC and paid to investors are treated as taxable income in the hands of those investors; and
amounts returned to investors that are attributable to capital gains realised by an AHC are treated as gains in the hands of those investors.

For income purposes, UK investors would be taxed on returns as if they were of the form from which the AHC had itself derived such income from its investments (e.g. interest income received from a portfolio company that is then distributed to the UK investor).

For capital gains purposes, the proposal is for amounts returned to investors that are attributable to capital gains realised by an AHC to be treated as capital gains in the hands of the investors. Given the complexity of certain funds and the variety of ways in which an AHC might return gains to investors, complex rules may follow to allow for the tracking of gains through fund structures. The government has also made clear this is an area where anti-avoidance rules will be needed.

More broadly, there will also be consideration of whether there is scope for a more simplified exemption from stamp duty and stamp duty reserve tax on some or all transfers of shares and loan capital in an AHC.

Real estate considerations

Under existing UK rules, investors are required to pay tax on rental income and capital gains on UK real estate even if those investors are resident outside the UK. The response paper is therefore careful to explain that any new AHC regime should not create risks of loss of UK tax on UK property income and gains for the government.

The initial proposed solution to this however is somewhat disappointing: that AHCs under the regime be prevented from owning UK land or UK property-rich assets. Helpfully, this approach is subject to further consultation, and the response paper also considers situations where an AHC would be permitted to hold UK real estate indirectly through a separate corporate vehicle.

The government received feedback on a number of areas where the UK real estate investment trust (“REIT”) regime could be improved. In particular, a relaxation of the current listing requirements for certain investors, as well as providing increased flexibility under the balance of business eligibility criteria, are currently being considered by the UK government. Whilst a more fulsome review of the REIT regime is intended to form part of a separate funds review, the government is considering a number of changes that could be made alongside the AHC rules that would make the UK a more competitive location for holding real estate assets.

The second stage consultation on a new AHC regime will be welcomed by investors and asset managers alike. A key comment from respondents however is that any new UK AHC regime will necessarily be compared to other domestic investment structures (such as those with AHCs in Luxembourg), and it is not clear to what extent (if any) a UK regime would need to provide benefits above and beyond those in other jurisdictions. Any such benefits would also need to be considered carefully, in light of the value attributed by investors to tax regimes that provide certainty and rules that are straightforward to follow.

II. UK funds review consultation

In January 2021, the government published a call for tax, regulatory and other input as part of its broader review of the UK funds regime. The paper sets out the scope and objectives of the review, and invites stakeholders to provide views on which reforms should be prioritised and taken forward. The wider aim being to make the UK a more attractive location to establish, administer and manage funds, and to support a wider range of more efficient investment vehicles better suited to investor needs.

The call for input follows last year’s Spring Budget announcement (see our April 2020 Alert here) and sits alongside other areas of consultation (see second stage AHC consultation section above). It covers the areas that will be particularly relevant to UK asset managers and fund administrators, including tax, regulatory and other aspects of the regime. The government appears to have taken on the message that any new UK funds regime will need to compete directly with existing preferential regimes within established hubs (such as those in Ireland and Luxembourg). In addition to enhancing the UK’s reputation as a location for new funds, any new regime should also consider the incentives provided for existing funds to move to the UK given the costs of re-domiciliation and speculated changes to the UK’s capital gains tax and carried interest rules.

From a tax perspective, the call for input covers the following areas:

Tax neutrality principle (that is, to ensure investors achieve a tax neutral treatment irrespective of whether they invest in an asset directly or through a fund vehicle) – recognising that as a practical matter the existing regime does not always achieve such tax neutrality for investors in funds (e.g. certain balanced funds that invest in both equity and debt instruments are not always entitled to tax deductions for distributions at the fund level giving rise to tax leakage), the consultation seeks views on ways in which the regime may be improved.
Barriers within the existing REIT rules – recognising that the rules for REITs can be complex, the government will consider simplifying measures including the relaxation of the listing requirement, changes to how the close company test is applied, the application of the holders of excessive rights rules and how the “balance of business” test should operate.
Issues with the UK approach to VAT on fund management services – the review paper only seeks initial responses to the issues at this stage (with separate actions to follow later this year). Nevertheless, the recoverability of VAT on management fee costs at fund level, and that the position of asset managers is not adversely affected by their incurring of irrecoverable VAT that would not arise had they provided management services to a fund established outside the UK, will be important to the success of any UK funds regime.
Declining use of UK limited partnerships and tax-elected funds – the call for evidence seeks views as to why the use of UK limited partnerships has declined in recent years and take up of the tax-elected fund regime, introduced to facilitate onshore multi-asset funds, has been so limited. The perceived complexity of each of the regimes compared to those in other jurisdictions which adopt more straightforward tax exemption models will likely be a factor. If so, the wider funds review provides an opportunity for more substantive (rather than incremental) changes to the taxation of these vehicles.

The consultation closed on 20 April 2021. The British Private Equity and Venture Capital Association (“BVCA”) published its response on the same date, noting the importance of the UK limited partnership regime (English and Scottish) to the UK private funds industry and the relative ease with which legal and tax enhancements may be made without the need for an entirely new regime for unauthorised fund structures. The BVCA response also reiterated the importance of preserving the UK’s capital gains tax and carried interest rules in an increasingly competitive global marketplace and in order to attract asset managers to the UK.

The scope of the review and range of proposals will be welcome news. Given the trend within the funds industry to accumulate holding vehicles in a single jurisdiction (in order to satisfy even more stringent international substance requirements for tax purposes), it is helpful that the UK funds review comes alongside coordinated consultations on the UK asset holding company regime. More details of the proposals and the ways in which they would operate are to follow, however funds and asset managers will be keen to assess whether any new UK funds regime is straightforward to access and is competitive with those of other key EU and non-EU fund domiciles.

III. Uncertain tax treatment consultation

On 23 March 2021, the government published its second consultation on proposals to require large businesses to notify HMRC in advance if they have taken a tax position contrary to HMRC’s. Whilst certain aspects of the proposal have changed for the better (such as a series of more objective triggers for when an uncertain tax treatment occurs), the requirement and administrative burden for large businesses to provide HMRC with information to help them identify and resolve potential disagreements at an earlier stage remains.

We previously reported on the delay (until April 2022) of a new obligation for businesses to notify HMRC of uncertain tax positions taken in their tax returns (see our see our previous Alert). As part of its Tax Day announcements in March this year, the government has published its second consultation on uncertain tax treatment that will broadly require large businesses to notify HMRC in advance if they have taken a tax position contrary to HMRC’s.

The first consultation last year received widespread criticism from respondents that the proposal was too subjective and difficult for businesses to assess. HMRC appears to have taken note, with the new consultation aiming to obtain feedback on a series of more objective triggers for determining when an uncertain tax treatment occurs. It is proposed that these will be scenarios where the tax treatment:

results from an interpretation that is different from HMRC’s known position;
was arrived at other than in accordance with known and established industry practice;
differs from how an equivalent transaction was treated in a previous return;
is in some way novel, so that it cannot reasonably be regarded as certain;
is the subject of a provision in the company’s accounts;
results in a deduction greater than the related economic loss; or
has been the subject of professional advice that either contradicts other advice received or has not been followed.

Whilst more helpful than the proposal as part of the first consultation, a number of the new triggers are still likely to be viewed as too subjective (with significant scope for further HMRC guidance). The second consultation requests views from stakeholders on the threshold for notification, exclusions from the requirement to notify and input on a new penalty regime. Helpfully, the second consultation provides that the new measure would only apply to VAT, income tax (including PAYE) and corporation tax (rather than all taxes envisaged under the first consultation). The previous materiality threshold of £1 million has instead been replaced with a figure of £5 million, as a means of reducing the administrative burden for businesses. In addition, there will now only be one penalty for failure to notify a tax uncertainty, which would fall on the entity rather than on any individual (with slightly different rules applying to large partnerships). Despite these positive changes, the underlying policy rationale for the new regime has still not been fully explained. As a result, taxpayers may be concerned that the proposals are a disproportionate response to the issues HMRC has identified and hopes to solve.

Other aspects are yet to be explained, such as the position of taxpayers that do not have a HMRC Customer Compliance Manager, and the expected actions where a tax position becomes uncertain after a report has been made (e.g. following subsequent updates to HMRC manuals). Whilst certain aspects of the proposal have changed for the better, the requirement for large businesses to provide HMRC with information to help them identify and resolve potential disagreements at an earlier stage remains.

IV. Transfer pricing documentation consultation

On 23 March 2021, the government published a new consultation to seek views on the clarifying and strengthening of UK transfer pricing documentation requirements. The consultation aims to explore potential changes to: (i) transfer pricing record keeping requirements for the largest businesses, and (ii) the introduction of a new tax filing requirement for all businesses affected by transfer pricing regulations.

The current transfer pricing documentation requirements are governed by relatively generic record keeping requirements for businesses to keep sufficient records to deliver complete and accurate tax returns. The new proposals as part of the consultation may require certain businesses to keep additional transfer pricing information in a standardised format in order to be promptly provided to HMRC upon request, and to provide further details in their annual tax return about material cross border transactions with associated entities.

The government is seeking feedback on the introduction of a new requirement for multinational enterprises within country-by-country reporting groups to provide HMRC with a copy of the master file and local file within 30 days of request. In addition, the benefits of requiring the local file to be supported by some form of evidence log is being explored

The consultation also seeks to align the UK with the approach taken by a number of other jurisdictions, which require businesses to file an annual schedule reporting data about intra-group cross-border transactions. Such an international dealings schedule is proposed to be in addition to any requirement for a master and local file. It would apply to those businesses within the scope of the UK transfer pricing rules (that is, other than small and medium sized businesses that are generally exempt), and UK-to-UK transactions would be excluded.

C. Other UK Developments

I. Deferral of HMRC’s VAT treatment of compensation and termination payments and VAT grouping consultation update

VAT Treatment of Compensation and Termination Payments

HMRC has updated its guidance on the VAT treatment of compensation payments and termination charges by withdrawing previously published amendments stipulating that such payments will generally be subject to VAT having retrospective application. Instead, the revised VAT treatment will take effect from a “future date” (still to be determined at the time of writing), and HMRC will issue revised guidance to assist businesses with the new approach.

In our previous Alert, we discussed Revenue and Customs Brief 12/20 which concluded that, in HMRC’s view, payments by a customer for early termination or cancellation of a contract constitutes consideration for the original supply that the customer had contracted for. That is, such payments will generally be subject to VAT including with retrospective effect. Previously, payments, including compensation or early termination payments, were regarded as outside the scope of VAT.

When Revenue and Customs Brief 12/20 was first published in September 2020, the amendments were not well received by industry, which raised concerns about the negative effects to the principle of legal certainty arising from the retrospective application.

On 25 January 2021, HMRC decided that the VAT treatment set out in Brief 12/20 would no longer have retrospective application, but that it would apply from a “future date”.[4] Although the particular date is currently unclear, HMRC has provided welcome clarification that businesses have two choices about how to treat payments until further guidance is issued. This includes: (i) treating payments as consideration for a supply and therefore liable to VAT, or (ii) regard the payments as outside the scope of VAT (if that is how they were treated before the HMRC Brief) until further guidance is published. Until this time, it may be prudent for taxpayers to review any termination and compensation payments within new or existing contracts that may fall within the scope of the revised guidance, to enable swift action once further guidance is published.

VAT Grouping

Following last year’s call for evidence to review VAT grouping provisions in the UK, the UK government announced plans within the Spring Consultation to publish the responses in summer 2021, although the government would not take the issue any further.

In August 2020, HMRC issued a call for evidence to examine the operation of VAT grouping provisions in the UK, and determine how the provisions impact businesses and the wider business environment in order to inform future policy.[5] The call for evidence sought information on the establishment provisions; compulsory VAT grouping; and the eligibility criteria for limited partnerships who are not within the current legislation, which is discussed further in our previous Alert.

In the 2021 Spring Consultation, it was announced that whilst the responses to the call for evidence would be published by summer 2021, the government would not take the issue further.

As discussed further in our previous Alert, we identified concerns raised in relation to the additional administrative burden of the “establishment only” approach, the inflexibility of compulsory VAT grouping and an increase in compliance costs for funds that may not be recoverable. Given that the proposals in the call for evidence may have increased VAT costs for UK taxpayers, the decision by the government to take no further action may be welcomed, particularly by fund structures and financial services groups.

EU / UK Social Security Coordination

Following the UK’s exit from the European Union on 31 December 2020, the EU-UK Trade and Cooperation Agreement has introduced a Social Security Protocol which seeks to replicate the former social security coordination between the UK and the EU under the EU’s Social Security Regulations.

Prior to 1 January 2021, the EU’s Social Security Regulations[6] provided that an individual is only subject to the social security rules of one member state at any time, and typically contributions will be payable to the state where the work is done. Limited exceptions to the basic principle included: (i) individuals working in two or more member states, and (ii) those who worked in the UK on a short term assignment. In effect, the Social Security Regulations prevented an individual from paying social security contributions in multiple member states and protected against the risk of double taxation.

The EU–UK Trade and Cooperation Agreement includes a Social Security Protocol, which has largely replicated the existing social security coordination between the UK and EU. As before, an individual to whom the Social Security Protocol applies shall be subject to the legislation of one state only – namely, the state where the employment activities are performed. Two exceptions however remain for: (i) detached workers; and (ii) employees working in two or more member states.

Detached workers who are seconded by UK employers to work in an EU member state on a temporary basis for a maximum period of 24 months will remain within the scope of UK National Insurance contributions. Unlike under the Social Security Regulations, there will be no prospect to extend the 24 month period. Notably, and in contrast to the Social Security Regulations, this was an “opt in” provision, but by 1 February 2021, all EU member states had opted in, and agreed to apply the provisions. However, each EU member state can opt out of the rules in the future with only one month’s notice.

The Social Security Protocol maintains that where an employee works in the UK, as well as one or more EU jurisdictions, the employee will be subject to contributions in the jurisdiction where the employee resides, provided that at least 25% of their working time or remuneration is pursued there. Otherwise, a number of tests (depending in part on how many employers the employee has) is applied to determine whether contributions are payable in the UK or the EU.

The Social Security Protocol is applicable to both UK and EU nationals, and to third-country nationals who are or have been subject to the social security system of either the UK or an EU country, but not to individuals working in EEA countries (Iceland, Norway, Lichtenstein or Switzerland) who may be required to obtain further documentation to permit payment of National Insurance contributions in the UK.[7] It will cover new assignments, or employees starting work in multiple locations on or after 1 January 2021. Any arrangements in effect prior to this date will continue to be governed by the Social Security Regulations for so long as the existing arrangements continue unchanged and without interruption.

Repeal of the Interest and Royalties Directive

The Finance Bill 2021 has repealed UK law that gave effect to the EU Interest and Royalties Directive, effective from 1 June 2021. As a result, UK companies will no longer be able to rely on the withholding tax reliefs for interest and royalty payments between connected companies. Such companies are instead advised to deduct tax at the respective double tax treaty rate, which may be nil, although not necessarily in all cases.

The EU Interest and Royalties Directive[8] was implemented into UK law in 2004. It ensured that intra-group interest and royalty payments between connected companies in different EU member states were not treated less favourably than such payments between connected companies within the same member state.

Where each of the following conditions were satisfied: (i) the payee is a company resident in an EU member state other than the UK; (ii) the payer is a UK tax resident company or a UK permanent establishment of an EU company; and (iii) the payer owns at least 25% of the payee (or vice versa) or a third company owns at least 25% each of the payer and payee, the EU Interest and Royalties Directive aimed to remove, wherever possible, withholding taxes on payments of interest and royalties between such connected companies.

When the Brexit transition period ended on 31 December 2020, the EU Interest and Royalties Directive was no longer applicable to the UK. The UK implementing laws were however still in force and so its provisions still apply to payments of interest and royalties paid from the UK to EU member states. The Finance Bill 2021 repealed the UK implementing laws, with effect from 1 June 2021. The effect of this is that interest and royalty payments made from UK resident companies to eligible connected companies resident in the EU will no longer be exempt from withholding tax.

Instead, from 1 June 2021, withholding tax obligations will be governed “solely by the reciprocal obligations in double taxation agreements”.[9] In many cases, the double taxation agreements may, subject to relief application to HMRC, reduce or eliminate withholding tax obligations, reducing the impact on tax liabilities . However, UK resident companies should carefully consider the applicable rate and conditions under the relevant double taxation agreement between the UK and relevant EU member state where a connected company is expected to receive such interest or royalty payments.

III. UK property-rich collective investment vehicles – limited portfolio exemption for offshore CIVs

In 2020, the UK government consulted on new legislation relating to “UK property-rich” collective investment vehicles (“CIVs”) and their investors for UK capital gains tax purposes. New legislation has been introduced so that specified investors in UK property-rich CIVs are (provided certain conditions are satisfied) treated as not having a substantial indirect interest in UK land at the time of a relevant disposal for capital gains tax purposes.

New UK regulations came into effect on 24 March 2021 amending the tax treatment of non-UK investors in UK property-rich CIVs. This follows consultations that took place late in 2020.[10]

The Finance Bill 2019 first introduced the ability to tax gains made by non-UK residents on UK property, including specific rules for ‘UK property-rich’ CIVs and their investors. The effect of the legislation was that offshore CIVs that are not partnerships were by default treated as companies for the purpose of chargeable gains, and disposals of interests in offshore CIVs by non-UK resident investors would also be subject to UK tax.

Under the 2019 rules, CIVs were treated separately to the treatment of UK property-rich assets (i.e. assets that derive at least 75% of their value from UK land). Non-UK resident investors were liable to pay tax on any gain arising from a disposal of a UK property-rich asset where they owned at least a 25% interest (directly or indirectly) in that entity (a substantial indirect interest). Non-UK resident investors in CIVs however did not have the benefit of the substantial indirect investment test and did not have to satisfy the 25% ownership threshold before tax was payable.

The new CIV regulations seek to redress this imbalance. Under the new rules, an offshore CIV disposing of a UK property-rich company will be deemed not to have a substantial indirect interest if the CIV:

meets the non-UK real estate and genuine diversity of ownership conditions;
is not a UK feeder vehicle (i.e. where at least 85% of the market value of the assets of the vehicle at that time derives from units in a single CIV that is UK property-rich) immediately before the disposal; and
immediately before disposal, the offshore CIV did not have a 10% interest in the UK property-rich company.

The effect of this is that non-UK resident investors in offshore CIVs that dispose of an interest in a UK property-rich company will not be treated as having a substantial indirect interest in UK land at the time of the relevant disposal. Accordingly, non-UK resident investors will not be liable to pay capital gains tax on the disposal, provided that the conditions listed above are met. This will be welcome news to non-UK resident investors in UK land and helps to prevent potential situations of double taxation where non-UK resident investors dispose of their interests in a CIV vehicle.

IV. Draft regulations to implement OECD Mandatory Disclosure Rules

The UK government plans to begin consultations to implement the OECD Mandatory Disclosure Rules after the scope of mandatory reporting under DAC 6 was significantly narrowed shortly before the end of the Brexit transition period.

As noted in our January DAC 6 update, the UK government narrowed the scope of mandatory reporting under the EU Mandatory Disclosure Regime, (“DAC 6”), in the UK with effect from 11 pm on 31 December 2020. As a result, only cross-border arrangements (i.e. those concerning the UK or an EU member state) falling within the Category D hallmark of DAC 6 (broadly, those that (a) have the effect of circumventing the OECD’s Common Reporting Standard, or (b) obscure beneficial ownership) will be reportable.

As part of the Finance Bill 2021, the UK government confirmed that it will begin consultations on, and the implementation of, mandatory reporting under the OECD Mandatory Disclosure Rules. No specified time frame has been provided for the consultation, but HMRC explained that it will be “as soon as practicable” in order to transition from European to international rules. It is also likely that the existing legislation which implements DAC 6 in the UK will be repealed.

V. Possible changes to UK stamp duty procedures

During the COVID-19 pandemic, HMRC relaxed procedures for the stamping of instruments subject to UK stamp duty. Updates to HMRC’s guidance suggest that these processes may be permanent.

The “stamping” of instruments subject to UK stamp duty is an analogue process: it requires the instrument of transfer to be posted to HMRC, a physical stamp affixed to the instrument (once HMRC is satisfied that the duty had been paid), and the stamped instrument posted back to the taxpayer or its advisers. The process typically takes approximately 6 to 8 weeks. Procedures were, however, relaxed as a result of the COVID-19 pandemic. Since March 2020, HMRC has: (a) accepted, via email, pdf copies of instruments of transfer and instruments signed electronically; and (b) instead of physically stamping the instrument, (once satisfied that stamp duty has been paid) provided taxpayers with a letter of acknowledgment directing registrars that the register of the company transferred can be updated to reflect the change of shareholder. While the process still generally takes 4 to 6 weeks, the changes have been widely welcomed, and HMRC issued a consultation in the summer of 2020 about modernising the stamping process. In April 2021, guidance (first published in March 2020) to explain the above-mentioned changes was updated, to remove references to “temporary measures” in place “during the pandemic”, and instead refer to “new measures”. While HMRC has yet to make an announcement, the updates suggest that the processes currently in place may be permanent.

D. International Developments

I. EU consultation on VAT rules for financial and insurance services

On 8 February, the European Commission (“EC”) launched a public consultation on the VAT rules applying to the supply of financial and insurance services, with a view to updating and rationalising existing rules. The consultation closes on 3 May, with the EC proposing to introduce a new directive in the last quarter of 2021.

Supplies of financial and insurance services are generally exempt for VAT purposes. While this makes the cost of the supplies more competitive to customers, it restricts the ability of financial and insurance businesses to recover their input VAT. The consultation identifies a number of concerns about the VAT rules in this area:

The law has developed over the years through fact-specific case-law, rather than coherent policy decisions. Supplies of fund management services to defined benefit pension schemes are taxable, for example, while those provided to defined contribution pension schemes are generally exempt.
The rules are often applied inconsistently across member states, jeopardising neutrality and creating uncertainty.
The exemption for financial services may not adequately address the increasingly sophisticated types of financial and insurance services developed in the interim.

A number of alternatives for addressing the above concerns have been put forward – each involving a trade-off between the benefit of greater simplicity, and policy concerns about increasing costs for consumers. Proposals include the possibility of: (a) removing the VAT exemption entirely for financial and insurance supplies, with VAT charged at the standard rate, or alternatively, reduced rates; (b) limiting the scope of exempt financial and insurance supplies; (c) granting businesses the option to tax financial and insurance supplies and (d) reinstating financial and insurance businesses’ flexibility to address irrecoverability through VAT group and cost-sharing groups (mechanisms which have, in recent years, been curtailed[11] or removed for financial services providers[12], respectively).

The consultation comes at an interesting time. Since the end of the Brexit transitional period, UK suppliers of financial and insurance services have been able to recover input VAT on exempt supplies made to recipients in the EU. The potential competitive advantage for the UK financial industry may serve as a catalyst for EU reform. Further, with the end of the Brexit transitional period last year, the UK is no longer obliged to keep in step with EU VAT developments. The UK Treasury’s own consultation on the VAT treatment of financial services (which was widely expected to open on Tax Day) has yet to be published. If there is clarity on the proposed changes to EU VAT rules by the time the UK consultation concludes, this delay may prove wise: a consultation on the future of UK VAT rules is likely to produce the most considered outcomes when it is informed by the wider VAT landscape in which those rules sit.

II. EU public country-by-country reporting

EU proposals for so-called “public country-by-country reporting”, first mooted in 2016, are gaining traction. Broadly, EU jurisdictions (and many others) currently require parent companies of large multinational groups to annually report (generally to their home tax authority) key financial information for each jurisdiction in which the group operates. New EU proposals would, if implemented, require large groups with EU operations to publicise such information.

