Client Alert Archives

Click for PDF

On March 30, 2022, the U.S. Securities and Exchange Commission (the “Commission”), by a three-to-one vote, issued a press release announcing proposed new rules (the “Proposal”) intended to enhance disclosure and investor protections in initial public offerings (“IPO”) by special purpose acquisition companies (“SPACs”) and in subsequent business combinations between SPACs and private operating companies (“de-SPAC transaction”).[1]

The Proposal provides a lengthy and comprehensive discussion that builds upon the Commission’s prior statements and actions regarding SPAC IPOs and de-SPAC transactions.[2] As noted by the Commission’s Chair, Gary Gensler, in the press release, the Proposal is intended to “help ensure” that “disclosure[,] standards for marketing practices[,] and gatekeeper and issuer obligations,” as applied in the traditional IPO context, also apply to SPACs.[3] Chair Gensler further noted that “[f]unctionally, the SPAC target IPO is being used as an alternative means to conduct an IPO.”[4]

Overview

There are four key components of the Proposed Rules:

Disclosure and Investor Protection. Proposes specific disclosure requirements with respect to, among other things, compensation paid to sponsors, potential conflicts of interest, dilution, and the fairness of the business combination, for both the SPAC IPOs and de‑SPAC transactions;
Business Combinations Involving Shell Companies. Deems a business combination transaction involving a reporting shell company and a private operating company as a “sale” of securities under the Securities Act of 1933, as amended (the “Securities Act”), amends the financial statement requirements applicable to transactions involving shell companies, and amends the current “blank check company” definition to make clear that SPACs cannot rely on the safe harbor provision under the Private Securities Litigation Reform Act of 1995, as amended (the “PSLRA”) when marketing a de-SPAC transaction;
Projections. Expands and updates the Commission’s guidance on the presentation of projections in filings with the Commission to address the reliability of such projections; and
New Safe Harbor under the Investment Company Act of 1940. Proposes a safe harbor that SPACs may rely on to avoid being subject to registration as investment companies under the Investment Company Act of 1940, as amended (the “Investment Company Act”). The safe harbor would (i) require SPACs to hold only assets comprising of cash, government securities, or certain money market funds; (ii) require the surviving entity to be engaged primarily in the business of the target company; and (iii) impose a time limit, from the SPAC IPO, of 18 months for the announcement (and 24 months for the completion) of the de-SPAC transaction.

We provide below our key takeaways, a summary of the Proposal, links to Commissioner statements regarding the Proposal, and a note regarding the comment period and process.

Key Takeaways

Below are the key takeaways from the Proposal:

Timing. Although the proposed rules will not be in effect unless and until the Commission approves final rules after the public comment period and the Commission’s review process, existing SPACs and their targets should expect to receive comments from the Commission staff along the broader lines of the Proposal. SPACs and their targets also should consider the extent to which they will want to comply voluntarily with some of the proposed rules, especially those focused on financial statement requirements and enhanced disclosures.
Conforming SPACs to Traditional IPOs. The Proposal goes to great lengths to contrast the current SPAC regulatory regime against the one applicable to traditional IPOs and to seek to “level” the playing field between the two. Closer alignment of the two regimes may reduce some potential benefits of a de-SPAC transaction (e.g., availability of alternative financing sources and expedited path to becoming a public company) while also exposing the SPAC, its target and their advisors to additional liability.
No PSLRA Protection. PSLRA safe harbor against a private right of action for forward-looking statements is not available in, among others, an offering by a blank check company or a “penny stock” issuer, or in an initial public offering. Some market participants believe the PSLRA safe harbor is otherwise available in de-SPAC transactions when a SPAC is not a blank check company under Rule 419. The Commission proposes to amend the current “blank check company” definition to remove the “penny stock” condition and make clear that SPACs may no longer rely on the safe harbor provision under the PSLRA as it relates to the use of projections and other forward-looking statements when marketing a de-SPAC transaction. If the Proposal is adopted, it is unclear whether the lack of the PSLRA safe harbor, especially if coupled with proposed changes to regulations relating to projections, will lead to changes in the presentation of projections and assumptions, or the abandonment of projections. If the latter, this could effectively eliminate the de-SPAC transaction as an alternative for target companies that do not have a lengthy operating history.
Co-Registrant Liability. The Proposal would include target companies and their officers and directors as co-registrants under Form S-4 and Form F-4 filings, thus imposing Section 11 liability on such persons. Liability will extend to both SPAC and target company disclosures contained in such filings.
Extension of Current Disclosure Guidance (Projections, Dilution, Sponsor, Conflicts). Much of the Proposal is simply an extension of current guidance and practice by the Commission. The Proposal does require additional information and specificity (in some cases, beyond current rules and guidance). Nonetheless, some of the prescriptive rulemakings around enhanced disclosures—including the required financial statements, disclosure of sources of dilution, sponsor control and relationships, and potential conflicts of interest—are based on existing rules and guidance, and should not be particularly novel for practitioners.
Fairness to Shareholders. The Proposal does not go as far as requiring a SPAC board to obtain a fairness opinion, although that seems the likely, practical outcome of the Proposal, since it requires more fulsome discussion of these matters and a determination by the board of directors of a SPAC regarding its reasonable belief as to the fairness of a de-SPAC transaction and related financings to the SPAC’s shareholders when approving a de-SPAC transaction. Studies have indicated that only 15% of de-SPAC transactions disclose that they were supported by fairness opinions (compared to 85% of traditional mergers and acquisitions, excluding de-SPAC transactions).[5] If the Proposal is adopted, a SPAC’s board of directors will need to consider obtaining a fairness opinion, and whether or not it obtains a fairness opinion, the bases for the SPAC’s reasonable belief as to the fairness of the transaction.
Underwriter Liability. The Commission seeks to extend underwriter status (and resulting potential liability) in the de-SPAC transaction to those underwriters to SPAC IPOs involved, directly or indirectly, in the de-SPAC transaction (e.g., advisory services, placement agent services, and other activities related to the de-SPAC transaction would all be considered direct and indirect activities). Underwriters to SPAC IPOs who participate in the de-SPAC transaction will need to consider whether to make changes to the typical de-SPAC transaction process, to ensure they have the benefit of their due diligence defense.
SPAC Time Limits. In order to rely on a proposed safe harbor for SPACs under the Investment Company Act, SPACs would have a limited time period of no later than 18 months to announce a de-SPAC transaction (and no later than 24 months to complete a de-SPAC transaction) following the effective date of the SPAC’s registration statement for its IPO. This would remove SPACs’ flexibility to seek extensions from its shareholders to their required liquidation date without running the risk of being considered to be an investment company subject to registration and regulation under the Investment Company Act.

Proposal Summary

New Subpart 1600 of Regulation S-K

The Proposal would create a new Subpart 1600 of Regulation S-K solely related to SPAC IPOs and de-SPAC transactions. Among other things, this new Subpart 1600 would prescribe specific disclosure about the sponsor, potential conflicts of interest, and dilution.

Sponsor, Affiliates, and Promoters

To provide investors with a more complete understanding of the role of SPAC sponsors, affiliates, and promoters,[6] the Commission is proposing a new Item 1603(a) of Regulation S-K, to require:

Experience. Description of the experience, material roles, and responsibilities of sponsors, affiliates, and promoters.
Arrangements. Discussion of any agreement, arrangement, or understanding (i) between the sponsor and the SPAC, its executive officers, directors, or affiliates, in determining whether to proceed with a de-SPAC transaction and (ii) regarding the redemption of outstanding securities.
Sponsor Control. Discussion of the controlling persons of the sponsor and any persons who have direct or indirect material interests in the sponsor, as well as an organizational chart that shows the relationship between the SPAC, the sponsor, and the sponsor’s affiliates.
Lock-Ups. A table describing the material terms of any lock-up agreements with the sponsor and its affiliates.
Compensation. Discussion of the nature and amounts of all compensation that has been or will be awarded to, earned by, or paid to the sponsor, its affiliates, and any promoters for all services rendered in all capacities to the SPAC and its affiliates, as well as the nature and amounts of any reimbursements to be paid to the sponsor, its affiliates, and any promoters upon the completion of a de-SPAC transaction.

Potential Conflicts of Interest

To provide investors with a more complete understanding of the potential conflicts of interest between (i) the sponsor or its affiliates or the SPAC’s officers, directors, or promoters, and (ii) unaffiliated security holders, the Commission is proposing a new Item 1603(b) of Regulation S-K. This would include a discussion of conflicts arising as a result of a determination to proceed with a de-SPAC transaction and from the manner in which a SPAC compensates the sponsor or the SPAC’s executive officers and directors, or the manner in which the sponsor compensates its own executive officers and directors.

Relatedly, proposed Item 1603(c) of Regulation S-K would require disclosure of the fiduciary duties that each officer and director of a SPAC owes to other companies.

Sources of Dilution

In an effort to conform and enhance disclosure relating to dilution in SPAC IPOs and de-SPAC transactions, the Commission is proposing proposed Items 1602 and 1604 of Regulation S-K, respectively.

IPO Dilution Disclosure. In providing disclosure pursuant to Item 506, SPACs currently provide prospective investors with estimates of dilution as a function of the difference between the initial public offering price and the pro forma net tangible book value per share after the offering, often including an assumption of the maximum number of shares eligible for redemption in a de-SPAC transaction. The Proposal would require additional granularity on the prospectus cover page, requiring SPACs to present redemption scenarios in quartiles up to the maximum redemption scenario. In addition to changes to the cover page, the Proposal would supplement Item 506 disclosure by requiring a description of material potential sources of future dilution following a SPAC’s initial public offering, as well as tabular disclosure of the amount of potential future dilution from the public offering price that will be absorbed by non-redeeming SPAC shareholders, to the extent quantifiable.
De-SPAC Dilution Disclosure. In addition to disclosure at the IPO stage of a SPAC’s lifecycle, the Proposal would require additional disclosure regarding material potential sources of dilution as a result of the de-SPAC transaction.[7] As seen in recent comment letters by the Commission, the Commission has requested additional granularity with respect to post-closing pro forma ownership disclosure, often requiring various redemption thresholds and the effects of potential sources of dilution. The Proposal would codify this practice by requiring SPACs to affirmatively provide a sensitivity analysis in a tabular format that expresses the amount of potential dilution under a range of reasonably likely redemption levels. The Proposal does not specify what are “reasonably likely” redemption levels, but looking at the proposed SPAC IPO dilution requirements (as discussed above), quartile disclosure up to the maximum redemption scenario may be acceptable.

Fairness of the De-SPAC Transaction and Related Financings

SPACs would be required to disclose whether their board of directors reasonably believes that the de-SPAC transaction and any related financing transaction are fair or unfair to the SPAC’s unaffiliated security holders, as well as a discussion of the bases for this statement. Proposed Item 1606 of Regulation S-K would require a discussion, “in reasonable detail,” of the material factors upon which a reasonable belief regarding the fairness of a de-SPAC transaction and any related financing transaction is based, and, to the extent practicable, the weight assigned to each factor. As noted by Commissioner Hester M. Peirce, “[w]hile this disclosure requirement technically does not require a SPAC board to hire third parties to conduct analyses and prepare a fairness opinion, the proposed rules clearly contemplate that this is the likely outcome of the new requirement. For example, [proposed Item 1606] would require disclosure of whether ‘an unaffiliated representative’ has been retained to either negotiate the de-SPAC transaction or prepare a fairness opinion and [proposed Item 1607] would elicit disclosures about ‘any report, opinion, or appraisal from an outside party relating to . . . the fairness of the de-SPAC transaction.’”[8]

Relatedly, if any director voted against, or abstained from voting on, approval of the de-SPAC transaction or any related financing transaction, SPACs would be required to identify the director, and indicate, if known, after making reasonable inquiry, the reasons for the vote against the transaction or abstention.

Aligning De-SPAC Transactions with IPOs

Target Company as Co-Registrant

Under the current rules, only the SPAC and its officers and directors are required to sign the registration statement and are liable for material misstatements or omissions. The Proposal would require the target company to be treated as a co-registrant with the SPAC when a Form S‑4 or Form F‑4 registration statement is filed by the SPAC in connection with a de-SPAC transaction.[9] Registrant status for a target company and its officers and directors would result in such parties being liable for material misstatements or omissions pursuant to Section 11 of the Securities Act. Under the Proposal, target companies and their officers and directors would be liable with respect to their own material misstatements or omissions, as well as any material misstatements or omissions made by the SPAC or its officers and directors. As a result, the Proposal seeks to further incentivize target companies and SPACs to be diligent in monitoring each other’s disclosure.

Smaller Reporting Company Status

Currently, de-SPAC companies are able to avail themselves – as almost all SPACs have done since 2016[10] – of the smaller reporting company rules for at least a year following the de-SPAC transaction (and most SPACs would still retain this status at the time of the de-SPAC transaction when the SPAC is the legal acquirer of the target company). The “smaller reporting company” status benefits the combined company after the de-SPAC transaction by availing it of scaled disclosure and other accommodations as it adjusts to being a public company.

Citing the disparate treatment between traditional IPO companies and de-SPAC companies (the former having to determine smaller reporting company status at the time it files its initial registration statement and the latter retaining the SPAC’s smaller reporting company status until the next annual determination date), the Proposal would require de-SPAC companies to determine compliance with the public float threshold (i.e., public float of (i) less than $250 million, or (ii) in addition to annual revenues less than $100 million, less than $700 million or no public float)[11] within four business days after the consummation of the de-SPAC transaction.

The revenue threshold would be determined by using the annual revenues of the target company as of the most recently completed fiscal year for which audited financial statements are available, and the de-SPAC company would then reflect this re-determination in its first periodic report following the closing of the de-SPAC transaction.

The Commission estimates that an average of 50 post-business combination companies following a de-SPAC transaction will no longer qualify as smaller reporting companies, when compared to current rules.[12] Studies have indicated that the average size of a de-SPAC company has consistently remained north of $1 billion in 2021.[13] Assuming this trend continues, there is an expectation that an increasing number of target companies will no longer qualify as smaller reporting companies after the de-SPAC transaction, and will need to adapt toward the enhanced public disclosure requirements. This would include faster additional board and management training to prepare the post-de-SPAC company for additional disclosure requirements.

PSLRA Safe Harbor

The PSLRA provides a safe harbor for forward-looking statements under the Securities Act and the Securities Exchange Act of 1934, as amended (the “Exchange Act”), under which a company is protected from liability for forward-looking statements in any private right of action under the Securities Act or Exchange Act when, among other things, the forward-looking statement is identified as such and is accompanied by meaningful cautionary statements.

The safe harbor, however, is not available when the forward looking statement is made in connection with an offering by a “blank check company,” a company that is (i) a development stage company with no specific business plan or purpose or has indicated that its business plan is to engage in a merger or acquisition with an unidentified company or companies, or other entity or person, and (ii) is issuing “penny stock.”[14]

Because of the penny stock requirement, many practitioners have considered SPACs to be excluded from the definition of blank check company for purposes of the PSLRA safe harbor. The Proposal seeks to amend the current definition of “blank check company” to remove the penny stock requirement, thus effectively removing a SPAC’s ability to qualify for the PSLRA safe harbor provision for the de-SPAC transaction.

This inability to rely on the PSLRA is coupled with the Proposal’s addition of new and modified projections disclosure requirements (as further discussed below). If the Proposal is adopted, it remains unclear whether that will lead to changes in projections and assumptions (especially considering the current environment where market participants, investors, and financiers have come to expect detailed projections disclosure, similar to what is used in public merger and acquisitions (“M&A”) transactions), or the abandonment of projections. The latter could effectively eliminate the de-SPAC transaction as an alternative for target companies that do not have a lengthy operating history.

Underwriter Status and Liability

Historically, Section 11 and Section 12(a)(2) of the Securities Act[15] have imposed underwriter liability on underwriters of a SPAC’s IPO. The Proposal takes a novel approach in arriving at the conclusion that a de-SPAC transaction would constitute a “distribution” under applicable underwriter regulations and seeks to extend such underwriter liability to a de-SPAC transaction. Proposed Rule 140a would deem a SPAC IPO underwriter to be an underwriter in the de-SPAC transaction, provided that such party is engaged in certain de-SPAC activities or compensation arrangements.

Specifically, an underwriter in a SPAC’s IPO would be deemed an underwriter for purposes of a de-SPAC transaction if such person “takes steps to facilitate the de-SPAC transaction, or any related financing transaction, or otherwise participates (directly or indirectly) in the de-SPAC transaction,” including if such entities are (i) serving as financial advisor, (ii) identifying potential target companies, (iii) negotiating merger terms, or (iv) serving as a placement agent in private investments in public equity (“PIPE”) or other alternative financing transactions.

While Proposed Rule 140a only addresses “underwriter” status in de-SPAC transactions with respect to those serving as underwriters to the SPAC’s IPO, the Commission leaves open the door for subsequent determinations for finding additional “statutory underwriters” in a de-SPAC transaction, suggesting that “financial advisors, PIPE investors, or other advisors, depending on the circumstances, may be deemed statutory underwriters in connection with a de-SPAC transaction if they are purchasing from an issuer ‘with a view to’ distribution, are selling ‘for an issuer,’ and/or are ‘participating’ in a distribution.”[16]

In addition to the potential chilling effect that underwriter status may have on financial institutions’ participation in a de-SPAC transaction, the Commission’s statement that other “statutory underwriters” may be designated in the future, coupled with the traditional “due diligence” defenses of underwriters,[17] suggests that SPACs and target companies should expect extensive diligence requests from financial institutions, advisors, and their counsel in connection with a de-SPAC transaction and other related changes to the de-SPAC transaction process that add complexity, time, and cost.

Business Combinations Involving Shell Companies

The Commission’s concern related to private companies becoming U.S. public companies via de-SPAC transactions is substantially related to the opportunity for such private companies “to avoid the disclosure, liability, and other provisions applicable to traditional registered offerings.”[18]

Proposed Rule 145a

Based on the structure of certain de-SPAC transactions, the Commission expressed concern that, unlike investors in transaction structures in which the Securities Act applies (and a registration statement would be filed, absent an exemption), investors in reporting shell companies may not always receive the disclosures and other protection afforded by the Securities Act at the time the change in the nature of their investment occurs, due to the business combination involving another entity that is not a shell company.

Proposed Rule 145a intends to address the issue by deeming any direct or indirect business combination of a reporting shell company involving another entity that is not a shell company to involve “an offer, offer to sell, offer for sale, or sale within the meaning of section 2(a)(2) of the [Securities] Act.”[19] By deeming such transaction to be a “sale” of securities for the purposes of the Securities Act, the Proposal is intended to address potential disparities in the disclosure and liability protections available to shareholders of reporting shell companies, depending on the transaction structure deployed.

Proposed Rule 145a defines a reporting shell company as a company (other than an asset-backed issuer as defined in Item 1101(b) of Regulation AB) that has:

no or nominal operations;
either:
1. no or nominal assets;
2. assets consisting solely of cash and cash equivalents; or
3. assets consisting of any amount of cash and cash equivalents and nominal other assets; and
an obligation to file reports under Section 13 or Section 15(d) of the Exchange Act.

The Proposal notes that the sales covered by Proposed Rule 145a would not be covered by the exemption provided under Section 3(a)(9) of the Securities Act, because the exchange of securities would not be exclusively with the reporting shell company’s existing security holders, but also would include the private company’s existing security holders.

Financial Statement Requirements in Business Combination Transactions Involving Shell Companies

The Proposal amends the financial statements required to be provided in a business combination with an intention to bridge the gap between such financial statements and the financial statements required to be provided in an IPO. The Commission views such Proposal as simply codifying “current staff guidance for transactions involving shell companies.”[20]

Number of Years of Financial Statements

Proposed Rule 15-01(b) would require a registration statement for a de-SPAC transaction where the target business will be a predecessor to the SPAC registrant to include the same financial statements for that business as would be required in a Securities Act registration statement for an IPO of that business.

Audit Requirements of Predecessor

Proposed Rule 15-01(a) would require the examination of the financial statements of a business that will be a predecessor to a shell company to be audited by an independent accountant in accordance with the standards of the Public Company Accounting Oversight Board (“PCAOB”) for the purpose of expressing an opinion, to the same extent as a registrant would be audited for an IPO, effectively codifying the staff’s existing guidance.[21]

Age of Financial Statements of the Predecessor

Proposed Rule 15-01(c) would provide for the age of the financial statements of a private operating company as predecessor to be based on whether such private company would qualify as a smaller reporting company in a traditional IPO process, ultimately aligning with the financial statement requirements in a traditional IPO.

Acquisitions of Businesses by a Shell Company Registrant or Its Predecessor That Are Not or Will Not Be the Predecessor

The Commission is proposing a series of rules intended to clarify when companies should disclose financial statements of businesses acquired by SPAC targets or where such business are probable of being acquired by SPAC targets. Proposed Rule 15-01(d) would address situations where financial statements of other businesses (other than the predecessor) that have been acquired or are probable to be acquired should be included in a registration statement or proxy/information statement for a de-SPAC transaction. The Proposal would require application of Rule 3-05, Rule 8-04 or Rule 3-14 (with respect to real estate operation) of Regulation S-X to acquisitions by the private target in the context of a de-SPAC transaction, which the staff views as codifying its existing guidance.

Proposed amendments to the significance tests in Rule 1-02(w) of Regulation S-X will require the significance of the acquisition target of the private target in a de-SPAC transaction to be calculated using the SPAC’s target’s financial information, rather than the SPAC’s financial information.

In addition, Proposed Rule 15-01(d)(2) would require the de-SPAC company to file the financial statements of a recently acquired business, that is not or will not be its predecessor pursuant to Rule 3-05(b)(4)(i) in an Item 2.01(f) of Form 8-K filed in connection with the closing of the de-SPAC transaction where such financial statements were omitted from the registration statement for the de-SPAC transaction, to the extent the significance of the acquisition is greater than 20% but less than 50%.

Financial Statements of a Shell Company Registrant after the Combination with Predecessor

Proposed Rule 15-01(e) allows a registrant to exclude the financial statements of a SPAC for the period prior to the de-SPAC transaction if (i) all financial statements of the SPAC have been filed for all required periods through the de-SPAC transaction, and (ii) the financial statements of the registrant include the period on which the de-SPAC transaction was consummated. The Proposal eliminates any distinction between a de-SPAC structured as a forward acquisition or a reverse recapitalization.

Other Amendments

In addition, the Proposal is also addressing the following related amendments:

amendment of Rule 11-01(d) of Regulation S-X to expressly state that a SPAC is a business for purposes of the rule, effectively requiring an issuer that is not a SPAC to file financial statements of the SPAC in a resale registration statement on Form S-1;
amendment of Item 2.01(f) of Form 8-K to refer to “acquired business,” rather than “registrant,” to clarify that the information required to be provided “relates to the acquired business and for periods prior to consummation of the acquisition”;[22] and
amendment of Rules 3-01, 8-02, and 10-01(a)(1) of Regulation S-X to expressly refer to the balance sheet of the predecessors, consistent with the provision regarding income statements.

Enhanced Projections Disclosure

Disclosure of financial projections is not expressly required by the U.S. federal securities laws; however, it has been common practice for SPACs to use projections of the target company and post-de-SPAC company in its assessment of a proposed de-SPAC transaction, its investor presentations, and soliciting material once a definitive agreement is executed. The Proposal seeks to amend existing regulations regarding the use of projections as well as add new, supplemental disclosure requirements.

Amended Item 10(b) of Regulation S-K

Under Item 10(b) of Regulation S-K, management may present projections regarding a registrant’s future performance, provided that (i) there is a reasonable and good faith basis for such projections, and (ii) they include disclosure of the assumptions underlying the projections and the limitations of such projections, and the presentation and format of such projections. Citing concerns of instances where target companies have disclosed projections that lack a reasonable basis,[23] the Proposal seeks to amend Item 10(b) of Regulation S-K as follows:

Clarification of Applicability to Target Company. Item 10(b) of Regulation S-K currently refers to projections regarding the “registrant.” Proposed amendments would modify the language to clarify that the guidance therein applies to any projections of “future economic performance of persons other than the registrant, such as the target company in a business combination transaction, that are included in the registrant’s Commission filings.” Application of the term “persons other than the registrant” suggests that it is likely that the proposed amended guidance also would apply to the use of projections in non-SPAC transactions.
Historical Results. Disclosure of projected measures that are not based on historical financial results or operational history should be clearly distinguished from projected measures that are based on historical financial results or operational history.
Prominence of Historical Results. Similar to non-GAAP presentation, the Commission would consider it misleading to present projections that are based on historical financial results or operational history without presenting such historical measure or operational history with equal or greater prominence.
Non-GAAP Measures. Presentation of projections that include a non-GAAP financial measure should include a clear definition or explanation of the measure, a description of the GAAP financial measure to which it is most closely related, and an explanation why the non-GAAP financial measure was used instead of a GAAP measure. The Proposal notes that the reference to the nearest GAAP measure called for by amended Item 10(b) would not require a reconciliation to that GAAP measure; however, the need to provide a GAAP reconciliation for any non-GAAP financial measures would continue to be governed by Regulation G and Item 10(e) of Regulation S-K.

Proposed Item 1609 of Regulation S-K

In light of the traditional SPAC sponsor compensation structure (i.e., compensation in the form of post-closing equity) and the potential incentives and overall dynamics of a de-SPAC transaction, the Commission has proposed a new rule specific to SPACs that would supplement the proposed amendments to Item 10(b) of Regulation S-K (as discussed above). Specifically, the Commission is proposing a new Item 1609 of Regulation S-K that would require SPACs to provide the accompanying disclosures to financial projections:

Purpose of Projections. Any projection disclosed by the registrant must include disclosure regarding (i) the purpose for which the projection was prepared, and (ii) the party that prepared the projection.
Bases and Assumptions. Disclosure would include all material bases of the disclosed projections and all material assumptions underlying the projections, and any factors that may materially impact such assumptions. This would include a discussion of any factors that may cause the assumptions to be no longer reasonable, material growth rates or discount multiples used in preparing the projections, and the reasons for selecting such growth rates or discount multiples.
Views of Management and the Board. Disclosure must discuss whether the projections disclosed continue to reflect the views of the board and/or management of the SPAC or target company, as applicable, as of the date of the filing. If the projections do not continue to reflect the views of the board and/or management, the SPAC should include a discussion of the purpose of disclosing the projections and the reasons for any continued reliance by the management or board on the projections.

Like the proposed amendments to Item 10(b), the first two requirements summarized above should not come as a particular surprise to existing SPACs and their counsel as projections disclosure has been a significant area of scrutiny by the Commission in the registration statement and proxy statement review process.

We note, however, that the requirement under Item 1609 to add disclosure as to management’s and/or the board’s current views may obligate additional disclosure beyond what has been typical market practice. In particular, projections disclosure in a registration statement or proxy statement is often made in the context of a historical lookback to the projections in place at the time the board of directors of the SPAC assessed whether to enter into a de-SPAC transaction with the target company. These projections typically are not updated with newer data during the pendency of the transaction since the purpose of such disclosure is to inform investors of the board’s rationale for approving the transaction. Proposed Item 1609 does not explicitly require the updating of projections, but it does require the parties to disclose whether the included projections reflect the view of the SPAC and the target company as of the date of filing. Moreover, the potential to provide revised projections, coupled with obligations to disclose management’s and board’s continuing views, may prove challenging disclosure to be made between the signing of a business combination agreement and the filing of a registration statement or proxy statement and during the review period for such registration statement or proxy statement.

Status of SPACs under the Investment Company Act of 1940

Section 3(a)(1)(A) of the Investment Company Act defines an “investment company” as any issuer that is or holds itself out as being engaged primarily, or proposes to engage primarily, in the business of investing, reinvesting, or trading in securities. Given that SPACs, prior to a de-SPAC transaction, are not engaged in any meaningful business other than investing its IPO proceeds held in trust, there is a potential for SPACs to be treated as an “investment company.”

In recognition of the fact that SPACs are generally formed to identify, acquire, and operate a target company through a business combination and not with a stated purpose of being an investment company, the Proposal seeks to clarify SPAC status by providing a safe harbor under Section 3(a)(1)(A) of the Investment Company Act (the “Subjective Test Safe Harbor”).[24] To qualify under the Subjective Test Safe Harbor:

SPAC Assets. The assets held by a SPAC must consist solely of government securities, government money market funds, and cash items prior to the completion of the de-SPAC transaction. The Proposal further notes that (i) all proceeds obtained by the SPAC, including those from any SPAC offering, cash infusion from the sponsor, or any interest, dividend, distribution, or other such return derived from the SPAC’s underlying assets, would need to be held in these asset classes, and (ii) SPACs may not acquire interests in an operating company prior to a de-SPAC transaction.
SPAC Asset Management. Assets listed above may not at any time be acquired or disposed of for the primary purpose of recognizing gains or decreasing losses resulting from market value changes. The Proposal notes that this is not intended to prohibit SPACs the flexibility to hold their assets consistent with cash management practices.
De-SPAC Transaction. The SPAC must seek to complete a single de-SPAC transaction[25] where the surviving public company, either directly or through a primarily controlled company,[26] will be primarily engaged in the business of the target company or companies, which is not that of an investment company.
Board Action. The board of directors of the SPAC would need to adopt a resolution evidencing that the company is primarily engaged in the business of seeking to complete a single de-SPAC transaction.
Primary Engagement. Activities of the SPAC’s officers, directors, and employees, its public representations of policies, and its historical development must evidence that the SPAC is primarily engaged in completing a de-SPAC transaction. Other than a requirement that the board of directors of the SPAC adopt a resolution, the Proposal does not provide examples of other definitive actions as to how SPACs may properly evidence compliance, instead noting that a SPAC may not hold itself out as being primarily engaged in the business of investing, reinvesting, or trading in securities.
Exchange Listing. The SPAC must have at least one class of securities listed for trading on a national securities exchange “by meeting initial listing standards just as any company seeking an exchange listing would have to do.”
De-SPAC Transaction Time Limits. The SPAC would have 18 months from its IPO to enter into a de-SPAC transaction and no more than 24 months from its IPO to complete its de-SPAC transaction.

While most SPACs should not have an issue with qualifying for the Subjective Test Safe Harbor, the proposed time limits may prove problematic for existing SPACs seeking amendments to their governing documents to extend the time necessary to complete a de-SPAC transaction. Typically, these amendments are either sought when (i) a SPAC has a definitive transaction agreement entered into and needs some time to consummate the transaction, and/or (ii) a sponsor is willing to compensate existing securities holders by contributing additional amounts into a trust that is disbursable to shareholders upon lapse of the extension. Moreover, stock exchange rules require a SPAC to complete a de-SPAC transaction within 36 months from its IPO, and with its truncated time periods, the Proposal would significantly constrain some of this timing flexibility for SPACs that would like to comply with the Subjective Test Safe Harbor.

Admittedly, a SPAC does not need to comply with the Subjective Test Safe Harbor, but the alternative would be to make an assessment that the SPAC does not qualify as an investment company, notwithstanding its non-compliance with the time limits in the Subjective Test Safe Harbor, or to register as an “investment company,” and with it, comply with the regulatory regime of the Investment Company Act on top of seeking the consummation of a de-SPAC transaction.

Conclusions

As noted by Chair Gensler, much of the Proposal seeks to impose traditional IPO concepts and regulations on the SPAC IPO and de-SPAC transaction process, as well as codify existing Commission guidance and practice.

That said, there are some notable deviations and provisions in the Proposal that, if implemented, could significantly impact the SPAC marketplace. We note that certain provisions in the Proposal may have consequences for the future of SPACs as an alternative vehicle to traditional IPOs.

In particular, proposals regarding underwriter liability in the de-SPAC transaction context, unavailability of the PSLRA, and liquidation timeframes contemplated by the proposed new Investment Company Act safe harbor, all would curtail SPAC flexibility and/or increase the complexity and cost of completing a de-SPAC transaction.

We continue to monitor further developments and will keep you apprised of the latest news regarding this Proposal.

