[co-author: Emily King]

As global economic and geopolitical environments enter a new era, companies need to continuously develop and adjust their coherent global business strategies to secure and further expand business opportunities in all markets while minimizing political and legal risks by ensuring compliance. To assist you with that task, Mayer Brown’s US-China Trade Monthly provides news and insights related to the latest US developments impacting the US-China bilateral trade relationship.

In this October 2024 issue, we will discuss the: (1) White House announcing new restrictions on de minimis rules; (2) US House of Representatives passing multiple bills targeting threats posed by the Chinese Communist Party; (3) US Department of Commerce’s Bureau of Industry and Security (BIS) implementing export controls on advanced technology; and (4) BIS proposing controls on connected vehicles and components with links to China and Russia.

US UNVEILS NEW UFLPA ENTITY LIST ADDITIONS OF PRC-BASED ENTITIES

In August, October, and November, the US Department of Homeland Security (DHS) added several People’s Republic of China (PRC)-based individuals and entities to its Uyghur Forced Labor Prevention Act (UFLPA) Entity List,¹ bringing the list’s total to 107 entities.

THE ADDITIONS

METAL- AND CONSTRUCTION-RELATED

First, on August 8, 2024, DHS announced the addition of five entities based in the PRC engaged in the following businesses, respectively:

1. Manufacture of magnesium fertilizer and magnesium alloys;
2. Manufacture of structural components and materials for construction; general construction, construction engineering and operations; and real estate development and operations;
3. Manufacture and sale of magnesium alloy products;
4. Mining of nonferrous metals, including zinc, copper, and silver; and
5. Manufacture of magnesium and magnesium alloy products.

METAL- AND SWEETENER-RELATED

Second, on October 3, 2024, DHS announced the addition of two entities based in the PRC that are engaged in the following businesses, respectively:

1. Mining of iron ore and manufacture of steel; and
2. Production and sale of aspartame, an artificial sweetener and food additive.

TEXTILE-RELATED

Third, on October 31, 2024, DHS announced the addition of four companies based in the PRC that are engaged in the following businesses, respectively:

1. Research, ginning, spinning, knitting, and weaving of cotton and cotton products to produce textiles, apparel, and accessories, including packaging and merchandising of these products, as well as the manufacture and processing of textiles and apparel;
2. Production and sale of cotton and cotton yarn; and
3. Production and sale of cotton yarn.

AGRICULTURAL AND OTHER SECTORS

Finally, on November 22, 2024, DHS announced the addition of 29 other entities based in the PRC. Twenty-three of those entities operate in the agricultural sector, while the remaining six operate in the food processing, electronic materials, metals, and mining sectors. FLETF also added “a listed entity to an additional UFLPA Entity List sub-list.”

THE REBUTTABLE PRESUMPTION

Entities identified on the UFLPA Entity List are subject to a rebuttable presumption that the importation of goods mined, produced, or manufactured by that entity, either directly or indirectly, is in violation of 19 U.S.C. §1307. Thus, such goods (including downstream products that incorporate inputs related to a UFLPA Entity List entity) are prohibited from entry into the United States unless the presumption is rebutted by “clear and convincing” evidence (which would be very difficult to achieve). Upon addition to the Entity List, an entity may submit a request to the FLETF Chair for removal from the list along with supporting information.

TAKEAWAYS

CONCERNS ARE NOT LIMITED TO UYGHUR LABOR

It is worth noting that all of the above-mentioned entities were added to the UFLPA Entity List either for “working with the government of Xinjiang to recruit, transport, transfer, harbor or receive forced labor or Uyghurs, Kazakhs, Kyrgyz, or members of other persecuted groups out of Xinjiang” or sourcing materials from Xinjiang. Notably, one of the entities was designated onto the list for working with a local government in Xinjiang “to recruit Kazakh workers through PRC labor programs,” indicating that the forced labor concerns underlying the UFLPA are not limited to Uyghur labor.

SUPPLIER DUE DILIGENCE WITH TRADING COMPANIES IS IMPORTANT, TOO

Equally important, the FLETF appears to follow a priority industry approach in recent UFLPA Entity List designations—the impacted industries include cotton, textile and apparels, critical minerals, and food and agricultural products—and that a significant number of manufacturing entities as well as trading companies were added to the list for Xinjiang-related sourcing. This highlights the importance of proper supplier due diligence, including with trading companies, to effectively manage supply chain disruption risks caused by UFLPA Entity List designations.

MONITORING UFLPA ENTITY LIST UPDATES IS CRITICAL

UFLPA Entity List designations are announced without advance notice and are usually effective the next business day. Parties interested in UFLPA compliance should continue to monitor FLETF’s announcements and modifications to the UFLPA Entity List, take note of FLETF’s enforcement priorities, and adopt effective measures to ensure compliance and protect their supply chains.

¹ The Entity List, developed and maintained by DHS’s Forced Labor Enforcement Task Force (FLETF), is a consolidated list of entities determined by FLETF to 1) mine, produce, or manufacture wholly or in part any goods, wares, articles, and merchandise with forced labor in the Xinjiang Uygur Autonomous Region (XUAR); 2) work with the government of the XUAR region to recruit, transport, transfer, harbor, or receive forced labor or Uyghurs, Kazakhs, Kyrgyz, or members of other persecuted groups out of the XUAR; 3) export products from the PRC to the United States that were produced, mined, or manufactured wholly or in part by entities listed in 1 and 2 above; or 4) source material from the XUAR or from persons working with the government of the XUAR or the Xinjiang Production and Construction Corps for purposes of the “poverty alleviation” program or the “pairing-assistance” program or any other government-labor scheme that uses forced labor.