BEPS Action 13 standards (which have been adopted in over 90 jurisdictions) require parent companies of multinational businesses with annual global revenues of over €750 million to provide tax authorities with an annual breakdown, for each jurisdiction in which the group operates, of revenue, (pre-tax) profits/losses and tax paid and accrued. In February, 16 EU member states (the minimum necessary for the proposal to advance) agreed to support a draft directive for public reporting of (broadly similar) information – albeit on a slightly less granular basis (with information on non-EU jurisdictions generally being aggregated).

The draft directive currently contemplates that the reporting obligation would apply to groups meeting the above-mentioned €750 million threshold whose parent company is incorporated in an EU member state, while those with an EU subsidiary or branch (other than a small-sized enterprise) would also need to “comply or explain”. Businesses subject to the EU’s Capital Requirements Directive IV would be exempt.

The EC will now negotiate with the European Parliament (who favour more onerous requirements) on the draft directive, with a view to reaching agreement by the end of June. If the proposals are implemented, it would likely be a watershed moment for tax transparency. However, the costs are likely to be felt not only in the form of additional compliance burdens, but also in the potential chilling effect on legitimate tax planning (which non-tax professionals may view with suspicion).

The OECD has published specific guidance on the application of: (i) transfer pricing principles[13]; and (ii) double tax treaties[14], in the context of the COVID-19 pandemic.

As discussed in our April and July 2020 Quarterly Alerts, there has been uncertainty over the last year as to how transfer pricing principles and double tax treaties should be applied in the novel context of the COVID-19 pandemic. The OECD has now published new guidance on these subjects, which (while expressly not intended to displace existing OECD guidance) is intended to provide greater clarity.

Transfer pricing guidance: The new transfer pricing guidance addresses: (i) comparability analysis; (ii) losses and the allocation of COVID-19-specific costs; (iii) government assistance programmes; and (iv) advance pricing agreements. Highlights include practical suggestions for addressing the absence of contemporaneous comparability data, such as providing flexibility in related party contracts for terms to be retrospectively updated to reflect contemporaneous comparability data when it becomes available). The guidance also confirms that (while each advance pricing agreement should be assessed on a case-by-case basis) changes in economic and market conditions arising from the COVID-19 pandemic are likely to qualify as a breach of the critical assumptions under the OECD’s advance pricing agreement guidelines.[15]As discussed in our April and July 2020 Quarterly Alerts, there has been uncertainty over the last year as to how transfer pricing principles and double tax treaties should be applied in the novel context of the COVID-19 pandemic. The OECD has now published new guidance on these subjects, which (while expressly not intended to displace existing OECD guidance) is intended to provide greater clarity.

Tax treaty guidance: The guidance addresses (amongst other things) concerns relating to: (i) residence and the creation of permanent establishments; (ii) agency and construction site permanent establishments; (iii) changes to an individual’s residence status; and (iv) income from employment. In particular, the guidance confirms that (in the OECD’s view): (A) neither “the exceptional and temporary change of the location where employees exercise their employment” nor “the temporary conclusion of contracts in the home of employees or agents because of the COVID-19 pandemic” should create a permanent establishment for businesses; and (B) “a temporary change in location of board members or other senior executives is an extraordinary and temporary situation due to the COVID-19 pandemic and such change of location should not trigger a change in treaty residence.” In an employment tax context, however, the guidance notes that “an exceptional level of coordination between jurisdictions is needed to mitigate the compliance and administrative costs for employees and employers associated with an involuntary and temporary change of the place where employment is performed”, and (where relevant) recommends recourse to mutual agreement procedures.

The decision as to how these topics will be dealt with ultimately rests with local tax authorities. Unfortunately, (unless the tax authority has issued guidance on its intentions), whether they will choose to follow the OECD’s pragmatic approach is only like to become apparent once the crisis has abated.

E. Notable Cases

I. Danske Bank A/S v Skatteverket (C‑812/19) and The Commissioners for Her Majesty’s Revenue & Customs v Wellcome Trust Ltd (C-459/19)

Two key VAT decisions were handed down by the Court of Justice of the European Union (“CJEU”) in March 2021: Danske Bank[16] and Wellcome Trust.[17]

Danske Bank A/S v Skatteverket (C‑812/19)

Background

Danske Bank’s head office was located in Denmark and was part of a Denmark VAT group. The company carried on activities in Sweden through a branch which did not form part of any VAT group. The head office provided a computer platform to the branch for the purposes of its activities in Sweden and re-charged a portion of the costs to the branch. A question arose as to whether the supply of the platform by the head office to the branch was a supply for VAT purposes and subject to a VAT reverse charge in Sweden.

Drawing on the principle set out in Skandia, the CJEU found in favour of the Swedish authorities, and held that by joining the Danish VAT group, the head office became a taxable person for VAT purposes, separate from the branch. Accordingly, VAT applied under the reverse charge mechanism on the services provided to the Swedish branch.

Observations

The Danske decision is likely to have implications for cross-border businesses operating through branches in the EU and third countries. Not only will this decision increase VAT compliance and administrative obligations for these businesses, exempt or partially exempt groups that had previously relied on the decision in FCE Bank[18] (which held that services between a head office and a branch could be ignored for VAT purposes) will now be subject to VAT, such VAT being, in whole, or in part, irrecoverable – representing an actual cost. For those solely making taxable supplies, any input VAT incurred in connection with those supplies will be recoverable – albeit that there may be a cash flow impact if periods of account are not aligned.

While financial institutions are hopeful that the EC’s review of the VAT rules[19] (currently subject to public consultation (as noted above)), will lead to the removal of the VAT exemption on supplies of financial and insurance services (allowing recovery of any input VAT incurred on the relevant supplies) it is not yet clear whether this indeed will be the outcome, or when a new VAT directive would take effect. Accordingly, the Danske decision will likely force businesses to review their intra-group supplies, in the interim.

The CJEU noted that EU VAT grouping rules should be limited territorially, meaning that overseas branches should not belong to a domestic VAT group (i.e. supporting an ‘establishment only’ approach). It will be interesting to see whether member states that apply a ‘whole establishment’[20] approach to VAT grouping, like Ireland and the Netherlands, will be forced to revise their rules as a result.

As the decision in Dankse was delivered following the end of the transition period, the UK is not bound by this decision. The UK currently applies a ‘whole establishment’ approach to VAT grouping, accordingly, UK VAT groups are not subject to this territorial limit and overseas branches may be treated as part of a UK VAT group (subject to the treatment of the branch under the VAT grouping rules in the other jurisdiction).

Wellcome Trust Ltd (C-459/19)

Background

The CJEU upheld the Attorney-General’s decision[21] (reported in our July 2020 Quarterly Alert) determining that a UK trustee receiving services from an overseas supplier in connection with its non-economic activities must account for VAT under the reverse charge mechanism (with potential irrecoverable VAT suffered) where those services are used in a business, and not a private capacity.

Observations

The CJEU rejected the argument that a taxable person receiving services in connection with its non-economic activities was not a ‘taxable person acting as such’ for the purposes of Article 44. The CJEU distinguished between a taxable person carrying out non-economic activities in a business capacity and non-economic activities in a private capacity, noting that the latter would not fall to be treated as a “taxable person acting as such” under Article 44. Consequently, the Court noted that for the purposes of determining the place of supply for VAT purposes in this instance, the purpose of the non-economic activities should be clearly documented.

II. HMRC v Development Securities PLC and Others [2020] EWCA Civ 1705

The Court of Appeal (“CoA”) allowed HMRC’s appeal that certain Jersey-incorporated subsidiaries of a UK parent were centrally managed and controlled in the UK by the directors of the UK parent, and consequently, UK tax resident. Whilst the judgement expressed ‘considerable reservations’ about the First Tier Tribunal’s (“FTT”) conclusions on residency, the CoA ultimately overturned the Upper Tribunal’s (“UT”) subsequent decision on technical grounds.

Background

Jersey resident subsidiaries (“Jersey Companies”) of a UK-resident company (“DS Plc”) purchased UK real estate (the “Assets”), above value (the “Acquisition”). Immediately following the Acquisition, the Jersey Companies migrated to the UK (by replacing Jersey directors with UK resident directors) and transferred the Assets to other UK group members with an aim to maximise capital losses available to the UK group. Following advice from DS Plc regarding the arrangement, the directors of the Jersey Companies met in Jersey to approve the arrangement.

To maximise the capital loss position, the Jersey Companies had to be Jersey tax resident at the time of the Acquisition. This was contested by HMRC.

A company is resident in the UK if it is either (i) incorporated in the UK; or (ii) centrally managed and controlled in the UK. The latter is ultimately a question of fact. De Beers Consolidated Mines Ltd v Howe[22] is the leading authority on (ii), establishing the principle that a company resides where its real business is carried on and where decisions are in substance made.

The CoA decision

The CoA upheld the FTT’s decision that central management and control had been exercised by the directors of DS Plc. The FTT determined that, while the directors of the Jersey Companies met in person, were made aware and had understood the arrangement, they were merely agreeing to implement transactions on the instruction of the directors of DS Plc, “without any engagement with the substantive decision albeit having checked (in tandem with DS Plc) that there was no legal bar to them carrying out the instruction“.[23]

The CoA had restored the FTT’s decision on the basis that the reasons for the UT overturning the FTT’s decision, were flawed. It is interesting to note that the CoA did not necessarily agree with the FTT’s decision. Lord Justice Nugee noted that he had ‘considerable reservations’ about the FTT’s conclusions on residency and agreed with the taxpayers comment that “the [First-Tier Tax Tribunal’s] decision was the first time in any case where the local board of directors of a company had actually met, had understood what they were being asked to do, had understood why they were being asked to do it, had decided it was lawful, had reviewed for itself the transactional documents, had been found not to have acted mindlessly, but had nevertheless been found not to have exercised [central management and control].”[24]

Observations

The CoA’s decision is yet another example of the difficulties faced in applying the corporate residency test in practice. The CoA reiterates the importance of documentation and note-taking at board meetings however, falls short of clarifying the application of the residency test where an offshore company acts on instruction from a parent. It remains to be seen whether DS Plc will rely on Lord Nugee’s reservations as support for an appeal to the Supreme Court.

III. Odey Asset Management LLP v HMRC [2021] UKFTT 31 (TC)

The FTT found that profits allocated to a corporate member as part of a deferral mechanism were subject to income tax (as miscellaneous income)[25] in the year amounts were ultimately received by the individual members.

Background

Odey Asset Management Limited (“Odey”) was a UK partnership carrying on an investment fund management business. Under a special capital arrangement, individual members’ right to receive partnership profits (an “Individual Share”) were deferred until certain performance conditions were satisfied. Each year, Odey paid the Individual Shares to a corporate member of Odey (“PSCL”) (the “year of allocation”). PSCL would contribute these amounts to Odey subsequently reallocate these profits (subject to the satisfaction of certain conditions) at which time, the individuals could withdraw their Individual Share (the “year of receipt”). Odey held that the individual members were not subject to income tax on their Individual Share in the year of allocation or of receipt.

HMRC disagreed, arguing that each individual member is subject to tax:

on their Individual Share in the year of allocation under section 850 of the Income Tax (Trading and Other Income) Act 2005 (“ITTOIA”);
in the alternative, in the year of receipt under section 687 of ITTOIA (relating to miscellaneous income), or
if section 687 ITTOIA did not apply, under sections 773 to 778 of chapter 4 of part 13 of the Income Tax Act 2007 (“ITA”) (relating to the sale of occupation income).

HMRC lost on (1) but won on (2). The FTT noted that (3) would not apply in this case.

(1) Section 850 of ITTOIA

Section 850 provides that the share of partnership’s trading profits treated as arising to a partner is by reference to the current “profit-sharing arrangements” defined as, “rights of the partners to share in the profits of the trade and the liabilities of the partners to share in the losses of the trade”. The FTT held that a “right” referred to an immediate legal entitlement to receive profits. While the profits had been ‘ear-marked’ for particular individuals in the year of allocation, receipt of those amounts was conditional on meeting certain performance criteria. The FTT accordingly held that the Members had no such “right” in the year of allocation and that section 850 did not apply.

(2) Section 687 of ITTOIA

The FTT held that the amounts received in the year of receipt were subject to tax under section 687 – which operates as a ‘sweep up’ provision, applying to income ‘from any source’. The FTT held that:

sums received were analogous to employment income (in effect, as a deferred bonus);
the “source” of the amounts is the individual members employment; and
drawing on the Upper Tier Tribunal’s decision in Spritebeam[26], there was a ‘sufficient connection’ between the individuals employment and the amounts received, notwithstanding the absence of any contractual obligation on Odey to pay these amounts.

(3) Section 773 to 778 of chapter 4 of part 13 of ITA

Broadly, a tax arises under these provisions where: (i) an individual carries on an occupation; (ii) an individuals earning capacity is exploited by putting another person in a position to enjoy all or part of the income derived from the individuals activities; and (iii) a capital amount is received by the individual in connection with (ii).

The FTT determined that condition (ii) was not met as PSCL was not put ‘in a position to enjoy all or part of the income derived from the individuals activities’ – it received those amounts in its own right. Interestingly, the FTT reached a different conclusion in HFFX LLP & Ors v HMRC[27] finding that amounts allocated to the corporate member (in lieu of being paid to individual members) were subject to tax under these provisions.

Observations

It is interesting that HMRC relied on the operative income tax provisions and did not bring a claim under the targeted anti-avoidance rules despite, as the FTT noted, the clear tax motives behind the arrangement. Given the broad scope of section 687 of ITTOIA, we may see HMRC increasingly seek to tax individual members receiving ‘capital’ amounts (calculated with reference to employment activities), as income. Over the years, HMRC has introduced a myriad of rules (for example, the disguised investment management fee rules and the income-based carried interest rules) that tax investment managers’ performance-based fees, as income, and the Odey decision arguably now provides HMRC with yet another avenue through which this could be achieved.

____________________

[1] https://www.gov.uk/government/publications/off-payroll-working-rules-communication-resources/know-the-facts-for-contractors-off-payroll-working-rules-ir35

[2] https://www.gov.uk/government/publications/off-payroll-working-in-the-public-sector-changes-to-the-intermediaries-legislation/off-payroll-working-in-the-public-sector-changes-to-the-intermediaries-legislation

[3] https://www.gov.uk/government/publications/off-payroll-working-rules-communication-resources/know-the-facts-for-contractors-off-payroll-working-rules-ir35

[4] https://www.gov.uk/government/publications/revenue-and-customs-brief-12-2020-vat-early-termination-fees-and-compensation-payments

[5] https://www.gov.uk/government/publications/vat-grouping-establishment-eligibility-and-registration-call-for-evidence

[6] Comprised of Regulation (EC) 883/2004 on the co-ordination of social security systems and Regulation (EC) 987/2009, the implementing regulations.

[7] https://www.gov.uk/guidance/national-insurance-for-workers-from-the-uk-working-in-the-eea-or-switzerland

[8] EU Council Directive 2003/49/EC.

[9] https://www.gov.uk/government/publications/repeal-of-provisions-relating-to-the-interest-and-royalties-directive/repeal-of-provisions-relating-to-the-interest-and-royalties-directive

[10] https://www.gov.uk/government/consultations/draft-regulations-the-uk-property-rich-collective-investment-vehicles-amendment-of-the-taxation-of-chargeable-gains-act-1992-regulations-2021

[11] See for example, Skandia (Case C‑7/13) and Danske Bank (Case C‑812/19), discussed in section E below.

[12] As to which, see DNB Bank (Case C-326/15), Minister Finansów v Aviva (Case C-605/15) and EC v Germany (Case C-616/15).

[13] Guidance on the transfer pricing implications of the COVID-19 pandemic: https://www.oecd-ilibrary.org/social-issues-migration-health/guidance-on-the-transfer-pricing-implications-of-the-covid-19-pandemic_731a59b0-en

[14] Updated guidance on tax treaties and the impact of the COVID-19 pandemic, OECD, 21 January: https://www.oecd.org/coronavirus/policy-responses/updated-guidance-on-tax-treaties-and-the-impact-of-the-covid-19-pandemic-df42be07/

[15] Guidelines for Conducting Advance Pricing Arrangements under the Mutual Agreement Procedure, 2017: https://read.oecd-ilibrary.org/taxation/oecd-transfer-pricing-guidelines-for-multinational-enterprises-and-tax-administrations-2017/annex-ii-to-chapter-iv-guidelines-for-conducting-advance-pricing-arrangements-under-the-mutual-agreement-procedure-map-apas_tpg-2017-20-en#page1

[16] Danske Bank A/S, Danmark, Sverige Filial v Skatteverket (Case C‑812/19) EU:C:2021:196 (11 March 2021) (Advocate General: E. Tanchev).

[17] The Commissioners for Her Majesty’s Revenue & Customs v Wellcome Trust Ltd (C-459/19) EU:C:2021:209 (17 March 2021) (Advocate General: G. Hogan).

[18] Ministero dell’Economia e delle Finanze and Agenzia delle Entrate v FCE Bank plc (C-210/04) EU:C:2006:196 (23 March 2006) (Advocate General: P. Léger).

[19] Launched as part of the EU’s tax action plan for fair and simple taxation to support the EU’s recovery (published 15 July 2020).

[20] This means that overseas branches of eligible persons, can be treated as part of a domestic VAT group.

[21] Wellcome Trust Ltd (C-459/19) (25 June 2020).

[22] (1906) 5 TC 198.

[23] Development Securities (No. 9) Ltd & Ors [2017] TC 0600 [430].

[24] HMRC v Development Securities PLC and Others [2020] EWCA Civ 1705 [101].

[25] Section 687, Income Tax (Trading and Other Income) Act 2005.

[26] Spritebeam v HMRC [2015] STC 1222.

[27] HFFX LLP & Ors v HMRC [2021] TC8023.

Gibson Dunn’s lawyers are available to assist with any questions you may have regarding these developments. For further information, please contact the Gibson Dunn lawyer with whom you usually work, any member of the Tax Practice Group, or the authors in London:

Sandy Bhogal (+44 (0) 20 7071 4266, sbhogal@gibsondunn.com)
Benjamin Fryer (+44 (0) 20 7071 4232, bfryer@gibsondunn.com)
Bridget English (+44 (0) 20 7071 4228, benglish@gibsondunn.com)
Fareed Muhammed (+44 (0) 20 7071 4230, fmuhammed@gibsondunn.com)
Avi Kaye (+44 (0) 20 7071 4210, akaye@gibsondunn.com)

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

This week, there were important virtual currency developments at two of the principal federal banking agencies, the Office of the Comptroller of the Currency (OCC) and the Federal Deposit Insurance Corporation (FDIC). Both of these developments occurred as the markets for digital currencies showed substantial volatility. First, in testimony before Congress on Wednesday, Acting Comptroller of the Currency Michael Hsu expressed concerns about the OCC’s recent actions for digital currency companies and stated that he had “asked staff to review these actions.”[1] Second, the FDIC published a request for information (RFI) about digital assets and the banking system.[2] Comments on the RFI are due by July 16, 2021.

I. Office of the Comptroller of the Currency

Prior to Acting Comptroller Hsu’s appointment by Treasury Secretary Yellen, the OCC was the federal banking agency that had taken the lead on digital currencies, recently approving three applications by digital currency companies. Of these actions, Acting Comptroller Hsu stated his “broad[] concern . . . that these initiatives were not done in full coordination with all stakeholders. Nor do they appear to have been part of a broader strategy related to the regulatory perimeter.”[3]

The OCC approvals involved two applications for conversion from state trust companies to national trust banks, those of Anchorage Digital Bank, National Association, and Protego Trust Bank, National Association, and one application for a new national trust bank charter, for Paxos National Trust.[4] Each approval therefore involved a type of national bank specifically authorized by Congress, and not a special purpose “fintech” charter.

The activities that the OCC stated were permissible for national banks in the approvals covered many digital currency activities, including:

fiduciary custody of digital assets
custody of client cash deposits
providing on-chain governance services allowing clients to participate in the governance of the underlying protocols on which their digital assets operate
operating validator nodes
providing staking as a service
providing clients the ability to delegate staking to third-party validators
settling transactions facilitated by affiliates, third-party brokers and clients
determining that customers should claim forked assets
custody and management of U.S. dollar stablecoin reserves
payment, exchange, and other agent services
trading services and enabling partners to buy and sell cryptocurrency
“know your customer” as a service, including customer identification, sanctions screening, enhanced due diligence, customer risk rating, and other related services[5]

It is not clear what form the OCC staff review mandated by Acting Comptroller Hsu will take. It does appear from the rest of his testimony, however, that the OCC will no longer “go it alone” when it comes to digital assets. As Mr. Hsu – formerly a career supervisor at the Federal Reserve – stated, “[r]ecognizing the OCC’s unique authority to grant charters, we must find a way to consider how fintechs and payments platforms fit into the banking system, and we must do it in coordination with the FDIC, Federal Reserve, and the states.”[6] Mr. Hsu also warned of the potential of systemic risk from digital activities, stating that he was feeling “some déjà vu,” having seen the financial disintermediation of the late 1990s and 2000s that contributed to the Great Recession.[7]

II. Federal Deposit Insurance Corporation

If the OCC appears to be putting on the brakes, the FDIC – the primary federal supervisor for insured state banks, including industrial banks, that are not members of the Federal Reserve system, the U.S. deposit insurer, and the U.S. bank resolution authority – signaled that it wishes to know more about digital assets and the banking system. On May 17, it issued a request for information, soliciting comments regarding insured depository institutions’ (IDIs) current and potential digital asset activities.[8] The FDIC noted that banks are exploring several roles in the digital asset ecosystem, with digital use cases and related activities potentially falling into the following categories:

Technology solutions, such as those involving closed and open payment systems, other token-based systems for banking activities other than payments (g., lending), and acting as nodes in networks (e.g., distributed ledgers)
Asset-based activities, such as investments, collateral, margin lending and liquidity facilities
Liability-based activities, such as deposit services and where deposits serve as digital asset reserves
Custodial activities, such as providing digital asset safekeeping and related services, such as secondary lending, as well as acting as a qualified custodian on behalf of investment advisors
Other activity including market-making and decentralized financing

Current and Potential Use Cases

The RFI seeks information regarding current and potential use cases of digital assets, including categories of digital assets and related activities, activities or use cases that IDIs are currently engaging in or considering, and the demand for digital asset-related services.

Risk and Compliance Management

The RFI asks for comment regarding risk and compliance management, including IDIs’ existing risk and compliance management frameworks; unique risks that are challenging to measure, monitor, and control for the various digital asset use cases; unique benefits to operations from the various digital asset use cases; the integration of operations related to digital assets with legacy banking systems; potential benefits and unique risks of particular digital asset product offerings or services to IDI customers; and the integration of new technologies into existing cybersecurity functions.

Supervision and Activities

The RFI requests information regarding supervision and activities, including the unique aspects of digital asset activities that the FDIC should take into account from a supervisory perspectives; areas in which the FDIC should clarify or expand existing supervisory guidance to address digital asset activities; the difference between the custody of digital assets and the custody of traditional assets; and the interaction of digital assets with the FDIC’s Part 362 application procedures, which cover applications by insured state nonmember banks to conduct principal activities that have not been approved for national banks.

Deposit Insurance and Resolution

The RFI asks for information regarding deposit insurance and resolution, including steps to ensure customers can distinguish between uninsured digital asset products and insured deposits; distinctions or similarities between fiat-backed stablecoins and stored value products where the underlying funds are held at IDIs and for which pass-through deposit insurance may be available; and complexities that might be encountered in valuing, marketing, operating, or resolving digital asset activity in the resolution process or in a receivership capacity.

Conclusion

This week’s actions demonstrate that, as the Biden Administration takes shape, there is a change in banking agency approach to digital assets and that addressing the issues raised by digital assets remains a considerable regulatory priority. It appears that the OCC, Federal Reserve Board and FDIC will take a more coordinated approach to digital assets, one result of which may be that certain state bank regulatory agencies may take the lead on innovative proposals in the short term. For example, most of the activities that the OCC permitted in its digital currency approvals before Acting Comptroller Hsu was appointed had previously been deemed permissible for state-licensed trust companies.

