What is the Prognosis for Health Care Issues in the Next Congress?

By Joan Kutcher and Gary Heimberg on Posted in Health Issues

Joan Kutcher and Gary Heimberg delivered remarks during Covington’s post-election conference call with clients on November 8, 2018 on health care and drug pricing.  The health care segment follows:

 The Affordable Care Act has been an issue in every election since it passed in 2010.  This election was the first time the Democrats could fully embrace the law and its patient protections. The issue of pre-existing conditions, for instance, was in the forefront of many Democratic attack ads.  After the repeal and replace debate and the ACA-related executive orders, Republicans were on the defensive.

And, with the success of state ballot initiatives in Idaho, Utah and Nebraska and the election of  Democratic Governors in Maine, Wisconsin and Kansas, at least 6 additional states may expand their Medicaid programs — another feature of ACA.  With such an increase in the Medicaid eligible population, we may see proposals to allow states to manage costs that impact the drug industry (with more flexibility in state drug formularies) and the managed care industry; and proposals affecting Disproportionate Share Hospital payments to hospitals.

With that backdrop, we would not expect a replay of the repeal and replace debate in the next Congress. As recently as the day after the elections, Speaker McConnell backed away from his previous statements about it.

Rather, the House Democrats, especially the Energy and Commerce Committee under Frank Pallone, are likely to pursue legislation to shore up the insurance exchanges and to challenge recent Administrative actions authorizing the sale of short-term insurance plans and association health plans, which are considered by Democrats to undermine ACA because they can offer fewer benefits and lower cost.  In this area, House actions could take the form of both oversight hearings as well as legislative proposals.

While most of this action will occur only in the House, Senator Alexander, Chair of the HELP Committee may be interested in resurrecting his market stabilization legislation. If so, it is possible that such a measure could move on a bipartisan basis in the next Congress. (that is, the Democrats in the House and some Republicans and Democrats in the Senate.)

We do not expect gridlock on all health care issues. Which is good or bad news depending on your agenda.  In past congresses, major legislation was enacted on a bipartisan basis, like the 21st Century Cures Act, drug and device user fees, and opioid funding. Similarly, we anticipate some action on a number of matters, including 340B reform, diagnostic reform including devices and LDTs, more funding to fight the opioid epidemic, and possibly orphan drug policy reform.  Even if such bills move only in the House, experience demonstrates that they could form the basis for debate or enactment in the future.

Finally, now that the Congress is split, the Republicans may return their focus to the size of the deficit and the need for entitlement reform, especially in Medicare and Medicaid.  With that shift in focus, we should expect consideration of a number of proposals affecting the biopharma industry.

Congressional Investigations After the Midterm Elections

By Brian D. Smith on Posted in Congressional Investigations

Brian Smith delivered the following remarks during Covington’s post-election conference call with clients on November 8, 2018.

“Restoring the Constitution’s checks and balances to the Trump administration.”  That’s what Democratic leader Nancy Pelosi promised in her speech after the elections.

Congressional oversight and investigations thrive in divided government, and Democratic leaders are already promising a new wave of oversight.

While the press and pundits are mostly focused on the likely political investigations – access to the President’s tax returns or investigations of the Trump Organization’s business activities – the House’s investigative agenda is much broader, and it has direct implications for many of our clients.

For example, when we last had a Democratic House and a Republican President, in 2007 and 2008, Congress conducted large investigations of drug companies’ sales and marketing practices, technology companies’ sharing of customer data, and the financial industry’s corporate practices.  A decade later, these three sectors – pharmaceutical, financial services, and technology – remain prime targets for congressional scrutiny, along with energy, government contractors, and most other highly regulated industries.

Moreover, a lot has changed in the last decade to increase the congressional investigations risks.

First, more committees now possess dedicated and experienced oversight staff than ever before, and several committees have dedicated oversight and investigations subcommittees.  We expect oversight activities from all the major committees next year.

