On September 15, 2022, President Biden issued an Executive Order that provides direction to the Committee on Foreign Investment in the United States (“CFIUS”) regarding some of the factors it should consider when evaluating the national security risks posed by transactions within the jurisdiction of CFIUS. Although, in many ways, the Executive Order simply codifies the priorities and areas of interest on which people familiar with CFIUS understand CFIUS is focused, the Executive Order puts market participants on clear notice that CFIUS will scrutinize transactions that implicate such priorities and areas of interest.
In particular, the Executive Order identifies and elaborates on the following factors that CFIUS should consider when evaluating the effects of a particular transaction on U.S. national security.
- Supply Chain Security: The Executive Order directs CFIUS to consider the effect that a transaction could have on supply chain resilience and security (both within and outside the defense industrial base) in manufacturing capabilities, services, critical mineral resources, and certain important technologies, including microelectronics, artificial intelligence, biotechnology and biomanufacturing, quantum computing, advanced clean energy (such as battery storage and hydrogen), climate adaptation technologies, critical materials (such as lithium and rare earth elements), and elements of the agriculture industrial base that have implications for food security. Considerations that CFIUS should take into account include the risk posed by the foreign person or such foreign person’s third-party ties to the U.S. supply chain, as well as U.S. capabilities with respect to such manufacturing capabilities, services, critical mineral resources, and important technologies, and the degree of diversification of alternative suppliers in the U.S. supply chain.
- Technological Leadership: The Executive Order directs CFIUS to consider whether a transaction involves manufacturing capabilities, services, critical mineral resources, or technologies that are fundamental to U.S. technological leadership, including microelectronics, artificial intelligence, biotechnology and biomanufacturing, quantum computing, advanced clean energy, and climate adaptation technologies, and whether a transaction could reasonably result in future advancements and applications in technology that could undermine U.S. national security, including because of the threat posed by the foreign person or such foreign person’s third-party ties. The Executive Order calls on the Office of Science and Technology Policy (“OSTP”) to periodically publish a list of technology sectors that are fundamental to U.S. technology leadership in areas relevant to U.S. national security.
- Aggregate Industry Investment Trends: The Executive Order directs CFIUS to consider the national security risks posed by a transaction as a result of the foreign person or third parties tied to the foreign person having made multiple acquisitions or investments in a single sector or in related manufacturing capabilities, services, critical mineral resources, or technologies. The Executive Order allows CFIUS to request information necessary to evaluate this factor from the U.S. Department of Commerce, International Trade Administration.
- Cybersecurity Risks: The Executive Order directs CFIUS to consider whether a transaction provides a foreign person or third parties tied to the foreign person with direct or indirect access to capabilities or information databases and systems that could enable malicious cyber-enabled activities affecting the United States or U.S. persons (including undermining the protection or integrity of stored data, interfering in U.S. elections, critical infrastructure, the defense industrial base, and other cybersecurity national security priorities, and sabotaging critical energy infrastructure, including smart grids).
- Sensitive Data: The Executive Order directs CFIUS to consider whether a transaction involves a U.S. business that has access to: (i) sensitive data of U.S. persons, including health, digital identity, or other biological data, as well as data that could be identifiable or de‑anonymized, that could be exploited to distinguish or trace an individual’s identity in a manner that threatens U.S. national security; or (ii) data on sub-populations in the United States that could be used by a foreign person to target individuals or groups of individuals in a manner that threatens U.S. national security. The Executive Order also broadly directs CFIUS to consider whether a transaction involves the transfer of the sensitive personal data of U.S. persons to a foreign person who might take actions, or has third-party ties, that threaten or impair U.S. national security.
Finally, the Executive Order directs CFIUS to continue to review its processes, practices, and regulations on an ongoing basis, and to continue to make updates necessary or appropriate to ensure that CFIUS’s consideration of national security risks remains robust as the national security landscape continues to evolve. Given that, as noted above, the Executive Order mostly codifies CFIUS’s current priorities and areas of interest, we do not expect the Executive Order to result in significant or substantive changes in CFIUS’s current review practices or focus.
 The White House, “Executive Order on Ensuring Robust Consideration of Evolving National Security Risks by the Committee on Foreign Investment in the United States” (Sept. 15, 2022), available at https://www.whitehouse.gov/briefing-room/presidential-actions/2022/09/15/executive-order-on-ensuring-robust-consideration-of-evolving-national-security-risks-by-the-committee-on-foreign-investment-in-the-united-states/.