____________________

[1] Statement of Michael J. Hsu, Acting Comptroller of the Currency, Committee on Financial Services, United States House of Representatives, May 19, 2021 (Hsu Statement).

[2] FDIC, Request for Information and Comment on Digital Assets (May 17, 2021), available at https://www.fdic.gov/news/press-releases/2021/pr21046a.pdf.

[3] Hsu Statement.

[4] Letter from Stephen A. Lybarger, Deputy Comptroller Licensing, OCC, to Nathan McCauley, President & Director, Anchorage Trust Company, Application by Anchorage Trust Company, Sioux Falls, South Dakota to Convert to a National Trust Bank (Jan. 13, 2021); Letter from Stephen A. Lybarger, Deputy Comptroller Licensing, OCC, to Greg Gilman, Founder & Executive Chair, Audaces Fortuna Inc., Application by Protego Trust Company, Seattle, Washington, to Convert to a National Trust Bank (Feb. 4, 2021); Letter from Stephen A. Lybarger, Deputy Comptroller Licensing, OCC, to Daniel Burstein, General Counsel and Chief Compliance Officer, Paxos, Application to Charter Paxos National Trust, New York, New York (Apr. 23, 2021).

[5] See id., available at https://www.occ.gov/news-issuances/news-releases/2021/nr-occ-2021-6a.pdf; https://www.occ.gov/news-issuances/news-releases/2021/nr-occ-2021-19a.pdf; and https://www.occ.gov/news-issuances/news-releases/2021/nr-occ-2021-49a.pdf.

[6] Hsu Statement.

[7] Hsu Statement

[8] FDIC, Request for Information and Comment on Digital Assets (May 17, 2021), available at https://www.fdic.gov/news/press-releases/2021/pr21046a.pdf?source=govdelivery&utm_medium=email&utm_source=govdelivery.

The following Gibson Dunn lawyers assisted in preparing this client update: Arthur Long and Samantha Ostrom.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following members of the firm’s Financial Institutions practice group:

Matthew L. Biben – New York (+1 212-351-6300, mbiben@gibsondunn.com)
Michael D. Bopp – Washington, D.C. (+1 202-955-8256, mbopp@gibsondunn.com)
Stephanie Brooker – Washington, D.C. (+1 202-887-3502, sbrooker@gibsondunn.com)
M. Kendall Day – Washington, D.C. (+1 202-955-8220, kday@gibsondunn.com)
Mylan L. Denerstein – New York (+1 212-351- 3850, mdenerstein@gibsondunn.com)
Michelle M. Kirschner – London (+44 (0) 20 7071 4212, mkirschner@gibsondunn.com)
Arthur S. Long – New York (+1 212-351-2426, along@gibsondunn.com)
Matthew Nunan – London (+44 (0) 20 7071 4201, mnunan@gibsondunn.com)
Jeffrey L. Steiner – Washington, D.C. (+1 202-887-3632, jsteiner@gibsondunn.com)

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Decided May 17, 2021

CIC Services, LLC v. IRS, No. 19-930

Today, the Supreme Court unanimously held that the Anti-Injunction Act does not bar pre-enforcement judicial review of reporting mandates enforced by tax penalties, at least when a mandate is also enforced by criminal punishment.

Background:
CIC Services, LLC advises companies that create and use “captive insurers” to fill gaps in third-party insurance coverage. In 2016, the IRS issued Notice 2016-66, which imposes reporting and recordkeeping requirements for taxpayers and tax advisors involved in captive-insurance transactions—transactions the IRS believes can facilitate tax avoidance. If taxpayers or advisors violate these requirements, they face hundreds of thousands of dollars in civil tax penalties; for willful violations, they face criminal punishment, including imprisonment. CIC filed a pre-enforcement suit to challenge Notice 2016-66 under the Administrative Procedure Act, arguing that the IRS should have promulgated the Notice through notice-and-comment rulemaking, and that the Notice was arbitrary and capricious because it was issued without a proven need.

The Sixth Circuit held that CIC’s suit was barred by the Anti-Injunction Act, which prohibits suits “for the purpose of restraining the assessment or collection of any tax.” 26 U.S.C. § 7421(a). Because the Notice is enforced by a tax penalty, the Sixth Circuit ruled, CIC’s challenge to the Notice necessarily seeks to restrain the assessment or collection of that tax.

Issue:
Whether the Anti-Injunction Act bars pre-enforcement challenges to reporting mandates enforced by tax penalties.

Court’s Holding:
The Anti-Injunction Act does not bar pre-enforcement challenges to reporting requirements enforced by tax penalties that also impose independent legal obligations enforced by criminal punishment, such that the only alternative way of challenging the reporting mandate—violating it, paying the penalty, and then suing for a refund—requires committing a crime.

A suit “to enjoin a standalone reporting requirement, whose violation may result in both tax penalties and criminal punishment … is not a suit ‘for the purpose of restraining the [IRS’s] assessment or collection’ of a tax, and so does not trigger the Anti-Injunction Act.”

Justice Kagan, writing for the Court

What It Means:

Tax advisors may bring pre-enforcement challenges to standalone tax-reporting and other requirements that are backed by both tax penalties and criminal punishment, where the challenge is to the reporting mandate itself, rather than a challenge to the tax penalty imposed for violating that mandate. In these situations, tax advisors do not have to risk criminal liability by violating a mandate before they can challenge its legality.
The Court’s decision will make it easier to obtain judicial review of the IRS’s position that it can use informal guidance—as opposed to rules that go through the notice-and-comment process—to impose information reporting requirements on third parties. This could restrict the agency’s ability to gather information that is indirectly related to the computation of tax.
Now that CIC’s suit can proceed, if on remand the courts rule that Notice 2016-66 should have gone through notice-and-comment rulemaking or is arbitrary and capricious, this could pave the way for similar challenges to other IRS information reporting requirements.
Justice Kavanaugh wrote separately to observe that the Court’s focus on the objective purpose of a pre-enforcement suit aligns with the text of the Anti-Injunction Act and that the Court’s ruling narrows previous decisions suggesting that pre-enforcement suits are barred if they would have the effect of preventing the assessment or collection of a tax. Put another way, what matters is whether the plaintiff seeks relief from a legal obligation imposed by the challenged mandate that is separate and independent from the tax penalty.
Although the Court did not distinguish suits brought by taxpayers from those brought by tax advisors like CIC, Justice Sotomayor wrote separately to suggest that the outcome might have been different had the plaintiff been a taxpayer. This issue likely will be presented in future litigation if the Government attempts to cabin the ruling to tax advisors.

The Court’s opinion is available here.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding developments at the Supreme Court. Please feel free to contact the following practice leaders:

Appellate and Constitutional Law Practice

Allyson N. Ho
+1 214.698.3233
aho@gibsondunn.com

Mark A. Perry
+1 202.887.3667
mperry@gibsondunn.com

Lucas C. Townsend
+1 202.887.3731
ltownsend@gibsondunn.com

Bradley J. Hamburger
+1 213.229.7658
bhamburger@gibsondunn.com

Related Practice: Tax

Sandy Bhogal
+44 (0) 20 7071 4266
sbhogal@gibsondunn.com

Eric B. Sloan
+1 212.351.2340
esloan@gibsondunn.com

Dora Arash
+1 213.229.7134
darash@gibsondunn.com

Related Practice: Administrative Law and Regulatory Practice

Helgi C. Walker
+1 202.887.3599
hwalker@gibsondunn.com

Eugene Scalia
+1 202.955.8210
escalia@gibsondunn.com

Decided May 17, 2021

BP plc v. Mayor & City Council of Baltimore, No. 19-1189

Today, the Supreme Court held 7-1 that appellate courts have jurisdiction to review all grounds for removal in a remand order so long as removal is premised in part on the federal-officer removal statute or the civil-rights removal statute.

Background:
The Mayor & City Council of Baltimore sued energy companies in Maryland state court, seeking to hold them liable under state tort law for harms attributable to global climate change. Defendants removed the action, asserting (among other things) federal-question jurisdiction, federal-officer removal jurisdiction, and Outer Continental Shelf Lands Act jurisdiction. The district court granted the City’s motion to remand, rejecting each of Defendants’ grounds for removal. Defendants appealed.

Under 28 U.S.C. 1447(d), “[a]n order remanding a case to the State court from which it was removed is not reviewable on appeal or otherwise, except that an order remanding a case to the State court from which it was removed pursuant to section 1442 [federal-officer removal] or 1443 [civil rights] of this title shall be reviewable by appeal or otherwise.” The Fourth Circuit acknowledged that the Supreme Court had interpreted similar language in 28 U.S.C. 1292(b) to confer appellate jurisdiction over the entire order, rather than particular reasons for the order, and that the Seventh Circuit had relied on that authority in holding that 28 U.S.C. 1447(d) authorizes appellate courts to review any issue in a remand order so long as removal was premised in part on the federal-officer removal statute or the civil-rights removal statute. But the court concluded that those decisions were insufficient to abrogate preexisting Circuit authority interpreting 28 U.S.C. 1447(d) as conferring appellate jurisdiction over only the enumerated grounds for removal.

The Fourth Circuit affirmed the district court’s conclusion that removal was improper under the federal-officer removal statute, and otherwise dismissed for lack of appellate jurisdiction.

Issue:
Does 28 U.S.C. 1447(d) permit courts of appeals to review any issue encompassed in a district court’s order remanding a removed case to state court where the removing defendant premised removal in part on the federal-officer removal statute, 28 U.S.C. 1442, or the civil-rights removal statute, 28 U.S.C. 1443?

Court’s Holding:
Yes. The plain meaning of the term “order” refers to “a ‘written direction or command delivered by … a court or judge,’” and neither legislative history nor policy support limiting the scope of appellate review to particular issues contained in such an order.

“[W]hen a district court’s removal order rejects all of the defendants’ grounds for removal, §1447(d) authorizes a court of appeals to review each and every one of them.”

Justice Gorsuch, writing for the Court

What It Means:

A defendant that asserts multiple grounds for removal will be able to secure appellate review from a remand order with respect to all grounds, so long as at least one of those grounds is appealable (such as the federal-officer removal statute or the civil-rights removal statute).
The Court’s ruling may create opportunities for state-court defendants to test new theories supporting federal jurisdiction. The Court noted that the prospect of sanctions or the award of costs and expenses (including attorneys’ fees) for frivolously removing a case to federal court should deter gamesmanship.
The Court’s reasoning may have broader implications for statutory interpretation. First, the Court emphasized that the presumption that statutory exemptions should be read narrowly does not give courts license to give those exemptions anything but a fair reading. Second, it held that Congress did not ratify the more limited interpretation of 28 U.S.C. 1447(d) adopted by lower courts when it subsequently amended the statute without changing its use of the term “order,” because the statutory text was clear.

The Court’s opinion is available here.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding developments at the Supreme Court. Please feel free to contact the following practice leaders:

Appellate and Constitutional Law Practice

Allyson N. Ho
+1 214.698.3233
aho@gibsondunn.com

Mark A. Perry
+1 202.887.3667
mperry@gibsondunn.com

Theodore J. Boutrous, Jr.
+1 213.229.7804
tboutrous@gibsondunn.com

Lucas C. Townsend
+1 202.887.3731
ltownsend@gibsondunn.com

Bradley J. Hamburger
+1 213.229.7658
bhamburger@gibsondunn.com

Thomas G. Hungar
+1 202.887.3784
thungar@gibsondunn.com

The 17th amendment of the Foreign Trade and Payments Ordinance (“AWV amendment”) came into effect in the first week of May 2021. It marks the third fundamental revision of the German FDI regime since April 2020. FDI scrutiny in Germany therefore continues to witness a significant amount of attention.

Summary

Almost 20 new business sectors, for which a mandatory cross-sector filing may be required, are added to the existing regime. These include: satellite systems, artificial intelligence, robots, autonomous driving/unmanned aircrafts, quantum mechanics, and critical raw materials.
In these newly covered business sectors, a mandatory filing is triggered if 20% or more of the voting rights in the German target are to be acquired by a non-EU/EFTA investor. This is higher than the 10% threshold that applies to the business sectors covered by the regime before the most recent changes.
One of the main goals of the reform is to mirror in national law the protection of the specific sectors mentioned in Art. 4(1) Regulation (EU) 2019/452 (“EU Screening Regulation”) and to further clarify the delineation of these sectors.
Investments in the defence sector also face a broader range of mandatory sector-specific filing obligations.
In addition, an ex officio review can now also be triggered if certain control rights are acquired.

Background

On 30 April 2021, the AWV amendment was published in the Federal Gazette and came into effect the day after. The German Ministry of Economic Affairs and Energy (“BMWi”) had published a draft of the amendment in January 2021, which was open for public consultation. The AWV amendment follows two earlier revisions to the German FDI regime in 2020 which were triggered by the COVID-19 pandemic as well as the EU Screening Regulation. FDI regimes across the globe, in particular in EU Member States, such as Austria, France, Italy, and Spain have seen substantial expansion in recent months.

Overview

The AWV amendment is mainly driven by the aim of reflecting in national law the categories of critical technologies and activities mentioned in Art. 4(1) of the EU Screening Regulation. By its nature, the EU Screening Regulation has a directly binding effect so that a transposition into national law is not formally required. However, the EU Member States are not obliged to consider these categories as a ground for a mandatory filing and have some discretion with respect to their implementation. The German regulator has added almost twenty critical sectors to the list.

In more detail:

Cross-sector review increased significantly

The AWV amendment expands the cross-sector review significantly and introduces a new investment threshold. A mandatory filing in the newly covered business sectors is only triggered if a non-EU/EFTA investor acquires 20% or more of the voting rights in a German target. The 10% threshold remains the applicable threshold for the business sectors previously covered. The “new” business sectors include:

developers or manufacturers of filter materials that are suitable as a starting material for respirators or medical face masks;
operators of a high-quality earth remote sensing system (e. satellites);
developers or manufacturers of goods which solve specific application problems by means of artificial intelligence and are capable of independently optimizing their algorithm, and which can be used inter alia to carry out cyber-attacks or imitate individuals in order to distribute targeted disinformation;
developers or manufacturers of motor vehicles or unmanned aircrafts;
developers or manufacturers of specific industrial robots;
developers, manufacturers or refiners of micro- or nanoelectronics, including their components;
developers or manufacturers of specific security-relevant IT products or components of such products;
operators of an air carrier with an EU operating license or developers or manufacturers of goods mentioned in subcategories 7A, 7B, 7D, 7E, 9A, 9B, 9D, or 9E of Annex I of Regulation (EC) No 428/2009 (“Dual-Use Regulation”) or goods or technology intended for use in space or for use in space infrastructure systems;
developers, manufacturers, modifiers or users of goods of category 0 or of list headings 1B225, 1B226, 1B228, 1B231, 1B232, 1B233 or 1B235 of Annex I to Dual-Use Regulation;
developers or manufacturers of specific goods or components for such goods using quantum mechanics;
developers or manufacturers of goods with which components of metallic or ceramic materials are produced by means of additive manufacturing processes;
developers or manufacturers of goods specifically for the operation of wireless or wireline data networks;
manufacturers of (components of) smart meter gateways;
employers of persons who work in vital facilities at safety-sensitive locations;
processors or refiners of raw materials or ores that have been defined in the list of critical raw materials;
developers or manufacturers of goods within the scope of protection of a patent classified or a utility model classified; and
a German undertaking which is of fundamental importance for food safety and directly or indirectly manages an agricultural area of more than 10,000 hectares.

Scope of sector-specific review also broadened

In addition, Section 60 of the AWV amendment expands the sector-specific review and now includes a reference to the entire part 1, section A of the export list [Ausfuhrliste]. It also captures developers or manufacturers or modifiers of goods in the field of defence technology, and those who have actual control over such goods which are within the scope of protection of a patent classified or a utility model classified. Both cases also apply to undertakings which have developed, produced or modified or had actual control over the respective goods in the past and which still have knowledge or other access to the underlying technology.

The acquisition of certain control rights opens the scope for ex officio investigations

The scope of the FDI review now also extends to acquisitions of control rights. Section 56(3) of the AWV amendment provides that the regime also applies to acquisitions of effective control over a German target, even if the voting rights threshold of 25% is not exceeded. This is particularly the case if an acquisition of voting rights is accompanied by (i) the guarantee of additional seats or majorities in supervisory bodies or in the management; (ii) the granting of veto rights in strategic business or personnel decisions; or (iii) the granting of information rights. Such rights must go beyond the influence which would ordinarily result from a 25% stake.

Increasing shareholding may trigger another filing obligation

The AWV amendment also clarified that share increases may lead to new filing obligations. If, for example, a non-EU/EFTA investor initially acquired 10% in a German target which operates a critical infrastructure and intends to increase its stake to 25%, 40%, 50%, or 75% (25%, 40%, 50%, or 75% in case of the 20% threshold for “new” business sectors, respectively) a mandatory filing is triggered.

Conclusion

The decision of the German regulator to introduce specific business sectors instead of referring to the broad categories mentioned in the EU Screening Regulation promotes legal certainty. However, it also significantly increases the regulatory burden for inbound M&A. First, the business sectors now covered by the German FDI regime will often require a sophisticated qualitative filing assessment. Secondly, since the categories of control are rather vague, a voluntary filing (to obtain a certificate of non-objection) will more often be considered as the only prudent course.

In light of this, investors should analyse potential FDI filing requirements at an early stage to avoid any time constraints impeding the completion of the transaction.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding the issues discussed in this update. For further information, please feel free to contact the Gibson Dunn lawyer with whom you usually work, any member of the team in Frankfurt or Munich, or the following authors:

Georg Weidenbach (+49 69 247 411 550, gweidenbach@gibsondunn.com)
Michael Walther (+49 89 189 33 180, mwalther@gibsondunn.com)
Wilhelm Reinhardt (+49 69 247 411 520, wreinhardt@gibsondunn.com)
Linda Vögele (+49 69 247 411 536, lvoegele@gibsondunn.com)
Jan Vollkammer (+49 69 247 411 551, jvollkammer@gibsondunn.com)

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Dallas associate Michael Cannon is the author of “The Clean Energy Revolution: Renewable Energy Tax Incentives and Issues” [PDF] published by Tax Notes Federal on April 12, 2021.

On April 27, 2021, a federal court in the Northern District of California dismissed federal and state law claims brought derivatively on behalf of The Gap, Inc., holding that the California proceedings were foreclosed by a forum selection bylaw designating the Delaware Court of Chancery as the exclusive forum for derivative suits (the “Forum Bylaw”). See Lee v. Fisher, Case No. 20-cv-06163-SK, ECF No. 59. This decision strikes a blow against what has become a new tactic of the plaintiff’s bar: asserting violations of the federal securities laws in the guise of shareholder derivative claims. This ruling furthers the purpose of exclusive forum bylaws to prevent duplicative litigation in multiple forums, and highlights the benefits these bylaws may achieve for companies.

The plaintiff in Fisher brought derivative claims purportedly on behalf of Gap against certain directors and officers based on their alleged failure to promote diversity at Gap and for allegedly making misleading statements about Gap’s commitment to diversity. The plaintiff asserted both state law claims (like breach of fiduciary duty) and a federal securities law claim for violation of Section 14(a) of the Securities Exchange Act.

Defendants moved to dismiss on forum non conveniens grounds pursuant to the Forum Bylaw. Plaintiff argued that the court could not enforce the Forum Bylaw as to the federal Section 14(a) claim because (1) that claim was subject to exclusive federal jurisdiction and could not be asserted in the Delaware Court of Chancery, and (2) enforcing the Forum Bylaw would violate the Exchange Act provision that prohibits waiving compliance with the Exchange Act (the “anti-waiver” provision).

The court rejected plaintiff’s arguments and enforced the Forum Bylaw, effectively precluding the plaintiff from asserting a Section 14(a) claim in any forum. First, the court noted the strong policy in favor of enforcing forum selection clauses, which the Ninth Circuit has held supersedes anti-waiver provisions like those in the Exchange Act. See Yei A. Sun v. Advanced China Healthcare, Inc., 901 F.3d 1081 (9th Cir. 2018). Second, relying on the Ninth Circuit’s holding in Sun that a forum selection clause should be enforced unless the forum “affords the plaintiffs no remedies whatsoever,” the court held that the Forum Bylaw was enforceable because the plaintiff could file a separate state law derivative action in Delaware, even if that action could not include federal securities law claims.

This ruling is notable because other federal courts confronted with a similar argument have decided to enforce these bylaws only as to state law claims, and to keep the federal claims in federal court. The result of those rulings, though, is that derivative actions involving the same alleged misconduct could proceed in two forums—actions in federal court involving federal law claims, and actions in state court involving state law claims. This result undermines the purpose of exclusive forum bylaws to prevent duplicative litigation in multiple forums.

The Fisher decision, as well as a similar ruling reached in Seafarers Pension Plan v. Bradway, 2020 WL 3246326 (N.D. Ill. June 8, 2020), should help establish that exclusive forum bylaws require all derivative actions to proceed in a single forum. When drafting and (later) enforcing exclusive forum bylaws, companies should have these recent decisions top of mind to make sure that these bylaws achieve their goal of efficiently litigating disputes in one forum only.

Gibson Dunn lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the Securities Litigation or Securities Regulation and Corporate Governance practice groups, or the following authors:

Brian M. Lutz – San Francisco/New York (+1 415-393-8379/+1 212-351-3881, blutz@gibsondunn.com)
Jason J. Mendro – Washington, D.C. (+1 202-887-3726, jmendro@gibsondunn.com)
Ronald O. Mueller – Washington, D.C. (+1 202-955-8671, rmueller@gibsondunn.com)
Michael J. Kahn – San Francisco (+1 415-393-8316, mjkahn@gibsondunn.com)

Please also feel free to contact any of the following practice leaders and members:

Securities Litigation Group:
Monica K. Loseman – Co-Chair, Denver (+1 303-298-5784, mloseman@gibsondunn.com)
Brian M. Lutz – Co-Chair, San Francisco/New York (+1 415-393-8379/+1 212-351-3881, blutz@gibsondunn.com)
Robert F. Serio – Co-Chair, New York (+1 212-351-3917, rserio@gibsondunn.com)
Craig Varnen – Co-Chair, Los Angeles (+1 213-229-7922, cvarnen@gibsondunn.com)
Jefferson Bell – New York (+1 212-351-2395, jbell@gibsondunn.com)
Matthew L. Biben – New York (+1 212-351-6300, mbiben@gibsondunn.com)
Michael D. Celio – Palo Alto (+1 650-849-5326, mcelio@gibsondunn.com)
Paul J. Collins – Palo Alto (+1 650-849-5309, pcollins@gibsondunn.com)
Jennifer L. Conn – New York (+1 212-351-4086, jconn@gibsondunn.com)
Thad A. Davis – San Francisco (+1 415-393-8251, tadavis@gibsondunn.com)
Mark A. Kirsch – New York (+1 212-351-2662, mkirsch@gibsondunn.com)
Jason J. Mendro – Washington, D.C. (+1 202-887-3726, jmendro@gibsondunn.com)
Alex Mircheff – Los Angeles (+1 213-229-7307, amircheff@gibsondunn.com)
Robert C. Walters – Dallas (+1 214-698-3114, rwalters@gibsondunn.com)

Securities Regulation and Corporate Governance Group:
Elizabeth Ising – Co-Chair, Washington, D.C. (+1 202-955-8287, eising@gibsondunn.com)
James J. Moloney – Co-Chair, Orange County, CA (+ 949-451-4343, jmoloney@gibsondunn.com)
Lori Zyskowski – Co-Chair, New York (+1 212-351-2309, lzyskowski@gibsondunn.com)
Brian J. Lane – Washington, D.C. (+1 202-887-3646, blane@gibsondunn.com)
Ronald O. Mueller – Washington, D.C. (+1 202-955-8671, rmueller@gibsondunn.com)
Thomas J. Kim – Washington, D.C. (+1 202-887-3550, tkim@gibsondunn.com)
Michael A. Titera – Orange County, CA (+1 949-451-4365, mtitera@gibsondunn.com)

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

This edition of Gibson Dunn’s Federal Circuit Update summarizes a new petition for certiorari in a case originating in the Federal Circuit concerning the Kessler preclusion doctrine, it addresses the Federal Circuit’s announcement that Judge Moore will become Chief Judge on May 22, 2021, and it discusses recent Federal Circuit decisions concerning self-enabling references, Article III standing, patent eligibility, and more Western District of Texas venue issues.