Second, in recent years, several committees have modified their rules to give the chairmen unilateral authority to issue subpoenas – a practice that we expect to continue next year.  Even though many investigations do not result in subpoenas, the potent threat of a subpoena – issued without committee vote or sometimes even notice – makes it much harder for companies to resist congressional demands.

Third, congressional investigations, which always ebb and flow depending on the political environment, have become much more consistent and a mainstay of today’s legislative process.

That trend has been driven, in part, by legislative gridlock, as Members turn to oversight and investigations as a way to affect policy, and private sector practices, that they cannot reach through legislation.  With the Senate remaining in Republican control, House Members will have a greater incentive to pursue policy goals through investigations.

In predicting next year’s investigations, history is often a good guide.

Continue Reading

The Week Ahead in the European Parliament – November 9, 2018

By Sebastian Vos on Posted in EU Law and Regulatory

Summary

Next week, Members of the European Parliament (“MEPs”) will gather in Strasbourg for the plenary session.

Interesting votes, debates and committee debates will take place.

On Monday, November 12, the Economic and Monetary Affairs Committee (“ECON”) will debate on a draft report supporting the Commission’s proposal on Sovereign Bond-Backed Securities (“SBBS”).  The proposal seeks to introduce a new financial instrument at the EU level, with the aim of enhancing financial stability and reducing risks in the banking sector.  Sovereign bond-backed securities are securities backed by a diversified portfolio of euro area central government bonds.  See the draft report on the Proposal here, and the Proposal here.

On Tuesday, November 13, MEPs will vote on the report on the proposal for a Directive on the promotion of the use of energy from renewable sources prepared by the Parliament’s Committee on Industry, Research and Energy (“ITRE”).  The Proposal sets new ambitious binding targets for renewables (32%) and energy efficiency (32.5%) by 2030.  It also aims to improve the design and stability of support schemes for renewables, the sustainability of the use of bioenergy, and to increase the level of ambition for the transport and heating/cooling sectors.  The Recast Directive will repeal the existing Directive on Renewable Energy Sources (“RES”).  The parliamentary draft report seeks to approve the position agreed among the Parliament, the Council of the EU and the Commission during interinstitutional negotiations.  See the Proposal here, the draft agreed position here.

On Wednesday, November 14, MEPs will debate and vote on the draft report, prepared by ITRE, on the European Electronic Communications Code.  The Code is part of the Commission’s Digital Single Market (“DSM”) Strategy and contains a range of safeguards aimed at EU-level harmonization for 5G and spectrum management, high-speed broadband technology, and seeks to level the regulatory playing field for “Over the Top” (“OTT”) services with that of traditional telecoms services.  Among other things, it aims to encourage telecoms operators with significant market power to invest in high-capacity broadband networks.  In return, such telecoms operators will benefit from reduced price and access regulation.  See the draft report here and the proposed Code here.

On Thursday, November 15, MEPs will vote on the report prepared by the Committee on Environment, Public Health and Food Safety (“ENVI”) on the Proposal for a Regulation on Persistent Organic Pollutants (“POPs”).  The purpose of the Proposal is to introduce, into the Union legal system, the most recent decisions which have been taken within the framework of the Stockholm Convention and the POPs Protocol.  It also calls for an involvement of the European Chemicals Agency (“ECHA”) in the implementation of the POPs Regulation.  See the draft report here, the Proposal here and the annexes to the Proposal here.

Meetings and Agenda

Monday, November 12, 2018 

Plenary session

17:00 – 23:00

Debates

  • Energy efficiency
    • Rapporteur: Miroslav POCHE (CZ, S&D)
  • Governance of the Energy Union
    • Rapporteurs: Michèle RIVASI (FR, Greens/EFA), Jakop DALUNDE (SE, Greens, EFA)
  • Promotion of the use of energy from renewable sources
    • Rapporteur: José Blanco López (ES, S&D)
  • Multiannual plan for small pelagic stocks in the Adriatic Sea and the fisheries exploiting those stocks
    • Rapporteur: Ruža Tomašić (HR, ECR)
  • Minimum standards for minorities in the EU
    • Rapporteur: József Nagy (SK, EPP)
  • Digitalisation for development: reducing poverty through technology
    • Rapporteur: Bogdan Brunon Wenta (PL, EPP)
  • EU development assistance in the field of education
    • Rapporteur: Vincent PEILLON (FR, S&D)

