In a recent enforcement action, the Treasury Department’s Office of Foreign Assets Control (OFAC), took what appears to be an unprecedented step in finding that a Taiwanese shipping company had violated the Iranian Transactions and Sanctions Regulations, 31 C.F.R. part 560 (ITSR).

Copyright: 1971yes / 123RF Stock Photo
Copyright: 1971yes / 123RF Stock Photo

The alleged violation surrounds a ship-to-ship transfer of oil between a vessel owned by B Whale Corp. (BWC), a subsidiary of TMT Group (TMT), and a vessel owned by the National Iranian Tanker Co., which is listed as a specially designated national (SDN).  BWC and TMT maintain that the transaction involved oil originating in the United Arab Emirates and was conducted by subcontractors who were contractually prohibited from dealing with SDNs.  Nevertheless, OFAC determined that by turning off vessel identification systems and using circuitous routes, the BWC vessel had taken efforts to conceal its actions and the origin of the oil.

The novel issue here, is how OFAC came to assert jurisdiction over BWC and TMT to make its finding.  In 2013, TMT brought a voluntary bankruptcy proceeding in the Southern District of Texas, seeking protection from US creditors.  The allegedly improper oil transfer occurred after the bankruptcy proceeding had commenced.  During that proceeding, there was a motion by TMT’s creditors to remove TMT’s management due to “fraud or dishonesty” under the Bankruptcy Code.  Shortly thereafter,  OFAC conducted its investigation and asserted that it had jurisdiction,  because “BWC was a U.S. person within the scope of the ITSR because it was present in the United States for the bankruptcy proceedings when the transaction occurred.” Further OFAC determined that the vessel “was subject to U.S. sanctions regulations because it was property under the jurisdiction of a U.S. bankruptcy court, and therefore the oil transferred to the vessel was an importation from Iran to the United States as defined in the ITSR.”

With the issuance of an enforcement action against a non-US company, there is concern among foreign companies that OFAC is pushing the bounds of its jurisdiction.  OFAC’s two statements regarding the basis for jurisdiction, however, permit contrasting views of OFAC’s intent and the what this decision means for the future of sanctions enforcement. On one hand, the first statement, that BWC was a US person “because it was present in the United States for the bankruptcy proceeding,” rightfully gives reason for pause as mere presence in the United States as a basis for jurisdiction would signal a massive expansion of OFAC’s understanding of its jurisdiction.  On the other hand, the second statement, that the vessel came under the jurisdiction of the bankruptcy court, may, however, circumscribe the impact of this enforcement action.  With this qualification, it is not the mere presence of the foreign company before a US Court which conferred jurisdiction, but the well established principal that assets of the debtor — regardless of location — fall under the jurisdiction of the bankruptcy court.  While any expansion of jurisdiction is concerning to foreign companies and the US companies who transact with them, this assertion of jurisdiction may well be limited to a foreign company that availed itself of US bankruptcy protection and then used its assets for an unlawful purpose.   Should OFAC find other means of extending its jurisdictional reach, however, a new era of enforcement may be beginning.

 

The International Trade Commission (ITC) issued an order on January 27, 2017,  barring the import table saws produced by German tool manufacturer, Robert Bosch GmbH (“Bosch”). The ITC determined that the components of Bosch’s REAXX safety technology infringed the two patents held by US-based SawStop LLC (“SawStop”).  As described in a press release at the outset of the ITC’s investigation, both the saws produced by SawStop and by Bosch contain active injury mitigation technologies which are able to detect when a user comes into contact with the blade can avoid catastrophic injury.

As the ITC had previously determined that Bosch’s saws infringed two of SawStop’s patents, the ITCs recent order was limited to Bosch’s request that the ITC forego any penalties and permit the continued importation of its saws because: (1) SawStop did not have the manufacturing and distribution capacity to meet US demand and (2) by preventing the import of Bosch’s safer saw, the ITC would be increasing potential injuries to consumers.  Indeed, Bosch cited to “millions or billions of dollars” in societal costs for severe injuries from the use of unsafe saws. Ultimately, Bosch’s argument that US consumers should be afforded the ability to buy saws with the latest safety technology (leaving aside the countless antiquated table saws that fill factories and wood shops across the country) was unpersuasive.  Further, the ITC appeared to accept that SawStop was capable of meeting demand and ordered that all of Bosch’s infringing saws be excluded.

