Month: February 2016

What is CFIUS?

Comes now, the news that Tsinghua, a Chinese tech company, has abandoned its $3.8 billion plan to become the largest shareholder in the U.S. data storage group, Western Digital.[1] Two months into 2016, this marks already the second time this year that a planned Chinese investment in a tech company has collapsed.[2]  In both cases, the precipitant has been the threat of action by the Committee on Foreign Investment in the United States (CFIUS).[3]

CFIUS, created by an Executive Order issued by President Ford in 1975, operates, according to a legislative report, “in relative obscurity.”[4]  Yet it is charged with a vital purpose:  to review transactions that might confer control of an existing company by a foreign interest – purportedly, to determine the prospective effect of such deals “on the national security of the United States.”[5] CFIUS was initially established in response to concern about increasing investment in American portfolio assets (Treasury securities, corporate stocks and bonds) by the Organization of Petroleum Exporting Countries (OPEC) countries.[6]

Chaired by a representative of the US Treasury and based in that Department, CFIUS is composed entirely of delegates selected from the Executive Branch.[7] It operates within the military-corporate nexus. The U.S. Department of Treasury states that “if CFIUS finds that a covered transaction presents national security risks and that other provisions of law do not provide adequate authority to address the risks, then CFIUS may enter into an agreement with, or impose conditions on, parties to mitigate such risks or may refer the case to the President for action.”[8] The mere threat of a CFIUS review often has been sufficient to put an end to an intended investment.

Which are the criteria that CFIUS relies upon to render its determinations?  What sorts of documentation does it deem to be dispositive? Does it adhere to due process procedures and norms of democratic accountability?  What conception of “security” does it follow? [9]   Why, in short, does CFIUS exist?  In the absence of answers to these basic questions, we are forced to rely on accessible documentation.

CFIUS is obligated to report to Congress annually.  However, full discussion of its activities remains secret:  only redacted versions are available to the public, and these are substantially belated.  From its most recent report, filed in 2015[10] but detailing its activities between 2009 and 2013, we glean that companies filed 480 notices of transactions that CFIUS determined were covered by its mandate. Among these, CFIUS investigated forty percent of the deals that entered its system – 193 transactions.  Its targets came from a range of industries.  More than one-third of them involved manufacturing; and an additional one-third covered companies based in finance, information, or services.  The computer and electronics subsector made up the largest portion of manufacturing notices; and the bulk of finance, information and services notices (over two-thirds of them) originated in professional, scientific and technical services – notably, computer system design; telecommunications; publishing; and data processing.  Acquisitions by investors from China accounted for the largest single share of CFIUS notices – though its attention was also drawn to transactions involving investors based in Britain, Japan, France, Canada, and Germany. Telecommunications, software, and technology transactions were among those sectors for which CFIUS’s review resulted in legally binding mitigation measures in 2013.[11]

What may we conclude?  Demonstrably, CFIUS is a major U.S. policymaker – meriting far more critical scrutiny than it has obtained.  Equally certain, CFIUS has granted a high priority to deal-making within the international information industry.  As those who keep up with the Information Observatory will recognize, information constitutes a rare growth pole in today’s depressed world economy; and CFIUS’s job has seemingly come to involve an effort to ensure that U.S. business interests retain a pole position with respect to this industry within the U.S. market.  No less evident, finally, CFIUS has been targeting China.  Going forward, the global contest to appropriate profits from information is all but certain to involve China more and more – and, again, CFIUS intends that the U.S. should retain its advantages.  CFIUS actually has played a significant background role in US tech policy for years.  The Internet equipment maker Huawei’s repeated unsuccessful attempts to penetrate the US market for network gear testify to its effectiveness.

A Committee on U.S. Foreign Investment, that is, on U.S. companies’ own deal-making outside the United States, might possess much greater relevance for the actual security of the U.S. populace than CFIUS. Under present political circumstances, of course, the establishment of such an agency seems unthinkable.  Circumstances, however, may change.

[1] Arash Massoudi, James Fontanella-Khan and Shawn Donnan, “Tsingua Pulls Western Digital Deal over US Scrutiny Fears,” Financial Times,  February 24, 2016.

[2]  See Don Weinland, Arash Massoudi and James Fontanella-Khan, “China deals collapse amid regulatory fears,” Financial Times, February 17, 2016,

[3] See James K. Jackson, The Committee on Foreign Investment in the United States (CIFUS), Congressional Research Services, February 19, 2016.

[4] Ibid.

[5] U.S. Department of the Treasury, “The Committee on Foreign Investment in the United States (CFIUS).”

[6] Jackson, “The Committee on Foreign Investment.”

[7] Consists of nine members: the Secretaries of State, Treasury, Defense, Homeland Security, Commerce, and Energy, the Attorney General, the United States Trade Representative, and the Director of the Office of Science and Technology Policy.

[8] Treasury Department, “Process Overview.”

[9] According to one legal scholar, “Neither the statute nor the implementing regulations provide a definition of “national security,” but they do contain a non-exhaustive list of factors that may be considered when determining whether a threat to national security exists. These factors include domestic production needed for projected national defense requirements, the capability and capacity of domestic industries to meet national defense requirements, the control of domestic industries and commercial activity by foreign citizens as it affects the capability and capacity of the United States to meet national security requirements, the potential effects of an acquisition on sales of military goods, equipment, or technology to countries supporting terrorism or raising proliferation concerns, and the potential effects on U.S. technological leadership in areas affecting national security.”  See George Stephanov Georgiev, “The Reformed CFIUS Regulatory Framework: Mediating Between Continued Openness to Foreign Investment and National Security,” Yale Journal on Regulation (25), 2008: 127-28.