Commissioner Statements

For the published statements of the Commissioners, please see the following links:

Chair Gary Gensler

Commissioner Allison Herren Lee

Commissioner Caroline A. Crenshaw

Commissioner Hester M. Peirce (Dissent)

Comment Period

The comment period ends on the later of 30 days after publication in the Federal Register or May 31, 2022 (which is 60 days from the date of the Proposal). Comments may be submitted: (1) using the Commission’s comment form at https://www.sec.gov/rules/submitcomments.htm; (2) via e-mail to rule-comments@sec.gov (with “File Number S7‑13‑22” on the subject line); or (3) via mail to Vanessa A. Countryman, Secretary, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-1090. All submissions should refer to File Number S7‑13‑22.

____________________________

[1] U.S. Securities and Exchange Commission, Proposed Rule (RIN 3235-AM90), Special Purpose Acquisition Companies, Shell Companies, and Projections (March 30, 2022), available at https://www.sec.gov/rules/proposed/2022/33-11048.pdf (hereinafter, the “Proposed Rule”).

[2] See Gibson, Dunn & Crutcher LLP, SEC Staff Issues Cautionary Guidance Related to Business Combinations with SPACs (April 7, 2021), available at https://www.gibsondunn.com/sec-staff-issues-cautionary-guidance-related-to-business-combinations-with-spacs/ (addressing the statement of the staff of the Commission’s Division of Corporation Finance about certain accounting, financial reporting, and governance issues related to SPACs and the combined company following a de-SPAC transaction (see Division of Corporation Finance, Announcement: Staff Statement on Select Issues Pertaining to Special Purpose Acquisition Companies (March 31, 2021), available at https://www.sec.gov/corpfin/announcement/staff-statement-spac-2021-03-31), see also Gibson, Dunn & Crutcher LLP, Back to the Future: SEC Chair Announces Spring 2021 Reg Flex Agenda (June 21, 2021), available at https://www.gibsondunn.com/back-to-the-future-sec-chair-announces-spring-2021-reg-flex-agenda/ (discussing the inclusion of SPACs in Chair Gensler’s Spring 2021 Unified Agenda of Regulatory and Deregulatory Actions announced on June 11, 2021 (see U.S. Securities and Exchange Commission, Press Release (2021-99), SEC Announces Annual Regulatory Agenda (June 11, 2021), available at https://www.sec.gov/news/press-release/2021-99), and Gibson, Dunn & Crutcher LLP, SEC Fires Shot Across the Bow of SPACs (July 14, 2021), available at https://www.gibsondunn.com/sec-fires-shot-across-the-bow-of-spacs/ (discussing a partially settled Commission enforcement action against a SPAC related to purported misstatements on the registration statement concerning the target’s technology and business risks).

[3] U.S. Securities and Exchange Commission, Press Release (2022-56), SEC Proposes Rules to Enhance Disclosure and Investor Protection Relating to Special Purpose Acquisition Companies, Shell Companies, and Projections (March 30, 2022), available at https://www.sec.gov/news/press-release/2022-56.

[4] Id.

[5] Proposed Rule, p. 195 (citing on fn. 432 Michael Levitt, Valerie Jacob, Sebastian Fain, Pamela Marcogliese, Paul Tiger, & Andrea Basham, 2021 De-SPAC Debrief, FRESHFIELDS (Jan. 24, 2022), available at https://blog.freshfields.us/post/102hgzy/2021-de-spacdebrief, and on fn. 433 Tingting Liu, The Wealth Effects of Fairness Opinions in Takeovers, 53 FIN. REV. 533 (2018)).

[6] The term “promoter” is defined in Securities Act Rule 405 and Exchange Act Rule 12b-2.

[7] Proposed Item 1604(c)(1) suggests the following potential sources: “the amount of compensation paid or to be paid to the SPAC sponsor, the terms of outstanding warrants and convertible securities, and underwriting and other fees.” Proposed Rule, p. 336.

[8] Commission Hester M. Peirce, Statement: Damning and Deeming: Dissenting Statement on Shell Companies, Projections, and SPACs Proposal (March 30, 2022), available at https://www.sec.gov/news/statement/peirce-statement-spac-proposal-033022.

[9] Under Section 6(a) of the Securities Act, each “issuer” must sign a Securities Act registration statement. The Securities Act broadly defines the term “issuer” to include every person who issues or proposes to issue any securities.

[10] Proposed Rule, p. 195.

[11] 17 CFR 229.10(f)(1).

[12] Proposed Rule, p. 302 and fn. 575 (explaining that the “estimate is based, in part, on [the Commission’s] estimate of the number of de-SPAC transactions in which the SPAC is the legal acquirer”).

[13] See Jamie Payne, Market Trends: De-SPAC Transactions, LexisNexis (March 5, 2022), available at https://www.lexisnexis.com/community/insights/legal/practical-guidance-journal/b/pa/posts/market-trends-de-spac-transactions (“The average size of de-SPAC transactions remained consistent between $2.2 billion and $2.8 billion in 2021 until a significant decline to $1.4 billion in the fourth quarter. The largest SPAC merger announced and closed in 2021, between Altimeter Growth Corp. and Grab Holdings Inc., was valued at $39.6 billion.”).

[14] The term “penny stock” is defined in 17 CFR 240.3a51-1.

[15] Section 11 of the Securities Act imposes on underwriters, among other parties identified in Section 11(a), civil liability for any part of the registration statement, at effectiveness, which contained an untrue statement of a material fact or omitted to state a material fact required to be stated therein or necessary to make the statements therein not misleading, to any person acquiring such security. Further, Section 12(a)(2) imposes liability upon anyone, including underwriters, who offers or sells a security, by means of a prospectus or oral communication, which includes an untrue statement of a material fact or omits to state a material fact necessary in order to make the statements, in the light of the circumstances under which they were made, not misleading, to any person purchasing such security from them.

[16] The Proposal further notes that “Federal courts and the Commission may find that other parties involved in securities distributions, including other parties that perform activities necessary to the successful completion of de-SPAC transactions, are ‘statutory underwriters’ within the definition of underwriter in Section 2(a)(11).” Proposed Rule, p. 98.

[17] Although the Securities Act does not expressly require an underwriter to conduct a due diligence investigation, the Proposal reiterates the Commission’s long-standing view that underwriters nonetheless have an affirmative obligation to conduct reasonable due diligence. Proposed Rule, fn. 184 (citing In re Charles E. Bailey & Co., 35 S.E.C. 33, at 41 (Mar. 25, 1953) (“[An underwriter] owe[s] a duty to the investing public to exercise a degree of care reasonable under the circumstances of th[e] offering to assure the substantial accuracy of representations made in the prospectus and other sales literature.”); In re Brown, Barton & Engel, 41 SEC 59, at 64 (June 8, 1962) (“[I]n undertaking a distribution . . . [the underwriter] had a responsibility to make a reasonable investigation to assure [itself] that there was a basis for the representations they made and that a fair picture, including adverse as well as favorable factors, was presented to investors.”); In the Matter of the Richmond Corp., infra note 185 (“It is a well-established practice, and a standard of the business, for underwriters to exercise diligence and care in examining into an issuer’s business and the accuracy and adequacy of the information contained in the registration statement . . . The underwriter who does not make a reasonable investigation is derelict in his responsibilities to deal fairly with the investing public.”)).

[18] Proposed Rule, p. 104, citing SEC v. M & A W., Inc., 538 F.3d 1043, 1053 (9th Cir. 2008) (“[W]e are informed by the purpose of registration, which is ‘to protect investors by promoting full disclosure of information thought necessary to informed investment decisions.’ The express purpose of the reverse mergers at issue in this case was to transform a private corporation into a corporation selling stock shares to the public, without making the extensive public disclosures required in an initial offering. Thus, the investing public had relatively little information about the former private corporation. In such transactions, the investor protections provided by registration requirements are especially important.”).

[19] Id., p. 343.

[20] Id., p. 112 (citing the staff guidance under the Division of Corporation Finance’s Financial Reporting Manual).

[21] Id., p. 112 (citing the staff guidance under the Division of Corporation Finance’s Financial Reporting Manual at Section 4110.5).

[22] Id., p. 124.

[23] For example, the Commission cites to recent enforcement actions against SPACs, alleging the use of baseless or unsupported projections about future revenues and the use of materially misleading underlying financial projections. See, e.g., In the Matter of Momentus, Inc., et al., Exch. Act Rel. No. 34-92391 (July 13, 2021); SEC vs. Hurgin, et al., Case No. 1:19-cv05705 (S.D.N.Y., filed June 18, 2019); In the Matter of Benjamin H. Gordon, Exch. Act Rel. No. 34-86164 (June 20, 2019); and SEC vs. Milton, Case No. 1:21-cv-6445 (S.D.N.Y., filed July 29, 2021).

[24] Proposed Rule 3a-10. The Proposal does not provide a safe harbor under Section 3(a)(1)(C) of the Investment Company Act, with respect to issuers engaged or proposing to engage in certain securities activities.

[25] The de-SPAC transaction may involve the combination of multiple target companies, so long as intentions of the SPAC are disclosed and so long as closing with respect to all target companies occurs contemporaneously and within the required time limits (as described below). Proposed Rule, p. 145.

[26] “Primary Control Company” means an issuer that (i) “[i]s controlled within the meaning of Section 2(a)(9) of the Investment Company Act by the surviving company following a de-SPAC transaction with a degree of control that is greater than that of any other person” and (ii) “is not an investment company.” Proposed Rule 3a-10(b)(2).

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. For further information, please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Capital Markets, Mergers and Acquisitions, Securities Enforcement, or Securities Regulation and Corporate Governance practice groups, or the following authors:

Evan M. D’Amico – Washington, D.C. (+1 202-887-3613, edamico@gibsondunn.com)
Gerry Spedale – Houston (+1 346-718-6888, gspedale@gibsondunn.com)
Lori Zyskowski – New York (+1 212-351-2309, lzyskowski@gibsondunn.com)
Julia Lapitskaya – New York (+1 212-351-2354, jlapitskaya@gibsondunn.com)
Gregory Merz – Washington, D.C. (+1 202-887-3637, gmerz@gibsondunn.com)
Rodrigo Surcan – New York (+1 212-351-5329, rsurcan@gibsondunn.com)
James O. Springer – Washington, D.C. (+1 202-887-3516, jspringer@gibsondunn.com)

Please also feel free to contact the following practice group leaders:

Mergers and Acquisitions Group:
Eduardo Gallardo – New York (+1 212-351-3847, egallardo@gibsondunn.com)
Robert B. Little – Dallas (+1 214-698-3260, rlittle@gibsondunn.com)
Saee Muzumdar – New York (+1 212-351-3966, smuzumdar@gibsondunn.com)

Capital Markets Group:
Andrew L. Fabens – New York (+1 212-351-4034, afabens@gibsondunn.com)
Hillary H. Holmes – Houston (+1 346-718-6602, hholmes@gibsondunn.com)
Stewart L. McDowell – San Francisco (+1 415-393-8322, smcdowell@gibsondunn.com)
Peter W. Wardle – Los Angeles (+1 213-229-7242, pwardle@gibsondunn.com)

Securities Regulation and Corporate Governance Group:
Elizabeth Ising – Washington, D.C. (+1 202-955-8287, eising@gibsondunn.com)
James J. Moloney – Orange County (+1 949-451-4343, jmoloney@gibsondunn.com)
Lori Zyskowski – New York (+1 212-351-2309, lzyskowski@gibsondunn.com)
Brian J. Lane – Washington, D.C. (+1 202-887-3646, blane@gibsondunn.com)
Ronald O. Mueller – Washington, D.C. (+1 202-955-8671, rmueller@gibsondunn.com)
Thomas J. Kim – Washington, D.C. (+1 202-887-3550, tkim@gibsondunn.com)
Mike Titera – Orange County (+1 949-451-4365, mtitera@gibsondunn.com)
Aaron Briggs – San Francisco (+1 415-393-8297, abriggs@gibsondunn.com)
Julia Lapitskaya – New York (+1 212-351-2354, jlapitskaya@gibsondunn.com)

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Click for PDF

The UK’s competition watchdog has prohibited a proposed merger that the European Commission had cleared little more than one month ago. On the same day, the US Department of Justice announced that it considered the deal problematic. These developments highlight the growing uncertainties that companies now face in getting global deals through and underline the need for careful, strategic planning to manage competition law risks.

Divergence is real and it can hurt

The assumption that UK competition laws and policies would largely continue to match those of the EU has been a key underpinning of the advice most practitioners have given since Brexit. Whilst still valid in most areas as a matter of law, the approach adopted by the UK Competition and Markets Authority (CMA) has, in fact, been diverging from that of the European Commission (EC) for some time in the field of merger control.

This spilt out when the CMA publicly expressed skepticism of the EC’s Google/Fitbit clearance in early 2021. However, many commentators argued that this divergence was limited to digital markets and would not affect more traditional industries. The CMA would, it was asserted, do everything it could to coordinate and adopt an approach consistent with the EC particularly in deals in which neither party was a UK company.

That assumption can no longer be made.

Earlier this week, parties to a proposed merger abandoned their deal, which was already cleared by the EC, following a prohibition by the CMA. The CMA concluded that that the divestiture package that had been accepted by the EC was not clear-cut enough to be effective.

The blocked Cargotec/Konecranes merger serves as a stark reminder to companies that following the UK’s exit from the EU’s one stop shop merger regime, divergence in approach between the two authorities is real, and may lead to deals literally falling apart.

In this note, we consider the implications for parties facing parallel merger review before the EU and UK authorities and offer some practical tips to achieve the best outcome. It is clear that parties to transactions facing dual review in the EU and the UK need to pay close attention to the practice of both authorities, particularly in relation to remedies. Timing and cooperative engagement are paramount.

A brief look at the present case

Cargotec and Konecranes are Finnish companies offering container handling equipment and services to port terminals and industrial customers worldwide. The companies announced their proposed US$5 billion merger in October 2020. The deal was notified in a number of jurisdictions, including the UK, EU, U.S., Australia, New Zealand, Singapore and Israel.

When the deal ran into trouble, the parties proposed a divestment remedy which involved carving out asset packages from within each of their existing businesses to be sold as a new combined business.

In February, the EC announced its approval of the deal subject to the divestiture remedy. The EC’s Executive Vice-President Margrethe Vestager said “[f]ollowing the remedies offered by the two companies, customers in Europe will continue to have sufficient choice of port equipment and will continue benefitting from competitive prices and a great choice of technology”.

Vestager doubled down on the justification for the EC’s clearance of the deal in a speech on 25 March 2022. She asserted that the EC had made sure that the remedies addressed the EC’s concerns through the divestiture of “viable standalone businesses”.

Four days later the CMA announced that it would block the merger. The CMA was not satisfied with the parties’ proposed remedies, stating that the asset packages “would not enable whoever bought them to compete as strongly as the merging businesses do at present” and that the process of carving out the assets and knitting them together “would be complex and risky”.

Two days from then, Vestager returned to the fray, reiterating her message that the EC had made sure that the proposed remedies addressed its concerns and that the market had given positive feedback on them.

A sign of things to come

We should be cautious in drawing too firm a conclusion from one case. The US, EU and UK authorities regularly communicate with one another and have a strong record of coordinating their actions.

But the CMA’s prohibition of the Cargotec/Konecranes merger – and the EC’s very public support for the stand it took – suggests greater challenges lie ahead for parallel track cases, in particular when it comes to remedies: what is “clear-cut” for one authority appears no longer to be clear-cut for another. The CMA’s public criticism of the EC’s Google/Fitbit remedies provides support for the latter.

On the other hand, in September last year the CMA unconditionally cleared the Meta/Kustomer merger in Phase I, whilst the deal went to Phase II in Europe (it was ultimately cleared with remedies in January 2022 by the EC).

Global considerations

There was a broader global dimension to Cargotec/Konecranes, beyond the UK-EU divergence. In particular, on the same day as the CMA’s prohibition, the U.S. Department of Justice announced that the deal would have led to an “illegal consolidation” and that it had informed the parties that the proposed remedy was insufficient.

The ACCC has discontinued its review following the abandonment of the transaction, but it noted in its press release that Australian customers had expressed strong concerns on the proposed remedy.

These elements underline the need for merging parties to factor in potentially different approaches across multiple jurisdictions, and the possibility that a tougher approach by one or several authorities may jeopardise the approval prospects of a deal that is cleared in other jurisdictions.

How do you get your deal through unscathed?

There are four main things that companies need to bear in mind:

Should the UK be a condition precedent: the UK merger regime is voluntary and is non-suspensory. As a result many companies opt not to have UK clearance as a condition precedent. Whilst this often makes sense, much greater thought than in the past needs to go into the question. Cargotec/Konecranes not only underlines that the CMA is now one of the toughest regulators in the world but also that it is willing to go its own way on remedies, even in deals between two non-UK companies.
Timing: Having a robust, well thought out strategy on the timing of deal announcement and engagement with the authorities is critical. The merger review timetables of the EC and CMA do not line up – the CMA’s review period is longer than that of the EC. Parties may want to stagger their submissions so that the CMA and EC are reviewing remedy packages at the same time. There is also a disconnect between the stage at which each authority may be willing to accept large, upfront remedy packages. The EC does, in certain circumstances, accept these in Phase 1, whereas the CMA typically requires an in-depth investigation to get comfortable. On the face of it, it appears that Cargotec and Konecranes may have simply run out of time to get the CMA comfortable with a revised divestiture package.
Defining the right remedy package: In cases where remedies are on the cards, plan them early, discuss them early with the authority and make them as clear-cut as commercially possible. Cargotec/Konecranes confirms that it is difficult to persuade authorities to accept mix-and-match remedies. Parties should avoid remedies that could be difficult to implement and must take into account the remedy preference of each authority (a one-size-fits-all remedy package is no longer always an option).
Facilitate cooperation between agencies: It is clear that cooperation between the EC and the CMA is not at its strongest. That means that the parties and their advisors will need to work much more closely and proactively with both authorities; “leave it to the authorities to sort things out between themselves” is no longer a viable strategy (if it ever was!).

The following Gibson Dunn lawyers prepared this client alert: Ali Nikpay and Mairi McMartin.

Gibson Dunn’s lawyers are available to assist in addressing any questions that you may have regarding the issues discussed in this update. For further information, please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Antitrust and Competition practice group, or the following:

Ali Nikpay – Co-Chair, Antitrust & Competition Group, London (+44 (0) 20 7071 4273, anikpay@gibsondunn.com)

Attila Borsos – Partner, Antitrust & Competition Group, Brussels (+32 2 554 72 11, aborsos@gibsondunn.com)

Deirdre Taylor – Partner, Antitrust & Competition Group, London (+44 20 7071 4274, dtaylor2@gibsondunn.com)

Christian Riis-Madsen – Co-Chair, Antitrust & Competition Group, Brussels (+32 2 554 72 05, criis@gibsondunn.com)

Nicholas Banasevic – Managing Director, Antitrust & Competition Group, Brussels (+32 2 554 72 40, nbanasevic@gibsondunn.com)

Jessica Staples – Of Counsel, Antitrust & Competition Group, London (+44 (0) 20 7071 4155, jstaples@gibsondunn.com)

Mairi McMartin – Associate, Antitrust & Competition Group, Brussels (+32 2 554 72 29, mmcMartin@gibsondunn.com)

Rachel S. Brass – Co-Chair, Antitrust & Competition Group, San Francisco (+1 415-393-8293, rbrass@gibsondunn.com)

Stephen Weissman – Co-Chair, Antitrust & Competition Group, Washington, D.C. (+1 202-955-8678, sweissman@gibsondunn.com)

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Click for PDF

Decided March 31, 2022

Badgerow v. Walters, No. 20-1143

Today, the Supreme Court held 8-1 that federal jurisdiction to confirm or vacate an arbitral award under Sections 9 and 10 of the Federal Arbitration Act must exist independent of the underlying controversy—that is, courts cannot “look through” to the underlying dispute to establish federal subject-matter jurisdiction.

Background: Under the Federal Arbitration Act (FAA), a party to an arbitration agreement may ask a federal court to confirm or vacate an arbitral award. 9 U.S.C. §§ 9, 10. A Louisiana resident initiated an arbitration against her Louisiana employer, alleging unlawful termination under federal and state law. After the arbitrators dismissed the claims, the plaintiff sued in state court to vacate the arbitral award. The defendant removed the case to federal court based on the underlying federal employment claims and asked the court to confirm the arbitrators’ decision. The Fifth Circuit held that the federal court had jurisdiction by “looking through” the plaintiff’s petition to the underlying federal employment claims.

Issue: Do federal courts have subject-matter jurisdiction to confirm or vacate an arbitral award under Sections 9 and 10 of the Federal Arbitration Act when the only basis for jurisdiction is that the underlying dispute involved a federal question?

Court’s Holding: No. Federal jurisdiction to confirm or vacate an arbitration award must exist independent of the underlying controversy, and it is not sufficient for federal jurisdiction that the underlying claim the parties arbitrated arose under federal law.

“Congress has made its call. We will not impose uniformity on the statute’s non-uniform jurisdictional rules.”

Justice Kagan, writing for the Court

What It Means:

Today’s decision resolves a circuit split over whether the Court’s decision in Vaden v. Discover Bank, 556 U.S. 49 (2009)—which held that federal courts should look through to the underlying claims to determine whether they have jurisdiction over a petition to compel arbitration under FAA Section 4—applies to petitions to confirm or vacate arbitral awards under FAA Sections 9 and 10.
The Court ruled that Vaden’s “look through” approach was based on textual indicia unique to Section 4, which Congress did not include in Sections 9 and 10. Therefore, the Court declined to extend Vaden to Sections 9 and 10.
The Court’s holding that the “look through” approach is limited to petitions under Section 4 means that federal courts will lack jurisdiction over many petitions under Sections 9 and 10. In practice, unless there is a federal question on the face of the petition, or complete diversity between the parties and the amount of the arbitral award exceeds $75,000, federal courts are not likely to have jurisdiction over petitions to confirm or vacate an arbitral award.
The Court’s decision does not extend to the enforcement of international arbitration awards under the Convention on the Recognition and Enforcement of Foreign Arbitral Awards, because the FAA independently confers federal jurisdiction over those cases.
The decision demonstrates the Court’s commitment to applying statutes as written. The Court refused to allow policy concerns to override the “evident congressional choice” to “respect the capacity of state courts to properly enforce arbitral awards.” In contrast, Justice Breyer, writing in dissent, acknowledged that he was looking beyond “the statute’s literal words” to its “purposes” and “the likely consequences” flowing from a non-uniform approach to assessing jurisdiction over petitions filed under the FAA.

The Court’s opinion is available here.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding developments at the Supreme Court. Please feel free to contact the following practice leaders:

Appellate and Constitutional Law Practice

Allyson N. Ho +1 214.698.3233 aho@gibsondunn.com	Mark A. Perry +1 202.887.3667 mperry@gibsondunn.com	Lucas C. Townsend +1 202.887.3731 ltownsend@gibsondunn.com
Bradley J. Hamburger +1 213.229.7658 bhamburger@gibsondunn.com

Related Practice: Class Actions

Christopher Chorba
+1 213.229.7396
cchorba@gibsondunn.com

Kahn A. Scolnick
+1 213.229.7656
kscolnick@gibsondunn.com

Related Practice: Labor and Employment

Jason C. Schwartz
+1 202.955.8242
jschwartz@gibsondunn.com

Katherine V.A. Smith
+1 213.229.7107
ksmith@gibsondunn.com

Related Practice: Judgment and Arbitral Award Enforcement

Matthew D. McGill
+1 202.887.3680
mmcgill@gibsondunn.com

Robert L. Weigel
+1 212.351.3845
rweigel@gibsondunn.com

Related Practice: International Arbitration

Rahim Moloo
+1 212.351.2413
rmoloo@gibsondunn.com

Click for PDF

On March 16, 2022, New York State Governor Kathy Hochul signed two new bills into law that expand non-discrimination protections in the workplace. As a result, New York now prohibits employers from releasing employee personnel files in retaliation for such employee’s engagement in protected activity. Additionally, the state will be announcing a state-run sexual harassment hotline that will need to be referenced in anti-harassment policies and postings.

There are also several bills working their way through the State Legislature that, if enacted, would significantly impact employers in New York. We discuss those potential new laws below.

Newly Enacted Workplace Laws

New York recently enacted two new laws impacting employers.

The first makes it an unlawful retaliatory practice under the New York State Human Rights Law (“NYSHRL”) for an employer to disclose an employee’s “personnel files” because the employee has: (i) opposed any practices forbidden under the NYSHRL; or (ii) filed a complaint, testified, or assisted in any proceeding under the NYSHRL or any other judicial or administrative proceeding. According to the statute, this is necessary to address “retaliation [that] frequently appears in the form of a leaking of personnel files with the intent to disparage or discredit a victim or witness of discrimination in the workplace.” This law is effective as of March 16, 2022. Significantly, the law expressly permits employers to disclose personnel files in the course of commencing or responding to a complaint in any judicial or administrative proceeding.

The second new law requires the State Division of Human Rights to work with the State Department of Labor to establish, by July 14, 2022, a toll-free, confidential hotline to provide counsel and assistance to individuals with concerns of workplace sexual harassment. Employers will be required to include the hotline number in any sexual harassment postings and policies. Once “live,” the hotline will be staffed by pro bono attorneys experienced in providing sexual harassment-related counsel, who will be recruited by the Division of Human Rights and organizations representing attorneys, such as the New York State Bar Association.

Bills Under Consideration

Two additional bills, if passed, would have significant implications for employers in New York. Both of the following bills passed the New York State Senate on March 1, 2022, but have yet to pass the Assembly or be signed into law:

No Rehire Provisions – Senate Bill S766 would render the release of claims in a settlement agreement between an employer and employee and/or independent contractor unenforceable if the agreement contains a no-rehire clause. No-rehire provisions are commonly included in separation and release agreements to prohibit the individual from applying for or accepting future employment with the employer and its related entities.Notably, under the proposed law, if a release is rendered unenforceable by the inclusion of a no-rehire provision, the employer would remain bound by all other provisions of the agreement, including the obligation to pay any agreed-upon settlement payment. The bill does not, however: (i) prohibit termination of the employee if mutually agreed upon as part of a settlement; or (ii) automatically require an employer to rehire an employee who had previously settled a case against the employer.If passed, this law would take effect on the 60th day after being signed and would apply to all agreements entered into on and after that date.

Nondisclosure Provisions in Settlement Agreements – Senate Bill S738 would render unenforceable a release of any claim of discrimination, harassment, or retaliation if the release is included in a settlement agreement that: (i) requires the aggrieved worker to pay liquidated damages for violation of a nondisclosure clause; (ii) requires the aggrieved worker to forfeit all or part of the consideration for violation of a nondisclosure clause; or (iii) contains any statement or disclaimer that the aggrieved employee was not in fact subject to discrimination, harassment, or retaliation.Currently under New York law, any provision in an agreement between an employer and an employee is void if it prevents the disclosure of information related to discrimination unless the employee is notified that they are not prohibited from speaking with law enforcement, the EEOC, the state or local commission of human rights, or an attorney. If passed, this new law would also require employers to notify employees that nothing precludes them from speaking with the New York Attorney General. It would also expand coverage to independent contractors.The proposed law would also amend New York General Obligations Law Section 5-336, which prohibits employers from including nondisclosure provisions in agreements resolving claims involving unlawful discrimination unless: (i) the provision is the complainant’s preference; (ii) the provision is set forth in writing; and (iii) the complainant is given twenty-one (21) days to consider and seven (7) days to revoke the agreement. If passed, the new law would clarify that these requirements apply to agreements settling claims involving harassment and retaliation. It would also clarify that the complainant may voluntarily agree to the confidentiality provision before the twenty-one (21) day waiting period has elapsed.
This bill is similar to legislation that was recently enacted regarding settlement and separation agreements in California, but with a couple of notable differences – such as certain language that is required pursuant to California law and the amount of time complainants must be provided to consider the agreement. Additional information on the California legislation is available here.

If passed, this law would take effect immediately upon singing and would apply to all agreements entered into on or after that date.

Governor Hochul has indicated that she is likely to sign these bills into law if they pass in the State Assembly. That said, by rendering key provisions of a settlement agreement (i.e., the release itself) unenforceable, these bills may be subject to legal challenge if they are ultimately enacted.

Implications for Employers

In light of the newly enacted laws, New York employers should proceed with even greater caution when considering whether to release personnel file information, including when making public statements in response to an employee’s claim to the extent that the statement discloses information contained in a personnel file. To that end, employers should consider counseling managers and updating their policies governing access to and disclosure of employee information to ensure compliance.

Employers should also plan to update their New York handbook policies, anti-harassment trainings, and postings with New York State’s anonymous hotline information once available.

We will continue to closely monitor the bills under consideration, which will impact the settlement of discrimination, harassment and retaliation claims.

The following Gibson Dunn attorneys assisted in preparing this client update: Harris Mufson, Gabrielle Levin, Danielle Moss, Meika Freeman, and Alex Downie.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. To learn more about these issues, please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Labor and Employment practice group, or the following:

Mylan Denerstein – New York (+1 212-351-3850, mdenerstein@gibsondunn.com)

Gabrielle Levin – New York (+1 212-351-3901, glevin@gibsondunn.com)

Danielle J. Moss – New York (+1 212-351-6338, dmoss@gibsondunn.com)

Harris M. Mufson – New York (+1 212-351-3805, hmufson@gibsondunn.com)

Jason C. Schwartz – Co-Chair, Labor & Employment Group, Washington, D.C.
(+1 202-955-8242, jschwartz@gibsondunn.com)

Katherine V.A. Smith – Co-Chair, Labor & Employment Group, Los Angeles
(+1 213-229-7107, ksmith@gibsondunn.com)

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Click for PDF

Introduction

The European Union has reached political agreement on its landmark Digital Markets Act (DMA) legislation. The EU-wide DMA will apply in addition to competition law rules and targets the largest digital platforms. The legislation which introduces a broad-based regulation of digital markets should be formally adopted in the coming weeks and will enter into force at the beginning of 2023.

The DMA is one of the most important pieces of economic legislation in the EU of recent times. It will impose a broad set of upfront, legally binding conduct obligations (dos and don’ts) on companies operating in the EU whose products are determined to be an important gateway for businesses to reach consumers (gatekeepers). The DMA’s impact in European digital markets will be significant both because of the scope of the products that will be covered and because of the number of obligations that will apply.

It is not only gatekeepers who need to take note. All companies operating in the digital space need to be fully attuned to the implications of the DMA as it will likely impact their commercial activities directly or indirectly. They will need to implement a multi-faceted plan in relation to product design, commercial strategy and engagement with public authorities. They will also need to take account of the interplay between the DMA and other competition and regulatory initiatives, both within Europe and globally. Companies whose products are caught by the DMA will need to ensure that they comply with all of the relevant obligations, whilst companies which are not caught by the DMA will need to adjust to the changes in the commercial environment that the DMA will lead to.

What is new?

There has been broad agreement between EU Member States and the European Parliament on the principles of the DMA ever since the European Commission proposed the legislation in December 2020. Recent discussions have focussed on: (1) the turnover and market capitalization thresholds that would apply for companies to be subject to the DMA; (2) which products would be covered; (3) the precise nature of certain obligations; and (4) how the DMA would be enforced. On these points:

The quantitative thresholds for a company to be caught have increased from an annual turnover of €6.5 billion in the European Economic Area (EEA) to €7.5 billion, and from a global market capitalization of €65 billion to €75 billion.
Browsers and virtual assistants have been added as products to which the DMA’s obligations will apply.
Some of the obligations which gatekeepers will have to comply with have been broadened, notably as regards: (1) interoperability between messaging services; (2) a requirement to have a consumer choice screen upon an end user’s first use of a search engine, a virtual assistant or a browser; (3) an extension of the “most-favoured-nation” parity clause provisions; and (4) a requirement to have fair access conditions for search and social networks (this obligation previously applied only to app stores).
Whilst the European Commission will ultimately remain responsible for DMA enforcement, EU Member State competition authorities will play a supporting role.

Why should your company care?

The DMA will regulate the behaviour of so-called gatekeepers that operate “core platform services” which have a significant impact in the EU market. A company can be designated as a gatekeeper for one or more core platform services. The DMA contains a broad list of what are core platform services but the DMA’s obligations would only apply if a core platform service is an important gateway for business users to reach end users in the EU. The main way in which such designation will occur is via quantitative thresholds based on: (1) company size (EEA turnover and global market capitalization); and (2) product reach (number of active end users and active end users in the EEA for each core platform service).