CFIUS ISSUES FINAL RULE EXPANDING THE SCOPE OF ITS REAL ESTATE TRANSACTION PURVIEW

On November 1, 2024, the US Department of the Treasury, in its capacity as chair of the Committee on Foreign Investment in the United States (CFIUS), issued a final rule (“Final Rule”) expanding the list of military and government sites designated as sensitive. Based on CFIUS’s authority to review “covered real estate transactions” involving foreign persons in proximity to these sites, the expanded list substantially increases the scope of real estate transactions subject to CFIUS jurisdiction. The Final Rule adopts changes that were proposed in a June Notice of Proposed Rulemaking (which we analyzed in our Legal Update CFIUS Proposes Rules to Expand Its Real Estate Transaction Purview). We highlight some of the changes to the list in this Legal Update.

BACKGROUND

The Final Rule is the latest in a string of recent Executive Branch actions to address the increasing concern about risks presented by foreign ownership of real estate near sensitive national security sites. Specifically, the list of military and government installations was expanded once before, via a final rule published on September 22, 2023. Additionally, in May 2024, President Joseph Biden issued an Order blocking the purchase and requiring the divestment of foreign-owned real estate located near F.E. Warren Air Force Base. (Read our related Legal Updates, CFIUS Proposes to Expand Jurisdiction to Include Real Estate Transactions Near Additional Military Installations (May 2023) and US President Orders First-Ever Real Estate Divestment Following CFIUS Review (May 2024)).

“NIMBLE AND RESPONSIVE”

In a Treasury press release announcing the final rule, Assistant Secretary for Investment Security Paul Rosen stated, “Today’s final rule is a significant milestone in safeguarding critical U.S. military and defense installations. The expansion of CFIUS jurisdiction around more than 60 military installations across 30 states highlights the work of CFIUS to be nimble and responsive to the evolving nature of the threats we face in the context of foreign investment that raises national security concerns.”

KEY UPDATES

The final rule includes the following key updates:

• Expansion of CFIUS’s jurisdiction over real estate transactions to include those within a 1-mile radius of 40 additional military installations, including:
  • Naval Air Station Corpus Christi, TX
  • Military Ocean Terminal Concord, CA
  • Joint Base Myer-Henderson Hall, VA
  • Detroit Arsenal, MI
  • Naval Logistics Support Facility Aguada, PR
• Expansion of CFIUS’s jurisdiction over real estate transactions to include those within a 100-mile radius of 19 additional military installations, including:
  • Camp Grayling, MI
  • Dover Air Force Base, DE
  • Whiteman Air Force Base, MO
• Expansion of CFIUS’s jurisdiction over real estate transactions from 1 mile to 100 miles of 8 military installations already listed in the regulations, including:
  • Malmstrom Air Force Base, MT
  • Joint Base San Antonio, TX
  • Redstone Arsenal, AL
• An update of the names of 14 military installations already listed in the regulations to better assist the public in identifying the relevant sites, including:
  • Buckley Space Force Base (formerly Buckley Air Force Base)
  • Cape Canaveral Space Force Station (formerly Cape Canaveral Air Force Station)

FILING CONSIDERATIONS

Parties considering a covered real estate transaction, or an investment in or acquisition of an existing US business that holds property interests in covered real estate, should take note of the expansion of CFIUS jurisdiction in the Final Rule.

Although it is voluntary to file for most transactions subject to CFIUS jurisdiction (and filings for all covered real estate acquisitions are voluntary), a filing followed by CFIUS approval is the only way for parties to receive legal certainty that CFIUS will not alter or divest the transaction after closing.

EFFECTIVE DATE

The Final Rule will be effective December 9, 2024.

CHINA SELECT COMMITTEE CHAIRMAN INTRODUCES LEGISLATION TO REVOKE CHINA’S PERMANENT NORMAL TRADE RELATIONS

On November 14, 2024, the Chairman of the Select Committee on the Chinese Communist Party (“CCP”), John Moolenaar (R-MI), introduced H.R. 10127, the Restoring Trade Fairness Act (the “Legislation"), which would suspend US permanent normal trade relations (“PTNR”) with the People’s Republic of China (“PRC”), increase the rates of duty applicable to certain articles imported from the PRC, and establish several additional PRC-related actions. Senators Tom Cotton (R-AR), Marco Rubio (R-FL), and Josh Hawley (R-MO) introduced companion legislation, S. 5264, the Neither Permanent Nor Normal Trade Relations Act, on September 26.

As background, on May 24, 2000, the United States enacted legislation to grant PNTR status to China. This allowed US recognition of China’s accession to the World Trade Organization (“WTO”) and removed the annual vote on maintaining normal trade relations (i.e., Most-Favored Nation status) with China. China’s PNTR status allows for PRC-based goods to have duties at the rates set forth in column 1 of the US Harmonized Tariff Schedule (“HTS”) (i.e., the tariff rates applied to most countries other than U.S. Free-Trade Agreement partners).