Federal Circuit News

Supreme Court:

This month, the Supreme Court did not add any new cases originating at the Federal Circuit. As we summarized in our January and February updates, the Court has two such cases pending: United States v. Arthrex, Inc. (U.S. Nos. 19-1434, 19-1452, 19-1458) and Minerva Surgical Inc. v. Hologic Inc. (U.S. No. 20-440).

The Court heard argument on the doctrine of assignor estoppel on Wednesday, April 21, 2021, in Minerva v. Hologic.

Noteworthy Petitions for a Writ of Certiorari:

There is one new potentially impactful certiorari petition that is currently before the Supreme Court:

PersonalWeb Technologies, LLC v. Patreon, Inc. (U.S. No. 20-1394): 1. Whether the Federal Circuit correctly interpreted Kessler v. Eldred, 206 U.S. 285 (1907), to create a freestanding preclusion doctrine that may apply even when claim and issue preclusion do not. 2. Whether the Federal Circuit properly extended its Kessler doctrine to cases where the prior judgment was a voluntary dismissal.

Other updates include:

On April 1, the Court requested a response in Warsaw Orthopedic v. Sasso (U.S. No. 20-1284) concerning state versus federal court jurisdiction.

As of April 26, the cert-stage briefing is complete in Sandoz v. Immunex (U.S. No. 20-1110), which concerns obviousness-type double patenting. Association for Accessible Medicines has filed an amicus brief in support of Sandoz and the Court has distributed this case for its May 13 conference.

On April 19, Illumina filed its brief in opposition in Ariosa Diagnostics, Inc. v. Illumina, Inc. (U.S. No. 20-892) concerning patent eligibility under 35 U.S.C. § 101.

American Axle & Manufacturing, Inc. v. Neapco Holdings LLC (U.S. No. 20-891), also concerning patent eligibility under 35 U.S.C. § 101, is scheduled for the Court’s April 30 conference.

Other Federal Circuit News:

The Federal Circuit announced that, on May 22, 2021, the Honorable Kimberly A. Moore will become Chief Judge. She will succeed the Honorable Sharon Prost who has served as Chief Judge since May 31, 2014, and has served as Circuit Judge since September 24, 2001. Judge Moore has served as Circuit Judge on the Federal Circuit since September 8, 2006.

Upcoming Oral Argument Calendar

The list of upcoming arguments at the Federal Circuit are available on the court’s website.

Live streaming audio is available on the Federal Circuit’s new YouTube channel. Connection information is posted on the court’s website.

Key Case Summaries (April 2021)

Raytheon Technologies Corp. v. General Electric Co. (Fed. Cir. No. 20-1755): Raytheon appealed a final inter partes review decision from the PTAB determining that certain claims of the asserted patent unpatentable as obvious. Raytheon argued before the Board that the prior art reference, Knip, failed to enable a skilled artisan to make the claimed invention because Knip relied on “revolutionary” materials unavailable as of the priority date of the asserted patent. The Board found that Knip was “enabling,” because it provided enough information to allow a skilled artisan to calculate the power density of Knip’s advanced engine, which fell within the claimed density range. The Board thus concluded that Knip rendered the challenged claims obvious.

The Federal Circuit (Chen, J., joined by Lourie, J. and Hughes, J.) reversed. The court agreed with Raytheon that the Board legally erred it in its prior art enablement analysis. To render a claim obvious, the prior art must enable a skilled artisan to make and use the claimed invention. The Board, rather than determining whether Knip enabled a skilled artisan to make and use the claimed invention, focused only on whether a skilled artisan was provided with sufficient parameters in Knip to determine the claimed power density without undue experimentation. The Board defended its position by noting that the claims did not require the advanced materials disclosed in Knip. However, Raytheon had presented unrebutted testimony that Knip fails to enable a skilled artisan to physically make Knip’s engine given the unavailability of the revolutionary composite material contemplated by Knip. The court thus concluded that the Board’s finding that Knip is “enabling” was legal error, because without a physical working engine, a skilled artisan could not achieve the claimed power density.

Apple Inc. v. Qualcomm Inc. (Fed. Cir. No. 20-1561): Apple appealed two PTAB inter partes review final written decisions holding that Apple did not prove several claims of two patents were obvious. These two patents were also asserted against Apple in district court. However, before Apple filed its appeal to the Federal Circuit, Apple and Qualcomm settled all litigation between the companies. Based on that settlement, the district court action was dismissed with prejudiced at the parties’ request.

The Federal Circuit (Moore, J., joined by Reyna, J. and Hughes, J.) dismissed Apple’s appeal for lack of standing. As a preliminary matter, the court stated that Apple should have addressed arguments and evidence establishing its standing in its opening brief. The court declined to apply waiver, however, and addressed the merits of the standing issue. The court rejected Apple’s argument that its ongoing payment obligations provides standing because Apple did not provide evidence that the validity of any single patent, including the two patents at issue, would impact its ongoing payment obligations. The court also found Apple’s argument that Qualcomm could later sue for infringement after the settlement agreement expires was too speculative to confer standing. Finally, the court explained that any injury based on the inter partes review estoppel’s provision was also too speculative to provide standing, especially where Apple did not show that it will likely be practicing the patent claims.

In Re: Board of Trustees of the Leland Stanford Junior University (Fed. Cir. No. 20-1288): The PTAB affirmed an examiner’s final rejection of claims directed to “computerized statistical methods for determining haplotype phase,” on the basis that the claims were not patent-eligible under 35 U.S.C. § 101. Haplotype phasing “is a process for determining the parent from whom alleles—i.e., versions of a gene—are inherited.” The PTAB held that the claims were directed to two abstract mental processes: (1) “the step of ‘imputing an initial haplotype phase for each individual in the plurality of individuals based on a statistical model’”; and (2) “the step of automatically replacing an imputed haplotype phase with a randomly modified haplotype phase when the latter is more likely correct than the former.” The PTAB also held that the claims lacked an inventive concept, as they “recited generic steps of receiving and storing genotype data in a computer memory, extracting the predicted haplotype phase from the data structure, and storing it in a computer memory.”

The Federal Circuit (Reyna, J., joined by Prost, C.J. and Lourie, J.) affirmed. At step one, the court held that the claims were directed to the abstract idea of “the use of mathematical calculations and statistical modeling.” The court rejected the applicant’s argument that the claims provided a technological improvement by allowing for “more accurate haplotype predictions.” The court explained that “[t]he different use of a mathematical calculation, even one that yields different or better results, does not render patent eligible subject matter.” At step two, the court held that the claims lacked an inventive concept because the “the recited steps of receiving, extracting, and storing data amount to well-known, routine, and conventional steps taken when executing a mathematical algorithm on a regular computer.”

In Re TracFone Wireless (Fed. Cir. No. 21-136) (nonprecedential): As discussed in our March update, the Federal Circuit granted TracFone’s first mandamus petition, ordering Judge Albright to “issue [his] ruling on the motion to transfer within 30 days from the issuance of this order, and to provide a reasoned basis for its ruling that is capable of meaningful appellate review.” On April 20, the court granted mandamus for a second time, holding that Judge Albright “clearly abused” his discretion in denying transfer under § 1404(a) by relying on a “rigid and formulaic” application of the Fifth Circuit’s 100-mile rule.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding developments at the Federal Circuit. Please contact the Gibson Dunn lawyer with whom you usually work or the authors of this alert:

Blaine H. Evanson – Orange County (+1 949-451-3805, bevanson@gibsondunn.com)
Jessica A. Hudak – Orange County (+1 949-451-3837, jhudak@gibsondunn.com)

Please also feel free to contact any of the following practice group co-chairs or any member of the firm’s Appellate and Constitutional Law or Intellectual Property practice groups:

Appellate and Constitutional Law Group:
Allyson N. Ho – Dallas (+1 214-698-3233, aho@gibsondunn.com)
Mark A. Perry – Washington, D.C. (+1 202-887-3667, mperry@gibsondunn.com)

Intellectual Property Group:
Wayne Barsky – Los Angeles (+1 310-552-8500, wbarsky@gibsondunn.com)
Josh Krevitt – New York (+1 212-351-4000, jkrevitt@gibsondunn.com)
Mark Reiter – Dallas (+1 214-698-3100, mreiter@gibsondunn.com)

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

On April 26, 2021, in McMorris v. Carlos Lopez & Associates, LLC,[1] Judges Calabresi, Katzmann, and Sullivan of the Second Circuit entered the muddy waters at the intersection of data privacy and constitutional law in addressing when a plaintiff in a data breach case has suffered a sufficient injury to establish standing to bring a lawsuit in federal court under Article III of the United States Constitution based on an increased risk of future identity theft. This question presented a matter of first impression for the Second Circuit, which sought to harmonize the divergent approaches taken by its sister circuits on this pressing—and oft-recurring—issue by articulating a non-exhaustive three-factor test to aid courts’ future adjudication of these highly fact-specific disputes. Applying this test, the Second Circuit affirmed the district court’s dismissal for lack of standing because the plaintiffs had failed to plead a sufficient risk of future identity fraud.

I. Article III Standing and Data Privacy

Under Article III of the United States Constitution, “federal courts lack jurisdiction if no named plaintiff has standing.”[2] To establish standing, plaintiffs must demonstrate that they have (1) “suffered an injury in fact” (2) that “was caused by the defendant,” and which (3) “would likely be redressed by the requested judicial relief.”[3] In turn, an injury in fact requires “‘an invasion of a legally protected interest’ that is ‘concrete and particularized’ and ‘actual or imminent, not conjectural or hypothetical.’”[4] While an alleged risk of future harm may suffice, a mere “possible future injury” or even an “objectively reasonable likelihood” of a future injury is not enough to meet the injury in fact requirement.[5] Instead, the future injury must be “certainly impending” or there must be “a substantial risk that the harm will occur.”[6]

Whether an injury in fact has been adequately pleaded is often a threshold issue raised at the motion to dismiss stage in litigation concerning data breaches. Despite the frequency with which this question arises, however, it is widely recognized that “courts have struggled” to answer it in a consistent manner[7] and the federal courts of appeals “are divided.”[8]

For instance, the D.C. Circuit has found it “at least plausible” that data breach victims “run a substantial risk of falling victim” to future identity theft, particularly where some plaintiffs “have already experienced some form of identity theft since the breaches.”[9] Similarly, the Ninth Circuit suggested that it was sufficient for standing purposes if hackers “accessed information that could be used to help commit identity fraud or identity theft” or had “the means” to access such information going forward in light of the data breach.[10]

On the other hand, the Third Circuit has long held that plaintiffs lack standing if “no misuse is alleged” and there is “no quantifiable risk of damage in the future.”[11] More recently, the Eighth Circuit similarly held that “a mere possibility” of future harm following hackers’ theft of financial information was not a constitutionally cognizable injury,[12] and earlier this year the Eleventh Circuit agreed that “a mere data breach does not, standing alone, satisfy the requirements of Article III standing.”[13]

II. Facts and Procedural History of McMorris

In June 2018, an employee at Carlos Lopez & Associates, LLP (“CLA”) accidentally sent a spreadsheet containing the Social Security numbers, home addresses, dates of birth, telephone numbers, hiring dates, and other personal information for approximately 130 current and former CLA employees to all of the company’s then-current employees.[14] Three individuals whose personally identifiable information was disclosed filed a class-action complaint against CLA, asserting various state-law claims and alleging two distinct injuries.[15] First, they claimed that the disclosure put them “‘at imminent risk of suffering identity theft’ and becoming the victims of ‘unknown but certainly impending future crimes.’”[16] Second, they alleged they were injured “in the form of the time and money spent monitoring or changing their financial information and accounts.”[17] Notably, however, they never alleged that their personal information was actually shared outside of CLA or misused by anyone.

Although the parties reached a proposed class settlement, Judge Furman of the United States District Court for the Southern District of New York declined to approve the settlement and instead dismissed the matter sua sponte for lack of subject-matter jurisdiction.[18] In doing so, he held, that the plaintiffs’ alleged increased risk of future identity theft was not sufficiently concrete to support standing.[19] With no allegations that CLA’s release of personal information was intentional, involved malicious third parties, or had caused any actual misuse of data, Judge Furman found the plaintiffs’ injury too speculative and attenuated to qualify as an injury in fact.[20] He also rejected their theory of injury based on the actual costs they had incurred as a result of the disclosure of their personal information, reasoning that plaintiffs “cannot manufacture standing merely by inflicting harm on themselves based on their fears of hypothetical future harm that is not certainly impending.”[21] Since the possibility of identity theft was speculative, any costs taken to avoid it did not qualify as injuries in fact.

III. The Second Circuit’s Legal Analysis

In an opinion written by Judge Sullivan, the Second Circuit affirmed the district court’s dismissal of the claims against CLA for lack of standing.

While it recognized that other circuits had wrestled with the question of “whether a plaintiff may establish standing based on a risk of future identity theft or fraud stemming from the unauthorized disclosure of that plaintiff’s data,”[22] the Second Circuit sought to bridge the apparent divide. Its reading of its sister circuits’ decisions was that none had “explicitly foreclosed” a future-harm theory.[23] Instead, Judge Sullivan reasoned that the Third, Eighth, and Eleventh Circuits had only “declined to find standing on the facts of a particular case.”[24] The Second Circuit therefore characterized itself as “join[ing] all of [its] sister circuits that have specifically addressed the issue in holding that plaintiffs may establish standing based on an increased risk of identity theft or fraud following the unauthorized disclosure of their data.”[25]

However, the Second Circuit did not hold that any such allegation was sufficient to plead an injury in fact. Instead, it endorsed three non-dispositive and non-exhaustive factors that, it said, other appellate courts have “consistently addressed in the context of data breaches and other data exposure incidents” as providing “helpful guidance” in assessing the presence or absence of constitutional standing: “(1) whether the plaintiffs’ data has been exposed as the result of a targeted attempt to obtain that data; (2) whether any portion of the dataset has already been misused, even if the plaintiffs themselves have not yet experienced identity theft or fraud; and (3) whether the type of data that has been exposed is sensitive such that there is a high risk of identity theft or fraud.”[26]

Applying these factors to CLA’s data disclosure, the Second Circuit held that the plaintiffs had failed to plead a sufficient risk of future identity theft or fraud to establish Article III standing. The first two factors weighed in favor of dismissal in McMorris because the case “merely involve[d] the inadvertent disclosure of [personal information] due to an errant email,”[27] not a targeted or malicious attempt to obtain data, and the plaintiffs never alleged that any of “the exposed dataset was compromised.”[28] Although the third factor weighed in favor of finding that the court had Article III jurisdiction because the disclosed data “included the sort of [personally identifiable information] that might put Plaintiffs at a substantial risk of identity theft or fraud, in the absence of any other facts suggesting that the [data] was intentionally taken by an unauthorized third party or otherwise misused,” the Second Circuit held that “this factor alone does not establish an injury in fact.”[29] As such, the first two factors proved fatal to plaintiffs’ claimed standing based on a risk of future harm. And, as a result, the plaintiffs’ claims based on their protective-measures theory also failed because absent “a substantial risk of future identity theft,” any efforts “protecting . . . against [a] speculative threat cannot create an injury.[30]

IV. Conclusion

Whether McMorris effectively synthesized the federal judiciary’s “disarray about the applicability of [the] ‘increased risk’ theory in data privacy cases”[31] or only (inadvertently) highlighted the stark differences among the courts of appeal remains an open question. But, regardless, it is now binding law in the Second Circuit, and its adoption of guiding non-dispositive factors should provide a roadmap for the resolution of similar litigation going forward. Such future developments may also be influenced by the Supreme Court’s highly anticipated upcoming decision in TransUnion LLC v. Ramirez,[32] in which oral argument was held on March 30, 2021, addressing the closely related question of whether Article III or Federal Rule of Civil Procedure 23 permit a damages class action where the majority of the putative class did not suffer an actual injury. As always, Gibson Dunn remains available to help its clients in navigating this evolving area of the law.

____________________

[1] — F.3d —-, 2021 WL 1603808 (2d Cir. Apr. 26, 2021).

[2] Frank v. Gaos, 139 S. Ct. 1041, 1046 (2019).

[3] Thole v. U.S. Bank N.A., 140 S. Ct. 1615, 1618 (2020).

[4] Spokeo, Inc. v. Robins, 136 S. Ct. 1540, 1548 (quoting Lujan v. Defs. of Wildlife, 504 U.S. 555, 560 (1992)).

[5] Clapper v. Amnesty Int’l USA, 568 U.S. 398, 409–10 (2013).

[6] Susan B. Anthony List v. Driehaus, 573 U.S. 149, 158 (2014) (internal quotation marks omitted).

[7] Allison Grande, High Court FCRA Case Could Shake Up Class Action Standing, Law360.com (Mar. 26, 2011), available at https://www.law360.com/articles/1368905/high-court-fcra-case-could-shake-up-class-action-standing.

[8] Tsao v. Captiva MVP Rest. Partners, LLC, 986 F.3d 1332, 1340 (11th Cir. 2021); Beck. v.McDonald, 848 F.3d 262, 273 (4th Cir. 2017).

[9] In re U.S. Off. of Pers. Mgmt. Data Sec. Breach Litig., 928 F.3d 42, 59 (D.C. Cir. 2019).

[10] In re Zappos.com, Inc., 888 F.3d 1020, 1027–28 (9th Cir. 2018) (emphasis added).

[11] Reilly v. Ceridian Corp., 664 F.3d 38, 45 (3d Cir. 2011).

[12] In re SuperValu, Inc., 870 F.3d 763, 771 (8th Cir. 2017).

[13] Tsao, 986 F.3d at 1344.

[14] Steven v. Carlos Lopez & Assocs., LLC, 422 F. Supp. 3d 801, 802 (S.D.N.Y. 2019).

[15] McMorris, 2021 WL 1603808, at *1.

[16] Id. at *1 (quoting Amended Complaint ¶¶ 6, 34).

[17] Steven, 422 F. Supp. 3d at 807.

[18] Id. at 803.

[19] Id. at 804.

[20] Id. at 804–07.

[21] Id. at 807 (quoting Clapper, 568 U.S. at 416).

[22] McMorris, 2021 WL 1603808, at *3.

[23] Id. .

[24] Id. at *3 & n.2.

[25] Id.

[26] Id. at *5.

[27] Id.

[28] Id. at *6.

[29] Id.

[30] Id. at *6 n.7 (quoting SuperValu, 870 F.3d at 771).

[31] Katz v. Pershing, LLC, 672 F.3d 64, 80 (1st Cir. 2012).

[32] No. 20-297.

The following Gibson Dunn lawyers assisted in the preparation of this alert: Alexander H. Southwell, Akiva Shapiro, Jeremy S. Smith, Michael Nadler, and Eric Hornbeck.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any of the following members of the firm’s Privacy, Cybersecurity and Data Innovation practice group, or the following authors:

Alexander H. Southwell – New York (+1 212-351-3981, asouthwell@gibsondunn.com)
Akiva Shapiro – New York (+1 212-351-3830, ashapiro@gibsondunn.com)

United States
Alexander H. Southwell – Co-Chair, PCDI Practice, New York (+1 212-351-3981, asouthwell@gibsondunn.com)
S. Ashlie Beringer – Co-Chair, PCDI Practice, Palo Alto (+1 650-849-5327, aberinger@gibsondunn.com)
Debra Wong Yang – Los Angeles (+1 213-229-7472, dwongyang@gibsondunn.com)
Matthew Benjamin – New York (+1 212-351-4079, mbenjamin@gibsondunn.com)
Ryan T. Bergsieker – Denver (+1 303-298-5774, rbergsieker@gibsondunn.com)
Howard S. Hogan – Washington, D.C. (+1 202-887-3640, hhogan@gibsondunn.com)
Joshua A. Jessen – Orange County/Palo Alto (+1 949-451-4114/+1 650-849-5375, jjessen@gibsondunn.com)
Kristin A. Linsley – San Francisco (+1 415-393-8395, klinsley@gibsondunn.com)
H. Mark Lyon – Palo Alto (+1 650-849-5307, mlyon@gibsondunn.com)
Karl G. Nelson – Dallas (+1 214-698-3203, knelson@gibsondunn.com)
Ashley Rogers – Dallas (+1 214-698-3316, arogers@gibsondunn.com)
Deborah L. Stein – Los Angeles (+1 213-229-7164, dstein@gibsondunn.com)
Eric D. Vandevelde – Los Angeles (+1 213-229-7186, evandevelde@gibsondunn.com)
Benjamin B. Wagner – Palo Alto (+1 650-849-5395, bwagner@gibsondunn.com)
Michael Li-Ming Wong – San Francisco/Palo Alto (+1 415-393-8333/+1 650-849-5393, mwong@gibsondunn.com)
Cassandra L. Gaedt-Sheckter – Palo Alto (+1 650-849-5203, cgaedt-sheckter@gibsondunn.com)

Europe
Ahmed Baladi – Co-Chair, PCDI Practice, Paris (+33 (0)1 56 43 13 00, abaladi@gibsondunn.com)
James A. Cox – London (+44 (0) 20 7071 4250, jacox@gibsondunn.com)
Patrick Doris – London (+44 (0) 20 7071 4276, pdoris@gibsondunn.com)
Kai Gesing – Munich (+49 89 189 33-180, kgesing@gibsondunn.com)
Bernard Grinspan – Paris (+33 (0)1 56 43 13 00, bgrinspan@gibsondunn.com)
Penny Madden – London (+44 (0) 20 7071 4226, pmadden@gibsondunn.com)
Michael Walther – Munich (+49 89 189 33-180, mwalther@gibsondunn.com)
Alejandro Guerrero – Brussels (+32 2 554 7218, aguerrero@gibsondunn.com)
Vera Lukic – Paris (+33 (0)1 56 43 13 00, vlukic@gibsondunn.com)
Sarah Wazen – London (+44 (0) 20 7071 4203, swazen@gibsondunn.com)

Asia
Kelly Austin – Hong Kong (+852 2214 3788, kaustin@gibsondunn.com)
Connell O’Neill – Hong Kong (+852 2214 3812, coneill@gibsondunn.com)
Jai S. Pathak – Singapore (+65 6507 3683, jpathak@gibsondunn.com)

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

This update provides an overview and summary of key class action developments during the first quarter of 2021.

Part I discusses appellate decisions in the Ninth, Seventh, and Eleventh Circuits about predominance, numerosity, and administrative feasibility.

Part II covers two decisions from several circuit courts of appeals relating to the evidentiary standards at the class-certification stage.

Part III reports on a decision from the Eleventh Circuit discussing Article III standing and data breach class actions.

_____________________

I. Class Certification Requirements: The Ninth Circuit on Predominance; the Seventh Circuit on Numerosity; and the Eleventh Circuit on Administrative Feasibility

The Ninth, Seventh, and Eleventh Circuits issued important opinions regarding predominance, numerosity, and administrative feasibility.

Predominance. In Olean Wholesale Grocery Cooperative, Inc. v. Bumble Bee Foods LLC, 993 F.3d 774, 2021 WL 1257845 (9th Cir. Apr. 6, 2021), a case involving an alleged tuna price fixing conspiracy, the Ninth Circuit clarified a district court’s obligations when assessing predominance, particularly where there is a dispute over whether all class members have suffered injury. Olean contains three key holdings:

First, it held for the first time that a district court must find that plaintiffs have established predominance by “a preponderance of the evidence,” joining the rule followed by the First, Second, Third, Fifth, and Seventh Circuits. at *4. The Ninth Circuit explicitly rejected the use of a “no reasonable juror” test outside of the wage-and-hour context. Id. at *5 & n.4.
Second, it held that plaintiffs in an antitrust price-fixing action can establish predominance using statistical evidence, but a district court must scrutinize—“with care and vigor”—the reliability of that evidence before certifying a class. at *5. Specifically, if the parties offer competing expert evidence regarding the number of uninjured class members, the district court must “resolve the competing expert claims” in order to determine whether predominance has been established. Id. at *10.
Finally, the court held that although there is no “threshold” percentage of uninjured class members that would defeat predominance, “it must be de minimis,” suggesting “that 5% to 6% constitutes the outer limits of a de minimis number”—and at the very least, 28% “would be out-of-bounds.” at *11. It also noted that the presence of uninjured class members presents “serious standing implications under Article III,” but did not reach the issue because class certification failed under Rule 23(b)(3). Id. at *10 n.7.