Once a core platform service is designated as a gatekeeper, it must comply with every DMA obligation that can apply to that product. There are 18 obligations in total, some of which are imprecise and cover a wide variety of different provisions including data access, interoperability, and self-preferencing.

Gatekeepers should care because they will need to comply with the relevant obligations. Because gatekeepers are not specifically defined, companies should check if their products might be caught, either now or in the future and if so, what they should do. If not, your company may still be affected, either because it is doing business with a gatekeeper or because some obligations are imprecise and may lead to a number of consequences – intended and unintended – in digital markets. The DMA is an attempt to rapidly implement broad-based regulation and it will lead to a high degree of uncertainty in digital markets for years to come.

The following Gibson Dunn lawyers prepared this client alert: Christian Riis-Madsen, Nicholas Banasevic, and Mairi McMartin.

Nicholas Banasevic – Managing Director, Antitrust & Competition Group, Brussels (+32 2 554 72 40, nbanasevic@gibsondunn.com)

Christian Riis-Madsen – Co-Chair, Antitrust & Competition Group, Brussels (+32 2 554 72 05, criis@gibsondunn.com)

Ali Nikpay – Co-Chair, Antitrust & Competition Group, London (+44 (0) 20 7071 4273, anikpay@gibsondunn.com)

Rachel S. Brass – Co-Chair, Antitrust & Competition Group, San Francisco (+1 415-393-8293, rbrass@gibsondunn.com)

Stephen Weissman – Co-Chair, Antitrust & Competition Group, Washington, D.C. (+1 202-955-8678, sweissman@gibsondunn.com)

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Click for PDF

In a closely followed decision that directly addresses an issue of critical importance for the interactive fantasy sports (“IFS”) industry, in which daily fantasy sports are a subset, the New York Court of Appeals held on March 22, 2022 that IFS contests do not constitute “gambling” within the meaning of New York’s constitutional prohibition on gambling. White v. Cuomo, No. 12, 2022 WL 837573 (N.Y. Mar. 22, 2022).[1] In doing so, New York’s highest court followed the reasoning set forth by the Attorney General and further developed in an amicus brief Gibson Dunn filed on behalf of DraftKings and FanDuel (available here), and joined other state courts holding that “it is now ‘widely recognized’ that IFS contests are predominately skill-based competitions” distinguishable from games of chance. Id. at *7 (quoting Dew-Becker v. Wu, 178 N.E.3d 1034, 1041 (Ill. 2020)). The White v. Cuomo case confirms the legality of daily fantasy sports in New York. And it has important implications for the sports betting industry writ large, as it underscores the degree of deference courts must give the New York legislature’s interpretation of the State’s constitutional gambling provisions.

In this alert, we summarize and discuss: (1) the decision of the New York Court of Appeals in White v. Cuomo; and (2) the potential impact of White v. Cuomo on the constitutionality of mobile sports betting and other gambling-related legislation in New York.

White v. Cuomo Ruling

In White v. Cuomo, the New York Court of Appeals was called on to decide whether the legislature had violated the New York Constitution’s general prohibition on lotteries and “other forms of gambling” by enacting a law expressly authorizing and regulating IFS contests. That legislation, known as article 14, also states that IFS contests do not constitute “gambling” because their outcomes depend on “the skill and knowledge of the participants,” rather than chance, and the “contests are not wagers on future contingent events not under the contestants’ control or influence.” White, 2022 WL 837573, at *2 (quotation marks omitted).

In a lengthy decision penned by Chief Judge DiFiore, the New York Court of Appeals held that “[b]ecause ample support exists for the legislature’s determination that the IFS contests authorized in article 14 are properly characterized as lawful skill-based competitions for prizes under our precedent, plaintiffs have not met their burden to demonstrate beyond a reasonable doubt that article 14 is unconstitutional.” White, 2022 WL 837573, at *1. The Court’s decision has two particularly notable features.

First, the Court underscored the degree of deference due legislative judgments generally and those involving the constitutional prohibition on gambling specifically. The Court stated that “[i]t is well settled that legislative enactments are entitled to a strong presumption of constitutionality,” and that “courts strike them down only as a last unavoidable result after every reasonable mode of reconciliation of the statute with the Constitution has been resorted to, and reconciliation has been found impossible.” White, 2022 WL 837573, at *3 (cleaned up). So great is this level of deference that, “[w]hile courts may look to the record relied on by the legislature, even in the absence of such a record, factual support for the legislation would be assumed by the courts to exist.” Id. (quotation marks omitted). Notably, the Court emphasized that this deference extends to legislative judgments regarding whether a particular activity falls within the constitutional prohibition on gambling.

Second, the Court applied the “dominating element” test used by many courts to confirm the legislature’s finding that IFS contests do not constitute gambling. The “dominating element” is used to determine whether a game is one of “chance,” and therefore constitutes gambling, by evaluating whether the element of chance or skill predominantly controls the game’s result. Relying heavily upon recent statistical studies demonstrating the importance of player skill in head-to-head fantasy sports games, the Court concluded that the outcomes of such games are predominantly skill-based, and therefore, not gambling.

The White v. Cuomo decision discussed, but ultimately rejected, another test that some courts have employed to determine whether a contest is one of skill or chance—the “material degree” test. That test analyzes whether the game involves the element of chance to a material degree. But as the Court of Appeals explained, the “material degree” test does not comport with the standard New York courts have historically applied in determining whether a particular activity constitutes a game of chance. By adopting the “dominating element” test and rejecting the “material degree” test, the New York Court of Appeals joined a recent, high-profile decision by the Illinois Supreme Court holding that IFS contests are not gambling.

The White v. Cuomo decision was not unanimous, however. In a dissent joined by two other judges, Judge Wilson sharply questioned the majority’s deference to the legislature. In addition, the dissenting judges criticized the majority’s decision to use the “dominating element” test to determine whether a game is one of “chance.” But as the majority noted, the dissent “provid[ed] no discernable definition for the term ‘gambling’” or any “logical framework for assessing the constitutionality of any particular activity alleged to be ‘gambling.’” White, 2022 WL 837573, at *10.

Potential Impact

The White v. Cuomo ruling has important implications for the IFS industry and, more broadly, the sports betting industry. With respect to IFS contests, and most immediately, the ruling closes the chapter on five years of litigation contesting the legality of IFS contests in the largest market in the United States. New York has decided, once and for all, that IFS contests do not constitute gambling. The White v. Cuomo decision may also impact the IFS industry beyond the Empire State. If other state courts follow the reasoning applied by the New York Court of Appeals in White v. Cuomo, IFS operators conducting business in those states will have greater certainty that their operations are not subject to the legal and regulatory hurdles and costs imposed by evolving, and at times ambiguous, laws and regulations in those states.

More broadly, the decision has important implications for the constitutionality of New York’s mobile sports betting legislation.

In 2013, New York voters approved a constitutional amendment to allow the legislature to authorize “casino gambling” “at” up to seven casinos in the State, and expressly delegated to the legislature the task of implementing relevant laws relating to wagering. N.Y. Const. art I, § 9. In particular, the constitutional amendment authorizes the legislature to permit gambling as long as (1) the gambling constitutes “casino gambling” and (2) it occurs “at” one of the facilities authorized and prescribed by the legislature.

In April 2021, acting upon this constitutionally delegated authority, the New York legislature enacted legislation authorizing mobile sports wagering, provided the wagers are transmitted to and accepted by servers located at a licensed gaming facility. See N.Y. Rac. Pari-Mut. Wag. & Breed. Law § 1367-a. Specifically, the legislation provides that “[a]ll sports wagers through electronic communication . . . are considered placed or otherwise made when and where received by the mobile sports wagering licensee on such mobile sports wagering licensee’s server . . . at a licensed gaming facility, regardless of the authorized sports bettor’s physical location within the state at the time the sports wager is placed.” Id. § 1367-a(2)(d). So, for example, a bet requested by an app user in Manhattan would be deemed to occur “at” the casino housing the server that accepts and places the bet. The legislature further declared that “a sports wager that is made through virtual or electronic means from a location within New York state and is transmitted to and accepted by electronic equipment located at a licensed gaming facility . . . is a sports wager made at such licensed gaming facility.” S.B. S2509, 2021 Leg., 2021–2022 Sess., Part Y, § 2 (N.Y. 2021).[2] This statute went into effect on January 8, 2022, and generated nearly $70 million in tax revenue for New York in its first 30 days. See Press Release, Governor Hochul Announces Nearly $2 Billion in Wagers Over the First 30 Days of Mobile Sports Wagering (Feb. 14, 2022), https://www.governor.ny.gov/news/governor-hochul-announces-nearly-2-billion-wagers-over-first-30-days-mobile-sports-wagering.

The White v. Cuomo decision greatly bolsters the constitutionality of New York’s mobile sports wagering legislation, and the likelihood that the legislature’s finding that mobile sports wagers are placed at the location of the servers would be found valid. As discussed above, the White v. Cuomo decision underscored the strong deference deference afforded to legislative findings, including the legislature’s interpretation of the New York Constitution’s gambling provisions. The Court reiterated that “when a legislative enactment is challenged on constitutional grounds, there is both an ‘exceedingly strong presumption of constitutionality’ and a ‘presumption that the [l]legislature has investigated for and found facts necessary to support the legislations.’” White, 2022 WL 837573, at *3 (citation omitted). This “exceedingly strong presumption of constitutionality” should apply to the legislature’s exercise of its constitutionally delegated authority to define the contours of legal gambling in the mobile sports wagering legislation and any future legislation enacted under such authority.

____________________________

[1] Interactive fantasy sports involves the creation of a “virtual ‘team[]’ . . . composed of athletes who play for different real-life teams” and that is pitted against another “virtual team[] compiled by [an]other IFS contestant[].” White, 2022 WL 837573, at *2. “The performance of simulated players on an IFS roster corresponds to the performance of the real-life athletes,” but “the outcome of an IFS contest does not mirror the success or failure of any real-life athlete or sports team.” Id. That is because “IFS rosters do not replicate real-life teams, IFS scoring systems are premised on an aggregation of statistics concerning each individual athlete’s performance on specific tasks, and IFS contests pit the rosters of participants against one another rather than tying success to the outcome of sporting events.” Id.

[2] New York’s mobile sports wagering legislation adopted Gibson Dunn’s constitutional reasoning. As Gibson Dunn attorneys argued in a 2020 New York Law Journal op-ed, the legislature had the authority to enact legislation legalizing online sports wagering for two reasons. First, sports betting fits within the New York Constitution’s term “casino gambling,” because “casino gambling” would have been understood to include sports betting at the time the constitutional amendment was passed and adopted. Second, based on general contract law principles, online sports wagering can be conducted “at” an authorized casino so long as the acceptance and ultimate placement of the wager occurs at a server located at one of the licensed casinos. See Gibson Dunn, New York State Legalizes Online Sports Wagering (April 13, 2021), https://www.gibsondunn.com/new-york-state-legalizes-online-sports-wagering/.

Gibson Dunn’s lawyers are available to assist with any questions you may have regarding these developments. Please feel free to contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Litigation or Appellate and Constitutional Law practice groups, or the following authors:

Matthew L. Biben – New York (+1 212-351-6300, mbiben@gibsondunn.com)

Mylan L. Denerstein – New York (+1 212-351-3850, mdenerstein@gibsondunn.com)

Akiva Shapiro – New York (+1 212-351-3830, ashapiro@gibsondunn.com)

Alyssa B. Kuhn – New York (+1 212-351-2653, akuhn@gibsondunn.com)

Todd W. Shaw – Washington, D.C. (+1 202-955-8245, tshaw@gibsondunn.com)

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Click for PDF

As Russia continues to wage its unlawful war against Ukraine, in recent weeks Russia has severely restricted free expression within its borders. While journalists in Russia have long had to navigate a host of draconian laws designed to stifle free expression and limit media coverage critical of the government,[1] these new measures amount to a drastic escalation. Through both administrative and legislative measures, Russia has totally restricted several media outlets from operating in Russia. Among other things, Russia is threatening harsh criminal and monetary penalties against those who report on the conflict as a war or an invasion.

The catalyst for the new restrictions is Russia’s desire to control the public narrative associated with the war. Russia’s media agency, Roskomnadzor, has blocked access to media platforms (including social media) and news outlets on a variety of alleged bases, including that certain outlets and platforms were allegedly spreading misinformation about Russia’s actions in Ukraine and restricting access to government-backed media.[2]

Concurrently, Russia adopted amendments to the Criminal Code that introduces prison terms of up to 15 years for persons convicted of disseminating “knowingly false information” about military operations.[3] The same law introduces a maximum penalty of five years imprisonment for “discrediting” and “calling for obstruction” of the use of the Russian armed forces.[4] In practice, these new measures grant Russia broad authority to impose harsh penalties for any criticism of Russia’s conduct against Ukraine. Under the serious threat of criminal prosecution, major foreign news outlets as well as prominent independent Russian news outlets, have been forced to take significant measures. Some have suspended operations in Russia,[5] removed content regarding Russia’s attacks on Ukraine,[6] or shut down entirely.[7]

In addressing recent legislative amendments, three Special Rapporteurs of the United Nations’ Human Rights Council have observed that “[w]hile the government claims that the purpose of the new legislation is to protect the ‘truth’ about what it euphemistically calls a ‘special military operation’ in Ukraine, in reality the law places Russia under a total information blackout on the war and in so doing gives an official seal of approval to disinformation and misinformation.”[8] The Special Rapporteurs explain that “[b]y restricting reporting and blocking access to information online the authorities are not only choking the last vestiges of independent, pluralistic media in Russia, but they are also depriving the population of their right to access diverse news and views at this critical time when millions of Russians legitimately want to know more about the situation in Ukraine.”[9]

Russia’s restrictions on the media violate its international human rights obligations. In addition, Russia’s actions may also breach obligations it owes foreign investors under investment treaties to which it is party. Below, we set out options that may be available to affected media companies and journalists seeking to challenge Russia’s actions.

Claims Before Human Rights Bodies

At this time and until September 16, 2022, Russia is a party to the European Convention on Human Rights (the “European Convention”). While Russia was removed from the Council of Europe on March 16,[10] the Committee of Ministers (the Council of Europe’s statutory decision-making body)[11] and the European Court of Human Rights (“ECHR”)[12] have confirmed that Russia will remain a party to the European Convention until September 16. Accordingly, the ECHR “remains competent to deal with applications directed against the Russian Federation in relation to acts or omissions capable of constituting a violation of the Convention provided that they occurred until 16 September 2022.”[13]

Pursuant to the European Convention, Russia must guarantee physical and legal persons in its jurisdiction basic human rights, including the right to free expression.[14] Russia’s actions to suppress the media are clear violations of its obligations under the European Convention, and any effort by Russia to enforce its new censorship laws may amount to further violations. Thus, media companies and journalists who have been impacted by Russia’s recent measures may be able to seek remedies for these violations before the ECHR.[15]

To successfully bring an application before the ECHR, applicants must: (i) satisfy the jurisdictional and admissibility criteria required by the European Convention; and (ii) demonstrate a violation of the European Convention.

To have standing before the ECHR, a person (either physical or legal) must be able to show that a party to the European Convention committed a violation of the European Convention against them within its jurisdiction,[16] and was “directly affected” by the violation.[17] In addition, an applicant should seek to exhaust remedies in the jurisdiction whose actions are being challenged and bring a claim within four months of a final decision.[18] This requirement, however, is not a hard and fast rule, and “must take realistic account not only of the existence of formal remedies in the legal system of the Contracting Party concerned but also of the general legal and political context in which they operate as well as the personal circumstances of the applicants.”[19] In this case, an applicant could argue there is an “administrative practice” of censoring journalists in Russia that renders exhaustion of local remedies futile or ineffective.[20] In this context, any application should be brought within four months of the applicant receiving notice of the act that is the subject of the application or any prejudicial effect arising from the act.[21]

On the merits, Russia’s measures appear to be clear violations of its obligations under the European Convention. The European Convention states that “[e]veryone has the right to freedom of expression. This right shall include freedom to hold opinions and to receive and impart information and ideas without interference by public authority and regardless of frontiers.”[22] Legislation that causes potential authors to adopt a form of self-censorship, as is the case in Russia, can amount to an interference with the right to freedom of expression.[23] Free expression can only be limited if the restriction is: (i) provided for by law, (ii) in pursuit of a legitimate aim, and (iii) necessary and proportionate to achieve that aim.[24]

With respect to (i), the ECHR has held that domestic laws that restrict freedom of expression must be formulated “with sufficient precision to enable the person concerned to regulate his or her conduct: he or she needed to be able – if need be with appropriate advice – to foresee, to a degree that was reasonable in the circumstances, the consequences that a given action could entail.”[25] The ECHR has further emphasized that “indiscriminate blocking measure[s] which interfere[] with lawful content . . . as a collateral effect of a measure aimed at illegal content . . . amounts to arbitrary interference” with the right to free expression.[26] Here, Russia has, for example, criminalized “discrediting” and “calling for obstruction” of the use of the Russian military. These vague terms could arguably extend to any form of criticism of the Russian military.

With respect to (ii), while Russia contends that the restrictions are necessary for national security, it is widely acknowledged that the purpose of these restrictions is to suppress criticism and dissent of Russia’s unlawful war. As the Special Rapporteurs note, these new restrictions are “yet another drastic step in a long string of measures over the years, restricting freedom of expression and media freedom and further shrinking the civic space in the Russian Federation.”[27] Indeed, in recent cases against Russia, the ECHR has concluded that Russia has acted with an “ulterior purpose” to “suppress political pluralism.”[28] In any event, the ECHR has concluded that where opinions do not incite violence, a state cannot rely on the defense of national security to restrict the public’s right to be informed by using criminal law to influence the media.[29]

With respect to (iii), there is no basis for Russia to contend that these laws are necessary and proportionate. As Professor Marko Milanovic of the University of Nottingham School of Law has explained, these laws “are almost entirely divorced from addressing specific harms caused by speech, and they are so overbroad that they generate a veritable storm of chilling effects on speech in the public interest (indeed, that’s their whole point).”[30] In cases involving the suspension of media publication and distribution, the ECHR has held that “[t]he practice of banning the future publication of entire periodicals . . . went beyond any notion of ‘necessary’ restraint in a democratic society and, instead, amounted to censorship.”[31]

A successful applicant will receive relief in the form of a declaration that the State’s laws or actions are in violation of the European Convention, as well as just satisfaction, i.e., monetary compensation, for damages incurred.[32]

In addition to the ECHR, other human rights mechanisms may be available to hold Russia accountable for its violations of human rights. For example, Russia is also currently a State Party to the International Covenant on Civil and Political Rights (“ICCPR”) as well as the First Optional Protocol to the ICCPR.[33] Similar to its obligations under the European Convention, Russia is also obligated under the ICCPR to guarantee persons in its jurisdiction basic human rights, including the right to free expression.[34] Individuals who have been impacted by Russia’s recent measures may therefore also be able to seek remedies for violations of the ICCPR before the Human Rights Committee at the United Nations. Unlike the ECHR, only physical persons can submit complaints to the Human Rights Committee.[35] In addition, if the same matter has been submitted to another treaty body or regional human rights mechanism (like the ECHR), the Human Rights Committee cannot examine the complaint.[36]

Claims Under Bilateral Investment Treaties

As will be addressed in a forthcoming alert regarding potential international arbitration remedies arising from Russia’s recent conduct, Russia is a party to multiple bilateral investment treaties (“BITs”) pursuant to which it owes certain obligations to qualifying foreign investors from states with which it has BITs and their investments. These obligations include, among others, the obligation to treat investors and their investments fairly and equitably and not to expropriate investments without the payment of adequate compensation. To the extent media entities (or other companies and individuals) qualify as investors with investments under one of these treaties and have suffered breaches of a BIT due to Russia’s actions, these investors may be able to submit such claims in international arbitration directly against the Russian state.

____________________________

[1] See, e.g., Russia: New assault on independent media, NGOs and activists through suffocating fines, Amnesty International (Oct. 29, 2018), https://www.amnesty.org/en/latest/news/2018/10/russia-new-assault-onindependent-media-ngos-and-activists-through-suffocating-fines/; Russia: New bills criminalising insults to the State and spread of ‘fake news’ threaten freedom of expression, Article 19 (Jan. 25, 2019), https://www.article19.org/resources/russia-new-bills-criminalising-online-insults-of-state-and-the-spread-of-fake-news-threaten-freedom-of-expression/; Russia advances legislation on ‘fake news’ and ‘disrespecting authorities’, Committee To Protect Journalists (Mar. 7, 2019), https://cpj.org/2019/03/russia-advances-legislation-on-fake-news-and-disre/; Letter from Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression to the Government of Russia (May 1, 2019), here; Russian Federation: “Fake News” Bill Prompted By COVID-19 Threatens Freedom Of Expression, Amnesty International (Apr. 3, 2020), https://www.amnesty.org/download/Documents/EUR4620932020ENGLISH.pdf.

[2] See, e.g., Elizabeth Culliford, Russia blocks Facebook, accusing it of restricting access to Russian media, Reuters (Mar. 4, 2022, 7:16 PM), https://www.reuters.com/business/media-telecom/russia-blocks-facebook-accusing-it-restricting-access-russian-media-2022-03-04/; Shannon Bond & Bobby Allyn, Russia is restricting social media. Here’s what we know, NPR (Mar. 11, 2022, 1:57 PM), https://www.npr.org/2022/03/07/1085025672/russia-social-media-ban; Russia blocks Ekho Moskvy and Dozhd TV, restricts social media access, Committee to Protect Journalists (Mar. 1, 2022, 5:48 PM), https://cpj.org/2022/03/russia-blocks-echo-of-moscow-and-dozhd-tv-restricts-social-media-access/. See also Об ограничении доступа к социальной сети Instagram (About restricting access to the social network Instagram), Roskomnadzor (Mar. 11, 2022), https://rkn.gov.ru/news/rsoc/news74180.htm; Приняты меры по защите российских СМИ (Measures taken to protect Russian media), Roskomnadzor (Feb. 25, 2022), https://rkn.gov.ru/news/rsoc/news74108.htm; Приняты ответные меры на ограничение доступа к российским СМИ (Response measures taken to restrict access to Russia media), Roskomnadzor (Mar. 4, 2022), https://rkn.gov.ru/news/rsoc/news74156.htm.

[3] See UN rights experts raise alarm over Russia’s ‘choking’ media clampdown at home, UN News (Mar. 11, 2022), https://news.un.org/en/story/2022/03/1113762.

[4] See UN rights experts raise alarm over Russia’s ‘choking’ media clampdown at home, UN News (Mar. 11, 2022), https://news.un.org/en/story/2022/03/1113762.

[5] See, e.g., Michael M. Grynbaum, The New York Times Pulls Its News Staff From Russia, N.Y. Times (Mar. 8, 2022), https://www.nytimes.com/2022/03/08/business/media/new-york-times-russia-press-freedom.html; Oliver Darcy, CNN, BBC, and others suspend broadcasting from Russia after Putin signs law limiting press, CNN (Mar. 4, 2022, 10:05 PM), https://www.cnn.com/2022/03/04/media/bbc-cnn-russia-putin-media-law/index.html; Ukraine war: BBC News journalists resume English-language broadcasts from Russia, BBC News (Mar. 8, 2022), https://www.bbc.com/news/entertainment-arts-60667770.

[6] See, e.g., Russia’s Novaya Gazeta cuts Ukraine war reporting under censorship, Reuters, (Mar. 4, 2022, 11:55 AM), https://www.reuters.com/world/russias-novaya-gazeta-cuts-ukraine-war-reporting-under-censorship-2022-03-04/.

[7] See, e.g., Anton Troianovski, Russia Takes Censorship to New Extremes, Stifling War Coverage, N.Y. Times (Mar. 4, 2022), https://www.nytimes.com/2022/03/04/world/europe/russia-censorship-media-crackdown.html; Anton Troianovski, Last Vestiges of Russia’s Free Press Fall Under Kremlin Pressure, N.Y. Times (Mar. 3, 2022), https://www.nytimes.com/2022/03/03/world/europe/russia-ukraine-propaganda-censorship.html.

[8] UN rights experts raise alarm over Russia’s ‘choking’ media clampdown at home, UN News (Mar. 11, 2022), https://news.un.org/en/story/2022/03/1113762.

[9] UN rights experts raise alarm over Russia’s ‘choking’ media clampdown at home, UN News (Mar. 11, 2022), https://news.un.org/en/story/2022/03/1113762.

[10] Council of Europe, Ministers’ Deputies Decision CM/Del/Dec(2022)1428ter/2.3, Consequences of the aggression of the Russian Federation against Ukraine (Mar. 16, 2022), https://search.coe.int/cm/‌pages/result_details.‌aspx?objectid=‌0900001680a5d7d9. See also Committee of Ministers, The Russian Federation is excluded from the Council of Europe, Council of Europe (Mar. 16, 2022), https://www.coe.int/en/web/cm/news/-/asset_publisher/‌hww‌luK1RCEJo‌/content/the-russian-federation-is-excluded-from-the-council-of-europe/16695; European Convention, Art. 58(3) (“Any High Contracting Party which shall cease to be a member of the Council of Europe shall cease to be a Party to this Convention under the same conditions.”).

[11] Council of Europe, Ministers’ Deputies Resolution CM/Res(2022)3, On legal and financial consequences of the cessation of membership of the Russian Federation in the Council of Europe (Mar. 23, 2022), https://search.coe.int/cm/pages/result_details.aspx?objectid=0900001680a5ee2f. See also Committee of Ministers, Russia ceases to be a Party to the European Convention on Human Rights on 16 September 2022, Council of Europe (Mar. 23, 2022), https://www.coe.int/en/web/portal/-/russia-ceases-to-be-a-party-to-the-european-convention-of-human-rights-on-16-september-2022.

[12] European Court of Human Rights, Resolution of the European Court of Human Rights on the consequences of the cessation of membership of the Russian Federation to the Council of Europe in light of Article 58 of the European Convention on Human Rights (Mar. 23, 2022), here.

[13] European Court of Human Rights, Resolution of the European Court of Human Rights on the consequences of the cessation of membership of the Russian Federation to the Council of Europe in light of Article 58 of the European Convention on Human Rights (Mar. 23, 2022), here.

[14] Convention for the Protection of Human Rights and Fundamental Freedoms, Nov. 4, 1950, available at https://www.echr.coe.int/documents/convention_eng.pdf (hereinafter “European Convention”).

[15] The ECHR may receive applications from any “person, non-governmental organisation or group of individuals.” European Convention, Art. 34. This includes companies that do not exercise governmental or other powers beyond those conferred by ordinary private law. See Slovenia v. Croatia, App. No. 54155/16, Grand Chamber Decision, Nov. 18, 2020, §§ 61-63, https://hudoc.echr.coe.int/eng?i=001-206897.

[16] See European Convention, Art. 1.

[17]Roman Zakharov v. Russia, App. No. 47143/06, Judgment, Dec. 4, 2015, § 164, https://hudoc.echr.coe.int/eng?i=001-159324.

[18] See European Convention, Art. 35(1).

[19] Akdivar and Others v. Turkey, App. No. 21893/93, Judgment, Sept. 16, 1996, § 69, https://hudoc.echr.coe.int/eng?i=001-58062.

[20] See Ukraine v. Russia (re Crimea), App. Nos. 20958/14 and 38334/18, Grand Chamber Decision, Dec. 16, 2020, §§ 260-63, 363-68, https://hudoc.echr.coe.int/eng?i=001-207622; Georgia v. Russia (II), App. No. 38263/08, Grand Chamber Judgment, Jan. 21, 2021, §§ 98-99, 220-21, https://hudoc.echr.coe.int/eng?i=001-207757.

[21] See Dennis and Others v. The United Kingdom, App No. 76573/01, Decision, July 2, 2002, https://hudoc.echr.coe.int/eng?i=001-22838 (“[T]he object of the [four] month time limit under Article 35 § 1 is to promote legal certainty, by ensuring that cases raising issues under the Convention are dealt with in a reasonable time and that past decisions are not continually open to challenge.”).

[22] European Convention, Art. 10.

[23] Altuğ Ganer Akçam v. Turkey, App. No. 27520/07, Judgment, Jan. 25, 2012, §§ 67-83, https://hudoc.echr.coe.int/eng?i=001-107206; Vajnai v. Hungary, App. No. 33629/06, Judgment, July 8, 2008, § 54, https://hudoc.echr.coe.int/eng?i=001-87404.

[24] See European Convention, Art. 10(2).

[25] Perinçek v. Switzerland, App. No. 27510/08, Grand Chamber Judgment, Oct. 15, 2015, § 131, https://hudoc.echr.coe.int/eng?i=001-158235.

[26] OOO Flavus and Others v. Russia, App. Nos. 12468/15, 23489/15, 19074/16, Judgment, June 23, 2020, § 38, https://hudoc.echr.coe.int/eng?i=001-203178. See also Vladimir Kharitonov v. Russia, App. No. 10795/14, Judgment, June 23, 2020, § 46, https://hudoc.echr.coe.int/eng?i=001-203177 (“The Court reiterates that it is incompatible with the rule of law if the legal framework fails to establish safeguards capable of protecting individuals from excessive and arbitrary effects of blocking measures”).

[27] UN rights experts raise alarm over Russia’s ‘choking’ media clampdown at home, UN News (Mar. 11, 2022), https://news.un.org/en/story/2022/03/1113762.

[28] Navalnyy v. Russia (No. 2), App. No. 43734/14, Apr. 9, 2019, §§ 96-98, https://hudoc.echr.coe.int/eng?i=001-192203. See also Marko Milanovic, The Legal Death of Free Speech in Russia, EJIL:Talk! (March 8, 2022), https://www.ejiltalk.org/the-legal-death-of-free-speech-in-russia/.

[29] See Gözel et Özer v. Turkey, App. Nos. 43453/04 and 31098/05, Judgment, July 6, 2010, § 56, https://hudoc.echr.coe.int/eng?i=001-99780.

[30] Marko Milanovic, The Legal Death of Free Speech in Russia, EJIL:Talk! (Mar. 8, 2022), https://www.ejiltalk.org/the-legal-death-of-free-speech-in-russia/.

[31] See Ürper and Others v. Turkey, App. Nos. 14526/07 et al., Judgment, Oct. 20, 2009, § 44, https://hudoc.echr.coe.int/eng?i=001-95201.

[32] European Convention, Art. 41.

[33] Ratification Status for Russian Federation, UN Treaty Body Database, here (last available Mar. 23, 2022).

[34] See International Covenant on Civil and Political Rights, Mar. 23, 1976, available at https://treaties.un.org/‌doc/Treaties/1976/03/19760323%2006-17%20AM/Ch_IV_04.pdf.

[35] See A Newspaper Publishing Company v. Trinidad and Tobago, Communication No. 360/1989, U.N. Doc. Supp. No. 40 (44/A/40) (1989).

[36] See Optional Protocol to the International Covenant on Civil and Political Rights, Mar. 23, 1976, available at https://treaties.un.org/doc/Treaties/1976/03/19760323%2007-37%20AM/Ch_IV_5p.pdf, Art. 5(2)(a). See also European Convention, Art. 35(2)(b).

The following Gibson Dunn lawyers prepared this client alert: Rahim Moloo, Charline Yim, Marryum Kahloon, and Nadia Alhadi in New York.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s International Arbitration or Transnational Litigation practice groups, or the following authors:

Rahim Moloo – New York (+1 212-351-2413, rmoloo@gibsondunn.com)
Charline Yim – New York (+1 212-351-2316, cyim@gibsondunn.com)
Marryum Kahloon – New York (+1 212-351-3867, mkahloon@gibsondunn.com)

Please also feel free to contact the following practice group leaders:

International Arbitration Group:
Cyrus Benson – London (+44 (0) 20 7071 4239, cbenson@gibsondunn.com)
Penny Madden QC – London (+44 (0) 20 7071 4226, pmadden@gibsondunn.com)

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Click for PDF

On March 15, 2022, President Joe Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act, which was included in an omnibus appropriations bill.[1] Against the backdrop of high-profile cyberattacks on critical infrastructure providers and growing concerns of retaliatory cyberattacks relating to Russia’s invasion of Ukraine, the House approved the bipartisan legislation on March 9 and the Senate unanimously approved the legislation on March 11 after failing to pass similar legislation in recent years.