Copyright: maxkabakov / 123RF Stock Photo
Copyright: maxkabakov / 123RF Stock Photo

The U.S. Department of Commerce and the European Commission announced the Privacy Shield framework to replace the invalidated U.S-E.U. Safe Harbor Agreement, but the agreement has not yet been committed to paper.

The Safe Harbor Agreement between the United States and the European Union permitted the importation of personal data from the E.U. by American businesses that self-certified as complying with the E.U. data protection laws. However, the E.U. Court of Justice (EUCJ) ruled in its October 6, 2015 decision in Schrems v. Data Protection Commissioner (Case C-362/14), that the Safe Harbor failed to protect Europeans and invalidated the Safe Harbor.  After the Safe Harbor was invalidated, businesses have been unsure how to legally continue to import data from the European Union to the United States.

The Privacy Shield is a new framework intended to govern the flow of data between the U.S. and the E.U. As of now, the details are still being worked out, but the negotiators involved in creating the Privacy Shield have outlined its broad principles.  The Privacy Shield will have three main components: (1) new corporate obligations for U.S. businesses to commit to robust obligations on data processing, (2) granting E.U. citizens redress to challenge alleged misuse of their data, and (3) limitations on U.S. government access to personal data.

The Article 29 Working Party (Working Party) will need to approve the Privacy Shield before it can go forward. The Working Party is an independent and enforcement oriented advisory board composed of representatives of the national data protection authorities (DPA), the European Data Protection Supervisor (EDPS) and the European Commission. It expects to have the documents to review the new Privacy Shield by the end of February.

In the meantime, the Working Party has announced that the DPAs will not be enforcing actions until March or April against businesses that rely on the invalidated Safe Harbor while the details of how to proceed are still being worked out. The Working Party provided some assurances that during the period of review and assessment transfer mechanism such as the Standard Contractual Clauses and Binding Corporate Rules (BCRs) can still be used to transfer personal data to the U.S. The Standard Contractual Clauses are form data transfer agreements approved by the European Commission, and BCRs are internal data processing rules binding on all members of a global corporate group to permit intragroup transfers of personal data.

However, virtually all transfers of E.U. personal data to the U.S. are still at risk as there is no guarantee of how things will shape out during this critical interim time. Thus, until the Privacy Shield is finalized, much uncertainty regarding the transfer of personal data from the European Union still exists.

On November 13, 2015, the United States Food and Drug Administration (FDA) finalized three new rules designed to increase foods safety in the wake of recent food-borne illness outbreaks. Significantly, as part of this expansion of the Food Safety Modernization Act (FSMA), the FDA has created new obligations for food importers to verify that foreign suppliers are complying with U.S. safety standards.

32805478_s
Copyright: ewastudio / 123RF Stock Photo

The Foreign Supplier Verification Programs (FSVP) for Importers of Food for Human and Animals sets forth substantial obligations for food importers to help minimize risks to food safety throughout their supply chain. Under the FSVP, food importers are required to develop and maintain procedures to ensure that their foreign producers are abiding by the same levels of public health standards which would be applicable in the United States.  To comply with the FSVP, importers must maintain detailed records of thier supply chain protocols and preventative controls in addition to conducting audits and evaluations of each of their foreign producers.

In addition, importers must also evaluate any known or foreseeable hazards associated with specific foods they import.  This ‘hazard analysis’ is designed to evaluate all of the potential areas where food-borne illness may arise; from the harvesting of raw materials and food formulation, to transportation, storage, and final distribution.  Importers may rely on third-party auditors to evaluate the foreseeable risks in their supply chain, however, the importer must review and assess any evaluations from foreign producers or third-party auditors.

The FSVP is set to take effect in 18 months. The first step for U.S. importers is evaluate the supply chain policies they have in place and to develop and test additional ‘risk analysis’ protocols.  The FDA is in the process of creating additional guidance for importers, but knowledgeable counsel will likely be an invaluable resource when navigating these new and potentially onerous provisions of the FSMA.