Supply Chains are the Next Subject of Cyberattacks

The cyberthreat landscape is evolving as threat actors develop new tactics to keep up with increasingly sophisticated corporate IT environments. In particular, threat actors are increasingly exploiting supply chain vulnerabilities to reach downstream targets.

The effects of supply chain cyberattacks are far-reaching, and can affect downstream organizations. The effects can also last long after the attack was first deployed. According to an Identity Theft Resource Center report, “more than 10 million people were impacted by supply chain attacks targeting 1,743 entities that had access to multiple organizations’ data” in 2022. Based upon an IBM analysis, the cost of a data breach averaged $4.45 million in 2023.

What is a supply chain cyberattack?

Supply chain cyberattacks are a type of cyberattack in which a threat actor targets a business offering third-party services to other companies. The threat actor will then leverage its access to the target to reach and cause damage to the business’s customers. Supply chain cyberattacks may be perpetrated in different ways.

  • Software-Enabled Attack: This occurs when a threat actor uses an existing software vulnerability to compromise the systems and data of organizations running the software containing the vulnerability. For example, Apache Log4j is an open source code used by developers in software to add a function for maintaining records of system activity. In November 2021, there were public reports of a Log4j remote execution code vulnerability that allowed threat actors to infiltrate target software running on outdated Log4j code versions. As a result, threat actors gained access to the systems, networks, and data of many organizations in the public and private sectors that used software containing the vulnerable Log4j version. Although security upgrades (i.e., patches) have since been issued to address the Log4j vulnerability, many software and apps are still running with outdated (i.e., unpatched) versions of Log4j.
  • Software Supply Chain Attack: This is the most common type of supply chain cyberattack, and occurs when a threat actor infiltrates and compromises software with malicious code either before the software is provided to consumers or by deploying malicious software updates masquerading as legitimate patches. All users of the compromised software are affected by this type of attack. For example, Blackbaud, Inc., a software company providing cloud hosting services to for-profit and non-profit entities across multiple industries, was ground zero for a software supply chain cyberattack after a threat actor deployed ransomware in its systems that had downstream effects on Blackbaud’s customers, including 45,000 companies. Similarly in May 2023, Progress Software’s MOVEit file-transfer tool was targeted with a ransomware attack, which allowed threat actors to steal data from customers that used the MOVEit app, including government agencies and businesses worldwide.

Legal and Regulatory Risks

Cyberattacks can often expose personal data to unauthorized access and acquisition by a threat actor. When this occurs, companies’ notification obligations under the data breach laws of jurisdictions in which affected individuals reside are triggered. In general, data breach laws require affected companies to submit notice of the incident to affected individuals and, depending on the facts of the incident and the number of such individuals, also to regulators, the media, and consumer reporting agencies. Companies may also have an obligation to notify their customers, vendors, and other business partners based on their contracts with these parties. These reporting requirements increase the likelihood of follow-up inquiries, and in some cases, investigations by regulators. Reporting a data breach also increases a company’s risk of being targeted with private lawsuits, including class actions and lawsuits initiated by business customers, in which plaintiffs may seek different types of relief including injunctive relief, monetary damages, and civil penalties.

The legal and regulatory risks in the aftermath of a cyberattack can persist long after a company has addressed the immediate issues that caused the incident initially. For example, in the aftermath of the cyberattack, Blackbaud was investigated by multiple government authorities and targeted with private lawsuits. While the private suits remain ongoing, Blackbaud settled with state regulators ($49,500,000), the U.S. Federal Trade Commission, and the U.S. Securities Exchange Commission (SEC) ($3,000,000) in 2023 and 2024, almost four years after it first experienced the cyberattack. Other companies that experienced high-profile cyberattacks have also been targeted with securities class action lawsuits by shareholders, and in at least one instance, regulators have named a company’s Chief Information Security Officer in an enforcement action, underscoring the professional risks cyberattacks pose to corporate security leaders.

What Steps Can Companies Take to Mitigate Risk?

First, threat actors will continue to refine their tactics and techniques. Thus, all organizations must adapt and stay current with all regulations and legislation surrounding cybersecurity. Cybersecurity and Infrastructure Security Agency (CISA) urges developer education for creating secure code and verifying third-party components.

Second, stay proactive. Organizations must re-examine not only their own security practices but also those of their vendors and third-party suppliers. If third and fourth parties have access to an organization’s data, it is imperative to ensure that those parties have good data protection practices.

Third, companies should adopt guidelines for suppliers around data and cybersecurity at the outset of a relationship since it may be difficult to get suppliers to adhere to policies after the contract has been signed. For example, some entities have detailed processes requiring suppliers to inform of attacks and conduct impact assessments after the fact. In addition, some entities expect suppliers to follow specific sequences of steps after a cyberattack. At the same time, some entities may also apply the same threat intelligence that it uses for its own defense to its critical suppliers, and may require suppliers to implement proactive security controls, such as incident response plans, ahead of an attack.