The Act creates two new reporting obligations on owners and operators of critical infrastructure:

An obligation to report certain cyber incidents to the Cybersecurity and Infrastructure Security Agency (CISA) of the U.S. Department of Homeland Security (DHS) within 72 hours, and
An obligation to report ransomware payments within 24 hours.

The new reporting obligations will not take effect until the Director of CISA promulgates implementing regulations, including “clear description[s] of the types of entities that constitute covered entities.”[2] The Act does provide guideposts for which entities may be covered and refers to the Presidential Policy Directive 21 from 2013, which deems the following sectors as critical infrastructure: chemical; commercial facilities; communications; critical manufacturing; dams; defense industrial base; emergency services, energy; financial services; food and agriculture; government facilities; healthcare and public health; information technology; nuclear reactors, materials, and waste; transportation systems; and water and wastewater systems.[3]

The Act considerably expands the reporting obligations of covered entities and CISA’s role with respect to cyber reporting initiatives, the rulemaking process, and information sharing among federal agencies. Below is a summary of the legislation, as well as key takeaways.

I. The Act’s Impact on Covered Entities

A. Reporting Obligations

Under the Act, covered entities that experience a “covered cyber incident” are required to report the incident to CISA no later than 72 hours after the entity “reasonably believes” that such an incident has occurred.[4] The Act defines a “covered cyber incident” as one that is “substantial” and meets the “definition and criteria” to be set by the CISA Director in the forthcoming rulemaking process.[5] In addition, covered entities are also required to report any ransom payments made as a result of a ransomware attack to CISA no later than 24 hours after making the payment.[6] Entities are required to report ransom payments even if the underlying ransomware attack is not a covered cyber incident.”[7] If a covered entity experiences a covered incident and remits a ransom before the 72-hour deadline, it may submit a single report to satisfy both reporting requirements.[8] Covered entities that are required to report cyber incidents or ransom payments also will be required to preserve relevant data.[9] Although the Act specifies some of the content that reports should contain,[10] the CISA Director will further prescribe report contents through the rulemaking process.

After reporting a covered incident, covered entities will be required to submit updates as “substantial new or different information becomes available” until the covered entity notifies CISA that the incident has been fully mitigated and resolved.[11] Such supplemental reports will need to address whether a covered entity made a ransom payment after submitting the initial report.

To “enhance the situational awareness of cyber threats,” the legislation provides for voluntary reporting of incidents and ransom payments by non-covered entities, as well as the voluntary provision of additional information beyond what is mandatory by covered entities.[12] Required and voluntary reporting will receive the same protections, further described below.

Notably, the Act creates an exception whereby its reporting requirements will not apply to covered entities that, “by law, regulation, or contract,” are already required to report “substantially similar information to another Federal agency within a substantially similar timeframe.”[13] However, this exception will be available only if the relevant federal agency has an “agency agreement and sharing mechanism” in place with CISA.

B. Protections for Reporting Entities

Recognizing some of the concerns relating to reporting, the Act protects reporting entities from certain liability associated with the submission of required or voluntary reports. Under the Act, submitted cyber incident and ransom payment reports cannot be used by CISA, other federal agencies, or any state or local government to regulate, including through enforcement action, the activities of the covered entity that submitted the report.[14]

In addition, submitted reports must:

Be considered commercial, financial, and proprietary information if so designated;
Be exempt from disclosure under freedom of information laws and similar disclosure laws;
Not constitute a waiver of any applicable privilege or protection provided by law; and
Not be subject to a federal rule or judicial doctrine regarding ex parte communications.[15]

Certain additional protections further encourage compliance and recognize the concerns that victim companies may face in providing notifications. Notably, the required reports, and material used to prepare the reports, cannot be received as evidence, subject to discovery, or used in any proceeding in federal or state court or before a regulatory body.[16] Also, no cause of action can be maintained based on the submission of a report unless it is an action taken by the federal government to enforce a subpoena against a covered entity. These liability protections only apply to litigation based on the submission of a cyber incident or ransom payment report to CISA, not the underlying cyber incident or ransom payment.[17]

II. CISA’s Oversight and Responsibilities under the Act

By considerably expanding CISA’s role, the Act essentially establishes CISA as the central federal agency responsible for cyber reporting for companies operating within a critical infrastructure sector, advancing the forthcoming rulemaking process, and coordinating with other agencies with respect to information sharing and new initiatives.

A. Forthcoming Rulemaking

The Act provides some parameters for key definitions and processes, but ultimately requires CISA to spell out various requirements via rulemaking. The legislation requires the CISA Director—in consultation with Sector Risk Management Agencies, the Department of Justice, and other federal agencies—to issue a notice of proposed rulemaking within 24 months.[18] The Director must issue a final rule within 18 months of issuing the proposed rule.[19] Among other items, the Director will need to issue regulations concerning which entities are covered by the requirements, the types of substantial cyber incidents that the Act covers, data preservation, and the manner, timing, and form of reports.

Once the final rule is issued, CISA will conduct an outreach and education campaign to inform likely covered entities and supporting cybersecurity providers of the Act’s requirements.[20]

B. Information Assessment and Sharing

The Act requires CISA to aggregate, analyze, and share information learned from submitted reports to provide government agencies, Congress, companies, and the public with an assessment of the constantly evolving cyber threat landscape. (When sharing information with non-federal entities and the public, CISA is required to anonymize the victim entities that filed report(s).[21])

Some of the responsibilities of CISA’s National Cybersecurity and Communications Integration Center (“the Center”) include immediately reviewing submitted reports to determine whether the incident relates to an ongoing cyber threat or security vulnerability.[22] Moreover, the legislation enhances federal cyber incident sharing. The Center is required to make reports available to relevant Sector Risk Management Agencies and appropriate federal agencies within 24 hours of receipt.[23] Similarly, federal agencies that receive incident reports (including from non-covered entities) must submit them to CISA no later than 24 hours following receipt.[24]

The Act sets forth authorized uses and sharing of submitted reports. Information may be disclosed to, retained by, and used by federal agencies solely for: a cybersecurity purpose; to identify a cyber threat or security vulnerability; to respond to, prevent or mitigate specific threats of death, serious bodily harm, or serious economic harm; to respond to or prevent a serious threat to a minor; or to respond to an offense arising out of a reported incident.[25]

Among other items, the Center is tasked with establishing mechanisms to receive feedback from stakeholders, facilitating timely information sharing with critical infrastructure companies, and publishing quarterly unclassified reports on cyber incident trends and recommendations.[26] The Act also imposes on CISA several congressional reporting requirements, including briefings to describe stakeholder engagement with rulemaking and enforcement mechanism effectiveness.[27]

C. Enforcement

The Act provides several enforcement mechanisms. If a covered entity fails to submit a required report, the CISA Director may obtain information about the cyber incident or ransom payment by directly engaging with the covered entity “to gather information sufficient to determine whether a covered cyber incident or ransom payment has occurred.”[28] If the covered entity does not respond to the initial information request within 72 hours, the CISA Director may issue a subpoena. Failure to comply with the subpoena – or information furnished in response to a subpoena – may result in the referral of the matter to the Department of Justice for enforcement.[29]

Additionally, the Act denies covered entities some of the protections detailed above if they do not comply with its reporting requirements.

Under the Act, the CISA Director must provide an annual report to Congress that conveys anonymized information about the number of initial requests for information, issued subpoenas, and referred enforcement matters.[30] This report will be published on CISA’s website.

D. Forthcoming Initiatives

Finally, the Act sets forth several initiatives to enhance cybersecurity coordination efforts:

Cyber Incident Reporting Council: The Act calls for DHS to lead an intergovernmental Cyber Incident Reporting Council to “coordinate, deconflict, and harmonize Federal incident reporting requirements[.]”[31]
Ransomware Vulnerability Warning Pilot Program: No later than one year after the Act’s enactment, CISA is required to establish a new Ransomware Vulnerability Warning Pilot Program.[32] Leveraging existing authorities and technology, this program is tasked with identifying the most common security vulnerabilities used in ransomware attacks and techniques on how to mitigate and contain the security vulnerabilities.
Joint Ransomware Task Force: The Act instructs the CISA Director to establish and chair the Joint Ransomware Task Force “to coordinate an ongoing nationwide campaign against ransomware attacks, and identify and pursue opportunities for international cooperation.”[33]

III. Takeaways

Once in effect, the Act will considerably expand reporting considerations for some entities. Accordingly, companies should consider the following next steps:

Companies in Many Sectors Are Potentially Subject to the New Reporting Requirements. Companies in the many industry sectors cited in Presidential Policy Directive 21 should closely monitor the proposed rulemaking and evaluate whether the Act’s requirements are likely to apply to their businesses. Entities that may be covered by the Act may wish to comment during the rulemaking process, as the final rule will impose more detailed requirements.
Companies Should Identify Existing Reporting Obligations and Monitor Interagency Sharing Agreements. Although the Act’s reporting obligations will not become effective for some time, critical infrastructure entities should take steps now to prepare for potentially overlapping disclosure obligations. As detailed above, the Act creates an exception whereby its reporting requirements will not apply to covered entities that file a substantially similar report with another federal agency. However, this exception will be available only if the relevant federal agency has an agreement and sharing mechanism in place with CISA. The law also authorizes federal (but not state) agencies to coordinate, deconflict and harmonize federal incident reporting obligations.In order to monitor developments in the harmonization of federal incident reporting obligations, as well as track agency sharing mechanisms, potentially impacted entities should first assess their other federal cybersecurity disclosure obligations. Some of these obligations may stem from reporting obligations imposed on federal government contractors and recent executive orders. For instance, the Biden administration’s Executive Order in May 2021, “Improving the Nation’s Cybersecurity,” requires federal contractors to share information regarding incidents.[34] In 2021, the Transportation Security Administration also issued a directive which requires pipeline entities to report confirmed and potential incidents.[35]Public companies should also consider whether reports submitted under the Act may prompt disclosures under the SEC’s newly proposed rule, which requires public disclosure of material cybersecurity incidents within four business days.[36]Finally, the recent reporting developments should be assessed against a heightened enforcement backdrop—namely, the DOJ’s Civil Cyber-Fraud Initiative, which seeks to leverage the False Claims Act to hold accountable contractors and recipients of federal funds and grants that knowingly violate contractual obligations to monitor and report cybersecurity incidents and breaches.[37]

Companies May Need to Revisit their Cybersecurity Policies, Procedures, and Programs. In light of the Act’s requirements, potentially impacted entities should determine whether changes to their cyber programs may be required, examine their internal policies and procedures to reflect the Act’s requirements, and address and prepare for overlapping disclosure obligations under state, federal and international laws.

________________________

[1] See Cyber Incident Reporting for Critical Infrastructure Act of 2022, H.R. 2471, 116th Cong. (2022).

[2] H.R. 2471 § 2242(c)(1). This provision provides that when promulging the final rule to define “covered entities,” the CISA Director must consider the national security, economic security, and public health and safety consequences of a potential cyberattack on the entity, the likelihood that such an entity could be targeted, and the extent to which a cyberattack will enable disruption of the reliable operation of critical infrastructure.

[3] H.R. 2471 § 2240(5). See also White House, Office of the Press Secretary, Presidential Policy Directive — Critical Infrastructure Security and Resilience, Feb. 12, 2013, available at https://obamawhitehouse.archives.gov/the-press-office/2013/02/12/presidential-policy-directive-critical-infrastructure-security-and-resil; CISA, Critical Infrastructure Sectors, available at https://www.cisa.gov/critical-infrastructure-sectors.

[4] H.R. 2471 § 2242(a)(1)(A).

[5] Id. at § 2240(4). The legislation does not define “substantial.”

[6] H.R. 2471 § 2242(a)(2)(A).

[7] H.R. 2471 § 2242(a)(2)(B).

[8] H.R. 2471 § 2242(a)(5)(A).

[9] H.R. 2471 § 2242(a)(4).

[10] At a minimum, covered incident reports must convey certain information about the incident, including:

a description of the covered incident;
a description of the vulnerabilities exploited, security defenses in place, and tactics, techniques, and procedures used to perpetrate the incident;
information about the actor(s) reasonably believed to be responsible for the incident;
and the identification of categories of information that were, or are reasonably believed to have been, accessed or acquired by an unauthorized person.See H.R. 2471 § 2242(c)(4). The Act also details minimum reporting requirements for ransom payments. See id. at § 2242(c)(5).

[11] H.R. 2471 § 2242(a)(3).

[12] H.R. 2471 § 2243.

[13] H.R. 2471 § 2242(a)(5).

[14] H.R. 2471 § 2245(a)(5)(A).

[15] H.R. 2471 § 2245(b).

[16] H.R. 2471 § 2245(c)(3).

[17] H.R. 2471 § 2245(c).

[18] H.R. 2471 § 2242(b)(1).

[19] H.R. 2471 § 2242(b)(2).

[20] H.R. 2471 § 2242(e)

[21] H.R. 2471 § 2245(d).

[22] H.R. 2471 § 2245(a)(2)(A).

[23] H.R. 2471 § 2241(a)(10).

[24] H.R. 2471 § 104(a)(1).

[25] H.R. 2471 § 2245(a)(1).

[26] H.R. 2471 § 2241(a).

[27] H.R. 2471 §§ 107; 2244(g).

[28] H.R. 2471 § 2244(a).

[29] H.R. 2471 § 2244(c)-(d).

[30] H.R. 2471 § 2244(g).

[31] H.R. 2471 § 2246(a).

[32] H.R. 2471 § 105.

[33] H.R. 2471 § 106(a)(1).

[34] See Exec. Order No. 14,028, 86 Fed. Reg. 26,633 (May 12, 2021).

[35] See Press Release, Dep’t of Homeland Security, DHS Announces New Cybersecurity Requirements for Critical Pipeline Owners and Operators (May 27, 2021), https://www.dhs.gov/news/2021/05/27/dhs-announces-new-cybersecurity-requirements-critical-pipeline-owners-and-operators.

[36] See Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure, Exchange Act Release, No. 34-94382 (Mar. 9, 2022), available at https://www.sec.gov/rules/proposed/2022/33-11038.pdf; see also Gibson Dunn’s client alert on the SEC’s proposed rule, available at https://www.gibsondunn.com/sec-proposes-rules-on-cybersecurity-disclosure/.

[37] See Press Release, U.S. Dep’t of Justice, Deputy Attorney General Lisa O. Monaco Announces New Civil Cyber-Fraud Initiative (Oct. 6, 2021), https://www.justice.gov/opa/pr/deputy-attorney-general-lisa-o-monaco-announces-new-civil-cyber-fraud-initiative.

This alert was prepared by Ashlie Beringer, Alexander H. Southwell, Ryan T. Bergsieker, and Snezhana Stadnik Tapia.

Gibson Dunn lawyers are available to assist in addressing any questions you may have about these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any member of the firm’s Privacy, Cybersecurity and Data Innovation practice group:

United States
Alexander H. Southwell – Co-Chair, PCDI Practice, New York (+1 212-351-3981, asouthwell@gibsondunn.com)
S. Ashlie Beringer – Co-Chair, PCDI Practice, Palo Alto (+1 650-849-5327, aberinger@gibsondunn.com)
Debra Wong Yang – Los Angeles (+1 213-229-7472, dwongyang@gibsondunn.com)
Matthew Benjamin – New York (+1 212-351-4079, mbenjamin@gibsondunn.com)
Ryan T. Bergsieker – Denver (+1 303-298-5774, rbergsieker@gibsondunn.com)
David P. Burns – Washington, D.C. (+1 202-887-3786, dburns@gibsondunn.com)
Cassandra L. Gaedt-Sheckter – Palo Alto (+1 650-849-5203, cgaedt-sheckter@gibsondunn.com)
Nicola T. Hanna – Los Angeles (+1 213-229-7269, nhanna@gibsondunn.com)
Howard S. Hogan – Washington, D.C. (+1 202-887-3640, hhogan@gibsondunn.com)
Robert K. Hur – Washington, D.C. (+1 202-887-3674, rhur@gibsondunn.com)
Kristin A. Linsley – San Francisco (+1 415-393-8395, klinsley@gibsondunn.com)
H. Mark Lyon – Palo Alto (+1 650-849-5307, mlyon@gibsondunn.com)
Karl G. Nelson – Dallas (+1 214-698-3203, knelson@gibsondunn.com)
Ashley Rogers – Dallas (+1 214-698-3316, arogers@gibsondunn.com)
Deborah L. Stein – Los Angeles (+1 213-229-7164, dstein@gibsondunn.com)
Eric D. Vandevelde – Los Angeles (+1 213-229-7186, evandevelde@gibsondunn.com)
Benjamin B. Wagner – Palo Alto (+1 650-849-5395, bwagner@gibsondunn.com)
Michael Li-Ming Wong – San Francisco/Palo Alto (+1 415-393-8333/+1 650-849-5393, mwong@gibsondunn.com)

Europe
Ahmed Baladi – Co-Chair, PCDI Practice, Paris (+33 (0) 1 56 43 13 00, abaladi@gibsondunn.com)
James A. Cox – London (+44 (0) 20 7071 4250, jacox@gibsondunn.com)
Patrick Doris – London (+44 (0) 20 7071 4276, pdoris@gibsondunn.com)
Kai Gesing – Munich (+49 89 189 33-180, kgesing@gibsondunn.com)
Bernard Grinspan – Paris (+33 (0) 1 56 43 13 00, bgrinspan@gibsondunn.com)
Penny Madden – London (+44 (0) 20 7071 4226, pmadden@gibsondunn.com)
Michael Walther – Munich (+49 89 189 33-180, mwalther@gibsondunn.com)
Alejandro Guerrero – Brussels (+32 2 554 7218, aguerrero@gibsondunn.com)
Vera Lukic – Paris (+33 (0) 1 56 43 13 00, vlukic@gibsondunn.com)
Sarah Wazen – London (+44 (0) 20 7071 4203, swazen@gibsondunn.com)

Asia
Kelly Austin – Hong Kong (+852 2214 3788, kaustin@gibsondunn.com)
Connell O’Neill – Hong Kong (+852 2214 3812, coneill@gibsondunn.com)
Jai S. Pathak – Singapore (+65 6507 3683, jpathak@gibsondunn.com)

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Click for PDF

On 2 March 2022, Heads of State, Environment Ministers, and representatives from 175 countries endorsed a resolution at the United Nations Environment Assembly (“UNEA-5”) in Nairobi to negotiate an international legally binding agreement to “end plastic pollution” by the end of 2024 (the “UNEA Resolution”).[1] The UNEA Resolution, End Plastic Pollution: Towards an Internationally Legally Binding Instrument, is the culmination of several years of negotiations and advocacy by governments, international organizations, and the private sector,[2] which pledges to address the full lifecycle of plastic—including its production, design, and disposal.[3] Its adoption has been described as “a cure” for “plastic pollution,”[4] and “the most significant environmental multilateral deal since the Paris Accord [on Climate Change].”[5] As discussed below, the ultimate treaty could have major repercussions on how plastics are regulated and used around the world with material implications for business.

I. Background

Over the last 5-10 years, national, local, and regional governments and international organizations have adopted a growing number of action plans and instruments to address plastic pollution and its interlinkages with biodiversity, climate change, health, and social issues. At the national level, many countries have moved to limit or ban single-use plastics.[6] There has also been a surge of interest in this issue at the multilateral level, including:

UN Environment’s Global Partnership on Marine Litter (2012);[7]
UN Environment Assembly Resolutions on Marine Litter and Microplastics (2014-);[8]
G7 Action Plan to Combat Marine Litter (2015),
G20 Action Plan on Marine Litter (2017),[9]
Ocean Plastics Charter (2018),[10]
Amendments to the Basel Convention on the Control of Transboundary Movements of Hazardous Wastes and their Disposal (“Basel Convention”) (2019),[11]
G20 Osaka Blue Ocean Vision and Implementation Framework (2019),[12]
Association of Southeast Asian Nations (“ASEAN”) Framework of Action on Marine Debris and the Bangkok Declaration on Combating Marine Debris (2019),[13]
ASEAN Regional Action Plan for Combating Marine Debris in the ASEAN Member States (2021–25),[14]
Asia-Pacific Economic Cooperation (“APEC”) Roadmap on Marine Debris (2019),[15]
Caribbean Community (“CARICOM”) St. Johns Declaration to Address Plastic Pollution in Caribbean Sea (2019),[16]
Alliance of Small Island States (“AOSIS”) Leaders Declaration (2021), and
The Ministerial Conference on Marine Litter and Plastic Pollution (2021).[17]

Although ubiquitous, plastics are currently not subject to any single international treaty regime. For example, the 2018 amendments to the Basel Convention meant that, for the first time, transboundary shipments of plastic scrap and waste would be regulated, leading to new export and import requirements for many companies, including U.S. businesses.[18] However, this did not address the majority of plastic products. In addition, the proliferation of local, national, and regional initiatives has given rise to often differing and incompatible rules, imposing greater costs on the regulated industry.

For these reasons, a new international “Plastics Treaty”—focused on plastics as the central issue rather than as an incident to other subject areas—increasingly came to be seen as a key step in regulating global plastic production, use, and disposal, and has been advocated by many businesses looking for harmonized regulatory standards, predictable national targets, and common metrics to make their short- and long-term operational and investment decisions.[19]

II. The Roadmap for a New “Plastics Treaty”

As described below, the UNEA Resolution[20] provides substantive guidance on its key provisions and sets out the procedural roadmap for the new treaty:

A. Substantive Roadmap

The UNEA Resolution also includes a number of provisions that will provide the likely contours of the new Plastics Treaty:

First, contrary to widespread expectations, the UNEA Resolution is not limited to marine plastics or marine debris; it also covers “other environments,” including land-based sources.
Second, it not only seeks to limit or reduce plastic pollution, but aims at “the long-term elimination of plastic pollution, in marine and other environments.”[21]
Third, it adopts a “full lifecycle” of plastic, covering all aspects of its production, use, and disposal.[22]
Fourth, it aims to foster coordination among existing international environmental treaties to “prevent plastic pollution and its related risks to human health and adverse effects on human well-being and the environment.”[23]
Fifth, it seeks to address all aspects of the “sustainable production and consumption of plastics,” including improved waste management, greater resource efficiency and the adoption of “circular economy” approaches.[24]
Sixth, it underlines the importance of sustainable design so that products and materials “can be reused, remanufactured or recycled and therefore retained in the economy for as long as possible along with the resources they are made of, as well as minimizing the generation of waste.”[25] This provision targets, in particular, single-use plastics.
Seventh, it notes specifically the need to regulate “microplastics” (i.e., the miniscule plastic fragments that are created by the breakdown of plastics over time or are intentionally manufactured into some products, such as cosmetics).[26]
Finally, it envisages a role for “all stakeholders, including the private sector,” in achieving the treaty objectives.[27]

B. Procedural Roadmap

The UNEA Resolution is but the first step in the treaty process, which is typical for the negotiation of multilateral environmental treaties. It established an Intergovernmental Negotiating Committee (the “Committee”) that will begin its work during the second half of 2022, with the aim of completing a draft treaty by the end of 2024.[28] The Committee will be working on the draft text, and attempt to resolve big divisions over how ambitious the treaty should be. By the end of the year, the UN Environment Programme (“UNEP”) will also convene a stakeholder forum in conjunction with the first session of the Committee to share knowledge and best practices in different parts of the world. When the Committee has completed its work on the draft text, UNEP will hold a diplomatic conference to formally adopt and open the new treaty for signature.[29]

III. Expectations of Global Divergence and Implications for Economy and Business

The new Plastics Treaty, if ultimately adopted, could have significant implications for the global economy and individual businesses. The final Plastics Treaty will not spell an end for the use of plastics. Indeed, the UNEA Resolution recognized “the important role of plastics for society.”[30] However, the treaty, depending on its provisions, may lead to a sharp increase in compliance costs not only for the regulated industry and plastics manufacturers, but also for companies across the value chain, including consumer-facing companies.[31]

The treaty itself will likely not include detailed prescriptions: the UNEA delegates opted to model the Plastics Treaty on the 2015 Paris Agreement on Climate Change (the “Paris Agreement”), which, as a “bottom-up” treaty, relies on nationally-set commitments to attain the treaty’s objectives. Under the Paris Agreement, countries can set their own binding targets using a range of policies. Here too, we can expect that the final Plastics Treaty will allows individual States to adopt their own rules and regulations, in line with their national circumstances and capabilities, which will be reported and updated in national action plans.[32]

As a consequence, the final Plastics Treaty will likely eschew adopting a single approach and will allow the Contracting States to apply a range of approaches—from voluntary to binding rules.[33] In terms of voluntary rules, many businesses already have in place targets for plastics through voluntary initiatives, such as the Global Commitment[34] and the Plastics Pact Network,[35] ReSource: Plastic,[36] and the World Economic Forum’s Global Plastic Action Partnership,[37] while some financial institutions are developing responsible investment practices that support a circular economy for plastics.[38] But there is also a wide spectrum of binding rules, ranging from caps on plastic production, targets to increase waste collection and recycling, to commitments to phase out single-use plastics entirely or restrict manufacturing or design of plastic packaging, that could be imposed in implementation of the treaty.[39] Finally, the treaty may provide a greater incentive for Governments to shift the cost of recycling or waste disposal to the manufacturers or, in the case of some developing countries, to the importers. This too could impact long-term investment decisions and regulatory compliance for businesses across the value chain.

We can therefore expect to see considerable variation and stringency of rules across jurisdictions in terms of new regulatory measures aimed at curbing plastic pollution,[40] with the final rules being set by individual States. Management of organizations will face the challenge trying to map out the implications for their business and business models—which for some industries and sectors are likely to be significant—while the final rules and their implementation at national level are still being crystallized. In this regard, especially given the short treaty negotiation timetable, it will be important that individual businesses, management, and boards start tracking these unfolding developments at all levels of government and think proactively about these issues and how they will likely impact their operations, investment decisions, and compliance.

__________________________

[1] U.N. Env’t Assemb. Draft Res., U.N. Doc. UNEP/EA.5/L.23/Rev.1, End Plastic Pollution: Towards an International Legally Binding Instrument (Mar. 2, 2022) (“UNEA Resolution”).

[2] The Business Call for a UN Treaty on Plastic Pollution, https://www.plasticpollutiontreaty.org/ (last visited Mar. 20, 2022).

[3] See Nations Sign Up to End Global Scourge of Plastic Pollution, UN News (Mar. 2, 2022), https://news.un.org/en/story/2022/03/1113142 (last visited Mar. 20, 2022); Historic Day in the Campaign to Beat Plastic Pollution: Nations Commit to Develop a Legally Binding Agreement, UN Env’t, Press Release (Mar. 2, 2022), https://www.unep.org/news-and-stories/press-release/historic-day-campaign-beat-plastic-pollution-nations-commit-develop (last visited Mar. 20, 2022).

[4] See id. (quoting Espen Barth Eide, President of UNEA-5 and Norway’s Minister for Climate and the Environment).

[5] See id. (quoting Inger Andersen, Executive Director of UN Environment).

[6] See e.g., State Plastic Bag Legislation, Nat’l Conf. of State Legisl. (Feb. 8, 2021), https://www.ncsl.org/research/environment-and-natural-resources/plastic-bag-legislation.aspx (last visited Mar. 20, 2022); Victoria Masterson, As Canada Bans Bags and More, This Is What’s Happening with Single-Use Plastics Around the World, World Econ. Forum (Oct. 26, 2020), https://www.weforum.org/agenda/2020/10/canada-bans-single-use-plastics/ (last visited Mar. 20, 2022) (reviewing proposed ban in Canada and existing rules in Kenya, Zimbabwe, UK, New York, California, Hawaii, the EU, and China). See also Kimiko de Freytas-Tamura, Public Shaming and Even Prison for Plastic Bag Use in Rwanda, N.Y. Times (Oct. 28, 2017), https://www.nytimes.com/2017/10/28/world/africa/rwanda-plastic-bags-banned.html (last visited Mar. 20, 2022). Similarly, there are a number of such initiatives in the UK, including the UK Plastics Pact, a collaboration between businesses from across the entire plastics value chain, is supported by the UK Government and coordinated by the Waste and Resources Action Programme (“WRAP”). See The UK Plastics Pact, WRAP, https://wrap.org.uk/taking-action/plastic-packaging/the-uk-plastics-pact (last visited Mar. 20, 2022). The UK is also introducing a world-leading plastic packaging tax from 1 April 2022, set at £200 per ton, on plastic packaging which does not meet a minimum threshold of at least 30% recycled content. See The Plastic Packaging Tax (Descriptions of Products) Regulations 2021, 2021 No. 1417.

[7] Global Partnership on Marine Litter, UN Env’t, https://www.unep.org/explore-topics/oceans-seas/what-we-do/addressing-land-based-pollution/global-partnership-marine (last visited Mar. 20, 2022).

[8] See U.N. Env’t Assemb. Res. 1/6, U.N. Doc. UNEP/EA.1/Res.6, Marine Plastic Debris and Microplastics (2014); Res. 2/11, U.N. Doc. UNEP/EA.2/Res.11, Marine Plastic Litter and Microplastics (Aug. 4, 2016); Res. 3/7, U.N. Doc. UNEP/EA.3/Res.7, Marine Litter and Microplastics (Dec. 5, 2017); Res. 4/6, U.N. Doc. UNEP/EA.4/Res.6, Marine Plastic Litter and Microplastics (Mar. 28, 2019); Res. 4/7, U.N. Doc. UNEP/EA.4/Res.7, Environmentally Sound Management of Waste (Mar. 28, 2019); Res. 4/9, U.N. Doc. UNEP/EA.4/Res.9, Addressing Single-use Plastic Products Pollution (Mar. 28, 2019).

[9] G20 Action Plan on Marine Litter, 2017 G20 Hamburg Summit (July 8, 2017).

[10] Ocean Plastics Charter, launched at the G7 Charlevoix Summit (2018).

[11] New International Requirements for the Export and Import of Plastic Recyclables and Waste, U.S. Env’t Protection Agency, https://www.epa.gov/hwgenerators/new-international-requirements-export-and-import-plastic-recyclables-and-waste (last visited Mar. 20, 2022). See also Basel Convention on the Control of Transboundary Movements of Hazardous Wastes and Their Disposal, opened for signature Mar. 22, 1989, 1673 U.N.T.S. 126 (entered into force May 5, 1992) [hereinafter Basel Convention]; The Secretariat of the Basil Convention, Basel Convention on the Control of Transboundary Movements of Hazardous Wastes and Their Disposal: Text and Annexes Revised in 2019 (2020).

[12] Towards Osaka Blue Ocean Vision – G20 Implementation Framework for Actions on Marine Plastic Litter, G20 Implementation Framework for Actions on Marine Plastic Litter, https://g20mpl.org/ (last visited Mar. 20, 2022).

[13] ASEAN Framework of Action on Marine Debris, ASEAN, https://environment.asean.org/wp-content/uploads/2019/06/ASEAN-Framework-of-Action-on-Marine-Debris-FINAL.pdf (last visited Mar. 20, 2022).

[14] ASEAN Regional Action Plan for Combating Marine Debris in the ASEAN Member States (2021-2025), ASEAN, https://asean.org/book/asean-regional-action-plan-for-combating-marine-debris-in-the-asean-member-states-2021-2025-2/ (last visited Mar. 20, 2022).

[15] APEC Roadmap on Marine Debris, APEC, https://www.apec.org/meeting-papers/annual-ministerial-meetings/2019/2019_amm/annex-b (last visited Mar. 20, 2022).

[16] Fortieth Regular Meeting of the Conference of Heads of Government of the Caribbean Community (July 2019), CARICOM, https://caricom.org/wp-content/uploads/DECISIONS-40-HGC-JUL-2019.pdf (last visited Mar. 20, 2022).

[17] Ministerial Conference on Marine Litter and Plastic Pollution: Informal Consultations Addressing the Mandates of UNEA 3/7 and 4/6 towards the 5th UN Environmental Assembly (UNEA-5.2) jointly organized Ecuador, Germany, Ghana, and Vietnam, https://ministerialconferenceonmarinelitter.com/ (last visited Mar. 20, 2022).

[18] The new Basel Convention requirements for transboundary shipments of plastic scrap and waste took effect on January 1, 2021. See U.S. EPA, supra note 11.