[10] Committee on Foreign Investment in the United States, “Foreign Investment in the United States: Annual Report to Congress,” Issued February 2015.

[11] Ibid.

Cause for celebration on the 20th anniversary of the Telecom Act?

This week marks the 20th anniversary of the U.S. Telecommunications Act of 1996.  Celebrations have been sighted in and around Washington, D.C.[1]

Helpful clarification of the substance of the Telecommunications Act of 1996 was provided by Patricia Aufderheide in 1999.[2]  Ostensibly passed to support and strengthen market forces in networking, and signed into law at the height of the competition fever that had gripped the citadels of American power, the legislation was part of a more encompassing structural transition.  The early 1990s, when about ten giant local- and long distance carriers ruled U.S. networking, turned out to be the last gasp of a tightly bounded industrial giantism.  This circumscribed mode of ownership and control was, however, now rapidly supplanted. A much wider range of participants together constituted the giantism that followed:  proprietary intranets, operated by big companies based in every economic sector; content delivery networks, operated by the likes of Amazon, Google, Facebook, and Microsoft; and a scattering of huge backbone Internet providers.  One might say that capitalism in communications had been opened to capital at large.

There is little cause for celebration about this, as a quick review of the events occurring this week makes plain. Lawyers, engineers, executives and policy wonks:  these were the chief participants. Ordinary folk are as removed from these lackluster events as they were from the legislation itself.  On the dreary occasion of Congress’s vote on Public Law 104-104, if memory serves, the only praiseworthy statement came from Congressman John Conyers, a trenchant opponent.  Notable was the exceptionally strong bipartisan backing for the measure; and this was attributable to the extensive support that it gained from corporate America.  Less interesting was the parade of self-congratulatory speeches that ensued, in which legislators, lobbyists, and academic parrots declaimed on the virtues of competition.  Gas-baggery ruled.

Today’s party-ers are cast from the same mold.  They don’t seem to include many working people, let alone any trade unionists.  That’s not accidental:  these are the people whose interests were further marginalized by the Telecom Act of 1996. However, the revolving door between industry and government is spinning as fast as ever, as regulators and lobbyists exchange places.  The Center for Responsive Politics lists literally dozens of individuals who have moved between the Federal Communications Commission (FCC) and industry.[3

Read more

U.S. Dominance Over International Communications: A Status Report

Two stories jump out this week. One concerns the Internet’s coordinating mechanism, the other the pact that enables European data to be sent to the United States.  Seemingly discrete, at a deeper level they are organically connected. The underlying issue is whether challenges to U.S. power over the system of international communications will intensify – or be shunted aside.

We have written before about the “Safe Harbor” agreement, which had governed data- transfers between Europe and the U.S. and which was struck down by the European Court of Justice three months ago because it did not offer sufficient guarantees that Europeans’ personal data were protected from eavesdropping by U.S. intelligence agencies.  Would a new pact be devised, incorporating Europeans’ demands to strengthen privacy protections? What kinds of guarantees would be supplied?

An answer is now at hand. Although the prescribed negotiating deadline passed without agreement, two days late a deal was announced.[1] The US firms escaped the obligation to store their data in European lands; while, a new “EU-US Privacy Shield,” the European Commission declared, “will provide stronger obligations on companies in the U.S. to protect the personal data of Europeans.” U.S. companies wishing to import personal data from Europe “will need to commit to robust obligations on how personal data is processed and individual rights are guaranteed.” The U.S. Department of Commerce will monitor that companies publish their commitments, which makes them enforceable under U.S. law by the US Federal Trade Commission. In addition, “any company handling human resources data from Europe has to commit to comply with decisions by European Data Protection Administrations.” E.U. citizens will have access to an ombudsman located in the United States. And, “for the first time, the US has given the EU written assurances that the access of public authorities for law enforcement and national security will be subject to clear limitations, safeguards and oversight mechanisms. These exceptions must be used only to the extent necessary and proportionate. The U.S. has ruled out indiscriminate mass surveillance on the personal data transferred to the US under the new arrangement.”[2]

We will need to see during the months ahead just what level of protection the “Privacy Shield” actually offers. What’s interesting, though, is that considerable effort needed to be expended to reach even such a seemingly minimal agreement as this.  Intense negotiations were conducted at the World Economic Forum in Davos, involving both governmental functionaries and trade groups. Satya Nadella, the CEO of Microsoft, editorialized that the Safe Harbor agreement – with its guarantee that corporations may transmit personal data from jurisdiction to jurisdiction – must be supplemented with “additional agreements, that enable privacy rights to follow data around the world.”[3]  Google, by appointing as head of its global policy unit a onetime Obama Administration negotiator known for her calm, conciliatory style, reportedly was “burying its confrontational stance” in favor of more moderate international diplomacy.[4]  Facebook publicized a report that it had commissioned, to emphasize disingenuously that the U.S. had actually become more “privacy friendly” than Europe.[5]  Transatlantic data flows are simply too important to be left to the lower echelons.

Still, the data-hogging transnationals are not yet in the clear.  Europe’s national privacy regulators are slated to release their own decision tomorrow, February 3d, on how data should be moved between the two regions. And a clamor that the EC had sold out 500 million Europeans is already audible. It is possible that some nations’ data protection authorities will prove more vigilant than their colleagues in the Commission.  Thousands of U.S. companies, rooted in every sector, will be watching – eagle-eyed, we might say. No matter which way tomorrow’s decision goes, transborder data flows will still continue to constitute a crucial point of vulnerability for corporate capital.

Read more