Finally, all companies should strive to minimize threats to their software supply by establishing strong security strategies at the ground level.

Understanding How U.S. Export Controls Affect Manufacturers’ Hiring Practices

The U.S. government has adjusted export control regulations in an effort to protect U.S. national security interests. The revisions primarily affect export of electronic computing items and semiconductors to prevent foreign powers from obtaining critical technologies that may threaten national security. As manufacturers are facing increased demand for their products and critical labor shortages, they may find themselves seeking to hire foreign national talent and navigating U.S. export control and immigration and anti-discrimination laws.

Export Control Laws in United States

The primary export control laws in the United States are the International Traffic in Arms Regulations (ITAR) and Export Administration Regulations (EAR). Under these regulations, U.S. Persons working for U.S. companies can access export-controlled items without authorization from the U.S. government. U.S. Persons include: U.S. citizens, U.S. nationals, Lawful permanent residents, Refugees, and Asylees. Employers might need authorization from the appropriate federal agency to “export” (in lay terms, share or release) export-controlled items to workers who are not U.S. Persons, which the regulations call foreign persons. Employers apply for such authorization from either the U.S. Department of State or the U.S. Department of Commerce, depending on the item.

The release of technical data or technology to a foreign person that occurs within the United States is “deemed” to be an export to the foreign person’s “home country.” Whether an export license is required for a particular release may depend on both the nature of export controls applicable to the technology or technical data (including whether it is subject to the ITAR or EAR) and the citizenship of the foreign person.

Recent revisions to the EAR cover controls on advanced computing integrated circuits (ICs), computer commodities that contain such ICs, and certain semiconductor manufacturing items, among other controls. These revisions particularly affect semiconductor and chip manufacturers and exporters.

Intersection With Immigration and Anti-Discrimination Laws

The U.S. Immigration and Nationality Act (INA) and Title VII of the Civil Rights Act 1964 prohibit discrimination based on protected characteristics.

The INA prohibits discrimination based on national origin or citizenship, among other characteristics. Title VII prohibits discrimination based on race and national origin, which typically includes discrimination based on citizenship or immigration status. Furthermore, the INA prohibits “unfair documentary practices,” which are identified as instances where employers request more or different documents than those necessary to verify employment eligibility or request such documents with the intent to discriminate based on national origin or citizenship.

The intersection of export control laws, immigration, and anti-discrimination laws can create a confusing landscape for employers, particularly manufacturers or exporters of export-controlled items. Manufacturers and exporters, like all employers, must collect identity and employment authorization documentation to ensure I-9 compliance. At the same time, however, they must collect information relating to a U.S. Person in connection with export compliance assessments. To address these areas of exposure for employers, the U.S. Department of Justice’s Civil Rights Division released an employer fact sheet to provide guidance for employers that includes best practices to avoid discrimination.

Implications

To ensure compliance under these rules, employers should separate the I-9 employment authorization documentation process from the export control U.S. Person or foreign person identification process. Employers should implement or revisit internal procedures and provide updated training to employees.

The export rule revisions highlight the challenges for employers in avoiding discrimination when complying with export control laws. Manufacturers and exporters should review their compliance practices regarding U.S. export control, immigration, and anti-discrimination laws with experienced counsel. Employers should implement policies and procedures reasonably tailored to address export control compliance requirements while not engaging in discrimination on the basis of citizenship or national origin.

Jackson Lewis P.C. © 2024

by: Maurice G. Jenkins , Kimberly M. Bennett of Jackson Lewis P.C.

For more news on Export Control Laws, visit the NLR Antitrust & Trade Regulation section.

Marijuana in the Manufacturing Workplace

The requirement to maintain a safe workplace often clashes with state and local laws that protect the rights of individuals who use marijuana while off-duty, creating unique challenges for manufacturing employers.

Manufacturing employers still may prohibit the use of marijuana at work, as well as marijuana impairment at work. But marijuana drug testing is complicated and controversial because of the legal protections for off-duty marijuana use in some states and cities, the legal protections for medical marijuana users in many jurisdictions, and because there are no drug tests that can detect current marijuana impairment or very recent use of marijuana.

Federal Law

Manufacturers no longer should defend “zero tolerance” marijuana drug testing policies. Previously, employers could argue that marijuana still is illegal under federal law or that the employer is a federal contractor that must comply with the federal Drug-Free Workplace Act. The federal government has not enforced the law that makes marijuana illegal for some time, and it has permitted states to create and enforce their own laws with respect to medical and recreational marijuana.

Some courts have recognized that the federal government is allowing state governments to regulate marijuana and, therefore, courts are enforcing state marijuana laws despite marijuana’s illegal status at the federal level. Courts also have rejected arguments that federal contractors “must follow federal law” because the federal Drug-Free Workplace Act does not require drug testing and does not permit employers to regulate off-duty conduct.