In addition to the revocation of PNTR status, the Legislation would take several PRC-related actions if passed, including:

• Revising the HTS to include rates of duty applicable only to articles of the PRC by creating a third column in the HTS (“column 3”).
  • The new column 3 rates would be calculated as follows:
    • For ad valorum rates (i.e., rates that are a percentage of the price of the imported good), column 3 duties would revert to inflation adjusted column 2 rates, unless the column 2 rate is less than 35%, in which case the tariff would be set at 35%.
    • For specific or compound rates (i.e., rates that are set for a particular measure of a good, e.g., weight), column 3 duties would revert to inflation adjusted column 2 rates, unless the column 2 rate has an effective ad valorum equivalent rate of less than 35%, in which case the rate would be a set rate equivalent to 35%. The U.S. International Trade Commission (“USITC”) would perform this analysis.
    • For a specified subset of HTS subheadings outlined in Section 10 of the proposed legislation, the column 3 rates discussed above would be adjusted to rates or effective rates equal to 100%.

As referenced above, the Legislation also authorizes and directs the President to adjust specific and compound rates of duty for inflation based on the Consumer Price Index (CPI) annually. The first adjustment would be against the 1930 CPI, and, accordingly, would reflect a very large inflation adjustment.

• The phase-in of duty increases would follow the schedule below:
  • 180 days after enactment, 10% of the total duty increase with respect to an article shall apply,
  • Two years after enactment, 25% of the total duty increase with respect to an article shall apply,
  • Four years after enactment, 50% of the total duty increase with respect to an article shall apply, and
  • Five years after enactment, 100% of the total duty increase with respect to an article shall apply.

• Establish a Tariff-Rate Quota (“TRQ”) for imports for which China is the only source (as determined based on a review of official Commerce import statistics), with the in-quota volume equal to the amount by which domestic consumption exceeds domestic production. The TRQ would permit the specified quantity of the article to enter the United States at the lower column 1 duty rates. However, import volume that exceeds the quota amount (i.e., the difference between estimated US production and US consumption) would be subject to a higher duty rate of 100% ad valorem. The TRQ would remain in place for three years following the enactment of the Legislation, and in-quota imports would be subject to column 1 duty rates. For articles subject to the TRQ, the phase-in of the new column 3 duties would begin after the expiration of the three-year TRQ and on a schedule similar as above, as follows:
  • Three years after enactment, 10% of the total duty increase with respect to an article shall apply,
  • Five years after enactment, 25% of the total duty increase with respect to an article shall apply,
  • Six years after enactment, 50% of the total duty increase with respect to an article shall apply, and
  • Seven years after enactment, 100% of the total duty increase with respect to an article shall apply.
• Provide the President with broad authority to further increase duties above those outlined above and to impose additional quotas on imports from China.
• Require an appraisal of merchandise from China, which would require imports from China to be valued for purposes of assessing duty on the basis of “the United States value;” i.e., the US market price as audited and verified by Customs and Border Protection (“CBP”) and the USITC.
• Eliminate eligibility of imports from China from the de minimis exemption entirely. The de minimis exception currently provides admission of articles free of duty into the United States, if the aggregate fair retail value in the United States does not exceed $800. This is likely to have a significant impact on sales via e-commerce platforms that rely on direct shipments to US consumers from China.
• Establish a mechanism in the US Department of the Treasury through which tariff revenue is diverted to impacted industries through the establishment of a series of trust funds.
  • The trust funds are set to be available to certain sectors. For agriculture sectors, trust fund amounts can be transferred to the Commodity Credit Corporation (“CCC”) to provide additional payments to impacted farmers and ranchers. For other sectors, trust fund amounts shall be used for US purchases of products that would have been exported to China, if not for the retaliatory tariffs. US purchases would be initially limited to specified sectors of semiconductors, electrical and electronic equipment, mineral fuels and oils, aircraft and aircraft parts; and, if amounts remain in trust fund after payments to CCC and to the sectors noted above, the remaining funds would be provided to Commerce to purchase other products that would have been exported to China but for retaliation. Any funds remaining in the trust funds at the end of the fiscal year—after all payments and purchases have been made—are to be transferred to the Department of Defense for the purpose of purchasing munitions outlined in the Legislation.

The first adjustment of the duties outlined above would apply with respect to articles entered or withdrawn from warehouse for consumption on or after January 1, 2024. Accordingly, the Legislation also gives CBP authority to issue rules for the retroactive collection of said duties within 180 days following the enactment of the Legislation.

In all, the Legislation serves as a foundational document for negotiations among Congress and the Trump Administration that could result in revocation of China PNTR in 2025. Interested parties should continue to monitor the Legislation’s progress as it moves through Congress.

US DEPARTMENT OF THE TREASURY ISSUES FINAL RULE TO REGULATE OUTBOUND INVESTMENTS

On October 28, 2024, the US Department of the Treasury (“Treasury”) issued a Final Rule to require the notification or prohibition of certain outbound investments and other transactions by US persons involving persons of countries of concern, and certain subsidiaries or parents thereof, engaged in activities involving three sensitive sectors: (1) semiconductors and microelectronics, (2) quantum information technologies, and (3) certain artificial intelligence (“AI”) systems. The Final Rule’s requirements will go into effect on January 2, 2025.

The Final Rule considered public comments offered to the August 9, 2023 Advance Notice of Proposed Rulemaking (ANPRM) and June 21, 2024 Notice of Proposed Rulemaking (NPRM) and implements Executive Order 14105 (the “Outbound Order”), which was issued on August 9, 2023. As defined in the Outbound Order, only China, including the regions of Macau and Hong Kong, has been designated a “country of concern.”

SCOPE

As a threshold matter, the Final Rule’s requirements apply to US persons, including United States citizens and lawful permanent residents, and any person in the US. The requirements also apply to entities organized under US law, and any foreign branches of those entities.