Committee on Economic and Monetary Affairs

19:30 – 22:00

  • Sovereign bond-backed securities (COD) – Consideration of a report
    • Rapporteur: Jakob von Weizsäcker (S&D, DE) (21.00-21.30)
  • Strengthening fiscal responsibility and the medium-term budgetary orientation in the Member States (CSN) – Consideration of amendments.
    • Rapporteur: Danuta Maria Hübner (EPP, PL)

Committee on the Environment, Public Health and Food Safety

19:30 – 21:30

Votes

  • European Social Fund Plus (ESF+) – Adoption of draft opinion –
    • Rapporteur: Cristian-Silviu BUŞOI (EPP, RO)
  • Establishing the InvestEU Programme – Adoption of draft opinion –
    • Rapporteur: Ivo BELET (EPP, BE)
  • Establishing the Digital Europe programme for the period 2021-2027 – Adoption of amendments
    • Rapporteur: Adina-Ioana VĂLEAN (EPP, RO)
  • Establishing the space programme of the Union and the European Union Agency for the Space Programme – Adoption of amendments
    • Rapporteur: Adina-Ioana VĂLEAN (EPP, RO)

Committee on Agriculture and Rural Development

19:30 – 22:30

  • Presentation by a Commission representative (DG AGRI) on the current situation in the sugar market
  • Presentation by a Commission representative on the state of play of the safeguard investigation concerning imports of ‘indica rice’ from Cambodia and Myanmar

Committee on Constitutional Affairs

219:00 – 21:00

Tuesday, November 13, 2018

Plenary session

09:00 – 11:50

Debates

  • Interim report on the Multiannual Financial Framework 2021-2027 – Parliament’s position with a view to an agreement
    • Rapporteurs: Jan Olbrycht (PL, EPP), Janusz Lewandowski (PL, EPP), Isabelle Thomas (FR, S&D), Gérard Deprez (BE, ALDE)

12:00 – 14:00

Votes followed by explanations of votes

  • Mobilisation of the European Union Solidarity Fund to provide assistance to Latvia
    • Rapporteur: Inese Vaidere (LV, EPP)

Debates

15:00 – 17:30

  • Debate with the Chancellor of Germany, Angela Merkel, on the Future of Europe

Debates

17:30 – 23:00

  • European security and the future of the Intermediate-Range Nuclear Forces Treaty
  • Implementation of the EU-Georgia Association Agreement
    • Rapporteur: Andrejs Mamikins (LV, S&D)
  • Implementation of the EU-Moldova Association Agreement
    • Rapporteur: Petras Auštrevičius (LT, ALDE)
  • Arms export: implementation of Common Position
    • Rapporteur: Sabine Lösing (DE, GEU/NGL)
  • Empowering competition authorities and ensuring the proper functioning of the internal market
    • Rapporteur: Andreas Schwab (DE, EPP)

Special Committee on Terrorism

20:00 – 23:30

Debates

  • Findings and recommendations of the Special Committee on Terrorism (INI) – vote on a draft report
    • Co-rapporteurs: Monika HOHLMEIER (EPP, DE) and Helga STEVENS (ECR, BE)

Wednesday, November 14, 2018

Plenary session

09:00 – 11:30

Debates

  • European Electronic Communications Code
    • Rapporteur: Pilar del Castillo Vera (ES, EPP)
  • Body of European Regulators for Electronic Communications
    • Rapporteur: Evžen Tošenovský (CZ, ECR)
  • CO2 emission performance standards for new heavy-duty vehicles
    • Rapporteur: Bas Eickhout (NL, Greens/EFA)