Numerosity. The Seventh Circuit affirmed a district court’s determination that a proposed class of 37 seasonal employees failed to satisfy Rule 23’s numerosity requirement in Anderson v. Weinert Enterprises, Inc., 986 F.3d 773 (7th Cir. 2021). In its decision, the court acknowledged that its cases “have recognized that ‘a forty-member class is often regarded as sufficient to meet the numerosity requirement.’” Id. at 777 (citation omitted). But the court also noted that the “[t]he key numerosity inquiry under Rule 23(a)(1) is not the number of class members alone but the practicability of joinder.” Id. To that end, the Seventh Circuit determined that the district court did not abuse its discretion in finding that the factors it considered—including the class’s geographic dispersion, overall size, and small dollar amounts involved with each individual claim—all “weighed against certifying the class.” Id.

Administrative feasibility. In Cherry v. Dometic Corp., 986 F.3d 1296 (11th Cir. 2021), the Eleventh Circuit held that an “administratively feasible” method to identify absent class members is not required to certify a class. It further held that denying certification does not divest a federal court of CAFA jurisdiction.

In the district court, plaintiffs had proposed a class of individuals who purchased allegedly defective refrigerators between 1997 and 2016. Defendant contended that the class representatives failed to show that the class was “ascertainable” because they “provided no evidence that their proposed method of identification would be workable.” Id. at 1300. The district court agreed with defendant and denied certification.

The Eleventh Circuit reversed. First, it held that administrative feasibility is not required for class certification, though it remains relevant to whether a proposed class may proceed under Rule 23(b)(3). Recognizing a circuit split on this issue (in fact, calling it “[o]ne of the most hotly contested issues in class action practice today”), the court reasoned that Rule 23(a) says nothing about administrative feasibility, which bears only on “how the district court can locate the remainder of the class after certification.” Id. at 1301, 1303. As such, it concluded, “administrative difficulties—whether in class-member identification or otherwise—do not alone doom a motion for certification.” Id. at 1304. Second, the court held that because CAFA jurisdiction does not depend on certification, a district court retains jurisdiction even after it denies certification in a CAFA action. Id. at 1305.

II. Several Circuits Clarify the Standards for Assessing the Admissibility of Evidence at the Class-Certification Stage

The Supreme Court has made clear that Rule 23 “does not set forth a mere pleading standard” and that a plaintiff “must be prepared to prove” that Rule 23’s requirements are “in fact” satisfied. Wal-Mart Stores, Inc. v. Dukes, 564 U.S. 338, 350 (2011) (emphasis in original). The need to assess actual evidence at the class-certification stage raises an important question: does such evidence need to be admissible? The Fifth and Sixth Circuits issued important decisions this past quarter that take divergent approaches to that question.

The Fifth Circuit in Prantil v. Arkema Inc., 986 F.3d 570 (5th Cir. 2021), held that the Daubert v. Merrell Dow Pharmaceuticals, Inc., 509 U.S. 579 (1993), standard for admissibility of expert evidence applies at the class-certification stage when scientific evidence is relevant to the certification decision. 986 F.3d at 575 & n.12. The Fifth Circuit explained that applying Daubert at the certification stage was a natural extension of the Supreme Court’s admonition that courts conduct a “rigorous analysis” of the proposed class’s conformity with Rule 23. Id. at 575. The Fifth Circuit thus joined the Third, Seventh, and Eleventh Circuits in holding that “the Daubert hurdle must be cleared when scientific evidence is relevant to the decision to certify,” and declaring that the district court’s “hesitation to apply Daubert’s reliability standard with full force” was error. Id. at 575–76. The Fifth Circuit’s holding is consistent with the Ninth Circuit’s recent admonition in Olean, where it made clear that district courts must resolve competing expert claims on the reliability of evidence to support class certification. 2021 WL 1257845, at *10.

The Sixth Circuit took a slightly different approach—this time, with nonexpert evidence—in Lyngaas v. Curaden AG, 992 F.3d 412 (6th Cir. 2021). Lyngaas held that nonexpert evidence need not be admissible in order to be considered at class certification. Id. at 428–29. The district court certified a class of individuals who purportedly received unsolicited faxes from defendants and offered summary report logs as proof. The court rejected the defendants’ assertion that the logs had not been properly authenticated and therefore plaintiff had failed to support his motion with admissible evidence. Id. at 418–19.

On appeal, the Sixth Circuit held as a matter of first impression that a district court is not required to “decide conclusively at the class-certification stage what evidence will ultimately be admissible at trial.” Id. at 428. In so holding, the court adopted the reasoning of the Eighth and Ninth Circuits to conclude that the “evidentiary proof” required at class certification “need not amount to admissible evidence, at least with respect to nonexpert evidence.” Id. at 428–29. Rather, because of the “differences between Rule 23, summary judgment, and trial,” parties should be afforded “greater evidentiary freedom at the class certification stage.” Id. at 429 (quoting Sali v. Corona Reg’l Med. Ctr., 909 F.3d 996, 1005 (9th Cir. 2018)). Therefore, reliance on non-authenticated summary-report logs satisfied the district court’s obligation to conduct a “rigorous analysis” at class certification. Id. at 430.

III. The Eleventh Circuit Addresses Article III Standing in Data Breach Class Actions

As discussed in prior updates, federal courts at all levels have continued to ponder and opine on the role Article III standing plays in class actions. The Eleventh Circuit weighed in this quarter in Tsao v. Captiva MVP Restaurant Partners, LLC, 986 F.3d 1332 (11th Cir. 2021), holding that absent class members lacked standing following a data breach when the only injuries alleged were (a) a future risk of identity theft and (b) costs incurred to mitigate the risk of identity theft.

In Tsao, the plaintiff filed a putative data-breach class action after a restaurant chain announced a data breach involving its point-of-sale systems. The district court dismissed the case for lack of Article III standing, holding “[e]vidence of a data breach, without more, [is] insufficient to satisfy injury in fact under Article III standing.” Id. at 1337. The Eleventh Circuit affirmed, rejecting both of plaintiff’s argument that the data breach established standing.

First, the Eleventh Circuit held that an elevated threat of identity theft is not sufficient to establish Article III standing. Citing the Supreme Court’s opinion in Clapper v. Amnesty International USA, 568 U.S. 398 (2013), the court explained “a plaintiff alleging a threat of harm does not have Article III standing unless the hypothetical harm alleged is either ‘certainly impending’ or there is a ‘substantial risk’ of such harm.” Id. at 1339. An “increased risk of identity theft,” without more, was not sufficient to meet these requirements. Id. at 1344. Thus, it determined that absent “specific evidence of some misuse of class members’ data, a named plaintiff’s burden to plausibly plead factual allegations sufficient to show that the threatened harm of future identify theft was ‘certainly impending’—or that there was a ‘substantial risk’ of such harm—will be difficult to meet.” Id. (emphasis in original).

Second, the court rejected plaintiff’s argument that his efforts to mitigate the risk of identity theft—such as by cancelling his credit cards—could create an injury in fact. Where a hypothetical harm is not “certainly impending,” “a plaintiff cannot conjure standing by inflicting some direct harm on itself to mitigate a perceived risk.” Id. at 1339. Were it otherwise, “an enterprising plaintiff” could “secure a lower standard for Article III standing simply by making an expenditure based on a nonparanoid fear,” which is “not permit[ted]” by the law. Id. at 1345.

While the role of Article III standing in class actions continues to be hotly debated issue, some additional clarity may be on its way. On March 30, 2021, the Supreme Court heard argument in TransUnion LLC v. Ramirez. As noted in our prior class action update, the question presented in this case is “whether either Article III or Rule 23 permits a damages class action where the vast majority of the class suffered no actual injury, let alone an injury anything like what the class representative suffered.” During argument, the Justices probed this issue further, asking whether the majority of the class members—whose information had never been disclosed to third parties—possessed Article III standing, and whether the representative’s claims were typical of those of the absent class members. A decision is expected by summer.

The following Gibson Dunn lawyers contributed to this client update: Christopher Chorba, Theane Evangelis, Kahn Scolnick, Bradley Hamburger, Lauren Blas, Wesley Sze, Emily Riff, Andrew Kasabian, and Tim Kolesk.

Gibson Dunn attorneys are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work in the firm’s Class Actions or Appellate and Constitutional Law practice groups, or any of the following lawyers:

Theodore J. Boutrous, Jr. – Co-Chair, Litigation Practice Group – Los Angeles (+1 213-229-7000, tboutrous@gibsondunn.com)
Christopher Chorba – Co-Chair, Class Actions Practice Group – Los Angeles (+1 213-229-7396, cchorba@gibsondunn.com)
Theane Evangelis – Co-Chair, Class Actions Practice Group – Los Angeles (+1 213-229-7726, tevangelis@gibsondunn.com)
Kahn A. Scolnick – Los Angeles (+1 213-229-7656, kscolnick@gibsondunn.com)
Bradley J. Hamburger – Los Angeles (+1 213-229-7658, bhamburger@gibsondunn.com)
Lauren M. Blas – Los Angeles (+1 213-229-7503, lblas@gibsondunn.com)

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Regulatory and policy developments during the first quarter of 2021 reflect a global tipping point toward serious regulation of artificial intelligence (“AI”) in the U.S. and European Union (“EU”), with far-reaching consequences for technology companies and government agencies.[1] In late April 2021, the EU released its long-anticipated draft regulation for the use of AI, banning some “unacceptable” uses altogether and mandating strict guardrails such as documentary “proof” of safety and human oversight to ensure AI technology is “trustworthy.”

While these efforts to aggressively police the use of AI will surprise no one who has followed policy developments over the past several years, the EU is no longer alone in pushing for tougher oversight at this juncture. As the United States’ national AI policy continues to take shape, it has thus far focused on ensuring international competitiveness and bolstering national security capabilities. However, as the states move ahead with regulations seeking accountability for unfair or biased algorithms, it also appears that federal regulators—spearheaded by the Federal Trade Commission (“FTC”)—are positioning themselves as enforcers in the field of algorithmic fairness and bias.

Our 1Q21 Artificial Intelligence and Automated Systems Legal Update focuses on these critical regulatory efforts, and also examines other key developments within the U.S. and Europe that may be of interest to domestic and international companies alike. As a result of several significant developments in April, and to avoid the need for multiple alerts, this 1Q21 update also include a number of matters from April, the beginning of 2Q21.

________________________

I. U.S. NATIONAL POLICY & REGULATORY DEVELOPMENTS

A.         U.S. National AI Strategy
B.         National Security & Trade
C.         Algorithmic Accountability & Consumer Safety
D.         FDA’s Action Plan for AI Medical Devices
E.         Intellectual Property Updates
F.         U.S. Regulators Seek Input on Use of AI in Financial Services

II. EU POLICY & REGULATORY DEVELOPMENTS

A.         EC Publishes Draft Legislation for EU-wide AI Regulation
B.         CAHAI Feasibility Study on AI Legal Standards
C.         EU Council Proposes ePrivacy Regulation
D.         Cybersecurity Report on the Use of AI in Autonomous Vehicles
E.         Proposed German Legislation on Autonomous Driving

________________________

I. U.S. NATIONAL POLICY & REGULATORY DEVELOPMENTS

A. U.S. National AI Strategy

The U.S. federal government’s national AI strategy continues to take shape, bridging the old and new administrations. Pursuant to the National AI Initiative Act of 2020, which was passed on January 1 as part of the National Defense Authorization Act of 2021 (“NDAA”),[2] the White House Office of Science and Technology Policy (“OSTP”) formally established the National AI Initiative Office (the “Office”) on January 12. The Office—one of several new federal offices mandated by the NDAA—will be responsible for overseeing and implementing a national AI strategy and acting as a central hub for coordination and collaboration by federal agencies and outside stakeholders across government, industry and academia in AI research and policymaking.[3]

Further, on January 27, President Biden signed a memorandum titled “Restoring trust in government through science and integrity and evidence-based policy making,” setting in motion a broad review of federal scientific integrity policies and directing agencies to bolster their efforts to support evidence-based decision making. The President designated the OSTP to constitute an interagency Task Force to carry out the review,[4] which must be completed within 120 days of appointment of the Task Force members[5] and is expected to “generate important insights and best practices including transparency and accountability….”[6] On the same day, the President also signed an executive order to formally reconstitute the President’s Council of Advisors on Science and Technology.[7]

B. National Security & Trade

1. New House Subcommittee on Cyber, Innovative Technologies, and Information Systems

In February 2021, the House Armed Services Committee created a new Subcommittee on Cyber, Innovative Technologies, and Information Systems (“CITI”) out of the former Intelligence and Emerging Threats and Capabilities Subcommittee.[8] CITI will provide focused oversight on technology matters, including cybersecurity, IT policy, AI, electronic warfare and software acquisition, and shift non-technical topics, such as special operations and counter-proliferation of weapons of mass destruction, to other lawmakers. On March 12, the Subcommittee held a joint hearing with the House Committee on Oversight and Reform’s Subcommittee on National Security to receive testimony from the National Security Commission on Artificial Intelligence on the Commission’s final report (discussed in more detail below).[9]

2. NSCAI Final Report

The National Defense Authorization Act of 2019 created a 15-member National Security Commission on Artificial Intelligence (“NSCAI”), and directed that the NSCAI “review and advise on the competitiveness of the United States in artificial intelligence, machine learning, and other associated technologies, including matters related to national security, defense, public-private partnerships, and investments.”[10] Over the past two years, NSCAI has issued multiple reports, including interim reports in November 2019 and October 2020, two additional quarterly memorandums, and a series of special reports in response to the COVID-19 pandemic.[11]

On March 1, 2021, the NSCAI submitted its Final Report to Congress and to the President. At the outset, the report makes an urgent call to action, warning that the U.S. government is presently not sufficiently organized or resourced to compete successfully with other nations with respect to emerging technologies, nor prepared to defend against AI-enabled threats or to rapidly adopt AI applications for national security purposes. Against that backdrop, the report outlines a strategy to get the United States “AI-ready” by 2025.[12] The Commission explains:

The United States should invest what it takes to maintain its innovation leadership, to responsibly use AI to defend free people and free societies, and to advance the frontiers of science for the benefit of all humanity. AI is going to reorganize the world.

America must lead the charge.

The more than 700-page report consists of two parts: Part I, “Defending America in the AI Era,” makes recommendations on how the U.S. government can responsibly develop and use AI technologies to address emerging national security threats, focusing on AI in warfare and the use of autonomous weapons, AI in intelligence gathering, and “upholding democratic values in AI.” The report’s recommendations identify specific steps to improve public transparency and protect privacy, civil liberties and civil rights when the government is deploying AI systems. NSCAI specifically endorses the use of tools to improve transparency and explainability: AI risk and impact assessments; audits and testing of AI systems; and mechanisms for providing due process and redress to individuals adversely affected by AI systems used in government. The report also recommends establishing governance and oversight policies for AI development, which should include “auditing and reporting requirements,” a review system for “high-risk” AI systems, and an appeals process for those affected.

Part II, “Winning the Technology Competition,” outlines urgent actions the government must take to promote AI innovation to improve national competitiveness, secure talent, and protect critical U.S. advantages, including IP rights. The report highlights how stringent patent eligibility requirements in U.S. courts, particularly with respect to computer-implemented and biotech-related inventions, and a lack of explicit legal protections for data have created uncertainty in IP protection for AI innovations, discouraging the pursuit of AI inventions and hindering innovation and collaboration. NSCAI also notes that China’s significant number of patent application filings have created a vast reservoir of “prior art” and caused the USPTO’s patent examination process increasingly difficult. As such, the report recommends that the President issue an executive order to recognize IP as a national priority, and develop a comprehensive plan to reform IP policies to incentivize and protect AI and other emerging technologies.[13]

The NSCAI report may provide opportunity for legislative reform, which would spur investments in AI technologies and accelerate government adoption of AI technologies in national security. The report’s recommendations with respect to transparency and explainability may also have significant implications for potential oversight and regulation of AI in the private sector.

3. Executive Order on U.S. Supply Chains

At the end of February, the Biden Administration issued a sweeping executive order launching a year-long, multi-agency review of several sectors, including several that will be critical to maintaining U.S. leadership in the development of AI and associated technologies. The purpose of the “America’s Supply Chains” Executive Order 14017, as President Biden puts it, is to “help address the vulnerabilities in our supply chains across . . . critical sectors of our economy so that the American people are prepared to withstand any crisis.” The Executive Order has put into motion 100-day reviews of four types of products by four different federal agencies: (1) semiconductors (Commerce); (2) high-capacity batteries, including electric-vehicle batteries (Energy); (3) critical minerals and strategic materials, such as rare earth elements (Defense); and (4) pharmaceuticals and their active ingredients (Health and Human Services). Executive Branch work to implement the E.O. is being coordinated by the Assistant to the President for National Security Affairs (APNSA) and the Assistant to the President for Economic Policy (APEP). By February 24, 2022, the Secretaries of Defense, Health and Human Services, Commerce and Homeland Security, Energy, Transportation, and Agriculture are to provide the President with broader and deeper assessments of the defense industrial base, the public health and biological preparedness industrial base, the information and communications industrial base, energy sector industrial base, transportation industrial base, and agricultural commodities and food products industrial base, respectively.

The Biden Administration’s prioritization of semiconductors and critical minerals and strategic materials in the 100-day review was expected; they are critical links in many supply chains and either already are or could be in short supply to the United States for a range of reasons. Both are of specific relevance to the raw materials and manufacturing supply chains that support AI development and applications. Especially in light of ongoing geopolitical and economic tensions between the United States and China, the potential inability of the U.S. to access supply of critical minerals from China and many U.S. companies’ dependence on only a small handful of advanced semiconductor manufacturers based in Austria, Germany, Japan, The Netherlands, South Korea, Taiwan and the United States for critical links in their supply chains makes the advanced semiconductor supply chain especially prone to disruption.

Agency action has already begun with respect to the 100-day review of semiconductors. On March 11, the Commerce Department’s Bureau of Industry and Security (BIS) issued a notice seeking public comment on risks in the semiconductor manufacturing and advanced packaging supply chains. The notice requested information on a range of supply issues including the critical and essential goods and materials required for semiconductor manufacturing and advanced packaging support chain, manufacturing capabilities, and key skill sets and personnel necessary to sustain the U.S. semiconductor ecosystem. BIS also sought comments on how a failure to sustain the semiconductor supply chain might impact “key downstream capabilities,” including artificial intelligence applications. BIS received 34 comments by the comment due date of April 5 from a range of private sector companies, trade associations, universities, and individuals. In addition to the written comments, BIS also convened a virtual public forum inviting speakers to provide further input on the questions presented in its notice on April 8.

Although the focus of the America’s Supply Chain EO is on executive agency reporting, we expect the EO to provide U.S. private and non-governmental sectors significant opportunities for agency engagement. To state the obvious, the U.S. does not have a centralized planned economy, and U.S. Executive Branch agencies often lack the visibility required to produce reports that accurately reflect the state of play in many international supply chains. Especially because identified gaps and weak links in strategic supply chains are likely to be a focus of targeted infrastructure spending, tax incentives, export controls, immigration reform, and other regulatory action during the Biden Administration, many of our clients could find it well worth the effort to participate in agency information gathering like BIS’s public comment process, either directly or indirectly through trade associations.

Scrutiny on semiconductor supply chains has not been limited to the Executive Branch, however, and a recent request from Congress illustrates how even individual transactions involving specific links in the semiconductor supply may become subject to regulatory action as Commerce and other U.S. agencies develop a deeper understanding of supply chain dynamics. On March 19, 2021, two Republican lawmakers sent a letter to the Commerce Secretary to prevent ASML Holdings NV, a Dutch technology firm, from supplying critical systems to Semiconductor Manufacturing International Corp. (“SMIC”), a Chinese chipmaker. Sen. Marco Rubio (R-FL) and Rep. Michael McCaul (R-Texas) said that the U.S. should exercise its diplomatic leverage to weaken China’s foothold in the semiconductor industry. The lawmakers also asked Commerce Secretary Raimondo to add SMIC to the Commerce Department’s Entity List, which would limit SMIC’s ability to source materials even for those that are not manufactured in the United States. The two lawmakers proposed that a presumption of denial apply in the export licensing process to any China-facing export “capable of producing” chips smaller than 16 nanometers, which would broaden the scope of the products subject to the presumption of denial. The Commerce Secretary has not responded to the letter or issued any statement regarding the letter to date.

4. Interim Final Rule “Securing the Information and Communications Technology and Services (“ICTS”) Supply Chain”

The Department of Commerce also has taken the next step in implementing another Executive Order, this time from the Trump Administration, focused on the ICTS Supply Chain. An Interim Final Rule implementing the EO became effective on March 22, 2021.[14] The ICTS EO is an effort to protect against threats posed on the use of hardware, software and services designed, developed, manufactured or supplied by companies owned by, controlled by, or subject to the direction or control of China and other “foreign adversary” countries, but has been the target of consternation by commentators since its issuance on May 15, 2019.

The Interim Final Rule implements the Secretary of Commerce’s new power to prohibit transactions which involve the acquisition, importation, transfer, installation, dealing in, or usage of certain ICTS.[15] Transactions subject to the Secretary of Commerce’s review and prohibition include those involving managed services, data transmission, software updates, repairs, or the platforming or data hosting of applications for consumer download. Any of these actions can be prohibited or subject to licensing driven mitigation when the services, equipment, or software is designed, developed, manufactured, or supplied by companies owned by, controlled by, or subject to the jurisdiction or direction of a foreign adversary, and poses an undue or unacceptable risk.[16]

Many different AI-related transactions could be impacted by the ICTS transaction review. Not only does the Interim Final Rule specifically include ICTS infrastructure that is integral to AI and machine learning technologies among the transactions it deems ICTS transactions, but it also includes other kinds of transactions that are necessary to support AI development or deployment, including certain software, hardware, or any other product or services integral to data hosting or computing services, and certain ICTS products, such as internet-enabled sensors, webcams, routers, modems, drones, or any other end-point surveillance or monitoring device, home networking device, or aerial system. Thus, companies in the U.S. seeking to store training data or use the processing power of cloud services to develop or host AI applications could see their access to China-based or China company-owned or controlled cloud service providers now subject to Department of Commerce licensing. Similarly, companies already deploying devices that make use of AI could find their ability to source cheap parts and components from foreign advisory companies limited by a transaction review.

C. Algorithmic Accountability and Consumer Safety

Companies using algorithms, automated processes, and/or AI-enabled applications are now squarely on the radar of both federal and state regulators and lawmakers. In 2020, a number of draft federal bills and policy measures addressing algorithmic accountability and transparency had hinted at a sea change amid growing public awareness of AI’s potential to pose a risk to consumers, including by creating harmful bias. While no AI-specific federal legislation has been enacted to date, federal regulators, including the FTC, have now signaled that they will not wait to bring enforcement actions. Moreover, a steady increase in state privacy laws has placed increasing focus on governance of the biometric data utilized by facial recognition technologies. The past quarter saw a number of developments that suggest companies using facial recognition technology may be subject to stricter regulation and enforcement with respect to the use and retention of biometric identifiers extracted from facial images at both federal and state level.[17]

1. Algorithmic Fairness

a) FTC Statement Announces Intent to Take Enforcement Action Against “Biased” Algorithms

On April 19, the FTC published a blog post, “Aiming for truth, fairness, and equity in your company’s use of AI,” announcing the Commission’s intent to bring enforcement actions related to “biased algorithms” under section 5 of the FTC Act, the Fair Credit Reporting Act, and the Equal Credit Opportunity Act.[18] Notably, the statement expressly notes that “ the sale or use of – for example – racially biased algorithms” falls within the scope of the prohibition of unfair or deceptive business practices.