The Final Rule also requires US. persons to take all reasonable steps to prevent transactions by “controlled foreign entities” that would be prohibited if engaged in by US persons. Under the Final Rule, “controlled foreign entities” include any entities, wherever incorporated or organized, of which a US person is a parent. US persons are also prohibited from knowingly directing a transaction by a non-US person that the US person knows at the time of the transaction would be prohibited if engaged in by a US person. The Final Rule provides specificity as to the recusals needed in order to avoid that knowing direction by a US person.

Additionally, the Final Rule contains a knowledge standard, including for the determination of whether a transaction qualifies as a “covered transaction.” Thus, many of the Final Rule’s requirements apply to US persons who have one of the following types of “knowledge:” (1) actual knowledge that a fact or circumstance exists or is substantially certain to occur, (2) an awareness of a high probability of a fact’s or circumstance’s existence or future occurrence, or (3) reason to know of a fact’s or circumstance’s existence. Moreover, a US person who fails to conduct a “reasonable and diligent inquiry by the time of a transaction may be assessed to have had…reason to know of a given fact or circumstance.” If, post-transaction, a US person acquires actual knowledge of a fact or circumstance that, if known at the time of the transaction, would have made the transaction a covered transaction, that person must submit a notification within 30 calendar days.

COVERED TRANSACTIONS AND EXCEPTIONS

The Final Rule’s requirements apply to “covered transactions,” which are a US person’s direct or indirect:

• Acquisition of an equity interest or contingent equity interest in a person that the US person knows at the time of the acquisition is a covered foreign person.
• Provision of a loan or a similar debt financing arrangement to a person that the US person knows at the time of the provision is a covered foreign person, where such debt financing affords or will afford the US person certain equity-like rights in the covered foreign person.
• Conversion of a contingent equity interest into an equity interest in a person that the US person knows at the time of the conversion is a covered foreign person, where the contingent equity interest was acquired by the US person on or after January 2, 2025 (as a result, the acquisition of a contingent equity interest in a covered foreign person may be a covered transaction both at the time of acquisition and at the time of conversion).
• The acquisition, leasing, or other development of operations, land, property, or other assets in a country of concern (i.e., a greenfield or brownfield investment) that the US person knows at the time will result in, or that the US person plans to result in:
  • The establishment of a covered foreign person; or
  • The engagement of a person of a country of concern in a covered activity.
• The entrance into a joint venture, wherever located, that is formed with a person of a country of concern, and where the US person knows at the time of entrance that the joint venture will engage, or plans to engage, in a covered activity.
• The acquisition of a limited partner or equivalent interest in a venture capital fund, private equity fund, or similar fund that a US person knows at the time of the acquisition likely will invest in a person of a country of concern that is in one of the sensitive sectors described above, and that fund undertakes a transaction that would be a covered transaction if undertaken by a US person.

The Final Rule provides a list of transactions that are specifically excepted from the definition of “covered transactions,” as follows:

• An investment by a US person:
  • In any publicly traded “security”;
  • In a security issued by any “investment company”;
  • Made as a limited partner or equivalent in a venture capital fund, private equity fund, or similar fund where: (A) the limited partner’s or equivalent’s committed capital is not more than $2,000,000, aggregated across any investment and co-investment vehicles of the fund; or (B) the limited partner or equivalent has secured a binding contractual assurance that its capital in the fund will not be used to engage in a transaction that would be a prohibited transaction or notifiable transaction, as applicable, if engaged in by a US person; or
  • In a derivative, so long as such derivative does not confer the right to acquire equity, any rights associated with equity, or any assets in or of a covered foreign person.

Such investments will only qualify as excepted if they do not afford the US person any rights beyond standard minority shareholder protections with respect to the covered foreign person. The Final Rule includes a non-exclusive list of example minority shareholder protections.

• The complete buyout of all of a person of a country of concern’s interests.
• Certain intracompany transfers, specifically, a transaction that otherwise would be a covered transaction between a US person and its controlled foreign entity and either supports operations that are not covered activities or maintains covered activities that the controlled foreign entity was engaged in prior to January 2, 2025.
• A transaction made after January 2, 2025, pursuant to a binding, uncalled capital commitment entered into before January 2, 2025.
• The acquisition of a voting interest in a covered foreign person by a US person upon default or other condition involving a loan or a similar financing arrangement, where the loan was made by a syndicate of banks in a loan participation, and the US person lender(s) in the syndicate cannot act on its own with respect to the debtor and is not the syndication agent.
• An individual’s employment compensation in the form of stock or stock options.
• Certain transactions with or involving a person of a country or territory outside of the United States that Treasury has designated as qualifying for to-be-developed criteria related to outbound investment regulation.
• transaction for which the US Government grants an exemption on the basis that the transaction is in the US national interest.

COVERED FOREIGN PERSONS AND PERSONS OF A COUNTRY OF CONCERN

As defined in the Final Rule, a “covered foreign person” is:

• A person of a country of concern that engages in a covered activity; or
• A person that directly or indirectly holds a board seat on, a voting or equity interest in, or any contractual power to direct or cause the direction of the management or policies of such persons, and through which it derives more than 50%of its annual revenue or annual net income, or incurs more than 50% of its annual capital expenditure or operating expenses, in each case based on certain aggregation and monetary thresholds.

Thus, the definition of a “covered foreign person” includes both (1) a person of a country of concern engaged in a covered activity; and (2) other persons with the specified relationships with persons of a country of concern engaged in a covered activity. This definition provides a broad reach to the Final Rule, with an application not just to entities located in the “countries of concern” specified above.