11:30 – 12:00

Formal sitting

  • Address by Cyril Ramaphosa, President of the Republic of South Africa

12:00 – 12:30
Award of the LUX Prize

 12:30 – 14:30

Votes followed by explanations of votes

  • Interim report on the Multiannual Financial Framework 2021-2027 – Parliament’s position with a view to an agreement
    • Rapporteur: Jan Olbrycht (PL, EPP), Janusz Lewandowski (PL, EPP), Isabelle Thomas (FR, S&D), Gérard Deprez (BE, ALDE)
  • Application of Articles 107 and 108 of the Treaty on the Functioning of the European Union to certain categories of horizontal State aid
    • Rapporteur: Sander LOONES (BE, ECR)
  • The rule of law in Romania
  • The Cum Ex Scandal: financial crime and the loopholes in the current legal framework

15:00 – 23:00

Debates

  • Rail passengers’ rights and obligations
    • Rapporteur: Bogusław Liberadzki (PL, S&D)
  • Persistent organic pollutants
    • Rapporteur: Julie Girling (UK, EPP)
  • Humanitarian visas
    • Rapporteur: Juan Fernando LÓPEZ AGUILAR (ES, S&D)

Thursday, November 15, 2018

Plenary session

09:00 – 11:50

Debates

  • Care services in the EU for improved gender equality
    • Rapporteur: Sirpa Pietikäinen (FI, EPP)
  • Lyme disease (Borreliosis)

12:00 – 14:00

Votes and explanation of votes

  • Motions for resolutions concerning debates on cases of breaches of human rights, democracy and the rule of law (Rule 135)
  • Need for a comprehensive Democracy, Rule of Law and Fundamental Rights mechanism
  • Texts on which debate is closed

15:00 – 16:00

Debates

Committee on Budgets

09:00 – 10:00

Committee on Regional Development

10:00 – 12:00

  • Establishing the Connecting Europe Facility (COD), adoption of draft opinion
    • Rapporteur: Mirosław Piotrowski (ECR, PL)

Committee on Culture and Education

08:30 – 09:00

  • European Social Fund Plus (ESF+) (COD), adoption of draft opinion, rapporteur for the opinion Petra Kammerevert (S&D, DE)
    • Rapporteur: Mirosław Piotrowski (ECR, PL)

 

 

Implications of the 2018 Midterm Elections for U.S. National Defense Policy and Spending

By Zachary Mears and Jeff Bozman on Posted in Defense Budget, Defense Issues

The aerospace and defense industry, including those in the defense trade press, have since late evening of November 6, 2018 been wrestling with the implications of the midterm elections for U.S. defense policy and spending over the next two years.  Quite frankly, it is too early to say with certainty. As Leo Rosten, the famous political scientist and humorist, once said, “Some things are so unexpected that no one is prepared for them.” That statement seems an appropriate caution given the current tumult of U.S. domestic politics.

That caution given, we can offer a couple, dare we say, steadfast observations about what is likely to be “normal” even given change to control of the House:

  • The President retains significant power to determine national security policy, and often enjoys first-mover advantage in this area; continuity, rather than change, will likely be the broad theme.
  • Congress has passed an annual National Defense Authorization Act for 58 consecutive years, and we expect them to do so again. This remains a must-pass piece of legislation, including policy issues in the jurisdiction of other committees (for example, the Foreign Investment Risk Review Modernization Act that governs the Committee on Foreign Investment in the United States was included in last year’s defense bill).

But with the change in control of the House, we do expect a more contentious and potentially drawn out debate regarding key defense policy priorities of the Trump administration and congressional Republicans.  Continue Reading