The FTC also provides some concrete guidance on “using AI truthfully, fairly, and equitably,” indicating that it expects companies to “do more good than harm” by auditing its training data and, if necessary, “limit[ing] where or how [they] use the model;” testing its algorithms for improper bias before and during deployment; employing transparency frameworks and independent standards; and being transparent with consumers and seeking appropriate consent to use consumer data. The guidance also warns companies against making statements to consumers that “overpromise” or misrepresent the capabilities of a product, noting that biased outcomes may be considered deceptive and lead to FTC enforcement actions.

This statement of intent comes on the heels of remarks by Acting FTC Chairwoman Rebecca Kelly Slaughter on February 10 at the Future of Privacy Forum, previewing enforcement priorities under the Biden Administration and specifically tying the FTC’s role in addressing systemic racism to the digital divide, exacerbated by COVID-19, AI and algorithmic decision-making, facial recognition technology, and use of location data from mobile apps.[19] It also follows the FTC’s informal guidance last year outlining principles and best practices surrounding transparency, explainability, bias, and robust data models.[20]

The FTC’s stance has bipartisan support in the Senate, where FTC Commissioner Rohit Chopra provided a statement on April 20, noting that “Congress and the Commission must implement major changes when it comes to stopping repeat offenders” and that “since the Commission has shown it often lacks the will to enforce agency orders, Congress should allow victims and state attorneys general to seek injunctive relief in court to halt violations of FTC orders.”[21]

We recommend that companies developing or deploying automated decision-making adopt an “ethics by design” approach and review and strengthen internal governance, diligence and compliance policies. Companies should also stay abreast of developments concerning the FTC’s ability to seek restitution and monetary penalties[22] and impose obligations to delete algorithms, models or data (a potential new remedial obligation that is addressed in more detail below).

b) Bipartisan U.S. Lawmakers Introduce Bill Banning Law Enforcement Agencies from Accessing Illegally Obtained User Data

On April 21, a bipartisan group of lawmakers introduced a bill banning law enforcement agencies from buying access to user data from “data brokers,” including companies that “illegitimately obtained” their records.[23] The bill, titled “The Fourth Amendment Is Not For Sale Act,” is sponsored by a bipartisan group including Sen. Ron Wyden (D-OR), Sen. Rand Paul (R-KY) and 18 other members of the Senate, and purports to close “major loopholes in federal privacy law.”[24] The bill would force law enforcement agencies to obtain a court order before accessing users’ personal information through third-party brokers—companies that aggregate and sell personal data like detailed user location—and prevents law enforcement and intelligence agencies buying data that was “obtained from a user’s account or device, or via deception, hacking, violations of a contract, privacy policy, or terms of service.”[25] Reps. Jerry Nadler (D-NY) and Zoe Lofgren (D-CA) introduced a companion bill in the House.

c) Washington State Lawmakers Introduce a Bill to Regulate AI, S.B. 5116

On the heels of Washington’s landmark facial recognition bill (S.B. 6280) enacted last year,[26] state lawmakers and civil rights advocates proposed new rules to prohibit discrimination arising out of automated decision-making by public agencies.[27] The bill, which is sponsored by Sen. Bob Hasegawa (D-Beacon Hill), would establish new regulations for government departments that use “automated decisions systems,” a category that includes any algorithm that analyzes data to make or support government decisions.[28] If enacted, public agencies in Washington state would be prohibited from using automated decision systems that discriminate against different groups or make final decisions that impact the constitutional or legal rights of a Washington resident. The bill also bans government agencies from using AI-enabled profiling in public spaces. Publicly available accountability reports ensuring that the technology is not discriminatory would be required before an agency can use an automated decision system. The bill has been referred to Ways & Means.

2. Facial Recognition

a) FTC Enforcement

In January 2021, the Federal Trade Commission (“FTC”) announced its settlement with Everalbum, Inc. in relation to its “Ever App,” a photo and video storage app that used facial recognition technology to automatically sort and “tag” users’ photographs.[29] The FTC alleged that Everalbum made misrepresentations to consumers about its use of facial recognition technology and its retention of the photos and videos of users who deactivated their accounts in violation of Section 5(a) of the FTC Act. Pursuant to the settlement agreement, Everalbum must delete models and algorithms that it developed using users’ uploaded photos and videos and obtain express consent from its users prior to applying facial recognition technology, underscoring the emergence of deletion as a potential enforcement measure. A requirement to delete data, models and algorithms developed by using data collected without express consent could represent a significant remedial obligation with broader implications for AI developers.

Signaling the potential for increasing regulation and enforcement in this area, FTC Commissioner Rohit Chopra issued an accompanying statement describing the settlement as a “course correction,” commenting that facial recognition technology is “fundamentally flawed and reinforces harmful biases” while highlighting the importance of “efforts to enact moratoria or otherwise severely restrict its use.” However, the Commissioner also cautioned against “broad federal preemption” on data protection and noted that the authority to regulate data rights should remain at state-level.[30] We will carefully monitor any further enforcement action by the FTC (and other regulators), and recommend that companies developing or using facial recognition technologies seek specific legal advice with respect to consent requirements around biometric data as well as robust AI diligence and risk-assessment process for third-party AI applications.

b) Virginia Passes Ban on Law Enforcement Use of Facial Recognition Technology, H.B. 2031

The legislation, which won broad bipartisan support, prohibits all local law enforcement agencies and campus police departments from purchasing or using facial recognition technology unless it is expressly authorized by the state legislature.[31] The law will take effect on July 1, 2021. Virginia joins California, as well as numerous cities across the U.S., in restricting the use of facial recognition technology by law enforcement.[32]

c) BIPA

i. Litigation

On March 15, 2021, Judge James L. Robart of the U.S. District Court for the Western District of Washington declined to dismiss two putative class action suits accusing two technology companies of violating Illinois residents’ privacy rights under BIPA.[33] The nearly identical complaints alleged that the companies violated BIPA by using a data set compiled by IBM containing geometric scans of their faces without their permission. The court found that plaintiffs’ claims could proceed under Sections 15(b) and 15(c) of BIPA.

On March 16, 2021, Illinois District Judge Sara L. Ellis dismissed proposed class claims against Clarifai, Inc., a facial recognition software maker, under BIPA.[34] The Complaint alleged that Clarifai was harvesting facial data from OkCupid dating profile photos without obtaining consent from users or making disclosures required under BIPA. The Court found that the plaintiff failed to allege sufficient contacts to show that Clarifai directly targeted Illinois and to establish personal jurisdiction.

ii. Illinois Bill Seeks to Limit BIPA

On March 22, the Illinois state legislature sent proposed amendments to BIPA (H.B. 559) to the chamber floor.[35] The draft bill contains provisions that would impose significant limitations on the scope and impact of BIPA, including a 30-day cure period, a one-year deadline to sue, and a proposal to replace statutory damages with actual damages.[36] BIPA suits have proliferated after the Illinois Supreme Court and some federal courts allowed plaintiffs to sue based on statutory violations.

D. FDA’s Action Plan for AI Medical Devices

On January 12, 2021, the U.S. Food and Drug Administration (“FDA”) released the agency’s first “Artificial Intelligence/Machine Learning (“AI/ML”)-Based Software as a Medical Device (SaMD) Action Plan,” which describes a multi-pronged approach to advance the FDA’s oversight of AI/ML-based medical software.[37] The AI/ML Action Plan is a response to stakeholder feedback received in relation to the April 2019 discussion paper, “Proposed Regulatory Framework for Modifications to Artificial Intelligence/Machine Learning-Based Software as a Medical Device (SaMD),” which described the foundation for a potential approach to premarket review for AI and ML software modifications.[38] For a detailed analysis of the discussion paper and proposed regulatory approach, please see our previous 2Q19 Legal Update.[39]

The FDA’s “Action Plan” outlines five next steps:

Further developing the proposed regulatory framework, including through issuance of draft guidance on a predetermined change control plan (for software’s learning over time). The SaMD Pre-Specifications (“SPS”) describe “what” aspects the manufacturer intends to change through learning, and the Algorithm Change Protocol (“ACP”) explains “how” the algorithm will learn and change while remaining safe and effective. The FDA intends to draft guidance which includes include a proposal of what should be included in an SPS and ACP to support the safety and effectiveness of AI/ML SaMD algorithms;
Supporting the development of good machine learning practices to evaluate and improve machine learning algorithms;
Fostering a patient-centered approach, including device transparency to users. Promoting transparency is a key aspect of a patient-centered approach, and numerous stakeholders have expressed the unique challenges of labeling for AI/ML-based devices and the need for manufacturers to clearly describe, for example, the data that were used to train the algorithm or “the role intended to be served by its output.”[40] The FDA intends to identify types of information a manufacturer should include in the labeling of AI/ML based medical devices to support transparency to users.
Developing methods to evaluate and improve machine learning algorithms, which includes methods for the identification and elimination of bias; and
Advancing real-world performance monitoring pilots on a voluntary basis.

The FDA welcomes continued feedback in this area and intends to hold public workshops to share learnings and elicit additional input from stakeholders. While the FDA has not yet expressed a substantive view on the specific contents of a draft regulation, it seems clear that it will involve a commitment from manufacturers on transparency and real-world performance monitoring for AI and machine learning-based software as a medical device, as well as periodic updates to the FDA on what changes were implemented as part of approved pre-specifications and the ACP. Depending on the scope of the draft regulatory framework, some of the proposed requirements could be highly significant and onerous: for example, requiring a manufacturer to include in the labeling of AI/ML-based devices a “description” of training data. We will continue to monitor developments, and expect that companies operating in this space will want to have a voice in the process leading up to the regulations, particularly with respect to implementing transparency requirements.

E. Intellectual Property Updates

1. USPTO Files Motion for Summary Judgment Arguing that AI Machines Can’t Invent

On February 24, the U.S. Patent and Trademark Office (“USPTO”) filed a motion for summary judgment in Virginia federal court with respect to a lawsuit challenging its finding that patents cannot cover inventions by AI machines, arguing that the Patent Act defines an inventor as an “individual” who must be human.[41]

The plaintiff, Stephen Thaler, is a physicist who created the AI, called DABUS, behind potential patents for a beverage container and a flashing beacon for search-and-rescue missions. The USPTO had denied the patent applications as incomplete because they were missing an inventor’s name, and it refused a petition to reconsider in April 2020, noting that the courts and the law have made clear that only humans can be inventors. Thaler then sued the USPTO in August 2020, alleging it violated the Administrative Procedure Act when it added a patentability requirement that is “contrary to existing law and at odds with the policy underlying the patent system,” and that by refusing to let AI machines be inventors, the agency is undermining the patent system.

In January 2021, Thaler filed a motion for summary judgment, arguing that the USPTO’s finding was arbitrary, capricious, an abuse of discretion and not supported by the law or substantial evidence, and that all of the cases the USPTO cites to support its finding involve inventions that courts concluded humans could do, but not creations that only a machine could invent. At a motion hearing on April 6, U.S. District Judge Leonie Brinkema did not make a bench ruling, but indicated that current legislation restricts the definition of “inventor” in the Patent Act to humans.[42] As previously reported, the European Patent Office has also denied Thaler’s patent applications with respect to DABUS.[43]

2. Google LLC v. Oracle America, Inc. — Supreme Court Rules for Google in Oracle Copyright Dispute

On April 5, the U.S. Supreme Court ruled in favor of Google in a multibillion-dollar copyright lawsuit filed by Oracle, holding that Google did not infringe Oracle’s copyrights under the fair use doctrine when it used material from Oracle’s API’s to build its Android smartphone platform.[44] Notably, the Court did not rule on whether Oracle’s API’s declaring code could be copyrighted, but held that, assuming for argument’s sake the material was copyrightable, “the copying here at issue nonetheless constituted a fair use.”[45] Specifically, the Court stated that “where Google reimplemented a user interface, taking only what was needed to allow users to put their accrued talents to work in a new and transformative program, Google’s copying of the Sun Java API was a fair use of that material as a matter of law.”[46] The Court focused on Google’s transformative use of the Sun Java API and distinguished declaring code from other types of computer code in finding that all four guiding factors set forth in the Copyright Act’s fair use provision weighed in favor of fair use.[47]

While the ruling appears to turn on this particular case, it will likely have repercussions for AI and platform creators.[48] The Court’s application of fair use could offer an avenue for companies to argue for the copying of organizational labels without a license. Notably, the Court stated that commercial use does not necessarily tip the scales against fair use, particularly when the use of the copied material is transformative. This could assist companies looking to use content to train their algorithms at a lower cost, putting aside potential privacy considerations (such as under BIPA). Meanwhile, companies may also find it more challenging to govern and oversee competitive programs that use their API code for compatibility with their platforms.

F. U.S. Regulators Seek Input on AI Use in Financial Services

Five federal agencies, including the Federal Reserve Board and the Consumer Financial Protection Bureau, are seeking public input on financial institutions’ use of AI. The notice “Request for Information and Comment on Financial Institutions’ Use of Artificial Intelligence, including Machine Learning” (“RFI”) was published in the Federal Register on March 31.[49]

The federal agencies are aiming to better understand the use of AI and its governance, risk management and controls as well as challenges in developing, implementing and managing the technology. The RFI also solicits respondents’ views on “the use of AI in financial services to assist in determining whether any clarifications from the agencies would be helpful for financial institutions’ use of AI in a safe and sound manner and in compliance with applicable laws and regulations, including those related to consumer protection.” Financial institutions, trade associations, consumer groups and other stakeholders have until June 1, 2021 to submit their comments.

III. EU POLICY & REGULATORY DEVELOPMENTS

A. EC Publishes Draft Legislation for EU-wide AI Regulation

On April 21, 2021, the European Commission (“EC”) presented its much anticipated comprehensive draft of an AI Regulation (also referred to as the “Artificial Intelligence Act”).[50] As highlighted in our client alert “EU Proposal on Artificial Intelligence Regulation Released” and in our “3Q20 Artificial Intelligence and Automated Systems Legal Update”, the draft comes on the heels of a variety of publications and policy efforts in the field of AI with the aim of placing the EU at the forefront of both AI regulation and innovation. The proposed Artificial Intelligence Act delivers on the EC president’s promise to put forward legislation for a coordinated European approach on the human and ethical implications of AI[51] and would be applicable and binding in all 27 EU Member States.

In order to “achieve the twin objective of promoting the uptake of AI and of addressing the risks associated with certain uses of such technology”[52], the EC generally opts for a risk-based approach rather than a blanket technology ban. However, the Artificial Intelligence Act also contains outright prohibitions of certain “AI practices” and some very far-reaching provisions aimed at “high-risk AI systems”, which are somewhat reminiscent of the regulatory approach under the EU’s General Data Protection Regulation (“GDPR”); i.e. broad extra-territorial reach and hefty penalties, and will likely give rise to controversy and debate in the upcoming legislative procedure.

As the EC writes in its explanatory memorandum to the Artificial Intelligence Act, the proposed framework covers the following specific objectives:

Ensuring that AI systems available in the EU are safe and respect EU laws and values;
Ensuring legal certainty to facilitate investment and innovation in AI;
Enhancing governance and effective enforcement of existing laws applicable to AI (such as product safety legislation); and
Facilitating the development of a single market for AI and prevent market fragmentation within the EU.

1. Summary of Key Provisions

The most relevant and noteworthy provisions contained in the Artificial Intelligence Act include:

Scope of the Artificial Intelligence Act – The proposed Artificial Intelligence Act not only covers “providers”[53] based in the EU, but also “providers” of AI systems based in third countries, placing on the market or putting into service AI systems in the EU, and also “users”[54] of AI systems located within the EU.[55] However, the proposed scope of the Artificial Intelligence Act goes even further to include also “providers” and “users” of AI systems located in third countries, where the output produced by the AI system is used in the EU.[56] The EC does not provide concrete examples for these use cases, but explains that the logic behind this is to prevent the circumvention of the Artificial Intelligence Act by transferring data lawfully collected in the EU to a third country and subject it to an AI system, which is located there.[57] Conversely, the Artificial Intelligence Act would not apply to AI systems developed or used exclusively for military purposes.[58]
Definition of an AI system – While the Artificial Intelligence Act provides a definition of an AI system[59], the EC emphasizes that the definition aims to be as technology neutral and future-proof as possible. Thus, the definition can and likely will be adapted by the EC as needed.
Prohibition of certain AI practices – Following a risk-based approach, which differentiates between uses of AI that create (i) an unacceptable risk, (ii) a high risk and (iii) low or minimal risk, the EC proposes to enact a strict ban on AI systems that are considered to create an “unacceptable risk.” The Artificial Intelligence Act lists four types of AI systems bearing an unacceptable risk, including AI systems that deploy “subliminal techniques beyond a person’s consciousness in order to materially distort a person’s behavior in a manner that causes or is likely to cause that person or another person physical or psychological harm.”[60] Since the draft legislation itself and the accompanying materials do not offer any further definitions or explanations for key terms, the exact application and impact of this prohibition in practice remains unclear. Further prohibited practices include the use of “social scoring” AI systems by public authorities[61] and the deployment of “real-time remote biometric identification systems” in publicly available spaces for the purpose of law enforcement (unless certain narrowly defined exceptions apply).[62]
Mandatory requirements for “high-risk AI systems” – The Artificial Intelligence Act contains specific requirements for so-called “high-risk AI systems”. AI systems are considered “high-risk” if they are either (i) intended to be used as a safety component of a product (embedded AI) or are themselves a product, which is covered by certain EU product safety legislation (g. medical devices, personal protective equipment, toys or machinery)[63] or (ii) listed in an enumerative catalogue,[64] which may be expanded by the EC through the application of a specific risk assessment methodology. The latter includes, inter alia, biometric identification and categorization of natural persons, management and operation of critical infrastructure (e.g. supply of water, gas, heating and electricity), employment (e.g. AI systems for screening applications), access to and enjoyment of essential private services and public services and benefits (e.g. AI systems for evaluating credit scores), law enforcement (e.g. predictive AI systems intended for the evaluation of occurrence or reoccurrence of a criminal offence) and administration of justice and democratic processes (e.g. AI systems for researching and interpreting facts and the law). Conspicuously, the health-care sector is missing from that list. General requirements for the development and deployment of such “high-risk AI systems” include the establishment and maintenance of a risk management system, the use of appropriate training, validation and testing data in the development phase, the achievement of an appropriate level of accuracy, robustness and cybersecurity in light of the intended use, the drawing up of specific technical documentation, designing of logging capabilities within the AI system, providing of comprehensive instructions for use and enabling human oversight of the AI system.[65] Notably, Article 10 of the draft regulation requires that the training, validation and testing data sets are “relevant, representative, free of errors and complete” and take into account the characteristics or elements particular to the specific geographical, behavioral or functional setting of the system’s intended use; the draft regulation carves out higher penalties for non-compliance with these data and data governance requirements in comparison to other cases of infringement.[66] Providers of “high-risk AI systems” also have specific obligations, which include ensuring that high-risk AI systems undergo a “conformity assessment procedure” prior to placing on the market or putting into service.[67] This “conformity assessment procedure” is modelled after the procedures, which are required before introducing other products, such as medical devices, into the EU market. For certain “high-risk AI systems” the provider only needs to perform internal controls. However, for AI systems which enable biometric identification and categorization of natural persons, the providers must involve an outside entity in the assessment procedure (a so-called “notified body”).[68] For “high-risk AI systems” covered by existing EU product safety legislation, already applicable conformity assessment procedures should be followed. Further, providers of “high-risk AI systems” must register the system in a publicly available EU database that is provided for under the Act.[69]
Post-market monitoring obligations for “high-risk AI systems” – In addition to the provisions relating to the development and placing on the market of “high-risk AI systems”, the proposed Artificial Intelligence Act also provides for mandatory post-market monitoring obligations for providers of such systems.[70] This includes obligations to report any serious incident or any malfunctioning of the AI system, which would constitute a breach of obligations under EU laws intended to protect fundamental rights. “High-risk AI systems” also have to be withdrawn or recalled, if the provider considers that an AI system that was placed on the market or put into service violates the Artificial Intelligence Act.
Provisions relating to “non-high-risk AI systems” – Other AI systems which do not qualify as prohibited or “high-risk AI systems” are not subject to any specific requirements. In order to facilitate the development of “trustworthy AI”, the EC stipulates that providers of “non-high-risk AI systems” should be encouraged to develop codes of conduct intended to foster the voluntary application of the mandatory requirements applicable to “high-risk AI systems”.[71] However, AI systems which are intended to interact with natural persons must be designed and developed in such a way that users are informed they are interacting with an AI system, unless it is “obvious from the circumstances and the context of use.”[72] The EC also proposes a disclosure obligation for so-called “deep fakes”.[73] In addition, the EC points out that such “non-high-risk AI systems” nevertheless have to comply with general product safety requirements.[74]
Enforcement and penalties for non-compliance – The draft Artificial Intelligence Act creates a governance and enforcement structure within which EU Member States would designate one or more national competent authorities at the national level, as well as a top-level national supervisory authority. At the EU level, the EC proposes establishing a European Artificial Intelligence Board, which would be responsible for providing advice and assistance to the EC. Finally, the proposal also includes various enforcement instruments and hefty penalties for non-compliance. In case of non-compliance with regards to the prohibitions on specific AI systems under Article 5 and AI system requirements relating to data and data governance under Article 10, companies would face fines of up to EUR 30 million (approx. $36 million total global annual turnover, whichever is higher.[75] Cases of non-compliance with the remaining requirements and obligations under the draft regulation would subject the company to administrative fines of up to EUR 20 million (approx. $24 million) or up to 4% of the company’s total worldwide annual turnover for the preceding financial year, whichever is higher.[76] Additionally, the supply of incorrect, incomplete or misleading information to notified bodies and national competent authorities in reply to a request may result in administrative fines of up to EUR 10 million (approx. $12 million) or up to 2% of the company’s total worldwide annual turnover for the preceding financial year, whichever is higher.[77]

2. Comparison with U.S. Legislative Proposals

Although the draft EC regulation is more comprehensive than existing legal frameworks that govern AI, there are marked similarities to recent legislation introduced in the U.S. For example, as noted above, a growing number of legislative bodies in the U.S. have passed laws restricting or banning the use of facial recognition technology, sharing the EC’s concerns regarding remote biometric identification systems, especially in the context of law enforcement.[78]

Additionally, like the draft regulation, state legislation relating to AI systems has called for increased transparency and stronger oversight. For example, the California Privacy Rights Act of 2020 requires that responses to access requests regarding automated decision-making technology “include meaningful information about the logic involved in such decision-making processes, as well as a description of the likely outcome of the process with respect to the consumer”, similar to the technical documentation requirements in the draft regulation which require providers to report “the general logic of the AI system and of the algorithms” along with the “main classification choices” with regards to the persons on which the system is to be used.[79] Also, like the supervising authority access requirements in the Artificial Intelligence Act, Washington state’s “Act Relating to the use of facial recognition services”, requires that providers of facial recognition services to state or local agencies “make available an application programming interface or other technical capability, chosen by the provider, to enable legitimate, independent, and reasonable tests of those facial recognition services for accuracy and unfair performance differences across distinct subpopulations.”[80]

Notably, the transparency and technical documentation requirements in the EC’s Artificial Intelligence Act are far more extensive than those outlined in existing legislation within the U.S. Specifically, under the EC regulation, authorities would be granted full access to the AI system provider’s training, validation and testing datasets, and upon reasoned request, the source code itself.[81] While a court in New Jersey recently granted a criminal defendant access to the source code of a probabilistic genotyping software used to match the defendant’s DNA to a crime scene, access to source code is generally not required by legislation or demanded by courts with respect to automated-decisions in the United States.[82] The extensive required disclosures may cause concern over intellectual property protection; information and data would be protected by confidentiality requirements, however the Commission and Member States are permitted to exchange confidential information with regulatory authorities of third countries where confidentiality agreements are in place.[83] Currently, United States legislative and regulatory bodies are not asking for the same degree of transparency, but are still taking steps to curb the potential discriminatory impact of AI systems, as discussed above.[84]

3. Next Steps

While it is uncertain when and in which form the Artificial Intelligence Act will come into force, the EC has set the tone for upcoming policy debates with this ambitious new proposal. While certain provisions and obligations may not be carried over to the final legislation, it is worth noting that the EU Parliament has already urged the EC to prioritize ethical principles in its regulatory framework.[85] Therefore, we expect that the proposed rules will not be significantly diluted, and could even be further tightened, as some advocacy groups have called for.[86] Companies developing or using AI systems, whether based in the EU or abroad, should keep a close eye on further developments with regard to the Artificial Intelligence Act, and in particular the scope of the prohibited “unacceptable” and “high-risk” use cases, which, as drafted, could potentially apply to a very wide range of products and applications.