Finally, the Final Rule provides a definition of “person of a country of concern” that, again, is not just limited to entities located in the “countries of concern” specified above. The term includes:

• Any individual who is a citizen or permanent resident of a country of concern, and is not a US citizen or permanent resident of the United States.
• An entity with a principal place of business in, headquartered in, or incorporated in or otherwise organized under the laws of, a country of concern.
• The government of a country of concern; any person acting for or on behalf of that government; or any entity, wherever located, with respect to which that government holds, individually or in the aggregate, directly or indirectly, 50% or more of the outstanding voting interests, voting power of the board, or equity interest, or otherwise possesses the power to direct or cause the direction of the management and policies.
• Any entity, wherever located, in which one or more persons identified above individually or in the aggregate, directly or indirectly, holds at least 50% of the outstanding voting interests, voting power of the board, or equity interests.

PROHIBITED AND NOTIFIABLE TRANSACTIONS

The Final Rule sets out prohibitions and notification requirements for covered transactions involving the activities in the three sensitive sectors identified above (and spelled out in detail below). Notifications must be filed no more than 30 days after the covered transaction or 30 days after the US person acquires actual knowledge that the transaction would have been covered at the time of the transaction.

SEMICONDUCTORS AND MICROELECTRONICS

The Final Rule prohibits certain covered transactions related to the development, production, design, fabrication, packaging, installation, or sale of:

• Certain electronic design automation software.
• Certain fabrication or advanced packaging equipment or items designed exclusively for use in or with ultraviolet lithography fabrication equipment.
• Integrated circuits based on certain technical, performance, or design parameters.
• Certain supercomputers enabled by advanced integrated circuits that provide certain compute capacities.

The scope of notifiable transactions involving the semiconductor and microelectronics industry is broad and includes covered transactions in which the relevant covered foreign person or joint venture designs, fabricates, or packages any other integrated circuit not described above.

QUANTUM INFORMATION TECHNOLOGIES

The Final Rule prohibits certain covered transactions related to:

• The development of quantum computers or production of any critical components required to produce a quantum computer.
• The development or production of certain quantum sensing platforms designed or military, government intelligence, or mass surveillance end uses.
• The development or production of certain quantum networks or quantum communication systems.

The Final Rule does not provide a category of notifiable covered transactions involving quantum information technologies.

AI SYSTEMS

The Final Rule defines the term “AI system” to mean:

• A machine-based system that can, for a given set of human-defined objectives, make predictions, recommendations, or decisions influencing real or virtual environments—i.e., a system that:
  • Uses data inputs to perceive real and virtual environments;
  • Abstracts such perceptions into models through automated or algorithmic statistical analysis; and
  • Uses model inference to make a classification, prediction, recommendation, or decision.
• Any data system, software, hardware, application, tool, or utility that operates in whole or in part using a system described above.

With respect to these AI systems, the Final Rule prohibits certain covered transactions related to:

• The development of any AI system designed to be exclusively used for, or intended to be used for, certain end uses (including military end uses and government intelligence or mass-surveillance end uses); or
• The development of any AI system that is trained using specified thresholds of computing power.

With respect to notifiable transactions and AI systems, the Final Rule requires notification of certain covered transactions related to the development of any AI system not otherwise covered by the prohibited transaction definition, where that AI system is:

• Designed or intended to be used for certain end uses or applications; or
• Trained using a specified threshold of computing power.

ANALYSIS

The Final Rule is the culmination of years of effort in the regulation of US outbound investment in sensitive sectors. Moreover, in many instances the Final Rule covers a broad scope of transactions. Thus, parties to potential transactions should carefully consider the regulations and implement procedures to evaluate potential tripwires. Significant civil ($368,136 or twice the amount of the transaction that is the basis of the violation) and criminal ($1 million and up to 20 years imprisonment) penalties for violations will serve as potent enforcement tools; the Final Rule also provides Treasury with the authority to require divestment of any prohibited transactions. Due diligence and advice of counsel prior to consummating a transaction will be critical to avoiding penalties and other consequences.

BIDEN ADMINISTRATION ISSUES FIRST-EVER NATIONAL SECURITY MEMORANDUM ON ARTIFICIAL INTELLIGENCE

On October 24, 2024, President Biden issued the first-ever National Security Memorandum (NSM) on artificial intelligence (AI), fulfilling another directive (subsection 4.8) set forth in the Administration’s Executive Order on AI and outlining how the federal government intends to approach AI national security policy. The NSM also includes a classified annex, which addresses sensitive national security issues. The release of the NSM follows the Biden Administration’s other recent national security-focused actions on AI, including the Department of Commerce’s proposed rule to institute mandatory reporting requirements for developers of powerful AI models (see our Legal Update on the proposal), and its interim final rule issuing new export controls on advanced semiconductor manufacturing equipment, among other technologies (see our Legal Update on the final rule).

The development of the NSM is based on the fundamental premise that “advances at the frontier of AI will have significant implications for national security and foreign policy in the near future.”¹ With that in mind, the NSM directs several actions to be taken by the federal government to: (1) ensure that the United States leads the world’s development of safe, secure, and trustworthy AI; (2) harness cutting-edge AI technologies to advance the United States’ national security mission; and (3) advance international consensus and governance around AI. While the NSM focuses on actions to be taken by the federal government, it promises to have significant implications for private sector entities as they develop and deploy powerful AI models.

In this Legal Update, we summarize key provisions and directives of the NSM.

SUMMARY OF THE NATIONAL SECURITY MEMORANDUM

The NSM provides three primary objectives and corresponding directives with respect to AI and national security.