Drug Pricing In The New Congress

By Gary Heimberg and Joan Kutcher on Posted in Food and Drug Law, Uncategorized
  • Drug pricing presents intriguing political dynamics. Whether and what policy prescriptions actually come to fruition in the next two years remain to be seen, but the rhetoric around the imperative to lower drug pricing — and the political pressure to act — will be more intense than we have seen to date.
  • President Trump and House Democrats might vie for ownership of this populist issue that continues to resonate.  Ironically, there is substantively less distance between the Administration and Democrats in this space than perhaps any other.  The big question will be whether there is the political will to capitalize on this philosophical common ground and work together to legislate — as the President has already expressed interest in doing — or will the two sides instead engage in a rhetorical “can you top this” contest, teeing up drug pricing as a 2020 national election issue?
  • The President staked an early claim on drug pricing and has kept the drumbeat going — via tweets, issuance of the Blueprint and subsequent targeted rulemaking, including use of foreign reference pricing to force negotiations in Medicare Part B.  A Martian landing on Earth could reasonably conclude that this kind of proposal surely came from a progressive Democratic Administration!
  • So, what might actually happen in this world turned upside down in which a Republican Administration and a Democratic controlled House express support for similar drug pricing policy solutions?
  • Some “bridge too far” Democratic priorities will get air time but will not have the support needed to get done.  In this bucket is repeal of the non-interference clause to allow direct negotiations in Medicare Part D  — and authorization of compulsory licensing of intellectual property where negotiations do not bear fruit.  HHS Secretary Azar opposes these proposals, which also would not get through the Republican controlled Senate.
  • The “realm of the possible” bucket for bipartisan support includes:  the pending drug payment pilot and related negotiating mechanisms in Medicare Part B; revisiting of Part D “doughnut hole” responsibilities and related issues around the catastrophic coverage “cliff” for beneficiaries; rebate reform and additional pricing transparency for manufacturers and PBMs; passage of the CREATES Act and others means to speed development of generic drugs; DTC advertising disclosure requirements, promotion of value-based contracts, and possibly even some form of a price gouging enforcement.  Congress could also respond to the forthcoming Part D rule depending on its content.
  • Be on the lookout too for a long time Democratic favorite — drug importation, which was not in the President’s Blueprint and is not supported by Secretary Azar but remains a popular issue and is politically difficult to oppose on its face, including for many Republicans.
  • A Democratic House as well as the GOP Senate will see the ascendance of new leaders in committees of jurisdiction.
    • Frank Pallone will be chair of the full Energy and Commerce Committee — he represents a bio-pharma industry heavy district but has also been a drug pricing critic from time to time.
    • Democrats are expected to choose among up to three candidates for Chair of the Health Subcommittee — Anna Eshoo, who led the way on protection of intellectual property rights for innovative biologics and Diana DeGette, who co-led the landmark 21st Century Cures Act — or Jan Schakowsky, who has been a forceful critic of industry and drug pricing.  This decision could significantly impact the agenda next year on drug pricing.
    • Similar decisions and philosophical contrasts await in the House Ways and Means Health Committee, where potential chairmen include Lloyd Doggett, the leading proponent of compulsory licensing, and Mike Thompson, who has a more moderate approach on pharmaceutical issues.
    • There is also a significant Oversight and Investigations component of the drug pricing debate, which impacts the legislative agenda as well.
    • In the Senate, Finance Committee Chairman Orrin Hatch, the bio-pharma industry’s staunchest defender, has retired.  He is likely to be replaced by Charles Grassley — transparency champion, seasoned investigator and sponsor of the CREATES Act.  Expect more oversight and legislative challenges for industry under his watch.
  • Bottom line — stakeholders in the drug pricing sphere should buckle up for a wild ride.  We don’t know yet how the politics here will play out. What we do know is that this topic will be a hot one — if not the hottest — and industry innovators will be on the hot-seat more than ever before.

 

Canadian Privacy Commissioner Releases Official Guidance as Data Breach Law Takes Effect

By Sari Sharoni on Posted in Cybersecurity, International Strategy, Privacy

Canada’s new data breach law, The Personal Information Protection and Electronic Documents Act (“PIPEDA”), took effect on November 1. Official guidance released by the country’s Privacy Commissioner explains a few of the law’s key provisions that will affect organizations, specifically, breach reporting and notification obligations, their triggers, and record retention.

Reporting & Notification Obligations

Under the new law, an organization must report and notify individuals of a data breach involving personal information under its control if it reasonably determines the breach creates a “real risk of significant harm” to an individual, regardless of the number of individuals affected. (The guidance states a covered breach that affects only one individual would nonetheless require reporting and notification.) Importantly, the organization that controls the data is required to report and notify individuals of the breach—the guidance clarifies that even when an organization has transferred data to a third-party processor, the organization remains ultimately responsible for reporting and notification. The guidance encourages organizations to mitigate their risk in the event their third-party processor faces a breach by entering sufficient contractual arrangements.

