China faces existing and extensive US restrictions on trade, investment and technology | Skadden, Arps, Slate, Meagher & Flom LLP
Take away food
- Chinese investments requiring CFIUS review have declined as the United States aggressively scrutinizes such transactions, and rules governing interactions with “Chinese military-industrial complexes” have been overhauled.
- Import restrictions on products made in the Xinjiang region have been rolled out by the US government.
- Despite several high-profile firings and a lost lawsuit, the DOJ’s Chinese initiative to thwart economic espionage and trade secret theft continues.
- Multinational companies doing business in China or with its citizens will have to comply with two new Chinese data protection laws.
National Security Regulations
China remains one of the US government’s top national security regulatory priorities. The Biden administration has retained or even augmented key aspects of the Trump administration’s national security approach to China, while making modest adjustments to some of the more controversial or legally vulnerable regulations:
- The Committee on Foreign Investment in the United States (CFIUS) has maintained an aggressive approach to reviewing transactions involving Chinese investors or third-country investors with significant ties to China. This has resulted in a noticeable decline in Chinese investments requiring CFIUS review, dropping from an average of 57 cases per year during 2016-18 to 28 in 2019 and 22 in 2020. We expect the data to show a decline comparable CFIUS cases linked to China in 2021.
- The US government has rolled out sanctions and new legislation to pressure US companies to avoid products from China’s Xinjiang region, in response to US government concerns over the use of forced labor for Xinjiang products. . On December 23, 2021, President Biden signed into law the Uyghur Forced Labor Prevention Act, which Congress passed with broad bipartisan support. The law effectively prohibits imports of goods made in whole or in part in Xinjiang, relying on a strong presumption that forced labor is used for all products from the region.
- In a Trump administration policy change, in June 2021, President Biden revoked an executive order that would have restricted the use of eight popular Chinese apps in the United States. In its place, the Department of Commerce was tasked with monitoring and taking appropriate action against anything “connected”. software applications” — defined as software “used on an endpoint computing device… [with] the ability to collect, process, or transmit data through the Internet,” which may pose risks to the national security of the United States. We expect the Department of Commerce to issue further guidance on this issue in 2022, and we anticipate a rigorous regulatory and enforcement regime.
- In June 2021, the Biden administration revamped the sanctions framework for “Communist Chinese Military Companies” (now called “Chinese Military-Industrial Complexes” or CMICs) by clarifying the listing criteria, revoking some of the most disputes against particular companies and moving primary responsibility for the administration of the list from the Department of Defense to the Office of Foreign Assets Control (OFAC) of the Department of the Treasury. In December, OFAC added additional companies to CMIC’s list.
We anticipate a similar approach in 2022, with the administration pursuing a relatively aggressive but more nuanced approach to national security regulation.
On December 2, 2021, the Securities and Exchange Commission (SEC) adopted final amendments implementing the disclosure and filing requirements of the Holding Foreign Companies Accountable Act (HFCAA). The legislation directs the SEC to disbar registrants if, for three consecutive years, the Public Company Accounting Oversight Board (PCAOB) is unable to inspect the auditor of the registrant’s financial statements.
On December 16, 2021, the PCAOB sent a report to the SEC stating that it was unable to fully inspect or investigate accounting firms registered with the PCAOB and headquartered in China and Hong Kong due to positions taken by government authorities in those jurisdictions. Access to audit working papers from companies headquartered in China and Hong Kong will likely continue to be a significant issue in 2022.
Initiative of the Ministry of Justice in China
Originally announced in November 2018 as a Department of Justice (DOJ) effort to crack down on trade secret theft and Chinese economic espionage, the China Initiative has faced significant criticism in the past year. After the DOJ dropped several cases and a judge acquitted University of Tennessee professor Anming Hu of wire fraud and misrepresentation based on allegations that he concealed his university affiliation China while receiving funding from the US National Aeronautics and Space Administration, some observers questioned whether prosecutors had gone too far. Critics have also raised concerns that the China Initiative could contribute to negative stereotypes of Asians and Asian Americans.
The DOJ did not disavow the China Initiative, however, and on December 21, 2021, a Massachusetts federal jury convicted Harvard professor Charles Lieber of misrepresentation and tax offenses resulting from concealment of his affiliation with the University of Technology. of Wuhan and its participation. as part of the Chinese Thousand Talents Program.
While the DOJ may be more cautious in misrepresentation-type cases given its losses in other cases last year, we expect continued attention to the Chinese government’s perceived involvement in the misappropriation of intellectual property, economic espionage and cyberattacks.
New Chinese legislation
In addition to U.S. laws and regulations applying to Chinese business and commerce, two new Chinese laws came into effect at the end of 2021 and are likely to impact many multinational companies operating in or having operations affecting the country: data security law. (DSL) and the Personal Information Protection Act (PIPL).
The DSL applies to all data activities within China, as well as extraterritoriality if they are deemed to harm the country’s national security and public interest. It sets up a framework to classify data collected and stored in China according to its potential impact on Chinese national security and regulates its storage and transfer according to the type of data. Specifically, the DSL clarifies and expands data location and transfer requirements for certain categories of data and certain types of data handlers, and it expands the scope of the regulations to cover both initial collectors and downstream intermediaries.
The PIPL generally applies to all types of data activities involving the personal information of subjects in China, as well as out-of-country activities to provide products or services to individuals in China or to analyze their behavior. The PIPL imposes the following key obligations on data managers:
- obtaining consents;
- locate and delete data when certain conditions are met;
- ensure that any foreign recipient of the data has protection measures that are no less stringent than those imposed by the PIPL in cross-border data transfers; and
- perform regular self-audits to assess information security risks and implement corresponding policies and safeguards.
Given the broad coverage of these laws and extensive compliance obligations, companies doing business in China should reassess their information technology systems and seek guidance before exporting data overseas.