We stand ready to assist clients with navigating the potential issues raised by the proposed EU regulations as we continue to closely monitoring developments in that regard, as well as public reaction. We can and will help advise any clients desiring to have a voice in the process.

B. CAHAI Feasibility Study on AI Legal Standards

On December 17, 2020, the Ad Hoc Committee on Artificial Intelligence (“CAHAI”) of the Council of Europe (the “CoE”), adopted a feasibility study on a legal framework on AI design, development and application based on the CoE’s standards.[87] CAHAI was mandated by the CoE in 2019 to examine, on the basis of broad multi-stakeholder consultations, the feasibility of such a legal framework and take into account the CoE’s relevant standards in the fields of human rights, democracy and the rule of law as well as the relevant existing universal and regional international legal instruments.

At the outset, CAHAI points out that there is no single definition of AI and that the term “AI” is used as a blanket term for “various computer applications based on different techniques, which exhibit capabilities commonly and currently associated with human intelligence.” Accordingly, CAHAI highlights the need to approach AI systems in a technologically neutral way.

CAHAI expressly recognizes the opportunities and benefits arising from AI—such as contributing to achieving the UN Sustainable Development Goals and helping to mitigate the effect of climate change—but also addresses the potential challenges of certain AI use cases, such as the use of AI systems to predict recidivism and AI-based tracking techniques, as well as the risks arising out of biased training data. In light of these concerns, CAHAI recommends that a potential CoE legal framework on AI should pursue a risk-based approach that targets the specific application context. In its concluding comments, CAHAI notes that “no international legal instrument specifically tailored to the challenges posed by AI exists, and that there are gaps in the current level of protection provided by existing international and national instruments.”

On March 30, 2021, the CoE announced that CAHAI is now preparing a legal framework on AI.[88] CAHAI has launched a multi-stakeholder consultation until April 29, 2021.[89]

C. EU Council Proposes ePrivacy Regulation

On February 10, 2021, the Council of the European Union (the “EU Council”), the institution representing EU Member States’ governments, provided a negotiating mandate with regard to a revision of the ePrivacy Directive [90] and published an updated proposal for a new ePrivacy Regulation.[91] Contrary to the current ePrivacy Directive, the new ePrivacy Regulation would not have to be implemented into national law, but would apply directly in all EU Member States without transposition.

The ePrivacy Directive[92] contains rules related to the privacy and confidentiality in connection with the use of electronic communications services. However, an update of these rules is seen as critical given the sweeping and rapid technological advancement that has taken place since it was adopted in 2002. The new ePrivacy Regulation, which would repeal and replace the ePrivacy Directive, has been under discussion for several years now.[93]

Pursuant to the EU Council’s proposal, the ePrivacy Regulation will also cover machine-to-machine data transmitted via a public network, which might create restrictions on the use of data by companies developing AI-based products and other data-driven technologies. As a general rule, all electronic communications data will be considered confidential, except when processing or other usage is expressly permitted by the ePrivacy Regulation. Similar to the European General Data Protection Regulation (“GDPR”), the ePrivacy Regulation would also apply to processing that takes place outside of the EU and/or to service providers established outside the EU, provided that the end users of the electronic communications services, whose data is being processed, are located in the EU.

However, unlike GDPR, the ePrivacy Regulation would cover all communications content transmitted using publicly available electronic communications services and networks, and not only personal data. Further, metadata (such as location and time of receipt of the communication) also falls within the scope of the ePrivacy Regulation.

It is expected that the draft proposal will undergo further changes during negotiations with the European Parliament. Therefore, it remains to be seen whether the particular needs of highly innovative data-driven technologies will be taken into account—by creating clear and unambiguous legal grounds other than user consent for processing of communications content and metadata for the purpose of developing, improving and offering AI-based products and applications. If the negotiations between the EU Council and the EU Parliament proceed without any further delays, the new ePrivacy Regulation could enter into force in 2023, at the earliest.

D. Cybersecurity Report on the Use of AI in Autonomous Vehicles

On February 11, 2021, the European Union Agency for Cybersecurity (“ENISA”) and the European Commission’s Joint Research Centre (“JRC”) published a joint report on cybersecurity risks connected to the use of AI in autonomous vehicles and provided recommendations for mitigating them (the “Cybersecurity Report”).[94]

The Cybersecurity Report emphasized the vulnerability of AI systems in autonomous vehicles with respect to intentional attacks that aim to interfere with the AI system. Even simple measures, such as paint markings on the road, could interfere with system navigation tools using AI technologies and could have a significant impact on safety and reliability.

In order to prevent or mitigate such risks, the Cybersecurity Report recommends several measures, such as the systematic security validation of AI models and data early on in the development process of AI systems used in autonomous vehicles. Further, the automotive industry should adopt a holistic “security by design” approach, creating an “AI cybersecurity culture” across the production ecosystem. The Cybersecurity Report identifies the absence of sufficient security knowledge and expertise among developers and system designers as a major roadblock towards cybersecurity awareness in the industry.

E. Proposed German Legislation on Autonomous Driving

On March 15, 2021, the German Federal Government (“Bundesregierung”) submitted a draft law on fully automated driving (SAE level 4) to the German Parliament (“Bundestag”) for legislative debate.[95] The draft law aims to establish uniform conditions for testing new technologies, such as driverless cars with SAE level 4, throughout Germany. Pursuant to the draft law, autonomous vehicles will be permitted to drive in regular operation without a driver being physically present, limited—for now—to certain locally defined operating areas, for the time being. If the draft law is passed by the Bundestag, Germany expects to be the first country in the world to permit fully automated vehicles in regular operation across the country by 2022 (subject to local operating areas to be defined by the respective German state authorities). As an example of fields of operation for such automated vehicles, the Bundesregierung mentions shuttle services, Hub2Hub and Dual-Mode-Vehicles, such as “automated valet parking.” Currently, autonomous vehicles can only be operated in Germany with special permits granted by state authorities.

The draft law also includes framework provisions on liability, which reflect the status quo under German liability law: if a person is injured or an object damaged while operating a car, the motor insurance of the car’s owner compensates for the damage. However, the draft law also introduces a new concept: “technical supervision,” defined as the ability to deactivate the autonomous vehicle during operation and enable driving maneuvers for the autonomous vehicle. In principle, the owner of the car is responsible for “technical supervision,” but can also entrust another person with the performance of these tasks. Nonetheless, the owner is still liable for any possible liability of the person entrusted with “technical supervision.”

There remains disagreement within the Bundesregierung regarding the provisions on data protection contained in the draft law.[96] Open items will be discussed in the upcoming legislative procedure. The Bundesregierung is aiming to adopt the new law before the parliamentary summer break (and before the German Federal Elections in September 2021).[97]

__________________________

[1] This Legal Update focuses on recent U.S. and EU regulatory efforts, but we note that there are numerous other examples of increasingly stringent worldwide regulation of algorithmic accountability and fairness. For example, on February 22, the UK Government published its response to the December 2020 Report by the House of Lords Select Committee on Artificial Intelligence, “AI in the UK: No Room for Complacency,” discussed in more detail in our Fourth Quarter and 2020 Annual Review of Artificial Intelligence and Automated Systems. The House of Lords’ report recommended action by the Government and called for it to “better coordinate its [AI] policy and the use of data and technology” on a national and local level, and “lead the way on making ethical AI a reality.” In its response, the UK Government acknowledged that it is crucial to develop the public’s understanding and trust in AI, stating that the National Data Strategy is actively ensuring members of the public become “responsible data citizens”. Moreover, the Centre for Data Ethics and Innovation’s (“CDEI”) future role will include AI monitoring and testing potential interventions in the tech landscape.

[2] For more detail, see our Fourth Quarter and 2020 Annual Review of Artificial Intelligence and Automated Systems.

[3] The White House, Press Release (Archived), The White House Launches the National Artificial Intelligence Initiative Office (Jan. 12, 2021), available at https://trumpwhitehouse.archives.gov/briefings-statements/white-house-launches-national-artificial-intelligence-initiative-office/.

[4] The White House, Memorandum on Restoring Trust in Government Through Scientific Integrity and Evidence-Based Policymaking (Jan. 27, 2021), available at https://www.whitehouse.gov/briefing-room/presidential-actions/2021/01/27/memorandum-on-restoring-trust-in-government-through-scientific-integrity-and-evidence-based-policymaking/.

[5] Government Executive, New Task Force Will Conduct Sweeping Review of Scientific Integrity Policies (March 30, 2021), available at https://www.govexec.com/management/2021/03/new-task-force-will-conduct-sweeping-review-scientific-integrity-policies/173020/.

[6] Letter from Deputy Director Jane Lubchenco and Deputy Director Alondra Nelson, OSTP to all federal agencies (March 29, 2021), available at https://int.nyt.com/data/documenttools/si-task-force-nomination-cover-letter-and-call-for-nominations-ostp/ecb33203eb5b175b/full.pdf.

[7] The White House, Executive Order on the President’s Council of Advisors on Science and Technology (Jan. 27, 2021), available at https://www.whitehouse.gov/briefing-room/presidential-actions/2021/01/27/executive-order-on-presidents-council-of-advisors-on-science-and-technology/.

[8] House Armed Services Committee, Subcommittee on Cyber, Innovative Technologies, and Information Systems, available at https://armedservices.house.gov/cyber-innovative-technologies-and-information-systems.

[9] House Armed Services Committee, Subcommittee on Cyber, Innovative Technologies, and Information Systems and the House Committee on Oversight & Reform’s Subcommittee on National Security Joint Hearing: “Final Recommendations of the National Security Commission on Artificial Intelligence” (Mar. 12, 2021), available at https://armedservices.house.gov/hearings?ID=32A667CD-578C-4F65-9F4F-1E26EE8F389A.

[10] H.R. 5515, 115^th Congress (2017-18).

[11] The National Security Commission on Artificial Intelligence, Previous Reports, available at https://www.nscai.gov/previous-reports/.

[12] NSCAI, The Final Report (March 1, 2021), available at https://www.nscai.gov/wp-content/uploads/2021/03/Full-Report-Digital-1.pdf.

[13] Some of these concerns echo prior actions by the USPTO. For example, the USPTO issued the 2019 Revised Patent-Eligibility Guidance, which reportedly resulted in a 44% decrease in uncertainty of patent examination subject matter. However, the guidance has not been broadly applied by courts and leads to mixed results. Additionally, the USPTO in October 2020 issued a report on Public Views on Artificial Intelligence and Intellectual Property Policy, observing that commentators “were nearly equally divided between the view that new intellectual property rights were necessary to address AI inventions and the belief that the current U.S. IP framework was adequate to address AI inventions.” As discussed below, however, the USPTO continues to hold the view that an inventor to a patent must be a natural person.

[14] Securing the Information and Communications Technology and Services Supply Chain, 86 FR 4909 (Jan. 19, 2021), available at https://www.federalregister.gov/documents/2021/01/19/2021-01234/securing-the-information-and-communications-technology-and-services-supply-chain.

[15] Securing the Information and Communications Technology and Services Supply Chain, U.S. Department of Commerce, 86 Fed. Reg. 4923 (Jan. 19, 2021) (hereinafter “Interim Final Rule”).

[16] Interim Final Rule, § 7.1.

[17] Further, on February 3, Canada’s Privacy Commissioners stated that Clearview AI’s app—which has been used widely by law enforcement agencies across Canada—was “illegal” and akin to putting all of society “continually in a police lineup.”) (Link to PIPEDA report)

[18] FTC, Business Blog, Elisa Jillson, Aiming for truth, fairness, and equity in your company’s use of AI (April 19, 2021), available at https://www.ftc.gov/news-events/blogs/business-blog/2021/04/aiming-truth-fairness-equity-your-companys-use-ai.

[19] FTC, Protecting Consumer Privacy in a Time of Crisis, Remarks of Acting Chairwoman Rebecca Kelly Slaughter, Future of Privacy Forum (Feb. 10, 2021), available at https://www.ftc.gov/system/files/documents/public_statements/1587283/fpf_opening_remarks_210_.pdf.

[20] FTC, Using Artificial Intelligence and Algorithms (April 8, 2020), available at https://www.ftc.gov/news-events/blogs/business-blog/2020/04/using-artificial-intelligence-algorithms.

[21] FTC, Prepared Opening Statement of Commissioner Rohit Chopra, U.S. Senate Committee on Commerce, Science, and Transportation Hearing on “Strengthening the Federal Trade Commission’s Authority to Protect Consumers,” (April 20, 2021), available at https://www.ftc.gov/system/files/documents/public_statements/1589172/final_chopra_opening_statement_for_senate_commerce_committee_20210420.pdf.

[22] While a recent Supreme Court ruling curtailed the FTC’s ability to seek equitable monetary penalties such as restitution or disgorgement (AMG Capital Management, LLC, et al. v. Federal Trade Commission, No. 19-508 (U.S. April 22, 2021), Congress is considering legislation to remedy the decision. The House Energy and Commerce Committee has scheduled a hearing on whether the FTC needs new authority to seek consumer redress. See further Christopher Cole, Supreme Court Rolls Back FTC Restitution Power, Law360 (April 22, 2021), available at https://www.law360.com/articles/1377854.

[23] S. ___, 117^th Congress (2021), available at https://www.wyden.senate.gov/imo/media/doc/The%20Fourth%20Amendment%20Is%20Not%20For%20Sale%20Act%20of%202021%20Bill%20Text.pdf.

[24] Statement of Sen. Ron Wyden (D-OR), The Fourth Amendment Is Not For Sale Act (April 21, 2021), available at https://www.wyden.senate.gov/imo/media/doc/The%20Fourth%20Amendment%20Is%20Not%20For%20Sale%20Act%20of%202021%20One%20Pager.pdf.

[25] Id.

[26] For more details, see our Fourth Quarter and 2020 Annual Review of Artificial Intelligence and Automated Systems.

[27] S.B. 5116, Reg. Session (2021-22).

[28] Monica Nickelsburg, Washington state lawmakers seek to ban government from using discriminatory AI tech, GeewWire (Feb. 13, 2021), available at https://www.geekwire.com/2021/washington-state-lawmakers-seek-ban-government-using-ai-tech-discriminates/.

[29] FTC, In the Matter of Everalbum, Inc. and Paravision, Commission File No. 1923172 (Jan. 11, 2021), available at https://www.ftc.gov/enforcement/cases-proceedings/1923172/everalbum-inc-matter.

[30] FTC, Statement of Commissioner Rohit Chopra, In the Matter of Everalbum and Paravision, Commission File No. 1923172 (Jan. 8, 2021), available at https://www.ftc.gov/system/files/documents/public_statements/1585858/updated_final_chopra_statement_on_everalbum_for_circulation.pdf.

[31] H.B. 2031, Reg. Session (2020-2021).

[32] For more details, see our Fourth Quarter and 2020 Annual Review of Artificial Intelligence and Automated Systems.

[33] Order, Steven Vance et al. v. Microsoft Corp., No. 2:20-cv-01082, (W.D. Wash. March 15, 2021, ) 2021 WL 963485

[34] Order, Stein et al. v. Clarifai Inc., No. 1:20-cv-01937, (N.D. Ill. March 16, 2021), 2021 WL 1020997

[35] H.B. 559, 102^nd Gen. Assembly, available at https://www.ilga.gov/legislation/BillStatus.asp?DocNum=559&GAID=16&DocTypeID=HB&SessionID=110&GA=102.

[36] Lauraann Wood, Illinois Bill Seeks To File Down Biometric Law’s Sharp Teeth, Law360 (March 22, 2021), available at https://www.law360.com/cybersecurity-privacy/articles/1367329/illinois-bill-seeks-to-file-down-biometric-law-s-sharp-teeth?nl_pk=4e5e4fee-ca5f-4d2e-90db-5680f7e17547&utm_source=newsletter&utm_medium=email&utm_campaign=cybersecurity-privacy.

[37] U.S. Food & Drug Administration, News Release, FDA Releases Artificial Intelligence/Machine Learning Action Plan (Jan. 12, 2021), available at https://www.fda.gov/news-events/press-announcements/fda-releases-artificial-intelligencemachine-learning-action-plan.

[38] U.S. Food & Drug Administration, Proposed Regulatory Framework for Modifications to Artificial Intelligence/Machine Learning-Based Software as a Medical Device (SaMD) (April 2019), available at https://www.fda.gov/media/122535/download.

[39] 2Q19 Artificial Intelligence and Autonomous Systems Legal Update, III.A. FDA Releases White Paper Outlining a Potential Regulatory Framework for Software as a Medical Device (SaMD) That Leverages AI.

[40] Supra, n.16 at 5.

[41] Stephen Thaler v. Andrew Hirshfeld et al., No. 1:20-cv-00903 (E.D. Va. Feb. 24, 2021).

[42] Cara Salvatore, Giving AI Inventorship Would Be A Bridge Too Far, Judge Says, Law360 (April 6, 2021), available at https://www.law360.com/articles/1354993.

[43] For more detail, see our Fourth Quarter and 2020 Annual Review of Artificial Intelligence and Automated Systems.

[44] Google LLC v. Oracle Am., Inc., No. 18-956, 2021 WL 1240906, (U.S. Apr. 5, 2021).

[45] Id., at *3.

[46] Id. at *20.

[47] See id.

[48] Bill Donahue, Supreme Court Rules For Google In Oracle Copyright Fight, Law360 (April 5, 2021), available at https://www.law360.com/ip/articles/1336521.

[49] 86 Fed. Reg. 16837.

[50] EC, Proposal for a Regulation of the European Parliament and of the Council laying down Harmonised Rules on Artificial Intelligence and amending certain Union Legislative Acts (Artificial Intelligence Act), COM(2021) 206 (April 21, 2021), available at https://digital-strategy.ec.europa.eu/en/library/proposal-regulation-european-approach-artificial-intelligence.

[51] Ursula von der Leyen, A Union that strives for more: My agenda for Europe, available at https://ec.europa.eu/commission/sites/beta-political/files/political-guidelines-next-commission_en.pdf.

[52] Supra, note 39, p. 1.

[53] “Providers” are defined as a natural or legal person, public authority, agency or other body that develops an AI system or that has an AI system developed with a view to placing it on the market or putting it into service under its own name or trademark, whether for payment or free of charge (see Art. 3 no. 2 of the Artificial Intelligence Act).

[54] “Users” are defined as any natural or legal person, public authority, agency or other body using an AI system under its authority, except where the AI system is used in the course of a personal non-professional activity (see Art. 3 no. 4 of the Artificial Intelligence Act).

[55] Certain obligations also apply to “importers” and “distributors”.

[56] See Art. 2 para. 1 point (c) of the Artificial Intelligence Act.

[57] See Recital (11) of the Artificial Intelligence Act.

[58] See Art. 2 para. 3 of the Artificial Intelligence Act.

[59] “AI system” is defined as software that is developed with one or more of the techniques and approaches listed in an Annex (such as machine learning approaches incl. deep learning, logic- and knowledge-based approaches and statistical approaches) and can, for a given set of human-defined objectives, generate outputs such as content, predictions, recommendations, or decisions influencing the environment the interact with (see Art. 3 no. 1 of the Artificial Intelligence Act).

[60] See Art. 5 para. 1 point (a) of the Artificial Intelligence Act.

[61] See Art. 5 para. 1 point (c) of the Artificial Intelligence Act.

[62] See Art. 5 para. 1 point (d) of the Artificial Intelligence Act.

[63] See Art. 6 para. 1 of the Artificial Intelligence Act.

[64] See Art. 6 para. 2 in connection with Annex III of the Artificial Intelligence Act.

[65] See Art. 8 et seqq. of the Artificial Intelligence Act.

[66] See Art. 10 and 71 of the Artificial Intelligence Act.

[67] See Art. 16 points (a) and (e) of the Artificial Intelligence Act.

[68] See Art. 43 of the Artificial Intelligence Act.

[69] See Art. 16 point (f), 51 and 60 of the Artificial Intelligence Act.

[70] See Art. 61 et seq. of the Artificial Intelligence Act.

[71] See Recital (81) and Art. 69 of the Artificial Intelligence Act.

[72] See Art. 52 para. 1 of the Artificial Intelligence Act.

[73] See Art. 52 para. 3 of the Artificial Intelligence Act.

[74] See Recital (82) of the Artificial Intelligence Act.

[75] See Art. 71 of the Artificial Intelligence Act.

[76] See Id.

[77] See Id.

[78] See e.g., Portland Ordinance No. 190114, “Prohibit the use of Face Recognition Technologies by private entities in places of public accommodation in the City”, effective Jan. 1, 2021 (banning private entities from using Face Recognition Technologies in Places of Public Accommodation within the boundaries of the City of Portland); San Francisco Ordinance No. 103-19, the “Stop Secret Surveillance” ordinance, effective 31 May 2019 (banning the use of facial recognition software by public departments within San Francisco, California); Somerville Ordinance No. 2019-16, the “Face Surveillance Full Ban Ordinance,” effective 27 June 2019 (banning use of facial recognition by the City of Somerville, Massachusetts or any of its officials); Oakland Ordinance No. 18-1891, “Ordinance Amending Oakland Municipal Code Chapter 9.65 to Prohibit the City of Oakland from Acquiring and/or Using Real-Time Face Recognition Technology”, preliminary approval 16 July 2019, final approval 17 September 2019 (bans use by city of Oakland, California and public officials of real-time facial recognition). For more information, see our U.S. Cybersecurity and Data Privacy Outlook and Review – 2021 and Fourth Quarter and 2020 Annual Review of Artificial Intelligence and Automated Systems.

[79] See Art. 6 para. 1 in connection with Annex IV of the Artificial Intelligence Act; CPRA Section 14, adding Cal. Civ. Code § 1798.140(z). For more detail see our alert regarding “The Potential Impact of the Upcoming Voter Initiative, the California Privacy Rights Act”.

[80] See Art. 64 of the Artificial Intelligence Act; An Act Relating to the use of facial recognition services, S.B. 6280, 66th Leg., Reg. Sess. (Wash. 2020), available at http://lawfilesext.leg.wa.gov/biennium/2019-20/Pdf/Bills/Session%20Laws/Senate/6280-S.SL.pdf?q=20201214093740.

[81] See Art. 64 of the Artificial Intelligence Act.

[82] See State v. Pickett, No. A-4207-19T4, 2021 WL 357765, at *2 (N.J. Super. Ct. App. Div. Feb. 3, 2021); see e.g., Houston Fed’n of Tchrs., Loc. 2415 v. Houston Indep. Sch. Dist., 251 F. Supp. 3d 1168, 1179 (S.D. Tex. 2017) (stating that “[w]hen a public agency adopts a policy of making high stakes employment decisions based on secret algorithms incompatible with minimum due process, the proper remedy is to overturn the policy, while leaving the trade secrets intact”); An Act Relating to the use of facial recognition services, S.B. 6280, 66th Leg., Reg. Sess. (Wash. 2020), available at http://lawfilesext.leg.wa.gov/biennium/2019-20/Pdf/Bills/Session%20Laws/Senate/6280-S.SL.pdf?q=20201214093740 (stating that “[m]aking an application programming interface or other technical capability [to enable review] does not require providers to do so in a manner that would increase the risk of cyberattacks or to disclose proprietary data.”).