Notification to individuals must be given “as soon as feasible” after the organization has determined a covered breach has occurred. The guidance states the notification must be conspicuous, understandable, and given directly to the individual in most circumstances. It must include enough information to communicate the significance of the breach and allow the those affected to take any steps possible to reduce their risk of harm. The regulations further specify the information a notification must include. In certain circumstances, organizations are also required to notify governmental institutions or organizations of a covered breach; for example, an organization may be required to notify law enforcement if it believes it may be able to reduce the risk of harm.

“Real Risk of Significant Harm”

The ultimate question for organizations to answer, to determine whether their reporting and notification obligations are triggered, is whether the breach creates a “real risk of significant harm.” The guidance defines “significant harm” as bodily harm, humiliation, reputation or relationship damage, loss of employment, business, or professional opportunities, financial loss, identity theft, negative effects on a credit record, and damage to or loss of property. Whether a breach of personal information creates a “real risk” of significant harm is determined by the sensitivity of the information and the probability it has been, is, or will be misused. The guidance further explains an organization should determine the “sensitivity” of information by looking to what personal information has been breached and the circumstances of the breach, but some information may be “clearly sensitive.” The guidance also lays out a number of questions an organization should consider to determine the probability of misuse, including whether a number of pieces of personal information were breached, how long the information was exposed, and whether there is evidence of malicious intent.

Record-keeping

Finally, the guidance explains the law requires an organization to keep and maintain records of every breach of personal information for two years, regardless whether the breach created a real risk of significant harm. These records must contain sufficient information to enable the Office of the Privacy Commissioner to verify the organization’s compliance with the law. At a minimum, this includes the date or estimated date of the breach, a general description of its circumstances, the nature of the information involved, whether the breach was reported and individuals were notified, and how the organization determined there was not a real risk of significant harm for breaches it did not report.

“Hey Big Spender . . .”: GAO Reiterates That Agencies Must Meaningfully Consider Price In Best Value Tradeoffs

By Hunter Bennett and Evan R. Sherwood on Posted in Compliance Issues, Government Contracts, Uncategorized

In three related bid protest decisions made public last week, the Government Accountability Office (“GAO”) reaffirmed the principle that agencies must meaningfully consider price when making best value tradeoff decisions.  GAO sustained the protests, stressing that merely paying lip service to price while selecting a more expensive, higher-rated offeror is not sufficient — agencies must provide a rational explanation for why they have decided to pay a premium for the awardee’s technical superiority.

In Solers, Inc., B-414672.3 et al.; Technatomy Corporation, B-414672.5; and OGSystems, LLC, B-414672.6 et al., three disappointed offerors challenged the Defense Information Systems Agency’s (“DISA”) award of Multiple Award Task Order contracts to 14 contractors as part of the Systems Engineering, Technology, and Innovation program.

The solicitation provided that DISA would make award on a best-value tradeoff basis considering price and four technical factors that, when combined, were significantly more important than price.  The agency made award to the 14 highest rated proposals in the non-price factors, opining — without elaboration — that “the technical merit of those proposals justifies paying a price premium over lower-rated, lower-priced proposals.”  Indeed, throughout the evaluation process, the agency repeatedly noted — again without elaboration — that the awardees’ proposals were worth a premium.

The three protestors raised a host of different claims, but each one challenged the best value determination, arguing that DISA failed to meaningfully consider price.  GAO agreed, holding that the agency had performed a mechanical tradeoff that relied exclusively on adjectival ratings and excluded technically acceptable proposals without any meaningful consideration of their price.  GAO was unimpressed by the agency’s “one-sentence conclusion” — repeated “nearly verbatim” throughout the evaluation record — that, “due to strengths on the non-price factors, the 14 awardees merited selection over lower-rated, lower-priced proposals[.]”  It found “such consideration of price to be nominal” and opined that “anything less would be to ignore price completely.”