[19] See Business Call, supra note 2.

[20] UNEA Resolution, pmbl. (noting “with concern” that “the high and rapidly increasing levels of plastic pollution represent a serious environmental problem at a global scale, negatively impacting the environmental, social and economic dimensions of sustainable development.”).

[21] UNEA Resolution, pmbl.

[22] Id. ¶ 3.

[23] Id. pmbl. This includes, inter alia, 1973 International Convention for the Prevention of Pollution from Ships and its 1978 Protocol, the Basel Convention on the Control of Transboundary Movements of Hazardous Wastes and their Disposal, the Stockholm Convention on Persistent Organic Pollutants, the Rotterdam Convention on the Prior Informed Consent Procedure for certain Hazardous Chemicals and Pesticides in International Trade, the United Nations Convention on the Law of the Sea, the 1972 Convention on the Prevention of Marine Pollution by Dumping of Wastes and Other Matters and its 1996 Protocol, the Strategic Approach to International Chemicals Management, the United Nations Framework Convention on Climate Change, the Convention on Biological Diversity.

[24] Id. ¶ 3(b).

[25] Id. pmbl.

[26] Id. pmbl.

[27] Id. ¶ 3(l).

[28] UNEA Resolution, ¶ 1.

[29] See UN Env’t, supra note 3.

[30] Id. pmbl.

[31] John Geddie & Joe Brock, “‘Biggest Green Deal since Paris’: UN Agrees Plastic Treaty Roadmap,” Reuters (Mar. 2, 2022), https://www.reuters.com/business/environment/biggest-green-deal-since-paris-un-agrees-plastic-treaty-roadmap-2022-03-02/ (last visited Mar. 20, 2022).

[32] UNEA Resolution, ¶ 3.

[33] Id. pmbl. (“underlining that there is no single approach”). See also id. ¶¶ 3, 4, 15.

[34] The Global Commitment 2021 Progress Report, Ellen MacArthur Found., https://ellenmacarthurfoundation.org/global-commitment/overview (last visited Mar. 20, 2022).

[35] The Plastics Pact Network, Ellen MacArthur Found., https://ellenmacarthurfoundation.org/the-plastics-pact-network (last visited Mar. 20, 2022).

[36] ReSource Plastic, https://resource-plastic.com/ (last visited Mar. 20, 2022).

[37] Global Plastic Action P’ship, https://globalplasticaction.org/ (last visited Mar. 20, 2022).

[38] See Business Call, supra note 2.

[39] Indeed, one of the key proponents and drafters of the UNEA Resolution, Rwanda, more than a decade ago adopted strict bans on the import, production, use or sale of plastic bags and packaging. See The World Is Awash in Plastic. Nations Plan a Treaty to Fix That, N.Y. Times (Mar. 2, 2022), https://www.nytimes.com/2022/03/02/climate/global-plastics-recycling-treaty.html. See also supra note 6.

[40] UNEA Resolution, pmbl., ¶¶ 3 & 4.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Environmental, Social and Governance (ESG), Transnational Litigation, or International Arbitration practice groups, or the following authors:

Perlette M. Jura – Los Angeles (+1 213-229-7121, pjura@gibsondunn.com)
Susy Bullock – London (+44 (0) 20 7071 4283, sbullock@gibsondunn.com)
Selina S. Sagayam – London (+44 (0) 20 7071 4263, ssagayam@gibsondunn.com)
Maria L. Banda – Washington, D.C. (+1 202-887-3678, mbanda@gibsondunn.com)

Please also feel free to contact the following practice group leaders:

Environmental, Social and Governance (ESG) Group:
Susy Bullock – London (+44 (0) 20 7071 4283, sbullock@gibsondunn.com)
Elizabeth Ising – Washington, D.C. (+1 202-955-8287, eising@gibsondunn.com)
Perlette M. Jura – Los Angeles (+1 213-229-7121, pjura@gibsondunn.com)
Ronald Kirk – Dallas (+1 214-698-3295, rkirk@gibsondunn.com)
Michael K. Murphy – Washington, D.C. (+1 202-955-8238, mmurphy@gibsondunn.com)
Selina S. Sagayam – London (+44 (0) 20 7071 4263, ssagayam@gibsondunn.com)

Transnational Litigation Group:
Susy Bullock – London (+44 (0) 20 7071 4283, sbullock@gibsondunn.com)
Perlette Michèle Jura – Los Angeles (+1 213-229-7121, pjura@gibsondunn.com)
Andrea E. Neuman – New York (+1 212-351-3883, aneuman@gibsondunn.com)
William E. Thomson – Los Angeles (+1 213-229-7891, wthomson@gibsondunn.com)

International Arbitration Group:
Cyrus Benson – London (+44 (0) 20 7071 4239, cbenson@gibsondunn.com)
Penny Madden QC – London (+44 (0) 20 7071 4226, pmadden@gibsondunn.com)

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Click for PDF

“Sandbagging” in the acquisition context refers to a situation where a buyer closes an acquisition on the basis of representations in the purchase agreement it knows to be false, then proceeds to sue the seller post-closing based on a breach of those same representations. Although Delaware was historically regarded as a pro-sandbagging jurisdiction, the Delaware Supreme Court’s stance on sandbagging came into question following dicta contained in a 2018 decision, Eagle Force Holdings, LLC v. Campbell. In Eagle Force, a footnote by Justice Valihura stated that the Supreme Court had not resolved the “interesting question” of “whether a party can recover on a breach of warranty claim where the parties know that, at signing, certain of them were not true,” while then-Chief Justice Strine in his partial dissent expressed “doubt” that a plaintiff can “turn around and sue because what he knew to be false remained so.” But we now have a (mostly) clear statement on the subject from the Chancery Court. In Arwood v. AW Site Services, LLC, Vice Chancellor Slights upheld a buyer’s claim for breach of representations, notwithstanding the sellers’ sandbagging objections based on the buyer’s extensive due diligence.

The Arwood decision arose out of a post-closing dispute over an alleged fraudulent billing scheme that caused a substantial overstatement of revenue. After the closing, the sellers sued the buyer to release funds held in escrow. The buyer countered with claims for fraud and breach of representations regarding the financial condition and lawful operations of the target business, in each case related to the alleged fraudulent billing scheme. The Chancery Court dismissed most claims of both parties, but it upheld the buyer’s claim for breach of contract based on inaccurate representations.

Notably, the Court rejected the sellers’ sandbagging defense to the buyer’s breach of contract claim. The sellers had asserted that, given the buyer’s intimate knowledge of the sellers’ business and unrestricted access to information in diligence, the buyer either knew the sellers’ representations to be untrue, or acted with reckless disregard for the truth. As a result, the sellers contended, the buyer should be precluded from recovering based on breach of representations it knew or should have known to be false. The Court disagreed: “In my view, Delaware is, or should be, a pro-sandbagging jurisdiction. The sandbagging defense is inconsistent with our profoundly contractarian predisposition.”

The Court also distinguished between the standard required to prevail in a breach of contract claim as compared to a fraud claim. The Court noted that, to prove fraud, the plaintiff must prove that its action was taken in justifiable reliance on the subject representation, and whether reliance is justified is measured in context, based on the plaintiff’s knowledge and experience as well as the relationship of the parties. The Court concluded that recklessness on the part of the buyer in relying on representations it might easily have determined to be untrue can defeat a claim against the seller for fraud (because reliance was not “justified”), just as recklessness on the part of the seller in making inaccurate representations can result in fraud liability. In the instant case, the Court found that the buyer’s complete access to information regarding the target business (where “the source of the fraud stared them in the face”), the buyer’s knowledge that the sellers did not have reliable financial systems and lacked sophistication, and the buyer’s financial savvy, rendered any reliance on the false representations unjustified.

However, the Court noted that reliance, justified or not, does not come into play in breach of contract cases premised on inaccurate representations. All that mattered was that the seller made the representations as embodied within the contractual language. “The reasonableness, or not, of [Buyer]’s reliance upon the sellers’ representations is not a relevant consideration in assessing the bona fides of [Buyer’s] indemnification claim.” The sellers represented a fact to be true in the acquisition agreement and as such, the buyer was entitled to the benefit of the representation, regardless of any diligence conducted or what the buyer “should have known” as a result thereof.

Notwithstanding Arwood, the final word regarding Delaware’s position on sandbagging remains to be spoken: the opinion notes that, as expressed in Eagle Force, the Delaware Supreme Court has not yet conclusively resolved the issue. In any event, under Arwood, to the extent the viability of sandbagging remains open in Delaware, it does so solely in the case of a buyer’s actual knowledge. For Vice Chancellor Slights, whether a buyer had constructive knowledge of the truth is not relevant to the sandbagging inquiry, a position the Vice Chancellor believes is shared by the Delaware Supreme Court. Or, as per an Arwood footnote, “I note that the term’s origin is consistent with this conclusion. Sandbagging robbers knew their sock weapons were filled with sand; they did not swing socks at unsuspecting victims with reckless disregard for their weapons’ efficacy.”

Where does Arwood leave parties as to inclusion of sandbagging language in the acquisition agreement, and the effect of a buyer’s knowledge of falsity when the agreement is silent? The Chancery Court indicated that in the absence of specific contractual language addressing the issue, the parties will have implicitly opted for Delaware’s default rule that permits sandbagging. However, if the parties wish to provide for a different result, they remain free to include express anti-sandbagging clauses, which per the Court constitute “effective risk management tools that every transactional planner now has in her toolbox.”

Gibson Dunn’s lawyers are available to assist with any questions you may have regarding these issues. For further information, please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Mergers and Acquisitions or Private Equity practice groups, or the authors:

Robert B. Little – Dallas (+1 214-698-3260, rlittle@gibsondunn.com)
Marina Szteinbok – New York (+1 212-351-4075, mszteinbok@gibsondunn.com)

Please also feel free to contact the following practice group leaders:

Private Equity Group:
Richard J. Birns – New York (+1 212-351-4032, rbirns@gibsondunn.com)
Scott Jalowayski – Hong Kong (+852 2214 3727, sjalowayski@gibsondunn.com)
Ari Lanin – Los Angeles (+1 310-552-8581, alanin@gibsondunn.com)

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Click for PDF

On 2 March 2022, the United States signed the Convention of 2 July 2019 on the Recognition and Enforcement of Foreign Judgments in Civil or Commercial Matters (the “Hague Judgments Convention” or the “Convention”).[1] The Hague Judgments Convention seeks to enhance access to justice and facilitate international trade and investment by encouraging the free flow of judgments across national borders.[2] It does so by providing a set of clear, predictable rules under which civil and commercial judgments rendered by the courts of one Contracting State are recognized and enforced in other Contracting States. While not yet in force, the Hague Judgments Convention could provide an important complement to the widely adopted 1958 New York Convention on the Recognition and Enforcement of Foreign Arbitral Awards[3] (the “New York Convention”) (which provides for the recognition and enforcement of arbitral awards), as well as its sister treaty, the 2005 Hague Choice of Court Convention.[4]

I. Recognition of Foreign Judgments in the United States

At present, there is no federal law that governs the recognition of foreign judgments in the United States, nor is there an international treaty in force. Rather, recognition and enforcement are a question of state law, although the rules are relatively consistent across all 50 U.S. states and the District of Columbia.[5] Most U.S. states have modeled their approaches to foreign judgment recognition on the model laws promulgated by the National Conference of Commissioners on Uniform State Laws—the Uniform Foreign Money Judgments Recognition Act of 1962 (the “1962 Uniform Act”), or increasingly, the Uniform Foreign-Country Money Judgments Recognition Act of 2005 (the “2005 Uniform Act”).[6]

Generally, the United States favors recognition and enforcement of foreign judgments: in U.S. state and federal courts, foreign judgments are presumptively entitled to recognition and enforcement unless specific mandatory or discretionary grounds for non-recognition apply.[7]

II. The Hague Judgments Convention

The 2019 Hague Judgments Convention is the culmination of over 25 years of negotiations at the Hague Conference on Private International Law (the “Hague Conference”).[8] The process began in 1992 at the request of the United States, which sought to develop a global approach to jurisdiction and recognition of judgments.[9] The final text of the Hague Judgments Convention was eventually signed and opened for signature on 2 July 2019. Signatory States in addition to the United States include Uruguay, Ukraine, Israel, Costa Rica, and the Russian Federation (in order of signature).[10] The European Commission is also contemplating accession on behalf of the EU Member States.[11]

Recognition of Arbitral Awards under the New York Conventions and Foreign Judgments under the Hague Judgments Convention

The Convention will enter into force as soon as the second State deposits its instrument of ratification, acceptance, approval, or accession.[12] However, under Article 29 (the “bilateralization” clause), a Contracting State can prevent the application of the Convention to judgments rendered by the courts of a particular State by making a targeted declaration.[13]

The Convention applies to “the recognition and enforcement of judgments relating to civil or commercial matters.”[14] It specifically excludes subjects that are fundamental to State sovereignty or public policy (such as criminal, revenue, customs, or administrative matters),[15] as well as other specialized areas, some of which are subject to other treaty regimes or where the rules vary more significantly across jurisdictions (such as matters involving family disputes, intellectual property, antitrust, defamation, privacy, or armed forces matters).[16]

The Convention, like most domestic laws, favors recognition. It requires each Contracting State to recognize and enforce judgments from other Contracting States in accordance with its terms and permits refusal only on those grounds expressly set out in the Convention.[17]

Article 5(1) of the Convention sets out 13 “bases” of recognition and enforcement, including, inter alia, that:

The judgment debtor is habitually resident in the foreign forum;
The judgment debtor has their principal place of business in the foreign forum (and the claim on which the judgment is based arose out of the activities of that business);
The judgment debtor expressly consented to the foreign court’s jurisdiction;
The judgment debtor waived his jurisdictional objections by arguing on the merits in the forum state;
The judgment ruled on a lease of immovable property (tenancy) and it was given by a court of the State in which the property is situated; or,
The judgment ruled on a non-contractual obligation arising from death, physical injury, damage to or loss of tangible property, and the act or omission directly causing such harm occurred in the forum State, irrespective of where that harm occurred.

These bases for jurisdiction and enforcement echo the basic concepts found in domestic U.S. recognition and enforcement law,[18] including the constitutional due process requirements reflected in the notion of “minimum contacts” that U.S. courts require for the exercise of long-arm jurisdiction and the comity-based rules adopted by the U.S. Supreme Court in the seminal decision, Hilton v. Guyot, 159 U.S. 113 (1895).

If any of the jurisdictional tests (or “jurisdictional filters”[19]) in Article 5(1) is met, then the judgment is presumptively “eligible” for recognition and enforcement.[20] Under Article 15, national law provides a further independent basis for recognition.[21] In this sense, “the convention is a floor, not a ceiling.”[22]

Article 7 of the Convention, in turn, sets out discretionary bases for non-recognition, including, inter alia, the following:

The defendant was not notified, or the manner of notification was incompatible with fundamental principles of service of documents in the forum State;
The decision was obtained by fraud;
Recognition or enforcement would be “manifestly incompatible” with the public policy of the recognizing State;
The specific proceedings were incompatible with fundamental principles of procedural fairness of the recognizing State; or,
The judgment is inconsistent with a judgment given by a court of the recognizing State in a dispute between the same parties.[23]

This too reflects the traditional non-recognition grounds found in most national legal systems, including that of the United States, such as inconsistency with the forum State’s public policy, due process violations, fraud, lack of notice or proper service, and conflict with other judgments.[24]

The Hague Judgments Convention is therefore in line with many precepts of existing U.S. recognition and enforcement law reflected in the 2005 Uniform Act.[25] However, the Convention covers not only foreign money judgments, but civil and commercial decisions generally.

III. Implications for the Recognition of Foreign Judgments in the United States

The Convention could be “a gamechanger for cross-border dispute settlement”[26] by providing a set of consistent rules for the recognition and enforcement of foreign judgments, much like the New York Convention has been for the widespread adoption of arbitral awards. Ultimately, a judgment in an international dispute is only as valuable as the judgment creditor’s ability to have it recognized and enforced abroad (where the judgment debtor or its assets may be found). However, making the enforcement of foreign judgments easier can be a double-edged sword. While a more robust and predictable enforcement regime can certainly be beneficial, that is only the case where the foreign court provides due process and a just outcome.

Ultimately, the force of the Hague Judgments Convention will depend on how widely it is signed and ratified. Following the U.S. signature, the Hague Judgments Convention will not automatically come into force in the United States. It must first undergo a ratification process in U.S. Congress, a procedure that can in some cases take several years. Ratification may be slower here due to the prevalence of state law (and absence of federal law) in this particular area.[27]

For U.S. litigants, if ultimately ratified by the United States, the Hague Judgments Convention could aid the recognition and enforcement of U.S. judgments in a wider range of countries, in particular in jurisdictions that may currently refuse recognition on reciprocity grounds (i.e., where a foreign court would not recognize a U.S. judgment unless convinced that its judgment would receive the same treatment by a U.S. court). Similarly, the Convention could facilitate the recognition and enforcement of foreign judgments issued by courts of other Contracting States in U.S. courts (of course subject to the above-mentioned non-recognition defenses). This would greatly increase the ability of both U.S. and non-U.S. litigants to obtain meaningful cross-border relief in transnational litigation.

Until the Hague Judgments Convention comes into force, global trade and investment will continue to be facilitated by alternative dispute resolution mechanisms, such as the New York Convention for arbitral awards, as discussed above, and the new Singapore Convention for international settlement agreements resulting from mediation.[28] Thus, for now, international arbitration awards remain more portable than foreign judgments (in addition to other advantages of international arbitration, like the selection of a neutral forum to avoid any “home court” advantage).[29]

___________________________

[1] Convention on the Recognition and Enforcement of Foreign Judgments in Civil or Commercial Matters, July 2, 2019, https://www.hcch.net/en/instruments/conventions/full-text/?cid=137 (hereinafter “Convention”) (last visited Mar. 18, 2022).

[2] See Hague Conference on Private International Law, Explanatory Note Providing Background on the Proposed Draft Text and Identifying Outstanding Issues, Prel. Doc. No 2, 3 (2016) (“[T]he future Convention is intended to pursue two goals: to enhance access to justice; [and] to facilitate cross-border trade and investment, by reducing costs and risks associated with cross-border dealings.”)

[3] Convention on the Recognition and Enforcement of Foreign Arbitral Awards (hereinafter “New York Convention”), June 10, 1958, 21.3 U.S.T. 2517, 3 U.N.T.S. 330.

[4] Convention on Choice of Court Agreements, June 30, 2005, 44 I.L.M. 1294 (hereinafter “2005 Choice of Court Convention”).

[5] See Gibson Dunn, New York Updates Law on Recognition of Foreign Country Money Judgments to Bring in Line with Other U.S. Jurisdictions, June 22, 2021, https://www.gibsondunn.com/new-york-updates-law-on-recognition-of-foreign-country-money-judgments-bring-in-line-with-other-us-jurisdictions/.

[6] See id.

[7] See id.

[8] See generally Louise Ellen Teitz, Another Hague Judgments Convention? Bucking the Past to Provide for the Future, 29 Duke J. Comp. & Int’l L. 491 (2019) (reviewing the Convention’s negotiations history).

[9] See generally Ronald A. Brand, The Hague Judgments Convention in the United States: A “Game Changer” or a New Path to the Old Game?, 82 U. Pitt. L. Rev. 847 (2021).

[10] See Hague Conference on Private International Law, Status Table – Convention of 2 July 2019 on the Recognition and Enforcement of Foreign Judgments in Civil or Commercial Matters, https://www.hcch.net/en/instruments/conventions/status-table/?cid=137 (last visited Mar. 18, 2022).

[11] European Commission, Proposal for a Council Decision on the Accession by the European Union to the Convention on the Recognition and Enforcement of Foreign Judgments in Civil or Commercial Matters, COM (2021) 388 (July 16, 2021), here (last visited Mar. 18, 2022) (recommending accession to the Convention so as to ensure the circulation of foreign judgments beyond the EU area and to increase “growth in international trade and foreign investment and the mobility of citizens around the world”).

[12] See Convention, art. 28.

[13] See id. at art. 29.

[14] Id. at art. 1(1).

[15] See id. at art.1(2).

[16] See id. at art. 2.

[17] See id. at art. 4(1) (“A judgment given by a court of a Contracting State (State of origin) shall be recognised and enforced in another Contracting State (requested State) in accordance with the provisions of this Chapter. Recognition or enforcement may be refused only on the grounds specified in this Convention.”).

[18] See Gibson Dunn, New York Updates Law on Recognition of Foreign Country Money Judgments to Bring in Line with Other U.S. Jurisdictions, June 22, 2021, https://www.gibsondunn.com/new-york-updates-law-on-recognition-of-foreign-country-money-judgments-bring-in-line-with-other-us-jurisdictions/.

[19] See Brand, supra note 9, at 851.

[20] On the other hand, a judgment that ruled on rights in rem in immovable property “shall be recognised and enforced if and only if the property is situated in the State of origin.” Convention, art. 6.

[21] Convention, art. 15 (“Subject to Article 6, this Convention does not prevent the recognition or enforcement of judgments under national law.”)

[22] Teitz, supra note 8, at 503.

[23] Convention, art. 7.

[24] See also 2005 Choice of Court Convention, art. 9 (setting forth grounds for non-recognition).

[25] See Gibson Dunn, New York Updates Law on Recognition of Foreign Country Money Judgments to Bring in Line with Other U.S. Jurisdictions, June 22, 2021, https://www.gibsondunn.com/new-york-updates-law-on-recognition-of-foreign-country-money-judgments-bring-in-line-with-other-us-jurisdictions/.

[26] Hague Conference on Private International Law, Gamechanger for Cross-Border Litigation in Civil and Commercial Matters to be Finalized in the Hague (June 18, 2019) (quoting the Secretary General of the Hague Conference), https://www.hcch.net/en/news-archive/details/?varevent=683 (last visited Mar. 18, 2022).

[27] The United States has been a member of the Hague Conference since 1964 and is currently a Contracting Party to seven Hague Conventions (Convention Abolishing the Requirement of Legalisation for Foreign Public Documents (“Apostille Convention”), Oct. 5, 1961, 527 U.N.T.S.; Convention on the Service Abroad of Judicial and Extrajudicial Documents in Civil or Commercial Matters (“Service Convention”), Nov. 15, 1965, 658 U.N.T.S. 163; Convention on the Taking of Evidence Abroad in Civil or Commercial Matters (“Evidence Convention”), Mar. 18, 1970, 847 U.N.T.S. 231; Convention on the Civil Aspects of International Child Abduction (“Child Abduction Convention”), Oct. 25, 1980, 1343 U.N.T.S. 89; Convention on Protection of Children and Co-operation in respect of Intercountry Adoption (“Adoption Convention”), May 29, 1993, 1870 U.N.T.S. 167; Convention on the Law Applicable to Certain Rights in respect of Securities Held with an Intermediary (“Securities Convention”), July 5, 2006, 46 I.L.M. 649; Convention on the International Recovery of Child Support and Other Forms of Family Maintenance (“Child Support Convention”), Nov. 23, 2007, 47 I.L.M. 257. The U.S. has not yet ratified the 2005 Choice of Court Convention, often seen as the sister treaty to the Hague Judgments Convention.

[28] See generally United Nations Convention on International Settlement Agreements Resulting from Mediation, opened for signature Aug. 7, 2019 (adopted Dec. 20, 2018) (“Singapore Convention”), https://treaties.un.org/pages/ViewDetails.aspx?src=TREATY&mtdsg_no=XXII-4&chapter=22&clang=_en (last visited Mar. 18, 2022).

[29] For international commercial arbitration awards, the above map shows the broad reach of the New York Convention.

The following Gibson Dunn lawyers prepared this client alert: Rahim Moloo, Lindsey D. Schmidt, Maria L. Banda, and Nika Madyoon.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these issues. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s International Arbitration, Judgment and Arbitral Award Enforcement or Transnational Litigation practice groups, or the following:

Rahim Moloo – New York (+1 212-351-2413, rmoloo@gibsondunn.com)
Lindsey D. Schmidt – New York (+1 212-351-5395, lschmidt@gibsondunn.com)
Anne M. Champion – New York (+1 212-351-5361, achampion@gibsondunn.com)
Maria L. Banda – Washington, D.C. (+1 202-887-3678, mbanda@gibsondunn.com)

Please also feel free to contact the following practice group leaders:

International Arbitration Group:
Cyrus Benson – London (+44 (0) 20 7071 4239, cbenson@gibsondunn.com)
Penny Madden QC – London (+44 (0) 20 7071 4226, pmadden@gibsondunn.com)

Judgment and Arbitral Award Enforcement Group:
Matthew D. McGill – Washington, D.C. (+1 202-887-3680, mmcgill@gibsondunn.com)
Robert L. Weigel – New York (+1 212-351-3845, rweigel@gibsondunn.com)

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Click for PDF

With the energy transition gaining pace and the use of LNG as a bridge fuel to phase out the use of coal for power generation, the environmental credentials of LNG are in the spotlight. Although LNG has lower carbon emissions than other fossil fuels, participants in the LNG industry have been exploring ways to further decarbonise the LNG value chain. So called ‘carbon-neutral’ LNG transactions, where carbon credits are used to offset the emissions from LNG, are gaining popularity and there is a nascent market developing, with over 30 carbon-neutral LNG cargoes having been traded to date.

To encourage the growth of such transactions, certain organisations have published methodologies which seek to standardise the measurement and reporting of emissions from LNG, as well as ensuring that the carbon credits used to offset these emissions have been properly issued and retired, and price assessments are now being published to help market participants track the incremental cost of carbon-neutrality in LNG transactions. As the world works towards net zero, an increased focus on emissions is driving stricter requirements for LNG projects and LNG transactions which could signal a growing role for carbon-neutral LNG.

In this alert, we analyse carbon-neutral LNG transactions and consider the measurement of emissions and transaction reporting, with a view to establishing whether carbon-neutral LNG trades are the beginning of a new paradigm that the LNG industry will need to adopt in order to address the requirements of governments, customers and stakeholders.

Read More

The following Gibson Dunn lawyers assisted in the preparation of this article: Brad Roach, Nick Kendrick, and Zan Wong. The authors wish to thank Jeffrey Moore and Kenneth Foo from S&P Global Platts for their contributions to this article.

Gibson Dunn lawyers are available to assist in addressing any questions you may have regarding the article. Please contact Brad Roach or the Gibson Dunn lawyer with whom you usually work, or the following leaders of the firm’s Oil and Gas practice group:

Brad Roach – Singapore (+65 6507 3685, broach@gibsondunn.com)
Michael P. Darden – Houston (+1 346 718 6789, mpdarden@gibsondunn.com)
Anna P. Howell – London (+44 (0) 20 7071 4241, ahowell@gibsondunn.com)

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Click for PDF

On 23 February 2022, the European Commission (“EC”) published its long-awaited draft directive on “Corporate Sustainability Due Diligence” (the “Directive“),[1] which sets out mandatory human rights and environmental due diligence obligations for corporates, together with a civil liability regime to enforce compliance with the obligations to prevent, mitigate and bring adverse impacts to an end.[2]

The draft Directive will now undergo further review and debate, with its likely adoption by the European Parliament and subsequent implementation into domestic legal systems anticipated by 2027.

This was hailed as an opportunity to introduce uniform standards for corporates operating in Europe, in circumstances where numerous individual jurisdictions have been developing their own, differing human rights and environmental due diligence and/or reporting obligations (see our previous client alert).

Key features of the Directive

Applies to:
- Large EU-incorporated “companies”[3] with either: (i) more than 500 employees, and a net worldwide turnover of more than EUR 150 million (Group 1); or (ii) more than 250 employees, and a net worldwide turnover of more than EUR 40 million, where at least 50% of this net turnover was generated in a high-impact sector (certain manufacturing industries; agriculture, forestry and fisheries; and the extraction of mineral resources, the manufacture of metal products and the wholesale trade of mineral resources and products) (Group 2).
- Companies incorporated outside the EU with: (i) a net EU turnover of more than EUR 150 million; or (ii) with an EU turnover of more than EUR 40 million where at least 50% of the net worldwide turnover was generated in a high impact sector.[4]
Creates mandatory obligations for relevant companies to conduct human rights and environmental due diligence to identify actual or potential adverse impacts across their own operations, their subsidiaries’ operations, and the value chains of their “established business relationships”. In this context, the Directive expressly envisages the development of preventive action plans and the imposition of contractual terms on business partners, and creates an obligation to bring actual adverse impacts to an end.
Corporates are also expected to:
- undertake “periodic assessments” to monitor the effectiveness of their efforts;
- establish a grievance mechanism for stakeholders including affected persons, trade unions and other workers’ representatives of individuals in the value chain, as well as civil society organisations; and
- report annually on matters covered by the Directive. Where companies are not already subject to existing reporting requirements under EU law,[5] companies must publish an annual statement on their website by 30 April each year for the previous calendar year.
Introduces a new obligation requiring Group 1 companies to adopt climate change action plans.
Expands the nature of directors’ duties to include an obligation to consider the consequences of their decisions on human rights, climate change and the environment, and to implement and oversee due diligence actions and policies.
Envisages civil liability of companies for failure to conduct adequate due diligence and a sanctions regime to be imposed by each Member State which is “effective, proportionate and dissuasive”.
In terms of scope:
- The Commission expects around 12,800 entities to fall within the scope of the new legislation.[6]
- Small to medium sized enterprises (SMEs) are not within the scope of the Directive.
- “Turnover” is not defined in the current Directive or the earlier EU Parliament draft and, in particular, it is not clear how to calculate turnover which is “generated … in the Union”.
- While the narrower tailored approach of the Directive (compared to the previous EU Parliament draft Directive) has been welcomed by many corporates, there are some ambiguities as to its breadth. This includes, for example, its application to non-EU incorporated asset managers, which are not expressly referred to in the definition of in-scope “Companies” for the purposes of the application of the Directive.[7]

Introduction of four key corporate due diligence obligations

The Directive lays down four key due diligence obligations regarding actual and potential “adverse human rights impacts” and “adverse environmental impacts” (both of which the Directive defines by reference to international conventions). The due diligence is to be conducted not only in relation to companies’ own operations and those of their subsidiaries, but also the operations of their “established business relationships” (whether direct or indirect), where those operations are related to the company’s “value chains”.[8]

“Value chain” is broadly defined as “activities related to the production of goods or the provision of services by a company, including the development of the product or the service and the use and disposal of the product as well as the related activities of upstream and downstream established business relationships of the company”. For regulated financial services companies, the Directive gives further guidance, noting that the value chain “shall only include the activities of the clients receiving such loan, credit, and other financial services and of other companies belonging to the same group whose activities are linked to the contract in question”.

Integrate human rights and environmental due diligence

First, companies are required to integrate human rights and environmental due diligence into all of their corporate policies and have in place “a specific due diligence policy” which contains: (i) a description of the company’s due diligence approach; (ii) a code of conduct to be followed by company employees and subsidiaries; and (iii) a description of processes put in place to implement due diligence—including measures taken to extend its application to “established business relationships”.

Identify actual or potential adverse impacts

Second, as noted above, companies are required to take appropriate measures to identify actual and potential adverse human rights and environmental impacts arising not only from their own operations, but their subsidiaries’ and the operations of established business relationships in their value chains. (Certain companies are, however, confined to identifying only “severe” adverse impacts.)[9] This is an ongoing, continuous obligation for companies within the scope of the Directive, except for financial institutions which need only identify adverse impacts before providing a service (such as credit or a loan).

In terms of how to identify the adverse impacts, the Directive contemplates the use of both qualitative and quantitative information, including use of independent reports, information gathering through the complaints procedure (see below) and consultations with potentially affected groups.