[83] See Art. 70 of the Artificial Intelligence Act.

[84] Supra at I.C.

[85] European Parliament, Resolution of 20 October 2020 with recommendations to the Commission on a framework of ethical aspects of artificial intelligence, robotics and related technologies (2020/2012 (INL)) (Oct. 20, 2020), available at https://www.europarl.europa.eu/doceo/document/TA-9-2020-0275_EN.pdf. For more detail, see our “3Q20 Artificial Intelligence and Automated Systems Legal Update”.

[86] The New York Times, Europe Proposes Strict Rules for Artificial Intelligence (April 21, 2021), available at https://www.nytimes.com/2021/04/16/business/artificial-intelligence-regulation.html.

[87] Council of Europe – Ad Hoc Committee on Artificial Intelligence, Feasibility Study (Dec. 17, 2020), available at https://rm.coe.int/cahai-2020-23-final-eng-feasibility-study-/1680a0c6da.

[88] Press release, Launch of the CAHAI Multi-stakeholder Consultation (March 30, 2021), available at https://www.coe.int/en/web/artificial-intelligence/-/lauch-of-the-cahai-multi-stakeholder-consultation.

[89] The CAHAI consultation is accessible here: https://www.coe.int/en/web/artificial-intelligence/cahai-multi-stakeholder-consultation.

[90] Press release, Confidentiality of electronic communications: Council agrees its position on ePrivacy rules (Feb. 10, 2021), available at https://www.consilium.europa.eu/en/press/press-releases/2021/02/10/confidentiality-of-electronic-communications-council-agrees-its-position-on-eprivacy-rules/.

[91] EU Council, Proposal for a Regulation of the European Parliament and of the Council concerning the respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications) (Feb. 10, 2021), available at https://data.consilium.europa.eu/doc/document/ST-6087-2021-INIT/en/pdf.

[92] Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector, available at https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32002L0058&from=EN.

[93] See EU Commission, Proposal for a Regulation on Privacy and Electronic Communications (Jan. 10, 2017), available at https://digital-strategy.ec.europa.eu/en/library/proposal-regulation-privacy-and-electronic-communications.

[94] Press release, Cybersecurity Challenges in the Uptake of Artificial Intelligence in Autonomous Driving (Feb. 11, 2021), available at https://www.enisa.europa.eu/news/enisa-news/cybersecurity-challenges-in-the-uptake-of-artificial-intelligence-in-autonomous-driving. The Cybersecurity Report is available for download at https://www.enisa.europa.eu/publications/enisa-jrc-cybersecurity-challenges-in-the-uptake-of-artificial-intelligence-in-autonomous-driving/.

[95] Draft law of the Bundesregierung, Entwurf eines Gesetzes zur Änderung des Straßenverkehrsgesetzes und des Pflichtversicherungsgesetzes – Gesetz zum autonomen Fahren, Drucksache 19/27439 (March 15, 2021), available at https://dip21.bundestag.de/dip21/btd/19/274/1927439.pdf.

[96] For example, it has been reported that the Federal Ministry of Justice has raised concerns in relation to the question whether data such as driving routes can be transmitted to the Federal Criminal Police Office (the German equivalent to the FBI) upon request.

[97] Bundesregierung, Antwort der Bundesregierung auf die Kleine Anfrage der Abgeordneten Oliver Luksic, Frank Sitta, Bernd Reuther, weiterer Abgeordneter und der Fraktion der FDP, Drucksache 19/24851 (Dec. 28, 2020), available at https://dip21.bundestag.de/dip21/btd/19/256/1925626.pdf.

The following Gibson Dunn lawyers prepared this client update: H. Mark Lyon, Michael Walther, Kai Gesing, Christopher Timura, Frances Waldmann, Selina Grün, Prachi Mistry, and Derik Rao.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Artificial Intelligence and Automated Systems Group, or the following authors:

H. Mark Lyon – Palo Alto (+1 650-849-5307, mlyon@gibsondunn.com)
Frances A. Waldmann – Los Angeles (+1 213-229-7914,fwaldmann@gibsondunn.com)

Please also feel free to contact any of the following practice group members:

Artificial Intelligence and Automated Systems Group:
H. Mark Lyon – Chair, Palo Alto (+1 650-849-5307, mlyon@gibsondunn.com)
J. Alan Bannister – New York (+1 212-351-2310, abannister@gibsondunn.com)
Patrick Doris – London (+44 (0)20 7071 4276, pdoris@gibsondunn.com)
Kai Gesing – Munich (+49 89 189 33 180, kgesing@gibsondunn.com)
Ari Lanin – Los Angeles (+1 310-552-8581, alanin@gibsondunn.com)
Robson Lee – Singapore (+65 6507 3684, rlee@gibsondunn.com)
Carrie M. LeRoy – Palo Alto (+1 650-849-5337, cleroy@gibsondunn.com)
Alexander H. Southwell – New York (+1 212-351-3981, asouthwell@gibsondunn.com)
Christopher T. Timura – Washington, D.C. (+1 202-887-3690, ctimura@gibsondunn.com)
Eric D. Vandevelde – Los Angeles (+1 213-229-7186, evandevelde@gibsondunn.com)
Michael Walther – Munich (+49 89 189 33 180, mwalther@gibsondunn.com)

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Decided April 22, 2021

AMG Capital Management v. FTC, No. 19-508

Today, the Supreme Court held 9-0 that Section 13(b) of the Federal Trade Commission Act, which authorizes federal courts to issue “permanent injunction[s]” in FTC enforcement actions, does not include the power to award equitable monetary relief such as restitution.

Background:
Scott Tucker owned several businesses that provided high-interest, short-term loans over the Internet. The Federal Trade Commission sued Tucker and his businesses under Section 5 of the Federal Trade Commission Act, which prohibits “unfair or deceptive acts or practices.” The FTC sought a “permanent injunction” under Section 13(b) of the Act, as well restitution and disgorgement of Tucker’s monetary gains. The district court granted the FTC’s requested relief, and the Ninth Circuit affirmed, relying on its precedent holding that Section 13(b) “empowers district courts to grant any ancillary relief necessary to accomplish complete justice, including restitution.”

Issue:
Whether the authorization of a “permanent injunction” in Section 13(b) of the Act also authorizes federal courts to award equitable monetary relief such as restitution and disgorgement.

Court’s Holding:
Section 13(b) does not authorize federal courts to award equitable monetary relief, because a “permanent injunction” is distinct from equitable monetary relief and other sections of the Act expressly authorize the FTC to seek monetary relief if it follows certain procedures not required under Section 13(b).

“The question presented is whether th[e] statutory language authorizes the Commission to seek, and a court to award, equitable monetary relief such as restitution or disgorgement. We conclude that it does not.”

Justice Breyer, writing for the Court

What It Means:

The Court’s decision significantly cabins the FTC’s historically broad authority under Section 13(b) in consumer protection and antitrust matters. The FTC has used Section 13(b) “to win equitable monetary relief directly in court with great frequency.” Until the Seventh Circuit rejected the FTC’s authority to seek such relief in a 2019 decision, all eight federal courts of appeals to address the issue had upheld the FTC’s authority to seek such relief under the Act.
The Court’s decision does not preclude the FTC from seeking monetary relief in all cases. Under Sections 5 and 19 of the Act, the FTC may seek monetary relief on behalf of consumers when the FTC has engaged in administrative proceedings and issued cease and desist orders.
The Court explained that the FTC is “free to ask Congress to grant it further remedial authority” if Sections 5 and 19 are “too cumbersome or otherwise inadequate.” In fact, the FTC has recently asked Congress for broader authority, and it remains to be seen whether Congress will grant the FTC’s request in light of the Court’s decision.

The Court’s opinion is available here.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding developments at the Supreme Court. Please feel free to contact the following practice leaders:

Appellate and Constitutional Law Practice

Allyson N. Ho
+1 214.698.3233
aho@gibsondunn.com

Mark A. Perry
+1 202.887.3667
mperry@gibsondunn.com

Lucas C. Townsend
+1 202.887.3731
ltownsend@gibsondunn.com

Bradley J. Hamburger
+1 213.229.7658
bhamburger@gibsondunn.com

Related Practice: Antitrust and Competition

Stephen Weissman
+1 202.955.8678
sweissman@gibsondunn.com

Rachel S. Brass
+1 415.393.8293
rbrass@gibsondunn.com

Scott D. Hammond
+1 202.887.3684
shammond@gibsondunn.com

Daniel G. Swanson
+1 213.229.7430
dswanson@gibsondunn.com

Related Practice: Privacy, Cybersecurity and Data Innovation

Alexander H. Southwell
+1 212.351.3981
asouthwell@gibsondunn.com

S. Ashlie Beringer
+1 650.849.5327
aberinger@gibsondunn.com

Ashley Rogers
+1 214.698.3316
arogers@gibsondunn.com

Ryan T. Bergsieker
+1 303.298.5774
rbergsieker@gibsondunn.com

On April 7, 2021, the new regulation of the New York Department of Financial Services (NYDFS) governing confidential supervisory information (CSI) became effective in final form. NYDFS has thus joined the Board of Governors of the Federal Reserve System (Federal Reserve) in making recent amendments to its approach to CSI.[1] The final regulation (Final Rule) makes certain improvements over the rule proposal most recently put out by NYDFS in September 2020. New York now has, for the first time, a CSI regulation in addition to the pre-existing statutory provision, Section 36.10 of the Banking Law.

A. Scope of CSI

The Final Rule defines CSI as “any information that is covered by Section 36.10 of the [New York] Banking Law.”[2] Section 36.10, in turn, refers to “reports of examinations and investigations [of any NYDFS-supervised institution and affiliates], correspondence and memoranda concerning or arising out of such examination and investigations, including any duly authenticated copy or copies thereof,” and includes any confidential materials shared by NYDFS with any governmental agency or unit.[3]

B. Disclosure to Affiliates

Under Section 36.10 and the Final Rule, the default standard for disclosure of any CSI is the prior written approval of NYDFS.[4] The Final Rule contains an exception to the prior written approval requirement for disclosure by a NYDFS-regulated entity of CSI to the regulated entity’s affiliates and their directors, officers and employees when “necessary and appropriate for business purposes” and “on the condition that such persons maintain the confidentiality of such information.”[5]

C. Disclosure to Legal Counsel and Independent Auditors

The Final Rule eases current restrictions on NYDFS-regulated entities’ disclosure of CSI to certain advisors. It provides a “limited exception” for disclosure by such entities to “legal counsel or an independent auditor that has been retained or engaged by such regulated entity pursuant to an engagement letter or written agreement.”[6]

In an improvement from the September 2020 proposal, there is no requirement that the applicable engagement letter or written agreement contain burdensome acknowledgements by the legal counsel or independent auditor, including that the information will be used solely to provide “legal representation or auditing services,” that the information will be disclosed to legal counsel’s or the auditor’s employees, directors, or officers only “to the extent necessary and appropriate for business purposes,” and that legal counsel or the auditor agree “to return or certify the destruction of the confidential supervisory information or, in the case of electronic files, render the files effectively inaccessible through access control measures or other means, at the conclusion of the engagement.”[7]

Rather, all that the Final Rule requires is that legal counsel or independent auditor acknowledge, “in writing,” that any disclosed information is CSI under Section 36.10 of the Banking Law, and agree, “in writing,” to abide by the prohibition on the dissemination of CSI contained in the Final Rule.[8]

Unlike the September 2020 proposal, there is also an exception for “Client Acceptance of New or Continuing Engagement of Independent Auditors.” Under this exception, a NYDFS-regulated entity may disclose CSI to independent auditors “as part of the independent auditor’s acceptance of a new client engagement or the continuation of an existing annual audit engagement.” The condition to this exception is that the regulated entity receive the written acknowledgement and agreement from the independent auditor described above.[9]

Unlike the Federal Reserve’s regulation, the Final Rule does not contain an exception for third-party vendors to legal counsel and external auditors, which NYDFS had previously characterized as “broad” and not contained in the OCC’s regulation.[10]

D. Disclosure to Other Regulators

With respect to the disclosure by NYDFS-regulated entities of CSI to other state and federal regulators “having direct supervisory authority over” such regulated entities, the Final Rule requires the prior written approval of both the Senior Deputy Superintendent of NYDFS for Banking and the NYDFS General Counsel, or their respective delegates, prior to disclosure.[11]

E. Duty to Notify NYDFS of Requests for CSI

The Final Rule requires each NYDFS-regulated entity, affiliate of a NYDFS-regulated entity, legal counsel, and independent auditor that is served with a request, subpoena, motion to compel or other judicial or administrative process to provide CSI to notify the NYDFS Office of the General Counsel of the request immediately so that NYDFS will be able to intervene in the action as appropriate.[12] In addition, the Final Rule mandates that a CSI holder both inform the requester of the substance of the New York regulation and the holder’s obligation to maintain the confidentiality of the CSI, and, “at the appropriate time,” inform the relevant tribunal of the substance of Section 36.10 of the New York Banking Law and the New York regulation.[13]

Conclusion

The Final Rule is a welcome development. It largely harmonizes the New York CSI rules with federal analogues and should reduce the inefficiencies created by Section 36.10 of the New York Banking Law, particularly for legal counsel and independent auditors. Outside of the Final Rule’s exceptions, however, the overriding traditional principle of CSI law and regulation – that the regulators consider CSI their property, to be disclosed only upon their specific consent – remains a key feature of the NYDFS regime, and one that can result in severe sanctions if it is ignored.

______________________

[1] See https://www.gibsondunn.com/wp-content/uploads/2020/09/developments-in-us-banking-regulators-treatment-of-confidential-supervisory-information.pdf.

[2] 3 N.Y.C.R.R. § 7.1(a).

[3] New York Banking Law, Section 36.10.

[4] Id.; 3 N.Y.C.R.R. § 7.2(a).

[5] 3 N.Y.C.R.R. § 7.2(d).

[6] Id. § 7.2(b).

[7] 3 N.Y.C.R.R. § 7.2(b) (proposed 2020).

[8] 3 N.Y.C.R.R. § 7.2(b).

[9] Id. § 7.2(c).

[10] NYS Register, page 12 (Sept. 9, 2020), available at https://www.dos.ny.gov/info/register/2020/090920.pdf.

[11] 3 N.Y.C.R.R. § 7.2(g).

[12] Id. § 7.2(e).

[13] Id.

The following Gibson Dunn lawyers assisted in preparing this client update: Arthur Long and Matthew Biben.

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

We are thrilled to announce Gibson Dunn’s participation as a member of The Alliance for Asian American Justice (“The Alliance”), a national pro bono initiative committed to standing up for victims, and preventing future acts, of anti-Asian hate. Gibson Dunn is joined by a group of Fortune 1000 General Counsel and over 40 law firms in this important effort. The Alliance will be co-chaired by Gibson Dunn partner Debra Wong Yang and White & Case partner Tai Park. Deb will also serve on The Alliance’s Board of Directors alongside Tai; Don H. Liu, Executive Vice President and Chief Legal & Risk Officer of Target Corporation.; Wilson Chu, Partner, McDermott Will & Emery and Brian A. Sun, Partner, Norton Rose Fulbright.

The Alliance will coordinate and drive law firm pro bono resources on behalf of victims to assist and support them in obtaining legal remedies. This can include providing victims with counsel to bring lawsuits to seek compensatory and other civil remedies or working with law enforcement to ensure that perpetrators are held accountable, where appropriate. The Alliance will also identify additional resources, when relevant, that will help victims navigate this challenging time, including specialized legal services, social services, and other community support.

Initial case intake will be conducted by The National Asian Pacific American Bar Association, Asian American Legal Defense and Education Fund, Asian Americans Advancing Justice (AAAJ), and frontline legal and community organizations, before being referred to The Alliance. We are grateful to expand our partnerships with these organizations through our work with The Alliance and we welcome you to join in this important effort.

SEC Division of Examinations Risk Alert Provides a Useful Roadmap on Compliance Issues for Fund Managers

On Friday, April 9, 2021, the Securities and Exchange Commission (“SEC”) Division of Examinations (the “Division”), issued a Risk Alert detailing its observations of deficiencies and internal control weaknesses from examinations of investment advisers and funds regarding investing that incorporates environmental, social, and governance factors (“ESG investing”).[1] This alert follows another recent announcement of the creation of a Climate and ESG Task Force within the Division of Enforcement to focus on ESG-related disclosures by public companies and ESG investment practices by investment funds.[2]

Key Takeaways

The Risk Alert provides useful guidance regarding the types of compliance issues the Staff is reviewing in its examinations of investment advisers, examples of deficiencies the Staff is finding, as well as instances in which the Staff has observed effective compliance practices. Accordingly, the Risk Alert provides a useful roadmap to assist investment advisers in developing, testing and enhancing their compliance policies, procedures and practices.

On the heels of the Risk Alert, Commissioner Peirce issued a cautionary statement to express her view that the alert, “should not be interpreted as a sign that ESG investment strategies are unique in the eyes of examiners,” but simply that, as with any other investment strategy, “[f]irms claiming to be conducting ESG investing need to explain to investors what they mean by ESG and they need to do what they say they are doing.”[3]

In sum, the SEC’s focus on ESG investment strategies heightens the need for investment advisers to make sure their disclosures align with investment practices and that there is sufficient and knowledgeable oversight and review by compliance personnel to avoid a divergence between the two over time.

Concerns Identified by the Division

In the Division’s examination of investment advisers, registered investment companies, and private funds engaged in ESG investing, the Staff observed the following weaknesses:

Lack of adherence to global ESG frameworks where firms claimed such adherence.
Weakness in policies and procedures governing implementation and monitoring of ESG-related directives. For example, the Staff observed that advisers did not have adequate controls around implementation and monitoring of clients’ negative screens.
Inconsistency between public ESG-related proxy voting claims and internal voting policies and practices, including the dissemination of public statements that ESG-related proxy proposals would be independently evaluated on a case-by-case basis, while internal deadlines generally did not provide such case-by-case analysis.
Unsubstantiated or otherwise potentially misleading claims regarding ESG investing in marketing materials that touted favorable risk, return, and correlation metrics related to ESG investing, without disclosing material facts regarding the significant expense reimbursement received from the fund-sponsor, which inflated returns for those ESG-oriented funds.
Inadequate controls to ensure that ESG-related disclosures and marketing are consistent with the firm’s practices, including lack of documentation of ESG investing decisions and issuer engagement efforts, as well as a failure to update marketing materials timely.
Limited knowledge by compliance personnel of relevant ESG-investment analyses or oversight over ESG-related disclosures and marketing decisions.

Guidance for ESG Investing Disclosures and Procedures

The Staff also observed policies, procedures, and practices which were reasonably designed to convey approaches to ESG investing. The Division noted that the following practices may be helpful to address the compliance issues identified above:

Simple and clear disclosures regarding the firm’s approach to ESG investments in client-facing materials.
Explanations regarding how ESG investments are evaluated using goals established under global ESG frameworks on the firm’s website, client presentations, and annual reports.
Detailed, comprehensive investment policies and procedures regarding ESG investments and factors considered in specific investment decisions; when multiple ESG investing approaches are considered, specific written procedures, due diligence documentation, and separate specialized personnel who provide additional rigor to the portfolio management process.
Compliance personnel who are knowledgeable about the firm’s ESG approaches and practices. Firms with dedicated ESG compliance personnel were more likely to avoid materially misleading claims in their ESG-related marketing materials and other client/investor-facing documents.

Conclusion

In conclusion, the SEC’s Risk Alert reaffirms the need for firms involved in ESG investing to ensure that their disclosures accurately describe their ESG-related investment practices. Periodic reviews of marketing materials and other investor disclosures against current investment strategy and adherence to stated ESG metrics will avoid the types of deficiencies the Staff has observed in recent inspections, and, in the worst cases, avoid even greater scrutiny from the Division of Enforcement.

_____________________

[1] Division of Examinations, Risk Alert, Securities and Exchange Commission (Apr. 9, 2021), https://www.sec.gov/files/esg-risk-alert.pdf.

[2] Press Release, U.S. Securities and Exchange Commission, SEC Announces Enforcement Task Force Focused on Climate and ESG Issues (Mar. 4, 2021), https://www.sec.gov/news/press-release/2021-42?_sm_au_=iHVN4cW7DnktSD5NFcVTvKQkcK8MG.

[3] Public Statement, Statement on the Staff ESG Risk Alert (Apr. 12, 2021), https://www.sec.gov/news/public-statement/peirce-statement-staff-esg-risk-alert.

Gibson, Dunn and Crutcher’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Securities Enforcement practice group, or the following authors:

Mark K. Schonfeld – New York (+1 212-351-2433, mschonfeld@gibsondunn.com)
Tina Samanta – New York (+1 212-351-2469, tsamanta@gibsondunn.com)
Lauren Myers – New York (+1 212-351-3946, lmyers@gibsondunn.com)

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

A. UK Budget 2021

I. Amendments to the hybrid and other mismatches regime

II. Loss carry-back extension

III. Capital allowances “super deduction” and extension of the annual investment allowance

IV. Off-payroll working rules

B. UK Consultations

I. UK asset holding company regime (second stage consultation)

II. UK funds review consultation

III. Uncertain tax treatment consultation

IV. Transfer pricing documentation consultation

C. Other UK Developments

I. Deferral of HMRC’s VAT treatment of compensation and termination payments and VAT grouping consultation update

II. Brexit developments: EU/UK social security co-ordination and repeal of UK’s implementation of the EU Interest and Royalties Directive

III. UK property-rich collective investment vehicles – limited portfolio exemption for offshore CIVs

IV. Draft regulations to implement OECD Mandatory Disclosure Rules

V. Possible changes to UK stamp duty procedures

D. International Developments

I. EU consultation on VAT rules for financial and insurance services

II. EU public country-by-country reporting

III. New OECD COVID-19-related guidance

E. Notable Cases

I. Danske Bank A/S v Skatteverket (C‑812/19) and The Commissioners for Her Majesty’s Revenue & Customs v Wellcome Trust Ltd (C-459/19)

II. HMRC v Development Securities PLC and Others [2020] EWCA Civ 1705

III. Odey Asset Management LLP v HMRC [2021] UKFTT 31 (TC)

Federal Circuit News

Upcoming Oral Argument Calendar

Key Case Summaries (April 2021)

I. Class Certification Requirements: The Ninth Circuit on Predominance; the Seventh Circuit on Numerosity; and the Eleventh Circuit on Administrative Feasibility

II. Several Circuits Clarify the Standards for Assessing the Admissibility of Evidence at the Class-Certification Stage

III. The Eleventh Circuit Addresses Article III Standing in Data Breach Class Actions

Table of Contents

I. U.S. NATIONAL POLICY & REGULATORY DEVELOPMENTS

II. EU POLICY & REGULATORY DEVELOPMENTS

I. U.S. NATIONAL POLICY & REGULATORY DEVELOPMENTS

A. U.S. National AI Strategy

B. National Security & Trade

C. Algorithmic Accountability and Consumer Safety

D. FDA’s Action Plan for AI Medical Devices

E. Intellectual Property Updates

F. U.S. Regulators Seek Input on AI Use in Financial Services

III. EU POLICY & REGULATORY DEVELOPMENTS

A. EC Publishes Draft Legislation for EU-wide AI Regulation

B. CAHAI Feasibility Study on AI Legal Standards

C. EU Council Proposes ePrivacy Regulation

D. Cybersecurity Report on the Use of AI in Autonomous Vehicles

E. Proposed German Legislation on Autonomous Driving

A. Scope of CSI

B. Disclosure to Affiliates

C. Disclosure to Legal Counsel and Independent Auditors

D. Disclosure to Other Regulators

E. Duty to Notify NYDFS of Requests for CSI

Conclusion