GAO also noted that the source selection authority (“SSA”) missed the point when it concluded that there was a “clear break” between the offerors who received award and the disappointed offerors who purportedly “d[id] not have sufficient technical merit to justify making additional awards.”  In GAO’s view, the SSA failed to consider the relevant question, which was “whether the higher-rated proposals were worth the associated price premium.”  GAO explained that “there is no indication that price played a role in determining the ‘clear break’ in the proposals.”

These decisions serve as an important reminder that disappointed offerors who lose best value tradeoff procurements to a higher-priced, higher-rated offeror should try to assess during the debriefing process whether the agency can articulate a rational justification for paying a premium to the awardee.  If the agency is unable to do so, the disappointed offeror should consider filing a bid protest.

Litigation Options For Post-Cyberattack ‘Active Defense’

By Alexander Berengaut and Tarek Austin on Posted in Congressional Action, Cybersecurity, Privacy, Uncategorized

In March 2017, Rep. Tom Graves, R-Ga., introduced a draft bill titled the Active Cyber Defense Certainty Act. The bill would amend the Computer Fraud and Abuse Act to enable victims of cyberattacks to employ “limited defensive measures that exceed the boundaries of one’s network in order to monitor, identify and stop attackers.”[1] More specifically, the ACDC would empower individuals and companies to leave their own network to ascertain the perpetrator (i.e., establish attribution), disrupt cyberattacks without damaging others’ computers, retrieve and destroy stolen files, monitor the behavior of an attacker, and utilize beaconing technology.[2] An updated, bipartisan version of the bill was introduced by Rep. Graves and Rep. Kyrsten Sinema, D-Ariz., in October 2017.[3]

There has been significant debate on whether the types of “self-help” measures that the ACDC expressly authorizes — sometimes referred to as “active defense” — are currently prohibited by the CFAA. While no court has yet ruled on the issue, several commentators (and the U.S. Department of Justice) have long argued that because the CFAA prohibits accessing computers without “authorization,” cyberattack victims expose themselves to criminal liability if they venture outside their network to unmask an attacker and disrupt, disable or destroy the attacker’s system.[4] The purpose of the ACDC is to reduce legal uncertainty by, in effect, providing a statutory safe harbor for victims of cyberattacks to “hack back” — under the right circumstances, and subject to limitations.

In addition to the legal question of whether active defense is currently barred by the CFAA, the desirability of active defense as a policy matter has also been debated. Advocates of the ACDC have argued that companies, no matter how sophisticated their preventive cyber defenses, continue to suffer major breaches, and that the number of cyberattacks far exceeds the government’s ability to identify and prosecute criminals. They argue that in a lopsided cyber battlefield, victims need additional tools to actively respond to ongoing attacks. In critics’ view, however, the bill will promote cyber-vigilantism by victims who are overeager to aggressively strike back at cyber intruders and thieves — thereby creating tit-for-tat patterns of retribution and a significant risk of collateral damage to innocent third-party computer systems.

While the legal and policy debates raised by the ACDC are important, they often overlook the fact that victims of hostile cyber activity may already be able to avail themselves of the judicial process to lawfully engage in the types of “active defense” measures that the ACDC would expressly authorize. Several such techniques of “active defense through litigation” are relatively well-established; others are untested. Because active defense through litigation necessarily involves the judicial process, moreover, it can be relatively time-consuming (particularly in comparison with the more immediate responsive measures contemplated by the ACDC). Although courts can provide certain forms of expedited relief in a matter of days or even less, this time frame may be prohibitive in some cases. Nevertheless, for victims of cyberattacks that are weighing an active response, it may be worth considering one or more of these options.