Prevent or mitigate potential adverse impacts

Third, companies have an obligation to prevent potential adverse impacts – and, where this is not possible, to adequately mitigate adverse impacts that have been or should have been identified pursuant to the prior identification obligation. This is contemplated through a number of strategies:

Companies should, where complex prevention measures are required, develop and implement a “prevention action plan” (in consultation with affected stakeholders), including timelines and indicators for improvement. Related measures include the requirement to make necessary investment into management or production processes and infrastructures.
In the case of direct business relationships, companies should seek contractual assurances from their direct business partners that the latter will ensure compliance with the company’s code of conduct and prevention action plan, including by seeking contractual assurances from their own partners, to the extent that their activities are part of the company’s value chain. This is known as “contractual cascading”.
In the case of indirect business relationships, where potential adverse impacts cannot be prevented or mitigated through the prevention action plan and related measures, the company may seek to conclude a contract with that indirect partner, aimed at achieving compliance with the company’s code of conduct or a prevention action plan.
Where the potential adverse impacts cannot be prevented or adequately mitigated by the prevention action plan and use of contractual assurances and contracts, the company is required to refrain from entering into new or extending existing relations with the partner in question. To the extent permitted by the relevant local laws, the company must also: (i) temporarily suspend commercial relations with the partner in question, while pursuing prevention and minimisation efforts (provided there is reasonable expectation that the efforts will succeed in the short-term), or (ii) where the potential adverse impact is severe, terminate the business relationship with respect to activities concerned.

Bring to an end or minimise actual adverse impacts

Finally, companies must bring to an end actual adverse impacts that have been or should have been identified. Where this is not possible, companies should ensure that they minimise the extent of such an impact. Companies are required to take the following actions, as necessary: (i) neutralise the adverse impact or minimise its extent, including through the payment of damages to the affected persons; (ii) implement a corrective action plan with timelines and indicators; (iii) seek contractual assurances; and (iv) make necessary investments. As with the obligation to prevent and mitigate potential adverse impacts, there are provisions governing circumstances where the actual adverse impact cannot be brought to an end or minimised.[10]

Standalone climate change obligation

Group 1 companies are required to adopt a plan to ensure that the business model and strategy of the company are compatible with limiting global warming to 1.5°C in line with the Paris Agreement. The plan should identify the extent to which climate change is a risk for, or an impact of, the company’s operations. Fulfilment of the obligations in the plan should then be taken into account in the context of directors’ variable remuneration, where such remuneration is linked to the director’s contribution to business strategy and long-terms interests and sustainability.

Expansion of directors’ duties

The Directive introduces a “directors’ duty of care” provision requiring directors to take into account the human rights, climate change and environmental consequences of their decisions in the short, medium and long term. Directors[11] should put into place and oversee due diligence actions and policies, and adapt the company’s strategy where necessary. Member States must ensure that their laws applicable to breach of directors’ duties are extended to the provisions in the Directive. As currently drafted, the Directive itself does not impose personal liability on directors for non-compliance.

In practical terms, this will likely carry with it obligations of transparency, and boards should document how they are engaging with sustainability requirements and considering risks in all relevant decision-making, including on matters of strategy. Directors should also ensure that they are sufficiently informed on how due diligence processes and reporting lines are resourced and managed within the company, and conduct training on ESG matters.

What will be required of the board will ultimately be industry-specific, but it will be important to demonstrate that the board is actively engaging with these issues.

Sanctions and enforcement

Non-compliance with the substantive requirements of the Directive carries the threat of civil liability and specific sanctions. A civil liability provision requires Member States to ensure companies are liable for damages if: (a) they have failed to prevent or mitigate potential adverse impacts; and (b) as a result of this failure, an adverse impact that could have been avoided in fact occurred and caused damage. Importantly, a company cannot escape liability by relying on local law (for example, where the jurisdiction of the alleged adverse impact does not provide for damages). Where, however, a company has taken the “appropriate” due diligence measures identified in the Directive, there should be no such liability unless it was “unreasonable” in the circumstances to expect that the action taken (including as regards verifying business partners’ compliance) would be adequate to prevent, mitigate, bring to an end or minimise the extent of the adverse impact. This begs the question as to what may be considered “unreasonable” and what measures are to be considered “appropriate” for the relevant company, to which there are no clear answers in the Directive. Further guidance on the scoping of expectations and nature of “appropriate” due diligence will be essential.

Meanwhile, the Directive requires Member States to set up supervisory authorities to monitor compliance, but gives discretion as regards sanctions for non-compliance. These authorities will be empowered to conduct investigations, issue orders to stop violations, and publish their decisions.

In-scope companies which are incorporated outside the EU must also appoint an “authorised representative”, i.e. a natural or legal person domiciled or established in the EU Member State in which that company generated most of its annual net turnover in the EU in the previous year. The authorised representative must have a mandate to act on the company’s behalf in relation to complying with the Directive, and will communicate and cooperate with supervisory authorities.

Next steps

The draft Directive will now be presented to the Council of the European Union and the European Parliament, upon whom it is incumbent to reach agreement on a final text. It is expected that the Directive will be subject to further debates by a range of industry, government and NGO stakeholders, and it remains to be seen whether any material changes will be made. The political tailwinds behind EU-wide action in this area are strong,[12] particularly as national governments across the EU continue to implement their own legislative measures and the European Parliament has already advocated for similar legislation. Current best estimates envisage adoption in or around 2023, with subsequent transposition into national law two to four years thereafter. Hence, it is likely that the earliest that companies will be required to report pursuant to the proposed Directive will be in relation to the financial years ending 2025 or 2026.

The draft Directive is an ambitious proposal and there remain a number of open questions regarding the scope and nature of the duties envisaged. Further guidance on issues such as the nature of due diligence has been promised by the Commission, and will be critical as corporates seek to understand their obligations and address them in practical terms.

__________________________

[1] On the same date, the European Commission also published a Q&A publication and a factsheet which provide further colour and background to the draft Directive. These are available on the European Commission’s Corporate Sustainability Due Diligence website.

[2] This follows a public consultation period held between 26 October 2020 and 8 February 2021, and an EU Parliament draft directive on “Corporate Due Diligence and Corporate Accountability” published on 10 March 2021 (the “EU Parliament draft Directive“). See our previous client alert, addressing the 27 January 2021 report containing the proposed EU Parliament draft Directive.

[3] The definition of “companies” extends beyond corporate entities to other forms of enterprises with separate legal personality by reference to the Accounting Directive 2013/34 and to certain regulated financial undertakings regardless of their legal form. See Article 2(iv) of the draft Directive (defining “Company”).

[4] See Article 2(2) of the draft Directive. Whilst the parameters of application of the Directive draw upon thresholds and definitions that have been utilised in other EU sustainability and ESG-related regulations (such as the Non-Financial Reporting Directive and the proposed new Corporate Sustainability Reporting Directive (CSRD)), this threshold relating to turnover attributable to high impact sectors is a new development.

[5] Namely, the reporting requirements under Articles 19a and 29a of Directive 2014/95/EU (the Non-Financial Reporting Directive), which will soon be replaced by the Corporate Sustainability Reporting Directive).

[6] This compares to the broader scope of the CSRD which is expected to capture around 50,000 entities.

[7] See Article 2(iv) of the draft Directive (defining “Company”).

[8] The italicized terms are defined under the Directive (Article 3).

[9] Namely, Group 2 companies, and non-EU companies generating a net turnover of more than EUR 40 million but not more than EUR 150 million in the EU in the preceding financial year, provided at least 50% of its net worldwide turnover was generated in a high-impact sector.

[10] Namely, as in Article 7, the company may seek to conclude a contract with an entity with whom it has an indirect relationship with a view to achieving compliance with the company’s code of conduct or corrective plan (Article 7(4)), and refrain from entering into new or extending existing relations with the partner in connection with or in the value chain where the impact has arisen, and shall temporarily suspend commercial relationships or terminate the business relationship where the adverse impact is severe (Article 7(6)).

[11] “Directors” is defined broadly in the draft Directive as those who are part of the “administrative, management or supervisory bodies of a company”, the CEO and any Deputy CEO, in addition to other persons who perform similar functions. “Board of directors” is broadly defined as “the administrative or supervisory body responsible for supervising the executive management of the company”, or those performing equivalent functions. See draft Directive, Articles 3((o), (p).

[12] This proposal also comes off the back of a flurry of other developments in the EU in relation to ESG-related regulation. These developments include the European Commission’s presentation of the same date of a Communication on Decent Work Worldwide, and very recent feedback and developments on proposed changes to the CSRD from various European Parliament committees, including the Permanent Representatives Committee’s (Coreper) general approach regarding the European Commission’s proposed CSRD, published on 18 February 2022 and European Parliament’s Economic and Monetary Affairs Committee’s (ECON) opinion and proposed changes to the CSRD, published on 28 February 2022.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Environmental, Social and Governance (ESG) practice, or the following authors:

Susy Bullock – London (+44 (0) 20 7071 4283, sbullock@gibsondunn.com)
Selina S. Sagayam – London (+44 (0) 20 7071 4263, ssagayam@gibsondunn.com)
Sophy Helgesen – London (+44 (0) 20 7071 4261, shelgesen@gibsondunn.com)
Stephanie Collins – London (+44 (0) 20 7071 4216, SCollins@gibsondunn.com)
Ashley Kate Hammett – London (+44 (0) 20 7071 4240, ahammett@gibsondunn.com)

Please also feel free to contact the following ESG practice leaders:

Susy Bullock – London (+44 (0) 20 7071 4283, sbullock@gibsondunn.com)
Elizabeth Ising – Washington, D.C. (+1 202-955-8287, eising@gibsondunn.com)
Perlette M. Jura – Los Angeles (+1 213-229-7121, pjura@gibsondunn.com)
Ronald Kirk – Dallas (+1 214-698-3295, rkirk@gibsondunn.com)
Michael K. Murphy – Washington, D.C. (+1 202-955-8238, mmurphy@gibsondunn.com)
Selina S. Sagayam – London (+44 (0) 20 7071 4263, ssagayam@gibsondunn.com)

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Click for PDF

Utah is poised to join California, Virginia, and Colorado in enacting comprehensive data privacy legislation. Although Utah’s law largely follows the Virginia and Colorado models—with a few provisions that may ease the burden on businesses—it adds to an increasingly active state legislative landscape. Meanwhile, California is proposing changes to its landmark privacy law as other states plow ahead with debating or updating their own data privacy laws. Companies should account for these changes as they develop programs to comply with the laws.

Utah Consumer Privacy Act

In Utah, the legislature unanimously passed the Utah Consumer Privacy Act.[1] After the bill reaches the governor’s desk, he will have 20 days to sign or veto it or it will become law automatically signature if the governor vetoes the bill, the legislature has sufficient votes to override the veto, given that it was passed unanimously. Once enacted, the new law will become effective by its terms on December 31, 2023,[2]—approximately one year after the similar laws in Colorado and Virginia go into force. Comparable to the other laws, the new law applies to companies that (1) conduct business in Utah or target consumers in the state, (2) have $25 million or more in annual revenue, and (3) either (a) process or control personal data of 100,000 or more Utah consumers or (b) process or control personal data of 25,000 or more Utah consumers and derive 50 percent or more of their gross revenue from selling personal data.[3]

While Utah’s law is similar to Virginia’s and Colorado’s laws, it has a few differences that may make the law easier for businesses to follow. For example, like Virginia and Colorado, Utah does not include a private right of action in its law, although the attorney general can seek statutory damages, as described more fully below. However, unlike the laws in Virginia and Colorado, Utah’s law does not require businesses to conduct and document data protection assessments about their data-processing practices.[4] Utah also does not require businesses to set up a mechanism for consumers to appeal a business’s decision regarding the consumer’s request to exercise any of their personal data rights.[5] And finally, Utah’s law makes it easier to charge a fee when responding to consumer requests. Specifically, businesses may charge a fee when responding to consumer requests to exercise their personal data rights in Virginia only if those requests are “manifestly unfounded, excessive, or repetitive,”[6] or in Colorado only if a second request is made in a 12-month period.[7] But Utah allows businesses to charge a fee in both those situations as well as when the business “reasonably believes the primary purpose in submitting the request was something other than exercising a right” or is harassing, disruptive, or poses an undue burden on the controller.[8]

Relating to enforcement, while Utah’s Division of Consumer Protection can investigate potential violations, Utah’s law, like Colorado’s and Virginia’s, limits enforcement to the state attorney general.[9] The attorney general must give companies at least 30 days to cure before initiating an action.[10] If the attorney general does bring such an action, they may collect statutory damages of up to $7,500 per violation or actual damages.[11]

Developments in Other States

As Utah moves ahead with its new privacy law, California legislators have floated proposals to extend the business-to-business and employment-related exemptions in the California Consumer Privacy Act (“CCPA”). Under those exemptions, the CCPA does not generally apply to employment-related data or data involved in transactions between businesses for due diligence or to provide a good or service. The California Privacy Rights Act (“CPRA”) is presently set to sunset those exemptions on January 1, 2023. But the bills introduced in California would extend those exemptions either through January 1, 2026, or pursuant to the alternative bill, indefinitely.[12]

California is not the only state with updates to its comprehensive data privacy law in the works. Colorado’s attorney general announced recently that a formal notice of proposed rulemaking under the Colorado Privacy Act will be issued by this fall to prepare regulations that will be implemented by January 2023. In the meantime, town halls and meetings are planned to gather comments on that rulemaking.

Other states are moving rapidly to join California, Colorado, Virginia, and Utah. Data privacy laws have passed committee or chamber votes this year in Indiana, Iowa, Florida, Massachusetts, Ohio, Washington, and Wisconsin, and numerous other states also are considering legislation. Although the precise contours of these laws—and how many, if any more this year, will be enacted, and when—remain in flux, the enactment of state privacy laws already has ushered in notable regulatory changes affecting how companies collect and manage data while imposing a host of new obligations and potential liability, across the country. Companies would be well-served to focus their compliance programs accordingly.

We will continue to monitor developments in this area, and are available to discuss these issues as applied to your particular business.

___________________________

[1] Utah Consumer Privacy Act (“UCPA”), S.B. 227, 2022 Leg. Sess. (Utah 2022).

[2] UCPA, § 17.

[3] UCPA, § 3, 13-61-102(1).

[4] See Colorado Privacy Act (“CPA”), S.B. 21-190, § 6-1-1309, 73d Leg., 2021 Regular Sess. (Colo. 2021); Virginia Consumer Data Protection Act (“VCDPA”), S.B. 1392, § 59.1-576, 2021 Spec. Sess. (Va. 2021).

[5] See CPA, 6-1-1306(3)(a); VCDPA, § 59.1-573(C).

[6] VCDPA, § 59.1-573(B)(3).

[7] CPA, § 6-1-1306(2)(c).

[8] UCPA, § 7, 13-61-203(4)(b)(i)(B)-(C).

[9] UCPA, § 13, 13-61-305; § 13, 13-61-401; § 14, 13-61-402(1)-(2).

[10] UCPA, § 14, 13-61-402(3)(b)-(c).

[11] UCPA, § 14, 13-61-402(3)(d).

[12] See A.B. 2871, 2021–2022 Reg. Sess. (Calif. 2022); A.B. 2891, 2021–2022 Reg. Sess. (Calif. 2022).

This alert was prepared by Ryan T. Bergsieker, Cassandra Gaedt-Sheckter, Eric M. Hornbeck and Alexander H. Southwell.

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Click for PDF

On March 9, 2022, the Securities and Exchange Commission (“SEC” or “Commission”) held a virtual open meeting where it considered a rule proposal for new cybersecurity disclosure requirements for public companies, primarily consisting of: (i) current reporting of material cybersecurity incidents and (ii) periodic reporting of material updates to cybersecurity incidents, the company’s cybersecurity risk management, strategy, and governance practices, and the board of directors’ cybersecurity expertise, if any.

The proposal passed on party lines and the comment period ends on the later of 30 days after publication in the Federal Register or May 9, 2022 (which is 60 days from the date that the rules were proposed). Below please find a summary description of the rule proposal, as well as certain Commissioner’s concerns related to the proposal.

Summary of Proposed Amendments

New Current Reporting Requirements

The proposed amendments would require current reporting of material cybersecurity incidents by adding new Item 1.05 to Form 8-K. As is the case with almost all other Form 8-K items, Item 1.05 would require companies to disclose material cybersecurity incidents[1] within four business days. The trigger date for the disclosure is the date of the materiality determination, rather than the date of discovery of the incident, although companies are required to make a materiality determination as soon as reasonably practicable after discovery. Required disclosure would include:

When the incident was discovered and whether it is ongoing;
A brief description of the nature and scope of the incident;
Whether any data was stolen, altered, accessed, or used for any other unauthorized purpose;
The effect of the incident on the company’s operations; and
Whether the company has remediated or is currently remediating the incident.

According to the release, “[w]hat constitutes “materiality” for purposes of the proposed cybersecurity incidents disclosure would be consistent with that set out in the numerous cases addressing materiality in the securities laws, including: TSC Industries, Inc. v. Northway, Inc.,[2] Basic, Inc. v. Levinson,[3] and Matrixx Initiatives, Inc. v. Siracusano[4].”[5] The SEC noted in the proposed rule that it would not expect companies to disclose technical information about its planned response, cybersecurity systems, related networks and devices, or vulnerabilities “in such detail as would impede the company’s response or remediation of the incident.”[6] However, Item 1.05 would not allow for a reporting delay when there is an ongoing internal or external investigation related to the cybersecurity incident. Notably, however, an untimely filing of Item 1.05 disclosure on Form 8-K would not result in a loss of Form S-3 and Form SF-3 eligibility and would be covered by the safe harbor for Section 10(b) and Rule 10b-5 liability. With respect to foreign private issuers, the amendments would similarly create a disclosure trigger for cybersecurity incidents on Form 6-K.

New Periodic Reporting Requirements

Material Updates to Cybersecurity Incidents. The proposed amendments would add additional disclosure requirements to public companies’ quarterly and annual reports by introducing new Item 106(d) of Regulation S-K, which would require companies to disclose any material changes, additions, or updates to information required to be disclosed pursuant to proposed Item 1.05 of Form 8-K in the company’s Form 10-Q or Form 10-K for the covered period (the company’s fourth fiscal quarter in the case of a Form 10-K) in which the material change, addition, or update occurred. Item 106(d) would also require companies to disclose when a series of previously undisclosed individually immaterial cybersecurity incidents becomes material in the aggregate.

Risk Management and Strategy. In addition, public companies would be required to disclose their policies and procedures, if any, to identify and manage cybersecurity risks and threats. The company would also be required to describe whether it engages assessors or other third parties in connection with its risk assessment and any policies or procedures for risks in connection with the use of third party service providers. The other topics included in proposed Item 106(b) would require disclosure regarding whether the company undertakes to prevent, detect and minimize the threat of cybersecurity incidents; whether the company has business continuity, contingency or recovery plans in the event of cybersecurity incident; whether previous cybersecurity incidents have informed changes in the company’s governance, policies and procedures, or technologies; whether and how cybersecurity-related risk and incidents have affected or are reasonably likely to affect the company’s results of operations or financial condition; and whether and how cybersecurity risks are considered as part of the company’s business strategy, financial planning, and capital allocation.

Governance. Proposed Item 106(c) of Regulation S-K would require disclosure regarding the role of the board of directors and management in cybersecurity governance. With respect to the board of directors, companies would need to disclose whether the entire board, specific board members or a board committee is responsible for the oversight of cybersecurity risks. Disclosure would also need to include a discussion of the processes by which the board is informed about cybersecurity risks, the frequency of discussions on cybersecurity, and whether and how the board or responsible board committee considers cybersecurity risks as part of its business strategy, risk management, and financial oversight. With respect to management, companies would need to disclose whether certain management positions or committees are responsible for measuring and managing cybersecurity risk and the relevant expertise of such persons. The company would also need to disclose whether it has designated a chief information security officer, or someone in a comparable position, and if so, to whom that individual reports within the company’s organizational chart, the relevant expertise of any such persons, the processes by which such persons or committees are informed about and monitor the prevention, mitigation, detection, and remediation of cybersecurity incidents, and whether and how frequently such persons or committees report to the board or a committee of the board on cybersecurity risk.

Director Cybersecurity Expertise. Proposed Item 407(j) of Regulation S-K would require companies to annually disclose (in proxy statements for their annual meetings of shareholders or their annual reports on Form 10-K) cybersecurity expertise of directors of the company, if any. If any member of the board has cybersecurity expertise, the company would be required to disclose the name of any such director, and provide such detail as necessary to fully describe the nature of the director’s expertise. Cybersecurity expertise would remain undefined, but the proposed rule would introduce criteria relevant for the determination, such as whether the director has work experience in cybersecurity, whether the director obtained a certification or degree in cybersecurity, and whether the director has knowledge, skills or other background in cybersecurity. Similar to the existing safe harbor with respect to “audit committee financial experts,” proposed Item 407(j)(2) would state that a person who is determined to have expertise in cybersecurity will not be deemed an expert for any purpose, including, without limitation, for purposes of Section 11 of the Securities Act of 1933, as a result of being designated or identified as a director with expertise in cybersecurity pursuant to proposed Item 407(j).

Foreign Private Issuers. Comparable changes would be made to require similar disclosures on an annual basis on Form 20-F.

Structured Data Requirements

Disclosures required under the proposed rules would need to be tagged in Inline XBRL, which would include block text tagging of narrative disclosures, as well as detail tagging of quantitative amounts disclosed within the narrative disclosures. According to the release, “[t]his Inline XBRL tagging would enable automated extraction and analysis of the granular data required by the proposed rules, allowing investors and other market participants to more efficiently perform large-scale analysis and comparison of this information across registrants and time periods.”[7]

For additional information on the proposed amendments, please see the following links:

Commissioner Concerns

The Commission voted three to one in support of the proposed amendments, with Commissioner Peirce dissenting. Chair Gensler supported the proposed rules noting that “companies and investors alike would benefit if this disclosure were required in a consistent, comparable, and decision-useful manner.”[8] Chair Gensler emphasized two ways in which the proposed rules would enhance cybersecurity disclosure and allow investors to assess cybersecurity risks more effectively, by requiring (i) ongoing disclosures regarding companies’ governance, risk management, and strategy with respect to cybersecurity risks and (ii) mandatory, material cybersecurity incident reporting. Commissioner Peirce expressed some reservations about the proposal. Specifically, Commissioner Peirce voiced concern that: (i) the governance disclosure requirements could be viewed as substantive guidance for the composition and functioning of both the boards of directors and management of public companies; (ii) the policy disclosure requirements may pressure companies to consider adapting their existing policies and procedures to conform to the Commission’s preferred approach; and (iii) the Commission is not best suited to design cybersecurity programs to be effective for all companies. Although Commissioner Peirce was more supportive of the cybersecurity incident reporting requirements, stating that they provided guideposts for companies to follow in reporting material cybersecurity incidents, she was critical of the proposed rule’s inflexibility with regard to whether temporary relief from the disclosure requirements would best protect investors in cases of ongoing investigations.

For the published statements of the Commissioners, please see the following links:

As mentioned above, the comment period ends on the later of 30 days after publication in the Federal Register or May 9, 2022 (which is 60 days from the date that the rules were proposed). Comments may be submitted: (1) using the SEC’s comment form at https://www.sec.gov/rules/submitcomments.htm; (2) via e-mail to rule-comments@sec.gov (with “File Number S7-09-22″ on the subject line); or (3) via mail to Secretary, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-1090. All submissions should refer to File Number S7-09-22.

Takeaways

The proposed rule contemplates extensive changes to current reporting requirements, and many of the disclosure topics act as guidance with respect to the SEC’s expectations for public companies’ cybersecurity risk management, strategy, and governance. In light of these changes, public companies should consider the following:

Incident Disclosure Obligations Take Priority Over All Other Considerations. As noted by Commissioner Peirce, proposed Item 1.05 of Form 8-K does not provide companies with flexibility with respect to the timing of disclosing material cybersecurity incidents, even when it may be beneficial to delay disclosure. Under the proposed rule, companies would be required to report material cybersecurity incidents within four business days of the materiality determination, even when doing so may hinder the efforts of law enforcement to investigate the extent of the incident or apprehend wrongdoers. The disclosure mandate would also effectively override any deferral provided under state and local law, as companies will still need to timely file the required Form 8-K even where a state or local law would permit a delay in notifying the public about the incident. In addition, the proposed rule does not distinguish ongoing incidents from past or remediated incidents in the reporting requirements, which could result in required disclosure of cybersecurity incidents that still have active vulnerabilities. In these instances, disclosure could exacerbate the severity of the incident, as wrongdoers could become aware of and seek to exploit current vulnerabilities in the company’s systems. In essence, the proposed rule does not allow companies to take into account any other considerations on whether to disclose material cybersecurity incidents. The proposing release justifies the rule by stating that it is “critical to investor protection and well-functioning orderly and efficient markets that investors promptly receive information regarding material cybersecurity incidents.”[9] However, the SEC does not demonstrate that the inflexibility of the rule is necessary for the functioning of the markets or that such other considerations are less critical to investor protection than strict adherence to the proposed reporting regime. Moreover, the mere fact that the trigger date for the disclosure requirement is the date of the materiality determination does not provide companies with flexibility given the rule’s expectation that companies will make such determination as soon as reasonably practicable after discovery of the incident.
Companies May Need to Revisit their Cybersecurity Policies and Procedures. The proposed rule would require companies to disclose many facets of their cybersecurity policies and procedures, such as whether there are procedures for overseeing cybersecurity risk arising from the use of third party service providers. These disclosure topics are likely to incentivize companies to revisit their policies and procedures in order to ensure that they address such topics, as companies will want to avoid disclosure of policies that lack features that the SEC focuses on or that appear less robust than those of their peers. In addition, it will be important for companies revisiting their cybersecurity policies to ensure that they provide for effective disclosure controls and procedures that include communication between the cybersecurity team, or those responsible for cybersecurity, and the legal team. These channels of communication will be necessary for the prompt assessment and escalation of detected cybersecurity incidents, which serves the purposes of providing for proper oversight and complying with the proposed disclosure requirements. Communication will need to be maintained through the conclusion and remediation of cybersecurity incidents, given the requirement to provide material updates to the disclosure and to disclose any series of previously undisclosed, immaterial incidents that become material in the aggregate. Companies without a chief information security officer, or equivalent, should consider whether such a position should be created in light of the requirement to disclose whether the company has such an officer.
Boards May Need to Revisit Their Oversight Role and Structures. While many companies already include disclosure on the board’s role in overseeing cybersecurity risk in their proxy statements, the proposed rule introduces a broad set of discussion topics that will need to be addressed. In particular, boards that have not delegated responsibility for overseeing cybersecurity disclosures to a specific board committee will need to consider whether it is appropriate to do so. Companies should also consider the channels through which cybersecurity information is communicated to the board (or designated committee) and evaluate whether such channels provide effective and timely communications. Boards will also need to assess whether the amount of time spent addressing cybersecurity during meetings is appropriate given the requirement to disclose the frequency of discussions on the topic.
Director Cybersecurity Experience will be at a Premium. Requiring disclosure of whether any of a company’s directors have cybersecurity expertise will likely pressure companies to prioritize candidates with cybersecurity experience as part of their search process in order to avoid appearing behind on cybersecurity compared to their peers. Given that companies will need to describe such expertise in their annual disclosure, directors with substantive cybersecurity experience may be highly sought after. In addition, many companies include cybersecurity in director skill matrices in their proxy statements. Should the rules be adopted as proposed, those companies will need to consider whether their assessments of experience align with the criteria proposed by the SEC, or risk potentially confusing investors with two different standards for cybersecurity expertise.

__________________________

[1] Cybersecurity incident is defined to mean an unauthorized occurrence on or conducted through a company’s information systems that jeopardizes the confidentiality, integrity, or availability of a company’s information systems or any information residing therein.

[2] TSC Indus. v. Northway, 426 U.S. 438, 449 (1976).

[3] Basic Inc. v. Levinson, 485 U.S. 224, 232 (1988).

[4] 563 U.S. 27 (2011).

[5] Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure, Exchange Act Release, No. 34-94382 (Mar. 9, 2022) at Part II.B.1, available at https://www.sec.gov/rules/proposed/2022/33-11038.pdf.

[6] Id.

[7] Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure, Exchange Act Release, No. 34-94382 (Mar. 9, 2022) at Part II.G, available at https://www.sec.gov/rules/proposed/2022/33-11038.pdf.

[8] Chairman Gary Gensler, “Statement on Proposal for Mandatory Cybersecurity Disclosures” (Mar. 9, 2022), available https://www.sec.gov/news/statement/gensler-cybersecurity-20220309.

[9] Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure, Exchange Act Release, No. 34-94382 (Mar. 9, 2022) at Part II.B.3, available at https://www.sec.gov/rules/proposed/2022/33-11038.pdf.

This alert was prepared by Alexander H. Southwell, Ashlie Beringer, Lori Zyskowski, Thomas J. Kim, and Julia Lapitskaya.

Gibson Dunn lawyers are available to assist in addressing any questions you may have about these developments. Please contact the Gibson Dunn lawyer with whom you usually work in the firm’s Privacy, Cybersecurity and Data Innovation and Securities Regulation and Corporate Governance practice groups, or the following authors:

Alexander H. Southwell – New York (+1 212-351-3981, asouthwell@gibsondunn.com)

S. Ashlie Beringer – Palo Alto (+1 650-849-5327, aberinger@gibsondunn.com)

Lori Zyskowski – New York (+1 212-351-2309, lzyskowski@gibsondunn.com)

Thomas J. Kim – Washington, D.C. (+1 202-887-3550, tkim@gibsondunn.com)

Julia Lapitskaya – New York (+1 212-351-2354, jlapitskaya@gibsondunn.com)

We would like to thank Matthew Dolloff in our New York office for his work on this article.

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Click for PDF

On March 9, 2022, President Biden signed a long-awaited Executive Order (titled “Ensuring Responsible Development of Digital Assets” and issued with an accompanying Fact Sheet) regarding the U.S. government’s strategy for digital assets, defined to include cryptocurrencies and other forms of exchange that are recorded on the blockchain.[1] Citing the need for the federal government to address the role of digital assets in the financial system, the Executive Order represents the first whole-of-government approach to the benefits and risks of digital assets. It is a general policy statement that reflects the views of the administration, as opposed to a specific proposal for regulation.

In our view, there are three principal takeaways from the Executive Order. First, it acknowledges the exponential growth and opportunity that the digital asset ecosystem presents, and outlines a policy interest in “responsible financial innovation” and the need for evolution and coordination to ensure that the United States continues to be a leader in the space. Second, the Executive Order identifies a number of perceived general risk areas that digital assets can pose on issues ranging from consumer protection to national security to the environment. Third, to address these risks, the Executive Order tasks various federal agencies—working in coordination—to draft a host of reports, frameworks, and action plans to evaluate the various perceived challenges and opportunities presented by digital assets. We discuss each takeaway in order below.

U.S. Commitment to Digital Asset Leadership

To date, countries around the world have taken divergent stances on digital assets. Cryptocurrency transactions are banned in China, for instance, whereas other jurisdictions have gone as far as to make bitcoin legal tender.[2] It was not clear where the White House would come down on this spectrum, as individual U.S. lawmakers, regulators, and enforcers have offered differing views on how to approach digital assets.

The Executive Order offers a strong endorsement of the potential of digital assets and the need for the United States to play a leading role in shaping the design of this ecosystem. Specifically, it declares that “[w]e must reinforce United States leadership in the global financial system and in technological and economic competitiveness, including through the responsible development of payment innovations and digital assets.”[3] Further, it provides that the U.S. has an interest in remaining at the “forefront” of the “responsible development and design of digital assets,” where its leadership can “sustain United States financial power and promote United States economic interests.”[4] One potential way to do so is by creating a central bank digital currency (“CBDC”), which, as discussed below, the Executive Order tasks various parts of the government to study at length.