1. Lead the world’s development of safe, secure, and trustworthy AI: To maintain and expand US leadership in AI development, the NSM identifies key policies including: promoting progress and competition in AI development; protecting industry, civil society, academia, and related infrastructure from foreign intelligence threats; and developing technical and policy tools to address potential security, safety, and trustworthiness risks posed by AI. Key directives in this area include:

• The Department of State (DOS), Department of Defense (DOD), and Department of Homeland Security (DHS) shall use all available legal authorities to attract and facilitate the immigration of foreign persons with relevant technical expertise who would improve US competitiveness in AI and related fields.
• Several agencies—including the Department of Commerce (DOC), DOD, and Department of Energy (DOE)—shall coordinate their efforts, plans, investments, and policies to facilitate and encourage the development of sophisticated AI semiconductors, AI-dedicated computational infrastructure, and other AI-enabling infrastructure (e.g., clean energy, power transmission fiber data links, etc.).
• The Office of the Director of National Intelligence (ODNI), in coordination with other agencies, shall identify critical nodes in the AI supply chain and develop a list of ways in which these nodes could be disrupted or compromised by foreign actors. These agencies shall take steps to reduce such risks.
• The Committee on Foreign Investment in the United States (CFIUS) “shall, as appropriate, consider whether a covered transaction involves foreign actor access to proprietary information on AI training techniques, algorithmic improvements, hardware advances, critical technical artifacts (CTAs), or other proprietary insights that shed light on how to create and effectively use powerful AI systems.”
• DOC, acting through the AI Safety Institute (AISI) and National Institute of Standards and Technology (NIST), shall serve as the primary federal government point of contact with private sector AI developers to facilitate voluntary testing of dual-use foundation models. DOC shall establish a capability to lead this testing and issue guidance and benchmarks for AI developers on how to test, evaluate, and manage risks arising from these models. AISI shall submit a report to the President summarizing findings of its voluntary testing and share results with the developers of such models.
• The National Security Agency (NSA) “shall develop the capability to perform rapid systematic classified testing of AI models’ capacity to detect, generate, and/or exacerbate offensive cyber threats[,]” and DOE shall do the same with regards to “nuclear and radiological risks.”
• DOE, DHS, and AISI shall coordinate to develop a roadmap for evaluations of AI models’ “capacity to generate or exacerbate deliberate chemical and biological threats[.]” DOE shall develop a pilot program to establish the capability to conduct classified testing in this area and other agencies shall support efforts to use AI to enhance biosafety and biosecurity.
• DOD, DHS, the Federal Bureau of Investigation, and NSA “shall publish unclassified guidance concerning known AI cybersecurity vulnerabilities and threats; best practices for avoiding, detecting, and mitigating such issues during model training and deployment; and the integration of AI into other software systems.”

2. Responsibly harness AI to achieve national security objectives: To further integrate AI into US national security functions, the NSM identifies key policies, including adapting partnerships, policies, and infrastructure to enable effective and responsible use of AI; and developing robust AI governance and risk management policies. Key directives in this area include:

• DOD and ODNI shall establish a working group to address issues involving procurement of AI by DOD and Intelligence Community (IC) elements. The working group shall provide recommendations to the Federal Acquisition Regulatory Council (FARC) regarding changes to existing regulations and guidance, in order to accelerate and simplify the AI procurement process.
• DOD and ODNI shall engage with private sector stakeholders, including AI technology and defense companies, to identify and understand emerging AI capabilities.
• Heads of agencies shall monitor, assess, and mitigate risks directly tied to their agency’s development and use of AI, including risks tied to physical safety, privacy, discrimination and bias, transparency, accountability, and performance.
• Heads of agencies that use AI as part of a national security system (NSS) shall issue or update guidance on AI governance and risk management for NSS.

3. Foster a stable, responsible, and globally beneficial international AI governance landscape: US international engagement on AI “shall support and facilitate improvements to the safety, security, and trustworthiness of AI systems worldwide; promote democratic values, including respect for human rights, civil rights, civil liberties, privacy, and safety; prevent the misuse of AI in national security contexts; and promote equitable access to AI’s benefits.” To that end:

• The Department of State, in coordination with other agencies, shall “produce a strategy for the advancement of international AI governance norms in line with safe, secure, and trustworthy AI, and democratic values, including human rights, civil rights, civil liberties, and privacy.”

CONCLUSION

The scope of the NSM is not limited to the implementation of AI in the national security context. It also considers an expansive AI supply chain—including not just semiconductors and computing equipment, but also energy and power generation—and the effects of AI for commercial use as being vital to US national security. With that framing in mind, the NSM has significant implications not just for AI developers and defense contractors, but also other sectors such as energy and infrastructure. In addition, the NSM makes clear that federal national security policy for AI is likely to implicate a broad range of issues in the years ahead, including such diverse topics as immigration, foreign investment, federal research, public-private collaboration, government contracting, and supply chain security.

¹ See the White House Fact Sheet on the NSM.

DEPARTMENT OF JUSTICE ISSUES NOTICE OF PROPOSED RULEMAKING TO REGULATE EXPORT OF SENSITIVE PERSONAL DATA

On October 21, 2024, the Department of Justice (DOJ) released an unpublished Notice of Proposed Rulemaking (NPRM), Provisions Pertaining to Preventing Access to U.S. Sensitive Personal Data and Government-Related Data by Countries of Concern or Covered Persons. DOJ intends to publish the NPRM in the Federal Register on October 29. As directed by President Joe Biden’s Executive Order 14117 and previewed in DOJ’s Advanced Notice of Proposed Rulemaking (ANPRM) in March 2024 (which we analyzed in a Legal Update), the proposed rule would establish a new national security program to prohibit or restrict US persons from engaging in certain categories of data transactions with countries of concern and covered persons involving the transfer of US government-related data or bulk US sensitive personal data.