State Laws

At present, 39 states and the District of Columbia have medical marijuana laws, while 22 states and the District of Columbia have recreational marijuana laws (Maryland’s law will take effect in July and others will be enacted in the coming months). Many of these laws provide employment protections to applicants and employees. The variations in the laws make it difficult for multi-state manufacturers to have consistent marijuana policies in all locations.

What It Means for Employers

Due to the recent trend in some states to protect off-duty use of marijuana, and even prohibiting pre-employment marijuana testing, many manufacturers are discontinuing pre-employment marijuana testing, especially in states where marijuana is legal. Applicants often are surprised to learn that a positive marijuana drug test will lead to withdrawal of the job offer. If the positive marijuana drug test result is due to medical use (and there are no general off-duty protections in the state), manufacturers must be familiar with the applicable law.

Some states prohibit discrimination against medical marijuana users, while other states may allow an employer to take an adverse employment action if the job is considered “safety-sensitive,” i.e., a job with dangerous duties, as defined by applicable state law.

In certain other states where discrimination is prohibited and the manufacturing employer has safety concerns, the employer should engage in the “individualized assessment” and “direct threat analysis” required under state laws that mirror the federal Americans With Disabilities Act. This process includes discussions with the applicant and the applicant’s physician to assess the safety risk.

Reasonable suspicion marijuana testing is permissible in most states because impairment at work never is permitted. In states where off-duty marijuana use is protected, manufacturers should rely on the impaired behaviors when taking disciplinary action, rather than rely solely on the positive marijuana drug test result (assuming that testing for marijuana is permitted). This is because marijuana stays in the human body for a long time, so the positive drug test result is not conclusive proof that the employee was impaired at work. Manufacturers also should make sure that supervisors and managers are trained to observe and document reasonable suspicion determinations properly, as these documented observations will be key evidence in a potential lawsuit.

To make matters even more complicated, CBD (cannabidiol), “low THC,” and hemp products are being marketed and sold everywhere since Congress legalized hemp (having no more than 0.3 percent THC, the psychoactive component of marijuana) in 2018. Separate from marijuana laws, the use of “low THC” or CBD products is allowed in a number of states, usually for medical purposes, which means that manufacturing employers should tread carefully when an applicant or employee claims to use CBD products for medical reasons. While many CBD and hemp products are marketed as having little or no THC, these statements may not be true, because the U.S. Food and Drug Administration does not yet regulate them. These products may cause positive drug test results for marijuana. There has been an increase in lawsuits where former employees claim that their positive marijuana drug test results allegedly were caused by CBD products.

While it appears that marijuana eventually will be legalized at the federal level, manufacturers must ensure they are complying with all applicable laws. Manufacturing employers should:

  • Review drug and alcohol policies for compliance with applicable drug testing and marijuana laws;
  • Remove marijuana from the drug testing panel in locations where testing for marijuana is prohibited and locations where off-duty use is protected and consider removing it in other locations where it may be an obstacle in the hiring process;
  • Train Human Resources employees and other managers to engage in the interactive process with employees who use medical marijuana (or medical CBD products); and
  • Train supervisors to make appropriate and timely “reasonable suspicion” determinations.

Jackson Lewis P.C. © 2023

For more cannabis legal news, click here to visit the National Law Review.

Secure Software Regulations and Self-Attestation Required for Federal Contractors

US Policy and Regulatory Alert

Government contractors providing software across the federal government’s supply chain will be required later this year to comply with a new Secure Software Design Framework (SSDF). The SSDF requires software vendors to attest to new security controls in the design of code used by the federal government.

Cybersecurity Compromises of Government Software on the Rise

In the aftermath of the cybersecurity compromises of significant enterprise software systems embedded in government supply chains, the federal government has increasingly prioritized reducing the vulnerability of software used within agency networks. Recognizing that most of the enterprise software that is used by the federal government is provided by a wide range of private sector contractors, the White House has been moving to impose a range of new software security regulations on both prime and subcontractors. One priority area is an effort to require government contractors to ensure that software used by federal agencies incorporates security by design. As a result, federal contractors supplying software to the government now face a new set of requirements to supply secure software code. That is, to provide software that is developed with security in mind so that flaws and vulnerabilities can be mitigated before the government buys and deploys the software.