The Executive Order also recognizes the benefits that digital assets can provide to consumers, as they may help expand equitable access to financial services by, for instance, “making investments and domestic and cross-border funds transfers and payments cheaper, faster, and safer.”[5]

At the same time, the Executive Order acknowledges that many opportunities and challenges posed by blockchain-based ecosystems fall outside the scope of existing laws and that government approaches to date have been “inconsistent,” “necessitating an necessitate an evolution and alignment of the United States Government approach to digital assets.”[6]

Potential Risks in the Digital Asset Ecosystem

The Executive Order identifies a number of broad potential risk areas involving digital assets that may implicate a wide range of participants in the ecosystem including exchanges, custody providers, investors, token issuers, and companies that accept digital assets for payment. Specific risks cited in the Executive Order include:

Data Protection—Without “sufficient oversight and standards,” firms providing digital asset services “may provide inadequate protections for sensitive financial data, custodial and other arrangements relating to customer assets and funds.”[7]
Privacy—Key “safeguards” identified in “responsible development” of digital assets include “maintain[ing] privacy” and “shield[ing] against arbitrary or unlawful surveillance.”[8]
Risk Disclosures—An important facet of protecting investors is ensuring adequate “disclosures of risks associated with investment.”[9]
Cybersecurity—Cybersecurity issues that have occurred at major digital asset exchanges and trading platforms to date have contributed to billions of dollars of losses.[10]
Systemic Risk—In order to mitigate systemic risk, digital asset issuers, exchanges and trading platforms, and other intermediaries “should, as appropriate, be subject to and in compliance with regulatory and supervisory standards that govern traditional market infrastructures and financial firms.”[11] Moreover, new and unique uses of digital assets “may create additional economic and financial risks” that require “an evolution to a regulatory approach.”[12]
National Security and Illicit Finance—Noting that digital assets can pose significant national security and illicit finance risks ranging from terrorism financing to cybercrime, the Executive Order aims to “ensure appropriate controls and accountability” for digital asset systems to “promote high standards for transparency, privacy, and security” in order to counter these activities.[13]
Sanctions Evasion—Digital assets may be used to circumvent sanctions.[14]
Climate and Pollution—The United States also has an interest in reducing “negative climate impacts and environmental pollution” from “some cryptocurrency mining.”[15]

In light of some of these risks, President Biden’s Executive Order provides that the United States “must support technological advances that promote responsible development and use of digital assets,” including by ensuring that digital asset technologies “are developed, designed, and implemented in a responsible manner” that includes privacy and security, features and controls to defend against illicit exploitation, and efforts to reduce negative environmental impacts.[16]

Researching the Path Forward

To determine the next steps for the U.S. government in the digital asset space, the Executive Order establishes an interagency process to address many of the opportunities and challenges outlined above.[17] Further, it calls for a number of reports, frameworks, action plans, and more to be developed, as outlined in the table below.

Critically, the Executive Order does not itself implement any new regulations over the digital asset space or require that agency reviews adopt particular rules or requirements. Instead, it just identifies what homework needs to be done. Accordingly, the Executive Order has not changed the jurisdiction of any U.S. regulator or enforcer with respect to digital assets, nor does it call for Congress to act to expand the jurisdiction or authority of independent agencies such as the CFTC or SEC, even as it opens by acknowledging that the novel challenges and opportunities presented by digital assets may not be within the scope of existing federal laws.[18] Various federal agencies are therefore instructed to “consider” whether some of the digital asset risks that are identified—such as privacy, consumer protection, and investor protection—are within the jurisdiction of existing regulators or “whether additional measures may be needed.”[19] The agencies’ conclusions to those questions, of course, will be of great interest to all market participants and those interested in digital assets and blockchain technology, including potentially to members of Congress.

Notably absent from the Executive Order is any reference to regulations implementing the tax information reporting provisions of HR 3684, the Infrastructure Investment and Jobs Act, signed into law on November 15, 2021. As discussed in this Gibson Dunn Client Alert, those provisions are one of the few recent legislative measures addressing digital assets and include effective dates that contemplate reporting requirements on a broad range of digital asset transactions beginning in January of 2023.

Subject	Lead Agency	Supporting Agencies	Detailed Description	Due
Action Plans, Frameworks, and Reports
Report on Strengthening International Law Enforcement[18]	DOJ	State, Treasury, DHS	How to strengthen international law enforcement cooperation for detecting, investigating, and prosecuting criminal activity related to digital assets.	Within 90 days (June 7, 2022)
Framework for International Engagement[19]	Treasury	State, Commerce, USAID, other relevant agencies	Establishing a framework for interagency international engagement to enhance adoption of global principles and standards for how digital assets are used and transacted.	Within 120 days (July 7, 2022) and an update one year later
Report on Prosecution of Crimes related to Digital Currency[20]	DOJ	Treasury, DHS	The role of law enforcement agencies in detecting, investigating, and prosecuting criminal activity related to digital assets, including any recommendations on regulatory or legislative actions.	Within 180 days (September 5, 2022)
Report on the Future of Money and Payment Systems[21]	Treasury	State, DOJ, Commerce, DHS, OMB, DNI	Topics include (i) the conditions that drive broad adoption of digital assets; (ii) the extent to which technological innovation may influence these outcomes; and (iii) the implications for the United States financial system, the modernization of and changes to payment systems, economic growth, financial inclusion, and national security. Also, various considerations related to the potential development of a CBDC.	Within 180 days (September 5, 2022)
Report on the Implications of Development and Adoption of Digital Assets[22]	Treasury	Labor and other agencies, potentially including FTC, SEC, CFTC, CFPB, and Federal banking agencies	Conditions that would drive mass adoption of different types of digital assets and the risks and opportunities such growth might present. Policy recommendations to protect United States consumers, investors, and businesses, and support expanding access to safe and affordable financial services.	Within 180 days (September 5, 2022)
Report on Environmental Impact Mitigation[23]	OSTP	Treasury, DOE, EPA, CEA, National Climate Advisor, other relevant agencies	Connections between distributed ledger technology and economic and energy transitions, including the potential for these technologies to impede or advance efforts to tackle climate change and the impacts these technologies have on the environment.	Within 180 days (September 5, 2022), update one year later
Framework for Enhancement of United States Economic Competitiveness[24]	Commerce	State, Treasury, other relevant agencies	A framework for enhancing United States economic competitiveness in, and leveraging of, digital asset technologies.	Within 180 days (September 5, 2022)
Report on Financial Stability Risks and Regulatory Gaps[25]	Treasury	FSOC[26]	The specific financial stability risks and regulatory gaps posed by various types of digital assets and recommendations to address such risks, including any proposals for new legislation or additional or adjusted regulation and supervision.	Within 210 days (October 5, 2022)
Coordinated Action Plan to Mitigate Identified Risks[27]	Treasury	State, DOJ, Commerce, DHS, OMB, DNI, other relevant agencies	The role of law enforcement and measures to increase financial services providers’ compliance with AML/CFT obligations related to digital asset activities.	Within 120 days of submission of the National Strategy for Combating Terrorist and Other Illicit Financing
CBDC Research
Assessment of Legislative Changes[28]	DOJ	Treasury, Federal Reserve	Whether legislative changes would be necessary to issue a United States CBDC.	Within 180 days (September 5, 2022)
Technical Evaluation of the Requirements to Support a CBDC System[29]	OSTP; U.S. CTO	Treasury, Federal Reserve, other agencies	The technological infrastructure, capacity, and expertise that would be necessary at relevant agencies to facilitate and support the introduction of a CBDC system.	Within 180 days (September 5, 2022)
Legislative Proposal related to a United States CBDC[30]	DOJ	Treasury, Federal Reserve	Based upon Future of Money Report and any relevant materials developed by the Federal Reserve.	Within 210 days (October 5, 2022)
Recommendation for Continued Research[31]	Federal Reserve		Encouraged to continue research on the extent to which CBDCs could improve future payments systems, to assess the optimal form of a U.S. CBDC, to develop a strategic plan that evaluates the necessary steps and requirements for the potential implementation and launch of a U.S. CBDC, and evaluate the extent to which a U.S. CBDC could enhance or impede the ability of monetary policy to function effectively as a macroeconomic stabilization tool.	N/A
Considerations, Notices, and Voluntary Submissions
Submission of Supplemental Annexes relating to Illicit Finance Risks[32]	Treasury, State, DOJ, Commerce, DHS, OMB, DNI, other agencies		Agencies may submit supplemental annexes offering additional views on illicit finance risks posed by digital assets.	Within 90 days of submission of the National Strategy for Combating Terrorist and Other Illicit Financing
Consideration of Competition Policy[33]</td	DOJ, FTC, CFPB		Potential effects the growth of digital assets could have on competition policy.	N/A
Consideration of Consumer Protection and Privacy[34]	FTC, CFPB		Whether privacy or consumer protection measures within their respective jurisdictions may be used to protect users of digital assets and whether additional measures may be needed.	N/A
Consideration of Investor and Market Protections[35]	SEC, CFTC, Federal Reserve, FDIC, OCC		Whether investor and market protection measures within their respective jurisdictions may be used to address the risks of digital assets and whether additional measures may be needed.	N/A

Conclusion

The Executive Order is both a landmark and a question mark for U.S. digital asset policy. It boldly proclaims that the United States intends to lead in promoting the responsible development and design of digital assets, even as it details in broad strokes many of the risks that the digital asset ecosystem could pose to consumers, investors, and citizens. But it does not address how these risks will be addressed in concrete terms, nor does it speak to the unique privacy, consumer and cybersecurity values and opportunities that are furthered by the technological innovation of the blockchain. As a result, continued uncertainty remains in the digital asset space with respect to, among other things, a clear regulatory framework, with regulation by enforcement continuing to be significant, even on certain fundamental questions. In the coming months, Gibson Dunn will be closely monitoring additional developments and the research outputs required by the Executive Order in order to help its clients across the digital asset space navigate regulatory risks and requirements in the United States.

___________________________

[1] Many of the top administration officials and heads of agencies announced their support for the Executive Order, including Treasury Secretary Yellen, Consumer Financial Protection Bureau (“CFPB”) Chairman Chopra, Commerce Secretary Raimondo, National Security Advisor Sullivan and National Economic Council Director Deese, Commodity Futures Trading Commission (“CFTC”) Chairman Behnam, and a tweet from Securities and Exchange Commission (“SEC”) Chair Gensler. The White House also convened a background call with senior administration officials to discuss the Executive Order.

[2] See, e.g., Alun John, Samuel Shen and Tom Wilson, China’s top regulators ban crypto trading and mining, sending bitcoin tumbling, Reuters (Sept. 24, 2021), https://www.reuters.com/world/china/china-central-bank-vows-crackdown-cryptocurrency-trading-2021-09-24/; Aaryamann Shrivastava, Swiss City To Make Bitcoin a Legal Tender After Mexico and El Salvador, FX Empire (Mar. 4, 2022), https://www.fxempire.com/news/article/swiss-city-to-make-bitcoin-a-legal-tender-after-mexico-and-el-salvador-922943.

[3] Executive Order, § 2(d).

[4] Executive Order, § 2(d).

[5] Executive Order, § 2(e).

[6] Executive Order, § 2(a).

[7] Executive Order, § 2(a).

[8] Executive Order, § 2(a).

[9] Executive Order, § 2(a).

[10] Executive Order, § 2(b).

[11] Executive Order, § 2(b).

[12] Executive Order, § 2(c).

[13] Executive Order, § 2(c).

[14] Executive Order, § 2(f).

[15] Executive Order, § 2(f).

[16] Executive Order, § 3.

[17] Executive Order, § 5(b)(v); see also Executive Order, § 4(b).

[18] Executive Order, § 8(b)(iv).

[19] Executive Order, §§ 8(b)(i); 8(b)(ii).

[20] Executive Order, § 5(b)(iii).

[21] Executive Order, § 4(b).

[22] Executive Order, § 5(b)(i).

[23] Executive Order, §§ 5(b)(vii); 5(b)(viii).

[24] Executive Order, § 8(b)(iii).

[25] Executive Order, § 6(b).

[26] The FSOC comprises 10 voting members (the heads of Treasury, the Federal Reserve, OCC, CFPB, SEC, FDIC, CFTC, FHFA, NCUA, and a Senate-confirmed member with insurance expertise) and five nonvoting members (Office of Financial Research, Federal Insurance Office, a state insurance commissioner, a state banking supervisor, and a state securities commissioner). See About FSOC, U.S. Department of Treasury, https://home.treasury.gov/policy-issues/financial-markets-financial-institutions-and-fiscal-service/fsoc/about-fsoc.

[27] Executive Order, § 7(c).

[28] Executive Order, § 4(d)(i).

[29] Executive Order, § 5(b)(ii).

[30] Executive Order, § 4(d)(ii).

[31] Executive Order, § 4(c).

[32] Executive Order, § 7(b).

[33] Executive Order, § 5(b)(iv).

[34] Executive Order, § 5(b)(v).

[35] Executive Order, § 5(b)(vi)

Gibson Dunn stands ready to help guide industry players through the most complex challenges that lay at the intersection of regulation, public policy, and technical innovation of blockchain and cryptocurrency. If you wish to discuss any of the matters set out above, please contact Gibson Dunn’s Crypto Taskforce (cryptotaskforce@gibsondunn.com), or any member of its Financial Institutions, Global Financial Regulatory, Public Policy, Administrative Law and Regulatory, Privacy, Cybersecurity and Data Innovation, Tax Controversy and Litigation, or White Collar Defense and Investigations teams.

Ashlie Beringer – Co-Chair, Privacy, Cybersecurity & Data Innovation Group, Palo Alto (+1 650-849-5327, aberinger@gibsondunn.com)

Matthew L. Biben – Co-Chair, Financial Institutions Group, New York (+1 212-351-6300, mbiben@gibsondunn.com)

Michael D. Bopp – Co-Chair, Public Policy Group, Washington, D.C. (+1 202-955-8256, mbopp@gibsondunn.com)

Stephanie L. Brooker – Co-Chair, White Collar Defense & Investigations Group, Washington, D.C.
(+1 202-887-3502, sbrooker@gibsondunn.com)

M. Kendall Day – Co-Chair, Financial Institutions Group, Washington, D.C. (+1 202-955-8220, kday@gibsondunn.com)

Michael J. Desmond – Co-Chair, Global Tax Controversy & Litigation Group, Los Angeles/ Washington, D.C. (+1 213-229-7531, mdesmond@gibsondunn.com)

Roscoe Jones, Jr. – Co-Chair, Public Policy Group, Washington, D.C.
(+1 202-887-3530, rjones@gibsondunn.com)

Thomas J. Kim – Partner, Securities Regulation and Corporate Governance Practice Group, Washington, D.C. (+1 202-887-3550, tkim@gibsondunn.com)

Arthur S. Long – Partner, Financial Institutions and Securities Regulation Practice Groups, New York (+1 212-351-2426, along@gibsondunn.com)

Eugene Scalia – Co-Chair, Administrative Law and Regulatory Group, Washington, D.C. (+1 202-955-8543, escalia@gibsondunn.com)

Jeffrey L. Steiner – Co-Chair, Global Financial Regulatory Group, Washington, D.C. (+1 202-887-3632, jsteiner@gibsondunn.com)

Helgi C. Walker – Co-Chair, Global Litigation Group, Washington, D.C. (+1 202-887-3599, hwalker@gibsondunn.com)

Chris Jones – Senior Associate, White Collar Defense & Investigations Group, San Francisco (+1 415-393-8320, crjones@gibsondunn.com)

Associate Allison Ortega also contributed to this client alert.

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Click for PDF

On February 14, 2022, the Department of Justice and U.S. Attorney’s Office for the Middle District of Florida announced they had reached a $5.5 million settlement with NCH Healthcare System (“NCH”) to resolve common law claims arising from NCH’s donations to local government entities—payments that the government alleged were used improperly to fund Florida’s share of Medicaid payments made to NCH.

NCH is a non-profit entity that operates two hospitals in Collier County, Florida. The government alleged that between October 2014 and September 2105, NCH provided free nursing and athletic training services to the Collier County School Board and paid other financial obligations on behalf of Collier County.[1] Under the government’s theory, these donations were designed to artificially increase Medicaid payments made to NCH without any corresponding expenditure of state or local funds on health care. Instead, the donations allowed the county and its local school board to avoid various expenditures, which left funds available to be paid to the State of Florida as its share of Medicaid payments owed to NCH. Under federal law, specifically 42 U.S.C. § 1396b(w)(2)(B), Florida’s share of Medicaid payments must consist of state or local government funds, and not “non-bona fide donations” from private health care providers. A non-bona fide donation triggers a corresponding federal expenditure for the federal share of Medicaid without any corresponding increase in state expenditures. This is prohibited by law to ensure that states pay their required share of Medicaid payments and are incentivized to prevent fraud, waste, and abuse in their Medicaid programs.[2]

Notably, the NCH settlement agreement released only common law claims of mistake and unjust enrichment, and the United States expressly reserved its rights to later bring claims under the False Claims Act (“FCA”) and other laws.[3] Of the $5.5 million settlement payment, just under $5 million was designated as “restitution” for tax purposes—suggesting that the parties agreed that NCH would pay a multiple of 1.1 times single damages, notwithstanding that the United States is limited to recovering single damages under common law theories.[4] By comparison, DOJ policy is to compromise False Claims Act claims for no less than double damages, with exceptions to go lower where the defendant demonstrates substantial cooperation with the government’s investigation. While it’s not necessarily the case that the narrow release in this case means that there will ultimately be subsequent FCA litigation, it does highlight that DOJ may be willing to pursue and settle cases involving potential allegations of health care fraud for less than double damages based on so-called “innocent” overpayments—albeit without an FCA release—where evidence of scienter may fail to meet the threshold for a viable FCA case.[5] Further, NCH agreed to fully cooperate with the government’s investigation of other potential defendants, including its officers and employees, and to provide the United States with all relevant non-privileged documents, including reports and interview memoranda, relating to the alleged conduct.[6]

The NCH settlement also signals that in-kind and monetary donations made to state and local entities may be at an increased risk of scrutiny by the Department of Justice. The NHS settlement comes amidst ongoing investigations and settlements involving donations made by pharmaceutical manufacturers to purportedly independent foundations and patient assistance programs, and could signal that the government might infer bad intent from a broader array of donations made by healthcare entities. Clearly, the government will not shy away from pursuing transactions under the fraud and abuse laws that it believes run afoul of regulatory requirements, even if such transactions confer public benefit. In light of these heightened risks, clients are advised to carefully scrutinize their donation practices, whether monetary or in-kind.

___________________________

[1] NCH Healthcare Settlement Agreement, Office of Pub. Affairs, U.S. Dep’t of Justice (Feb. 14, 2022) at recital B, https://www.justice.gov/opa/press-release/file/1471946/download; see also Press Release, Office of Pub. Affairs, U.S. Dep’t of Justice, Florida’s NCH Healthcare System Agrees to Pay $55 Million to Settle Common Law Allegations (Feb. 14, 2022), https://www.justice.gov/opa/pr/florida-s-nch-healthcare-system-agrees-pay-55-million-settle-common-law-allegations.

[2] The federal government provides partial funding for state Medicaid programs through Federal Financial Participation (“FFP”) funding. 42 C.F.R. § 431.958. The amount of FFP funds each state is eligible for is based on the state’s own Medicaid expenditure amount, which may only include state or local government funds. 42 U.S.C. § 1396b(a). Non-bona fide donations from private health care providers, including in-kind services, may not be included in the calculation of the state’s own Medicaid expenditures. Id. §§ 1396b(w)(1)(a), (2)(B).

[3] NCH Healthcare Settlement Agreement, supra note 1, ¶ 3.

[4] See, e.g., U.S. ex rel. Robinson-Hill v. Nurses’ Registry & Home Health Corp., No. CIV.A. 5:08-145-KKC, 2015 WL 3403054, at *4 (E.D. Ky. May 27, 2015) (“Recovery on a claim for payment by mistake is limited to that portion of the payment in excess of the actual amount owed. Lastly, recovery on a claim for unjust enrichment is limited to the amount of the benefits improperly received by the defendant. Thus, with these common law claims, the United States may recover the amounts wrongfully or erroneously paid to defendants by the Medicare program, but the Government is not entitled to recover any penalties or punitive damages.”) (internal citations omitted).

[5] See also, e.g., Drakontas LLC Settlement Agreement, U.S. Atty’s Office for the Eastern Dist. of Pa. (May 3, 2016) at III.C–D, https://www.justice.gov/usao-edpa/file/849061/download (releasing only common law breach of contract, payment by mistake, and unjust enrichment claims when DOJ alleged defendant operated a non-compliant accounting system that resulted in the U.S. making improper and excessive payments).

[6] NCH Healthcare Settlement Agreement, supra note 1, ¶ 8.

The following Gibson Dunn lawyers assisted in the preparation of this alert: Jonathan M. Phillips, Winston Y. Chan, Brendan Stewart, and Emma Strong.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any member of the firm’s False Claims Act/Qui Tam Defense, FDA and Health Care, Government Contracts, or White Collar Defense and Investigations practice groups.

Washington, D.C.
Jonathan M. Phillips – Co-Chair, False Claims Act/Qui Tam Defense Group (+1 202-887-3546, jphillips@gibsondunn.com)
F. Joseph Warin (+1 202-887-3609, fwarin@gibsondunn.com)
Joseph D. West (+1 202-955-8658, jwest@gibsondunn.com)
Robert K. Hur (+1 202-887-3674, rhur@gibsondunn.com)
Geoffrey M. Sigler (+1 202-887-3752, gsigler@gibsondunn.com)
Lindsay M. Paulin (+1 202-887-3701, lpaulin@gibsondunn.com)

San Francisco
Winston Y. Chan – Co-Chair, False Claims Act/Qui Tam Defense Group (+1 415-393-8362, wchan@gibsondunn.com)
Charles J. Stevens (+1 415-393-8391, cstevens@gibsondunn.com)

New York
Reed Brodsky (+1 212-351-5334, rbrodsky@gibsondunn.com)
Mylan Denerstein (+1 212-351-3850, mdenerstein@gibsondunn.com)
Alexander H. Southwell (+1 212-351-3981, asouthwell@gibsondunn.com)
Brendan Stewart (+1 212-351-6393, bstewart@gibsondunn.com)
Casey Kyung-Se Lee (+1 212-351-2419, clee@gibsondunn.com)

Denver
John D.W. Partridge (+1 303-298-5931, jpartridge@gibsondunn.com)
Robert C. Blume (+1 303-298-5758, rblume@gibsondunn.com)
Monica K. Loseman (+1 303-298-5784, mloseman@gibsondunn.com)
Ryan T. Bergsieker (+1 303-298-5774, rbergsieker@gibsondunn.com)
Reid Rector (+1 303-298-5923, rrector@gibsondunn.com)

Dallas
Robert C. Walters (+1 214-698-3114, rwalters@gibsondunn.com)
Andrew LeGrand (+1 214-698-3405, alegrand@gibsondunn.com)

Los Angeles
Nicola T. Hanna (+1 213-229-7269, nhanna@gibsondunn.com)
Timothy J. Hatch (+1 213-229-7368, thatch@gibsondunn.com)
Deborah L. Stein (+1 213-229-7164, dstein@gibsondunn.com)
James L. Zelenay Jr. (+1 213-229-7449, jzelenay@gibsondunn.com)

Palo Alto
Benjamin Wagner (+1 650-849-5395, bwagner@gibsondunn.com)

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Click for PDF

Antitrust enforcers in the United States and abroad, traditionally, have applied relatively lenient scrutiny to mergers between a supplier or input provider and a customer (so-called “vertical transactions”). That stereotype, however, is now squarely in question. In the last year, the Federal Trade Commission (FTC) has challenged three proposed vertical transactions – two of which have been abandoned by the parties. And just last week, the Antitrust Division of the Justice Department filed suit to block another vertical transaction. This increased enforcement, combined with the 2021 withdrawal of the Vertical Merger Guidelines,[1] signals an era of uncertainty for certain kinds of vertical transactions that, in the past, would have closed with few if any remedies. In this alert, we discuss the agencies’ recent enforcement actions and the implications for companies considering vertical transactions.

Recent Challenges to Vertical Transactions

Lockheed-Aerojet. In January 2022, the FTC challenged Lockheed’s proposed acquisition of Aerojet, a supplier of missile propulsion systems used in missiles made by Lockheed and other defense prime contractors. The FTC alleged that the merger would lessen competition by giving Lockheed control over critical components that its rival prime contractors and propulsion suppliers need to compete. The FTC further alleged that Aerojet has access to competitively sensitive information about Lockheed’s rivals and the merger would grand Lockheed access to that proprietary information.[2]

In a similar transaction involving Northrop Grumman’s proposed acquisition of Orbital ATK, only a few years earlier in 2018, the parties settled similar agency concerns with behavioral remedies, including (i) a commitment to continue selling rocket motors to rivals; and (ii) an agreement to segregate the business with a firewall.[3] Reportedly, Lockheed and Aerojet proposed a firewall here, but the proposed remedy was rejected by the FTC.[4] The parties abandoned the transaction earlier this month after the FTC had filed suit, seeking to enjoin the deal.[5]

NVIDIA-Arm. In December 2021, the FTC sued to block semiconductor chip supplier NVIDIA Corp.’s acquisition of chip designer, Arm, Ltd. The FTC alleged the transaction would provide NVIDIA control over critical Arm technology and enable the merged firm to limit production and prevent Arm from licensing innovations that conflict with NVIDIA’s business interests. The FTC further alleged the merger would provide NVIDIA with competitively sensitive information regarding Arm licensees, many of which are NVIDIA competitors.[6]

This merger complaint was the first brought under the leadership of FTC Chair Lina Khan, after a lengthy investigation, in which, the Commission cooperated with other investigating authorities, including the United Kingdom’s Competition and Markets Authority (CMA), the European Commission (EC), and China’s State Administration for Market Regulations (SAMR).

Again, the parties offered remedies – here, to spin-off Arm’s licensing business as an independent entity, albeit under NVIDIA’s ultimate control – but they did not satisfy the FTC.[7] Reportedly, the FTC sought input from third-parties before rejecting the proposal, as it typically does.[8] In the UK, NVIDIA offered remedies during the Phase I review such as (i) equal access and open licensing for Arm’s intellectual property; and (ii) safeguards for confidential information. But these commitments were insufficient to prevent a Phase II investigation.[9] The parties abandoned the transaction earlier this month.

Illumina-Grail. In March 2021, the FTC challenged Illumina’s proposed acquisition of Grail, maker of a noninvasive, early cancer detection test. Illumina is the only provider of DNA sequencing products essential to these kinds of early detection tests, according to the FTC complaint. The FTC’s complaint further alleged that the merger would enable Illumina to raise the prices of Grail’s future competitors and impede their development of products that would rival Grail’s technology.[10] The agency originally filed a motion for preliminary injunction in federal court in May 2021, but withdrew the request, citing the reduced risk of the transaction in closing considering the ongoing EC review.^{^[11]} The EC took up a review upon a recommendation from several member states.

Illumina offered 12-year supply contracts to its customers with guarantees of continued supply and no price increases.[12] The companies also offered, supposedly, “far-reaching behavioral remedies” to the EC, but the details of these remedies were not made public.[13] The EC review remains ongoing and the FTC administrative trial is seeking to enjoin the transaction recently concluded, with a decision expected in the coming months.

Key Takeaways for Parties Considering Vertical Transactions

New Theories of Alleged Harm. While economic analysis has traditionally been used to demonstrate procompetitive benefits of vertical transactions to consumers (e.g., lower costs), the agencies in these cases allege that the potential for the merged firm to disadvantage market participants outweighs any potential benefits. The focus of the agencies’ claims appears to be on harm to others’ ability to compete. According to the agencies, such harm might arise where one or both of the merging parties has a high market share in its respective market.

Bipartisan Enforcement. Each of the three FTC challenges to a vertical transaction in the last year has followed a unanimous Commission vote. This bipartisan consensus indicates that we are likely to see a continued increase in challenges to M&A activity across all administrations.

Intra-Governmental Cooperation. Competition agencies regularly cooperate with other government agencies with relevant expertise. For example, in Lockheed’s proposed vertical acquisition of Aerojet, the U.S. Department of Defense reviewed the transaction and made undisclosed recommendations to the FTC.[14] In 2018, Broadcom’s hostile takeover of Qualcomm was halted by a presidential order because the transaction raised national security concerns.[15] In connection with NVIDIA’s proposed acquisition of Arm, the UK Secretary of State for Digital, Culture, Media, and Sports (DCMS) requested a public interest intervention and directed the CMA to review the transaction for national security concerns.[16] DCMS was particularly concerned with the integral role semiconductors play in the United Kingdom’s infrastructure, especially in defense and national security.

International Investigations and Cooperation. Vertical transactions are receiving heightened scrutiny from regulatory agencies around the world, including, most notably, the U.S. antitrust agencies, EC and European Union member states, and SAMR. Further, antitrust agencies across the globe are increasing cooperation. For example, in the NVIDIA-Arm transaction, the EC indicated it is “cooperating with competition authorities around the world.”[17] It appears that this increased cooperation may lengthen the merger review period. Coordination among agencies was the suspected reason behind the unprecedented eight-month SAMR pre-filing investigation.[18] And in the Illumina-Grail transaction, the EC has exercised the ability to take referrals from member states without those member states independently having jurisdiction to review the transaction under their own merger control regimes.[19]

__________________________

[1] Fed. Trade Comm’n, Statement of Chair Lina M. Khan, Commissioner Rohit Chopra, and Commissioner Rebecca Kelly Slaughter on the Withdrawal of the Vertical Merger Guidelines Commission File No. P810034 (Sept. 15, 2021), here.

[2] Compl. [Redacted-Public Version], In the Matter of Lockheed Martin Corp. and Aerojet Rocketdyne Holdings, Inc., Docket No. 9405 (Feb. 14, 2022), https://www.ftc.gov/system/files/documents/cases/d09405_-_assignment_of_joint_motion_to_dismiss_complaint_-_public_1.pdf, ¶¶ 12–15.

[3] Curtis Eichelberger, Confluence of government actors likely to place Lockheed, Aerojet merger under greater US scrutiny (Aug. 2, 2021), https://mlexmarketinsight.com/news-hub/editors-picks/area-of-expertise/antitrust/confluence-of-government-actors-likely-to-place-lockheed-aerojet-merger-under-greater-us-scrutiny.

[4] Lockheed Martin, Lockheed Martin Reports Fourth Quarter And Full Year 2021 Financial Results (Jan. 25, 2022), https://news.lockheedmartin.com/2022-01-25-Lockheed-Martin-Reports-Fourth-Quarter-and-Full-Year-2021-Financial-Results; Aerojet Rocketdyne, Aerojet Rocketdyne Holdings, Inc. Announces Update on Proposed Merger Transaction with Lockheed Martin (Jan. 25, 2022), https://www.rocket.com/article/aerojet-rocketdyne-holdings-inc-announces-update-proposed-merger-transaction-lockheed-martin.

[5] Aerospace, Lockheed Martin Cancels Aerojet Rocketdyne Merger After Antitrust Pressure (Feb. 14, 2022), https://dot.la/lockheed-martin-cancels-aerojet-rocketdyne-2656663782.html; see Fed. Trade Comm’n, Statement Regarding Termination of Lockheed Martin Corporation’s Attempted Acquisition of Aerojet Rocketdyne Holdings Inc. (Feb. 15, 2022), https://www.ftc.gov/news-events/press-releases/2022/02/statement-regarding-termination-lockheed-martin-corporations.

[6] Compl. [Redacted-Public Version], In the Matter of Nvidia Corp. SoftBank Group Corp., and Arm, Ltd., Dkt No. 9404 (Dec. 2, 2021), here, ¶¶ 7–12 .

[7] Flavia Fortes, Curtis Eichelberger and Austin Peay, Nvidia-Arm deal blocked by US FTC, remedies didn’t address concerns (Dec. 2, 2021), https://content.mlex.com/#/content/1341929.

[8] Id.

[9] Competition Markets and Authority, Digital Secretary asks CMA to carry out further investigation into NVIDIA’s takeover of Arm (Nov. 16, 2021), https://www.gov.uk/government/news/digital-secretary-asks-cma-to-carry-out-further-investigation-into-nvidias-takeover-of-arm.

[10] Compl. [Redacted-Public Version], In the Matter of Illumina Inc. and Grail Inc., Docket No. 9401 (March 13, 2021), here, ¶¶ 1, 11–14.

[11] Curtis Eichelberger and Austin Peay, Illumina closes Grail deal while EC continues review, US FTC trial starts Aug. 24 (Aug. 18, 2021), https://content.mlex.com/#/content/1317564.

[12] MLex, Illumina offers contract to customers for 12-year supply with guarantees of continued supply, no price increases (April 1, 2021), here; Curtis Eichelberger and Nicholas Hirst, Illumina, Grail fix for merger’s anticompetitive harms adopted by five companies (Nov. 2, 2021), https://content.mlex.com/#/content/1334057.

[13] Natalie McNellis, Illumina makes EU remedy offer for Grail acquisition; deadline extended to March 25 (Jan. 28, 2022), https://content.mlex.com/#/content/1354851.