Below, we summarize the key provisions of the NPRM, as well as key distinctions from the ANPRM issued in March. If published on October 29, interested persons have until November 28, 2024 to comment on the NPRM. No legal restrictions will be operative unless and until a Final Rule is ultimately promulgated. Note that there is a separate process to comment on the Proposed Security Requirements for Restricted Transactions issued by the Cybersecurity and Infrastructure Security Agency (CISA).

KEY TAKEAWAYS

• The NPRM closely tracks the program contemplated by the ANPRM in March and expands on topics such as applicable thresholds for “bulk” sensitive personal data, security requirements, compliance, and exempted transactions.
• If the NPRM is implemented in current form, certain categories of transactions between US persons and persons and entities with a nexus to China or other countries of concern and involving several broad categories of data (including precise geolocation, biometric, human genomic, health, financial, personal identifiers, and government-related data) will be permitted only if the US person complies with certain security requirements or, in a unique circumstance, obtains a license from DOJ. In addition, US persons engaging in these transactions would have to adhere to certain recordkeeping, due diligence, and audit requirements.
• The NPRM contains more than 300 pages of supplementary material, including commentary on elements of the proposed rule. DOJ notes multiple times throughout the commentary that it is still considering how to address certain definitions and requirements. In addition, the proposed rule contains several examples designed to demonstrate its mechanics and limits.

SUMMARY OF PROPOSED RULE

Covered Data Transactions: As in the ANPRM, the proposed rule identifies categories of covered data transactions between US persons and countries of concern or covered persons that involve access to either government-related data or bulk US sensitive personal data, and, depending on the nature of the transaction, either prohibits it outright or restricts the transaction, contingent on compliance with certain security requirements.

Prohibited Data Transactions: As under the ANPRM, the NPRM would prohibit US persons from “knowingly” engaging in or directing the following categories of transactions involving countries of concern or covered persons: (1) data-brokerage transactions, and (2) genomic data transactions involving the transfer of bulk human genomic data or biospecimens from which such data can be derived.

Key Addition: The NPRM would also prohibit US persons from “knowingly” engaging in a covered data transaction involving data brokerage with any foreign person that is not a covered person unless the US persons requires the foreign person to agree, by contract, not to engage in a subsequent data-brokerage transaction of the same data with a country of concern or covered person. In addition, US persons must report any known or suspected violations of this contractual requirement within 14 days of becoming aware of such violations.

Restricted Data Transactions: As under the ANPRM, the NPRM would prohibit US persons from “knowingly” engaging in or directing the following categories of transactions involving countries of concern or covered persons unless they comply with certain security requirements: (1) vendor agreements involving the provision of goods and services (including, for example, cloud-service agreements); (2) employment agreements (e.g., with a US company’s foreign IT staff located in a country of concern, or with a CEO who qualifies as a covered person); and (3) non-passive investment agreements (i.e., those that convey ownership interest or rights in exchange for payment or other considerations).

Key Difference: The NPRM excludes “passive investments” from the definition of “investment agreement,” including investments in publicly traded securities, securities offered by any investment company, and as a limited partner in a pooled investment fund (if certain conditions are met).

Key Addition: CISA has proposed specific security requirements for restricted transactions that build upon the proposals in the APRM. Such requirements include:

• organizational-level requirements such as asset management, designating an individual accountable for cybersecurity, and patching vulnerabilities quickly and routinely;
• system-level¹ requirements such as implementing multifactor authentication on all covered systems, collecting logs, and limiting system access to only individuals who need it to perform their jobs; and
• data-level requirements such as implementing a data retention and deletion policy, processing data in such a way to either render it no longer covered data or to minimize the linkability to US persons, and applying encryption during transit and storage.

For purposes of the NPRM, a US person acts “knowingly,” if the person had actual knowledge or reasonably should have known about particular conduct, circumstances, or results. The NPRM makes clear that in evaluating what a US person reasonably should have known, DOJ will consider all of the facts and circumstances surrounding the transaction.

Covered Data: The NPRM applies the prohibitions and restrictions to covered data transactions involving “sensitive personal data” relating to US persons in any format that exceeds certain bulk volume thresholds and government-related data (in any volume), regardless of whether the data is anonymized, pseudonymized, de-identified, or encrypted. Sensitive personal data includes:

(1) covered personal identifiers (listed identifiers (e.g., government ID number, financial account number, device-based identifier, demographic or contact data, etc.) linked to any other listed identifiers);
(2) precise geolocation data;
(3) biometric identifiers;
(4) human genomic data;
(5) personal health data; and
(6) personal financial data.

Key Addition: The NPRM interprets “bulk” as the following amounts of sensitive data meeting or exceeding the following thresholds at any point in the preceding 12 months, whether through a single transaction or aggregated across multiple transactions involving the same US person and the same foreign or covered person.