The most established and typical form of active defense through litigation is using third-party discovery to obtain information about the perpetrators of a cyber-intrusion and, potentially, establishing “attribution” of the culprit. In Liberty Media Holdings LLC v. Does 1-59, for example, hackers unlawfully accessed copyrighted materials on a company’s protected website.[5] The company brought suit against the unknown culprits — named “John Does” in the complaint — for violating the CFAA, the Electronic Communications Privacy Act and the Copyright Act.[6] It then provided the court with the internet protocol addresses of each defendant.[7] The court granted the company’s motion that it be allowed to serve subpoenas on the defendants’ internet service providers and cable providers to compel them to “produce all documents and/or information sufficient to identify the users of the IP addresses.”[8] Continue Reading

China in Africa: Recent Developments

By Kimberly Stietz and Kgabo Mashalane on Posted in Africa, Asia, China

In 1998, China announced its “go out” or “go global” policy aimed at encouraging its enterprises to invest overseas. In 2013 this policy was reinforced with China’s introduction of its One Belt, One Road (OBOR) or “Belt & Road” initiative, which seeks to enhance development and trade routes in the region, connecting China with other countries along the ancient Silk road and a new Maritime Silk Road. Significant international anxiety has been expressed about China’s global ambitions generally, and as it pertains to Africa in particular, with some calling China’s OBOR initiative “neo-colonial” and raising concerns about China’s investments in Africa serving as a possible “debt trap.” On the other hand, China’s general policy of non-interference has led African leaders to describe China’s partnership with African countries as a “win-win.”

Below we examine recent trends related to China’s activity in Africa, including China’s 2018 FOCAC pledge of US$60 billion in financing, recent commitments made at the BRICS Summit, and China’s increasing foreign direct investment (FDI) on the continent.

Forum on China-Africa Cooperation (FOCAC)

On September 3, 2018, Chinese President Xi Jinping pledged US$60 billion in financing for projects in Africa. Of this total pledge, US$15 billion will take the form of grants, infrastructure, and concessional loans; US$20 billion will be available in credit lines; US$10 billion for development financing; and US$5 billion to buy imports from Africa. China made a similar US$60 billion pledge in 2015.

At the opening ceremony, President Xi emphasized China’s “five-no” approach to Africa:

[N]o interference in African countries’ pursuit of development paths that fit their national conditions; no interference in African countries’ internal affairs; no imposition of our will on African countries; no attachment of political strings to assistance to Africa; and no seeking of selfish political gains in investment and financing cooperation with Africa.

It is China’s policy of non-interference that leads many African leaders to echo South African President Ramaphosa’s rejection of the view that a new colonialism is taking hold in Africa regarding China’s investment in Africa. Continue Reading

The Week Ahead in the European Parliament – October 26, 2018

By Sebastian Vos on Posted in EU Law and Regulatory

Summary

This past week, the European Parliament held a plenary session in Strasbourg.

On Tuesday, 23 October, Members of the European Parliament (“MEPs”) approved the amendments on the proposal for a Directive on the quality of water intended for human consumption.  The amendments call for increasing consumers’ confidence in drinking water from the tap.  To do so, Member States should also provide universal access to clean water and improve water access in cities and public spaces.  The measures of the Directive are intended to contribute to reducing plastic usage and litter – plastic bottles are one of the most common single-use plastic products found on Europe’s beaches and seas.  See the amendments adopted here.

On Wednesday, 24 October, MEPs agreed their position on the proposal for a Single-Use Plastics Directive.  The purpose of the proposal is to prevent and reduce the impact of certain plastic products on the environment.  The new rules target the ten single-use plastic products found most often on Europe’s beaches and seas.  The new rules also include obligations for producers to help cover the costs of waste management, collection targets, and a short timeline for achieving reductions in the consumption of certain single-use plastic products, including plastic tobacco filters.  See the text adopted here.

On Thursday, MEPs approved a motion for a resolution on the use of Facebook users’ data by Cambridge Analytica and the impact on data protection.  The resolution calls for Facebook and other platforms to allow EU bodies to audit users’ data security.  The resolution also calls for the prevention of election manipulation on social media platforms, and for a reform of EU competition rules to take greater account of data held by undertakings.  See the text adopted here.

Meetings and Agenda

  • No official meetings in the European Parliament are planned before October 26, 2018.
LexBlog