[14] U.S. Dep’t of Defense, DoD Statement on Proposed Lockheed Martin and Aerojet Rocketdyne Merger (Jan. 25, 2022), https://www.defense.gov/News/Releases/Release/Article/2910941/dod-statement-on-proposed-lockheed-martin-and-aerojet-rocketdyne-merger/.

[15] Federal Register, Regarding the Proposed Takeover of Qualcomm Incorporated by Broadcom Limited (March 12, 2019), https://www.federalregister.gov/documents/2018/03/15/2018-05479/regarding-the-proposed-takeover-of-qualcomm-incorporated-by-broadcom-limited.

[16] Competition and Markets Authority, Proposed acquisition of ARM Limited by NVIDIA Corporation: public interest intervention (April 19, 2021), https://www.gov.uk/government/publications/proposed-acquisition-of-arm-limited-by-nvidia-corporation-public-interest-intervention.

[17] European Commission, Mergers: Commission opens in-depth investigation into proposed acquisition of Arm by NVIDIA (Oct. 27, 2021), https://ec.europa.eu/commission/presscorner/detail/pt/ip_21_5624.

[18] MLex Staff, Nvidia-Arm merger review clock officially begins in China (Jan. 25, 2022), https://content.mlex.com/#/content/1353624?referrer=content_seehereview.

[19] European Commission Press Corner, Mergers: Commission starts investigation for possible breach of the standstill obligation in Illumina / GRAIL transaction (Aug. 20, 2021), https://ec.europa.eu/commission/presscorner/detail/en/ip_21_4322.

The following Gibson Dunn lawyers prepared this client alert: Adam Di Vincenzo, Kirsten Limarzi, Rachel Brass, Stephen Weissman, Chris Wilson, and Jacqueline Sesia.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please feel free to contact the Gibson Dunn attorney with whom you usually work in the firm’s Antitrust and Competition Practice Group, or the following:

Adam Di Vincenzo – Washington, D.C. (+1 202-887-3704, adivincenzo@gibsondunn.com)

Kristen C. Limarzi – Washington, D.C. (+1 202-887-3518, klimarzi@gibsondunn.com)

Chris Wilson – Washington, D.C. (+1 202-955-8520, cwilson@gibsondunn.com)

Rachel S. Brass – Co-Chair, Antitrust & Competition Group, San Francisco
(+1 415-393-8293, rbrass@gibsondunn.com)

Stephen Weissman – Co-Chair, Antitrust & Competition Group, Washington, D.C.
(+1 202-955-8678, sweissman@gibsondunn.com)

Ali Nikpay – Co-Chair, Antitrust & Competition Group, London (+44 (0) 20 7071 4273, anikpay@gibsondunn.com)

Christian Riis-Madsen Co-Chair, Antitrust & Competition Group, Brussels (+32 2 554 72 05, criis@gibsondunn.com)

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Click for PDF

The United States has now imposed additional new sanctions and sweeping export controls that not only target key pillars of the economies of Russia and Belarus but will also have significant collateral effects across a wide range of other sectors in Russia. These latest measures follow an initial tranche of sanctions announced on February 21 and 22, 2022, which we discussed in depth in our alert from last week. Following the surge of Russian troops into Ukraine in an invasion that the White House condemned as “an unprovoked and unjustified attack,” the new measures are significant in size and scope and range across targeting Russia’s largest financial institutions, restricting access to U.S. capital markets, restricting access to technology, and even designating President Vladimir Putin personally for blocking sanctions. Cumulatively, sanctions and export controls announced over the past week represent U.S. efforts to exert “unprecedented diplomatic and economic costs on Russia.” We enter the upcoming week with potentially more of these efforts in store—including the removal of select Russian banks from the Society for Worldwide Interbank Financial Telecommunication (“SWIFT”) messaging system, as announced on February 26, 2022.

Sanctions on the Russian Economy

The new round of U.S. sanctions announced on February 24, 2022 includes “significant and unprecedented” action to impose a severe economic toll on the Russian economy, including measures that target almost 80 percent of all banking assets in Russia. The sanctions specifically target Russia’s two largest banks and also impose restrictions related to new debt and equity in more than a dozen Russian state-owned enterprises and large privately-owned financial institutions. Combined with the measures announced earlier in the week, these measures are designed to cut off large portions of the Russian economy from access to the U.S. financial system, crimping the ability of major Russian enterprises both to engage in dollar-denominated trade and to raise new capital.

Full Blocking Sanctions on VTB Bank and Other Financial Institutions

Pursuant to Executive Order (“E.O.”) 14024, the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) has enacted blocking sanctions on state-owned VTB Bank (“VTB”), Russia’s second-largest financial institution and the holder of almost 20 percent of Russia’s banking assets. As a result of this action, all of the bank’s property and interests in property that come within U.S. jurisdiction are frozen and, except as authorized by OFAC, U.S. persons are generally prohibited from engaging in transactions involving VTB. By operation of OFAC’s Fifty Percent Rule, similar restrictions apply to any entities that are owned, directly or indirectly, 50 percent or more by one or more blocked persons, including VTB. Notably, VTB is among the largest financial institutions that the United States has ever targeted with blocking sanctions.

In addition to VTB, the United States concurrently imposed blocking sanctions on Otkritie, Sovcombank, Novikombank, and dozens of their majority-owned subsidiaries.

Correspondent and Payable-Through Account Sanctions on Sberbank

In a further measure targeted at Russia’s financial sector, OFAC imposed correspondent and payable-through account (“CAPTA”) sanctions through new Directive 2 under E.O. 14024 on Sberbank, the largest financial institution in Russia and the main creditor of Russia’s economy. Although stopping short of full blocking sanctions like those imposed on VTB Bank—presumably on account of Sberbank’s sheer size and centrality to the Russian economy—effective as of March 26, 2022, U.S. financial institutions will be prohibited from opening or maintaining a correspondent or payable-through account for or on behalf of, or processing a transaction involving, Sberbank or any of its majority-owned subsidiaries. The practical effect of this measure is that Russia’s largest bank has been cut off from the U.S. financial system and U.S. dollar-denominated trade. The foreign financial institutions that are subject to CAPTA sanctions are identified on OFAC’s List of Foreign Financial Institutions Subject to CAPTA (“CAPTA List“).

Restrictions on New Debt and Equity

OFAC also issued Directive 3 under E.O. 14024 to place new debt and equity restrictions on 13 major Russian state-owned enterprises and financial institutions. Together, the targeted firms hold assets of nearly $1.4 trillion and will now be restricted from raising money in the U.S. capital market. In particular, these restrictions—which are broadly similar to the sectoral sanctions imposed on certain Russian enterprises in the wake of the Kremlin’s 2014 annexation of Crimea—prohibit transactions by U.S. persons or dealings within the United States involving new debt of longer than 14 days maturity and new equity issued by the following entities: Sberbank, AlfaBank, Credit Bank of Moscow, Gazprombank, Russian Agricultural Bank, Gazprom, Gazprom Neft, Transneft, Rostelecom, RusHydro, Alrosa, Sovcomflot, and Russian Railways. From a policy perspective, these measures are designed to severely limit Russia’s ability to raise new capital for its military activities in Ukraine.

Crucially, like existing sectoral sanctions on Russia, both of the new Directives announced by OFAC (Directives 2 and 3) are narrow in scope as both expressly provide that, absent some other prohibition, all other lawful U.S. nexus activities involving the targeted entities are permitted.

General Licenses

Concurrent with these sanctions, OFAC issued eight general licenses applicable under the Russian Harmful Foreign Activities Sanctions Program:

General License 5, “Official Business of Certain International Organizations and Entities,” authorizes transactions for the conduct of the official business of certain international organizations and entities.

General License 6, “Transactions Related to the Exportation or Reexportation of Agricultural Commodities, Medicine, Medical Devices, Replacement Parts and Components, or Software Updates, or the Coronavirus Disease 2019 (COVID-19) Pandemic,” authorizes certain transactions ordinarily incident and necessary to humanitarian trade in agricultural commodities, medicine, and medical devices.

General License 7, “Authorizing Overflight Payments, Emergency Landings, and Air Ambulance Services,” authorizes payment of charges for services rendered in connection with overflights of Russia or emergency landings in the Russia by aircraft registered in the United States or owned or controlled by U.S. persons.

General License 8, “Authorizing Transactions Related to Energy,” authorizes, until June 24, 2022, certain transactions related to energy involving five named Russian entities and their subsidiaries. Transactions “related to energy” is specifically defined to mean “the extraction, production, refinement, liquefaction, gasification, regasification, conversion, enrichment, fabrication, transport, or purchase of petroleum, including crude oil, lease condensates, unfinished oils, natural gas liquids, petroleum products, natural gas, or other products capable of producing energy, such as coal, wood, or agricultural products used to manufacture biofuels, or uranium in any form, as well as the development, production, generation, transmission, or exchange of power, through any means, including nuclear, thermal, and renewable energy sources.”

General License 9, “Authorizing Transactions Related to Dealings in Certain Debt or Equity,” authorizes, until May 25, 2022, dealings in debt or equity of five named Russian entities and their subsidiaries issued prior to February 24, 2022. Any divestment or transfer of debt or equity relying on this authority must be made to a non-U.S. person.

General License 10, “Authorizing Certain Transactions Related to Derivative Contracts,” authorizes, until May 25, 2022, the winding down of derivative contracts entered into with five named Russian entities and their subsidiaries prior to February 24, 2022. Any payments to a blocked person must be made into a blocked account.

General License 11, “Authorizing the Wind Down of Transactions Involving Certain Blocked Persons,” authorizes, until March 26, 2022, transactions ordinarily incident and necessary to the wind down of transactions involving Otkritie, Sovcombank, VTB, or any entity in which one of those persons owns a 50 percent or greater interest.

General License 12, “Authorizing U.S. Persons to Reject Certain Transactions,” authorizes, until March 26, 2022, U.S. persons to reject (rather than block) all transactions prohibited by E.O. 14024 involving certain blocked persons that are not authorized. Persons relying on this general license should review the implications for their rejected transaction reporting obligations to OFAC.

Sanctions on President Putin and Russian Elites

Following a meeting with NATO and other allies on Friday, February 25, 2022, OFAC designated Russian President Vladimir Putin, Minister of Foreign Affairs Sergei Lavrov, Minister of Defense Sergei Shoigu, and Chief of the General Staff Valery Gerasimov to the Specially Designated Nationals and Blocked Persons (“SDN”) List pursuant to E.O. 14024. With this designation, President Putin joins the “exceedingly rare” company—including North Korea’s Chairman Kim Jong Un, Syria’s President Bashar al-Assad, and Belarus’s President Alyaksandr Lukashenka—of sitting heads of states personally targeted by U.S. sanctions.

The announcement of sanctions against President Putin as an individual comes one day after OFAC also designated several members of the Russian elite—also called “enablers” of the President by OFAC—to the SDN List pursuant to E.O. 14024. Notably, OFAC designated Sergei Ivanov, Andrey Patrushev, and Ivan Sechin, all of whom are adult children of close Putin associates who had themselves either been previously designated or who were re-designated in connection with this latest round of sanctions. Additionally, OFAC designated several senior executives at state owned banks. In listing out the key Russian elites that have so far been designated, OFAC warned that it “will designate more in the future if Russia’s unprovoked campaign against Ukraine does not immediately conclude.”

Sanctions on Nord Stream 2 Pipeline

On February 23, 2022, OFAC designated to the SDN List Nord Stream 2 AG, the Swiss company in charge of an eponymous gas pipeline project that Germany halted the day before, as well as its chief executive officer. These designations were made under the authority provided by the Protecting Europe’s Energy Security Act of 2019, which the Biden administration had previously waived exercising in May 2021. In announcing this significant policy shift, President Biden applauded Germany for halting the certification of the pipeline project and noted that the two countries “closely coordinated our efforts to stop the Nord Stream 2 pipeline.” OFAC accompanied this designation with General License 4 that provides a short, one-week wind-down period that expires on March 2, 2022.

Sanctions on Belarusian Financial Institutions and Defense Sector

After Russian troops positioned in Belarus launched an invasion in Ukraine on February 24, 2022, OFAC responded that same day by imposing sanctions not just on Russia but also on 24 Belarusian entities and individuals. Compared to the sanctions imposed on Russia, these Belarus-focused sanctions remain highly targeted. However, designations of Belarusian entities and individuals indicate Treasury’s serious approach to any country that supports or facilitates Russia’s invasion of Ukraine. The sanctions issued on February 24, 2022 focus primarily on two sectors of the Belarusian economy: financial institutions and the defense sector.

Belarusian Financial Institutions

Pursuant to Executive Order 14038, OFAC designated the state-owned Bank Dabrabyt and Belarussian Bank of Development and Reconstruction Belinvestbank (“Belinvestbank”), along with two of Belinvestbank’s subsidiaries. E.O. 14038, issued in August 2021, authorizes blocking sanctions against persons determined by the U.S. Secretary of the Treasury, in consultation with the U.S. Secretary of State, “to be owned or controlled by, or to have acted or purported to act for or on behalf of, directly or indirectly, the Government of Belarus.” E.O. 14038 has previously been used to implement sanctions targeting “the degradation of democracy in Belarus” under the Lukashenka regime.

U.S. sanctions on certain Russian financial institutions (discussed above) are already expected to have a significant impact on the Belarusian economy. U.S. Secretary of the Treasury Janet Yellen commented that, “due to the interconnectedness between the two countries, the actions Treasury took against Russia [on Thursday, February 24, 2022] will also impose severe economic pain on the Lukashenka regime.” When combined with the designation of the two Belarusian banks, these sanctions targeted nearly 20 percent of Belarus’s entire financial sector.

Belarusian Defense Sector

OFAC also targeted Russia’s reliance on the Belarusian defense and related materiel sector by designating ten defense industry entities, as well as executives of some of those entities, pursuant to E.O. 14038. These designations build on OFAC’s December 2021 designation of five Belarusian defense firms “in response to the Lukashenka regime’s blatant disregard for international norms and the wellbeing of its own citizens.”

In addition to these entities, OFAC added two senior officials of the Belarusian government’s security apparatus—Belarusian Minister of Defense Viktor Khrenin and State Secretary of the Security Council of Belarus Aleksandr Volfovich—to the SDN List.

Belarusian Elites

Beyond targeting financial institutions and the defense sector, OFAC continues to target Belarusian elites who support the Lukashenka regime’s erosion of democracy in Belarus. The February 24, 2022 sanctions also included the designation of Aliaksandr Zaitsau and his company OOO Sokhra, which engages in gold mining and the promotion of Belarusian industrial products in Africa and the Middle East. According to OFAC, Zaitsau continues to maintain close ties to the Lukashenka family.

Concurrent with these designations of Belarusian entities and individuals, OFAC issued two general licenses related to the Belarus Sanctions Program:

General License 6, “Official Business of the United States Government,” authorizes all otherwise prohibited transactions for the conduct of the U.S. Government’s official business.

General License 7, “Official Business of Certain International Organizations and Entities,” authorizes transactions for the conduct of the official business of certain international organizations and entities.

Expansion of Export Controls Targeting Russia

The U.S. Department of Commerce’s Bureau of Industry and Security (“BIS”) on February 24, 2022 simultaneously issued a Final Rule on the Implementation of Sanctions Against Russia Under the Export Administration Regulations (“EAR”). The Final Rule uses several policy tools, each described below, to create a dramatic expansion of restrictions on exports, reexports, and in-country transfers to Russia.

Importantly, in a notable gesture of multilateral coordination, BIS incorporated several exclusions for “partner countries” in the restrictions. “Partner countries” refer to those countries that are adopting or have expressed intent to adopt substantially similar export controls measures to those the United States has adopted, and can be found in a list provided in Supplement No. 3 to Part 746 of the EAR. Currently, “partner countries” include the European Union member states, Australia, Canada, Japan, New Zealand, and the United Kingdom.

Expansion of Item-Based Licensing Requirements

The Final Rule imposes additional license requirements for export, reexport, and in-country transfer to Russia of all items with Export Control Classification Numbers (“ECCNs”) in Categories 3–9 of the Commerce Control List (“CCL”)—which include, among others, dual-use items used in electronics design, development and production, computers, telecommunications, manufacturing, aerospace, navigation, and marine applications. The new license requirements impact items described under 58 separate ECCNs that were not previously controlled for export to Russia, and BIS will review all such license applications with a presumption of denial unless the planned exports are in support of a short list of end uses, such as safety of flight. The expansion of items controlled for export to Russia also means that foreign-made items that incorporate U.S.-controlled content that were not previously subject to U.S. export control licensing requirements will now be subject to those requirements when destined for Russia, unless they are being exported from countries that are adopting export controls similar to those the United States has now adopted. As a result, companies exporting from many countries may now need to reassess whether their products have become subject to BIS licensing requirements due to these changes.

Additionally, in line with earlier sanctions announced on February 21, 2022, there are new license requirements that impose an effective trade embargo on all exports, reexports, and in-country transfers to the separatist regions of Ukraine—the so-called Donetsk People’s Republic (“DNR”) and Luhansk People’s Republic (“LNR”). The license requirements are applicable for all items subject to the EAR, other than food and medicine designated as EAR99 and certain EAR99 or ECCN 5D992.c software for Internet-based communications.

These changes went into effect on February 24, 2022.

Extension of Export Licensing Requirements to New Products Produced Using Controlled Software and Technology

The United States has long controlled certain foreign-made products that were produced directly from certain national security-controlled U.S. software and technology or from plants or components of plants that were produced from this software and technology. Because these controls, called Foreign Direct Product (“FDP”) rules, hinge on the use of controlled software and technology, they effectively extend U.S. export controls to products made outside of the United States that do not otherwise incorporate U.S. content. Under this rule, U.S. export controls could be applied not only to chips that incorporate U.S.-origin processors, but also to any chips that are manufactured using certain U.S. equipment.

In 2020, seeking a new way to restrict supply chains to Huawei affiliates designated on BIS’s Entity List, BIS created a new FDP rule to reach semiconductors, computers, and telecommunication items that were directly produced using U.S.-origin software, technology, plants, or major components of plants that were destined for supply chains that involved Huawei in almost any role. BIS defined the concept of “direct product” in an especially broad way to include not only any item that incorporates any part, component, or equipment produced using the defined items, but also to capture any item used in their production. Thus, even products that were merely tested using the controlled equipment would now require export licensing when Huawei-affiliated entities designated on BIS’s Entity List were involved. The few short regulatory provisions and footnotes that described this new rule sent trade compliance specialists scrambling, even within suppliers many tiers removed from Huawei, to determine whether the software, technology, or equipment they were using to make their products was export-controlled in ways that made their products suddenly subject to new U.S. export licensing requirements.

In the Final Rule announced on February 24, 2022, BIS has now created two new FDP rules that will impact not just a single company in Russia, but a broad swath of both low- and high-technology sectors in the Russian economy. The first is an FDP rule that applies to all exports, reexports, and in-country transfers ultimately destined for Russia (the “Russia FDP Rule”), and the second is an FDP rule that applies to all exports, reexports, and in-country transfers ultimately destined for Russian military end users (the “Russia MEU FDP Rule”). We compare these rules side-by-side in the below table.

Russia FDP Rule

Russia MEU FDP Rule

Export of foreign-produced item would require a license if it is:

Produced with certain U.S.-origin software or technology subject to the EAR (i.e., software or technology classified in CCL categories 3 through 9) or by certain plants or major components that are themselves the direct product of certain U.S.-origin software or technology subject to the EAR (again, software or technology classified in CCL categories 3 through 9);

AND

Ultimately destined to Russia or will be incorporated into or used in the production or development of any part, component, or equipment produced in or destined to Russia.

Export of foreign-produced item would require a license if it is:

Produced with any software or technology subject to the EAR that is on the CCL or by certain plants or major components that are themselves the direct product of any U.S.-origin software or technology on the CCL;

AND

Involves an entity with a “footnote 3 designation” on the Entity List as a party to the transaction, or there is knowledge that the item will be incorporated into or used in the production or development of any part, component, or equipment produced, purchased, or ordered by any entity with a “footnote 3 designation” on the Entity List.

Does not apply to foreign-produced items that would be designated as EAR99 (items not listed on the CCL), which includes many consumer items used by the Russian people.

Applies to all foreign-produced items, including those designated EAR99, with limited exceptions.

For the Russia MEU FDP Rule, the “footnote 3 designation” means that an entity will have, under the “license requirement” note on its Entity List designation, a citation that says “See § 734.9(g).³” Along with the creation of the Russia MEU FDP Rule, BIS immediately assigned the “footnote 3 designation” to nearly 50 entities, which means that a license is required to export, reexport, or transfer all FDP items to these entities and that license applications will be reviewed under a policy of denial. Forty-five of these entities, including the Ministry of Defence of the Russian Federation, were previously on the Commerce Department’s Military End User (“MEU”) List, but have now been moved to the Entity List, thus subjecting them to broader restrictions. Two new entities—the International Center for Quantum Optics and Quantum Technologies LLC, and SP Kvant—were newly added to the Entity List with footnote 3 designations.

Currently, all partner countries are fully excluded from the scope of both new FDP rules. This means that items produced in the partner countries would not be subject to the FDP rules’ licensing requirements.

Although BIS has given exporters until March 26, 2022 to comply with the new FDP rules, we expect that it will take many companies much longer to assess whether the items they are making are now subject to either of the two new Russia-specific FDP rules. Especially given the breadth of the Russia MEU FDP Rule, we expect that many companies outside of Russia will simply cease all supply to designated and potential military end users in Russia.

Expansion of Military End Use and Military End User Controls

The Final Rule also expands the existing Russia ‘military end use’ and ‘military end user’ controls to all items subject to the EAR, with limited exceptions. Previously, the ‘military end use’ and ‘military end user’ controls had applied only to a subset of items identified in Supplement No. 2 to Part 744 of the EAR. Now, these controls apply broadly, with limited exceptions for food and medicine designated as EAR99 and items classified as ECCN 5A992.c or 5D992.c, so long as they are not for Russian “government end users” or Russian state-owned enterprises.

License Review Policy and License Exceptions

License requests under these new requirements will be reviewed with a policy of denial with limited exceptions. Exceptions to the license review policy, which are specific to an ECCN’s reasons for control and would be reviewed on a case-by-case basis, are for applications related to safety of flight, maritime safety, humanitarian needs, government space cooperation, civil telecommunications infrastructure, government-to-government activities, and to support limited operations of partner country companies in Russia.

There may be certain license exceptions that apply to the exports, reexports, and in-country transfers to Russia, but many of these license exceptions are only available under limited circumstances. For example:

License exception TMP (Temporary Imports, Exports, Reexports, and Transfers in Country) is available for items for use by the news media.

License exception TSU (Technology and Software Unrestricted) is available for software updates to civil end users that are subsidiaries of, or joint ventures with, companies headquartered in the United States or partner countries.

License exception ENC (Encryption Commodities, Software, and Technology) is available for encryption items, but not if they are destined for Russian government end users and Russian state-owned enterprises.

License exception CCD (Consumer Communication Devices) is available for certain consumer communication devices, but not if they are destined for government end users or certain individuals associated with the government.

As a result, persons relying on these license exceptions would need to conduct due diligence on the end users to ensure that they are complying with the precise scope of the license exceptions.

No case-by-case license application review or license exceptions are available for items subject to licensing requirements under the Russia MEU FDP Rule.

Next Steps

On February 26, 2022, the White House, together with the European Commission, France, Germany, Italy, the United Kingdom, and Canada, issued a joint statement announcing their commitment to impose further sanctions in response to “Putin’s war of choice,” including the removal of select Russian banks from the SWIFT network, the principal messaging system for global financial institutions to send and receive transaction-related information. In response to concerns that Russia has built up its foreign reserves to withstand the blow of Western sanctions, the countries also committed to preventing the Russian Central Bank from deploying its international reserves in ways that undermine the impact of sanctions. Japan signed on the joint statement during its day on February 27, 2022, completing the entire G7’s support for these upcoming measures.

A constant subject of policy discussions since the 2014 annexation of Crimea, removal of Russian banks from SWIFT did not seem to be gathering global support until just days ago. The joint statement represents both a seismic shift in policy and an impressive example of multilateral coordination, and the countries will be launching a joint task force that would carry on the spirit of coordinated sanctions implementation by identifying and freezing assets of sanctioned persons. However, details of how to achieve the selective SWIFT removal or Central Bank restrictions are yet to be finalized, and we will be following closely for more announcements.

The next steps are now dependent on Russia’s next moves. In a matter of just one week, the U.S. Government has issued a new Executive Order, several directives, designations, and general licenses under three different sanctions programs, as well as new export controls regulations. These measures were an outcome of significant multilateral coordination, by what President Biden called “a coalition of partners representing well more than half of the global economy.” As Russia continues its military incursion further into Ukraine, more Western sanctions are on the horizon. Russia, in turn, will begin considering its counteractions to respond to Western financial pressure. Following the Western sanctions in 2014, Russia responded with restrictions on agricultural imports and gas flows to Europe—this time, more could be in store, including the criminalization of compliance with foreign sanctions. As industry strives to understand these wide-ranging and complex new sanctions and export controls, we are likely to see more guidance from the U.S. Government to help foreign investors and multinational companies navigate the changing—and challenging—regulatory landscape.

The following Gibson Dunn lawyers assisted in preparing this client update: Claire Yi, Scott R. Toussaint, Lindsay Bernsen Wardlaw, Jacob A. McGee, Sean J. Brennan, Judith Alison Lee, Adam M. Smith, and Christopher Timura.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding the above developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following leaders and members of the firm’s International Trade practice group:

United States:
Judith Alison Lee – Co-Chair, International Trade Practice, Washington, D.C. (+1 202-887-3591, jalee@gibsondunn.com)
Ronald Kirk – Co-Chair, International Trade Practice, Dallas (+1 214-698-3295, rkirk@gibsondunn.com)
David P. Burns – Washington, D.C. (+1 202-887-3786, dburns@gibsondunn.com)
Nicola T. Hanna – Los Angeles (+1 213-229-7269, nhanna@gibsondunn.com)
Marcellus A. McRae – Los Angeles (+1 213-229-7675, mmcrae@gibsondunn.com)
Adam M. Smith – Washington, D.C. (+1 202-887-3547, asmith@gibsondunn.com)
Christopher T. Timura – Washington, D.C. (+1 202-887-3690, ctimura@gibsondunn.com)
Courtney M. Brown – Washington, D.C. (+1 202-955-8685, cmbrown@gibsondunn.com)
Laura R. Cole – Washington, D.C. (+1 202-887-3787, lcole@gibsondunn.com)
Chris R. Mullen – Washington, D.C. (+1 202-955-8250, cmullen@gibsondunn.com)
Samantha Sewall – Washington, D.C. (+1 202-887-3509, ssewall@gibsondunn.com)
Audi K. Syarief – Washington, D.C. (+1 202-955-8266, asyarief@gibsondunn.com)
Scott R. Toussaint – Washington, D.C. (+1 202-887-3588, stoussaint@gibsondunn.com)
Shuo (Josh) Zhang – Washington, D.C. (+1 202-955-8270, szhang@gibsondunn.com)

Asia:
Kelly Austin – Hong Kong (+852 2214 3788, kaustin@gibsondunn.com)
David A. Wolber – Hong Kong (+852 2214 3764, dwolber@gibsondunn.com)
Fang Xue – Beijing (+86 10 6502 8687, fxue@gibsondunn.com)
Qi Yue – Beijing – (+86 10 6502 8534, qyue@gibsondunn.com)

Europe:
Attila Borsos – Brussels (+32 2 554 72 10, aborsos@gibsondunn.com)
Nicolas Autet – Paris (+33 1 56 43 13 00, nautet@gibsondunn.com)
Susy Bullock – London (+44 (0) 20 7071 4283, sbullock@gibsondunn.com)
Patrick Doris – London (+44 (0) 207 071 4276, pdoris@gibsondunn.com)
Sacha Harber-Kelly – London (+44 (0) 20 7071 4205, sharber-kelly@gibsondunn.com)
Penny Madden – London (+44 (0) 20 7071 4226, pmadden@gibsondunn.com)
Matt Aleksic – London (+44 (0) 20 7071 4042, maleksic@gibsondunn.com)
Benno Schwarz – Munich (+49 89 189 33 110, bschwarz@gibsondunn.com)
Michael Walther – Munich (+49 89 189 33 180, mwalther@gibsondunn.com)
Richard W. Roeder – Munich (+49 89 189 33 115, rroeder@gibsondunn.com)

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Click for PDF

Decided February 24, 2022

Unicolors, Inc. v. H&M Hennes & Mauritz, LP., No. 20-915

Today, the Supreme Court held 6-3 that a copyright holder can file a copyright infringement suit even if its copyright registration application included inaccurate information that was the result of an innocent mistake of fact or law.

Background:

A copyright holder cannot bring an infringement suit unless it holds a valid copyright registration certificate. A certificate is valid even if it contains inaccurate information, unless the inaccuracy “was included on the application for copyright registration with knowledge that it was inaccurate” and, “if known, would have caused the Register of Copyrights to refuse registration.” 17 U.S.C. § 411(b). After Unicolors sued H&M for copyright infringement, H&M argued that Unicolors’ copyright registration certificate was invalid because Unicolors had knowingly included inaccurate information in its application by applying to register multiple works in a single application even though it had made those works separately available to clients and the public.

The district court ruled that a certificate is invalid under § 411(b) only if the applicant intended to defraud the Copyright Office, and Unicolors’ mistake of law did not evidence an intent to defraud. The Ninth Circuit reversed, holding that § 411(b) does not contain an intent-to-defraud requirement, and that Unicolors’ application contained factual information Unicolors knew was inaccurate. It was irrelevant, in the Ninth Circuit’s view, whether the inaccuracy was the result of Unicolors’ inadvertent misunderstanding of a principle of copyright law.

Issue:

Whether 17 U.S.C. § 411(b)’s “knowledge” requirement excuses inadvertent mistakes of fact or law.

Court’s Holding:

Yes. The “knowledge” element in § 411(b) requires a showing that the copyright registration applicant actually knew that the inaccurate information in its application was inaccurate, and excuses inaccuracies that were the result of an innocent mistake of fact or law.

“Lack of knowledge of either fact or law can excuse an inaccuracy in a copyright registration.”

Justice Breyer, writing for the Court

What It Means:

The Court’s decision means that copyright holders can defend inaccuracies in registration certificates on the ground that they were the product of an innocent mistake of either fact or law. The Court’s ruling could provide additional protection for copyright registrants such as novelists, poets, and painters who may be unfamiliar with the complexities of the Copyright Act or who in good faith reach incorrect conclusions about what the law requires.
Although copyright holders can file new registration applications to fix innocent inaccuracies, copyright claims have a three-year statute of limitations, and statutory damages and attorneys’ fees are available only for infringements that occur after a valid registration is in place. Today’s ruling potentially expands the scope of cases involving inaccurate copyright registrations.
The Court emphasized that willful blindness to an inaccuracy may constitute actual knowledge under § 411(b), and that circumstantial evidence—such as the significance of the error, the complexity of the relevant rule, and the applicant’s experience with copyright law—could influence whether the applicant was actually aware of, or willfully blind to, the inaccuracy.

The Court’s opinion is available here.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding developments at the Supreme Court. Please feel free to contact the following practice leaders:

Appellate and Constitutional Law Practice

Allyson N. Ho +1 214.698.3233 aho@gibsondunn.com	Mark A. Perry +1 202.887.3667 mperry@gibsondunn.com	Lucas C. Townsend +1 202.887.3731 ltownsend@gibsondunn.com
Bradley J. Hamburger +1 213.229.7658 bhamburger@gibsondunn.com

Related Practice: Intellectual Property

Howard S. Hogan +1 202.887.3640 hhogan@gibsondunn.com	Kate Dominguez +1 212.351.2338 kdominguez@gibsondunn.com	Y. Ernest Hsin +1 415.393.8224 ehsin@gibsondunn.com
Josh Krevitt +1 212.351.4000 jkrevitt@gibsondunn.com	Jane M. Love, Ph.D. +1 212.351.3922 jlove@gibsondunn.com	Ilissa Samplin +1 213.229.7354 isamplin@gibsondunn.com