(a) Human genomic data collected about or maintained on more than 100 US persons;
(b) Biometric identifiers collected about or maintained on more than 1,000 US persons;
(c) Precise geolocation data collected about or maintained on more than 1,000 US devices;
(d) Personal health data collected about or maintained on more than 10,000 US persons;
(e) Personal financial data collected about or maintained on more than 10,000 US persons;
(f) Covered personal identifiers collected about or maintained on more than 100,000 US persons; or
(g) Combined data, meaning any collection or set of data that contains more than one of the categories in paragraphs (a) through (g), or that contains any listed identifier linked to categories in paragraphs (a) through (e), where any individual data type meets the threshold number of persons or devices collected or maintained in the aggregate for the lowest number of US persons or US devices in that category of data.

Government-related data includes precise geolocation data associated with military or other sensitive government functions or sensitive personal data sets explicitly linked to recent former employees, contractors, or officials of the US government.

Countries of Concern: The NPRM identifies the following countries of concern: China, Cuba, Iran, North Korea, Russia, and Venezuela.

Covered Persons: The NPRM proposes the following categories of covered persons:

(1) A foreign person that is an entity that is 50% or more owned, directly or indirectly, by a country of concern, or that is organized or chartered under the laws of, or has its principal place of business in, a country of concern;

(2) A foreign person that is an entity that is 50% or more owned, directly or indirectly, by an entity described in paragraph (1) of this section or a person described in paragraphs (3), (4), or (5);

(3) A foreign person that is an individual who is an employee or contractor of a country of concern or of an entity described in paragraphs (1), (2), or (5);

(4) A foreign person that is an individual who is primarily a resident in the
territorial jurisdiction of a country of concern; or

(5) Any person, wherever located, determined by the Attorney General:

(i) To be, to have been, or to be likely to become owned or controlled by or subject to the jurisdiction or direction of a country of concern or covered person;

(ii) To act, to have acted or purported to act, or to be likely to act for or on behalf of a country of concern or covered person; or

(iii) To have knowingly caused or directed, or to be likely to knowingly, cause or direct a violation of this part.

Exempt Data Transactions: The NPRM would include the list of exempt data transactions proposed by the ANPRM, including data transactions to the extent that they: involve personal communications or information or informational materials (as IEEPA uses those terms); are for official business of the United States government; are incident to and part of the provision of financial services (e.g., banking, payment processing, etc.); are incident to and part of ancillary business operations (such as payroll or human resources) within multinational US companies; or are required or authorized by federal law or international agreements.

Key Addition: In addition to the above transactions, the NPRM would also exempt the following data transactions:

• Data transactions to the extent that they are ordinarily incident to travel to or from any country;
• Data transactions to the extent that they involve an investment agreement that is subject to a CFIUS action;
• Data transactions, other than those involving data brokerage, to the extent that they are ordinarily incident to and part of the provision of telecommunications services, including international calling, mobile voice, and data roaming;
• Data transactions that involve “regulatory approval data” and are necessary to obtain or maintain regulatory approval to market a drug, biological product, or device in a country of concern; or
• Data transactions to the extent that they are ordinarily incident to and part of clinical investigations regulated by the US Food and Drug Administration (FDA) or the collection or processing of clinical data indicating real-world performance or safety of products, or the collection or processing of post-marketing surveillance data, and necessary to support or maintain authorization by the FDA, provided the data is deidentified.

Licensing and Advisory Opinions: The NPRM would provide a process for DOJ to issue general licenses authorizing a class of transactions and specific licenses authorizing a particular transaction. The NPRM also would include an advisory opinion process, and provides details on the requirements for requesting an advisory opinion and the effect of advisory opinions.

Compliance and Enforcement: There are no general recordkeeping or due-diligence requirements applicable to all US persons engaged in data transactions with foreign persons. However, the NPRM would require US persons engaging in restricted transactions to comply with due diligence, recordkeeping, and audit requirements.

US persons engaging in restricted transactions would have to implement a data compliance program including risk-based procedures for verifying data flows, types and quantities of data involved in the transaction, the identity of the transaction parties, and the end-use of the data, among other requirements. These persons would also have to keep full and accurate records of each restricted transaction and keep the records available for examination for at least 10 years after the date of such transaction (the length of the statute of limitations for violations of IEEPA). In addition, US persons engaging in restricted transactions would also have to obtain an annual independent third party audit of such transactions and compliance program for each calendar year in which they engage in a restricted data transaction.

Key Addition: The NPRM would require US persons to file an annual report if they engage in restricted transactions involving cloud-computing services where 25 percent or more of that US person’s equity interests are owned (directly or indirectly, through any contract, arrangement, understanding, relationship, or otherwise) by a country of concern or covered person.

Key Addition: The NPRM would require US persons to file a report if they have received, and affirmatively rejected, an offer from another person to engage in a prohibited transaction involving data brokerage. The report must include basic details of the transaction and the types and volumes of covered data involved in the transaction.

DOJ would have authority to investigate violations of the Rule and seek civil or criminal penalties under IEEPA. As with other IEEPA programs, the NPRM includes a process for pre-penalty notice, in which an alleged violator that is subject to a civil monetary penalty would have an opportunity to respond to a notice informing the violator of DOJ’s intent to impose such a penalty. The alleged violator would have an opportunity to respond and initiate settlement discussions before DOJ imposes a final penalty.

CONCLUSION

Companies that engage in cross-border data transfers involving sensitive data or that have business or operational connections with countries of concern or covered persons should read the NPRM carefully to determine their potential risk.

¹ “Covered system” means an information system used to obtain, read, copy, decrypt, edit, divert, release, affect, alter the state of, view, receive, collect, process, maintain, use, share, disseminate, or dispose of covered data as part of a restricted transaction, regardless of whether the data is encrypted, anonymized, pseudonymized, or de-identified.

[View source.]