The SSDF as A Government Response

In response, the White House issued Executive Order 14028, “Executive Order on Improving the Nation’s Cybersecurity” (EO 14028), on 12 May 2021. EO 14028 requires the National Institute of Standards and Technology (NIST) to develop standards, tools, and best practices to enhance the security of the software supply chain. NIST subsequently promulgated the SSDF in special publication NIST SP 800-218. EO 14028 also mandates that the director of the Office of Management and Budget (OMB) take appropriate steps to ensure that federal agencies comply with NIST guidance and standards regarding the SSDF. This resulted in OMB Memorandum M-22-18, “Enhancing the Security of the Software Supply Chain through Secure Software Development Practices” (M-22-18). The OMB memo provides that a federal agency may use software subject to M-22-18’s requirements only if the producer of that software has first attested to compliance with federal government-specified secure software development practices drawn from the SSDF. Meaning, if the producer of the software cannot attest to meeting the NIST requirements, it will not be able to supply software to the federal government. There are some exceptions and processes for software to gradually enter into compliance under various milestones for improvements, all of which are highly technical and subjective.

In accordance with these regulations, the Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security issued a draft form for collecting the relevant attestations and associated information. CISA released the draft form on 27 April 2023 and is accepting comments until 26 June 2023.1

SSDF Implementation Deadline and Requirements for Government Suppliers

CISA initially set a deadline of 11 June 2023 for critical software and 13 September 2023 for non-critical software to comply with SSDF. Press reports indicate that these deadlines will be extended due to both the complexity of the SSDF requirements and the fact that the comment period remains open until 26 June  2023. However, CISA has not yet confirmed an extension of the deadline.

Attestation and Compliance with the SSDF

Based on what we know now, the attestation form generally requires software producers to confirm that:

  • The software was developed and built in secure environments.
  • The software producer has made a good-faith effort to maintain trusted source code supply chains.
  • The software producer maintains provenance data for internal and third-party code incorporated into the software.
  • The software producer employed automated tools or comparable processes that check for security vulnerabilities.

Software producers that must comply with SSDF should move quickly and begin reviewing their approach to software security. The SSDF requirements are complex and likely will take time to review, implement, and document. In particular, many of the requirements call for subjective analysis rather than objective evaluation against a set of quantifiable criteria, as is usually the case with such regulations. The SSDF also includes numerous ambiguities. For example, the SSDF requires versioning changes in software to have certain impacts in the security assessment, although the term “versioning” does not have a standard definition in the software sector.

Next Steps and Ricks of Noncompliance

Critically, the attestations on the new form carry risk under the civil False Claims Act for government contractors and subcontractors. Given the fact that many of the attestations require subjective analysis, contractors must take exceptional care in completing the attestation form. Contractors should carefully document their assessment that the software they produce is compliant. In particular, contractors and other interested parties should use this opportunity to share feedback and insights with CISA through the public comment process.

K&L Gates lawyers in our National Security Practice are closely tracking the implementation of these new requirements.


1 88 Fed. Reg. 25,670.

Copyright 2023 K & L Gates

EU PFAS Ban Should Raise U.S. Corporate Concerns

On February 7, 2023, the European Chemical Agency (ECHA) unveiled a 200 page proposal that would ban the use of any PFAS in the EU. While the proposal was anticipated by many, the scope of the ban nonetheless drew reactions from a myriad of sectors – from environmentalists to scientists to corporations. U.S. based companies that have any industrial or business interests in the EU must absolutely pay close attention to the EU PFAS ban and consider the impact on business interests.

EU PFAS Ban Proposal

The EU PFAS ban currently proposed would take effect 18 months from the date of enactment; however, the ECHA is contemplating phased-in restrictions of up to 12 years for uses that the group considers challenging to replace in certain applications. The proposal is only the inception of the ECHA regulatory process, which next turns to a public comment period that opens on March 22, 2023 and will run for at least six months. ECHA’s scientific committees to review the proposal and provide feedback. Given the magnitude of comments expected and the likely hurdles that the ECHA will face in finalizing the proposal, it is not expected that the proposal would be finalized prior to 2025.

The EU PFAS ban seeks to prohibit the use of over 10,000 PFAS types, excluding only a sub-class of PFAS that have been deemed “fully degradable.” The proposal indicates: “…the restriction proposal is tailored to address the manufactureplacing on the market, as well as the use of PFASs as such and as constituents in other substances, in mixtures and in articles above a certain concentration. All uses of PFASs are covered by this restriction proposal, regardless of whether they have been specifically assessed by the Dossier Submitters and/or are mentioned in this report or not, unless a specific derogation has been formulated.” (emphasis added) Several specific types of uses and consumer product applicability would be included in the first phase of the proposed ban, including cosmetics, food packaging, clothing and cookware. This first phase of the ban implementation would include uses where alternatives are known, but not yet widely available, which is the reason why the first phase would take effect within 5 years. The second phase of the ban anticipates a 12 year period of time for ban implementation and encompasses uses where alternatives to PFAS are not currently known. Significantly for U.S. business, the proposed ban includes imported goods.

Impact On U.S. Companies

In 2022, U.S. companies exported just shy of $350 billion in goods to the EU. In many instances, companies do not deliberately, intentionally, or knowingly add or utilize PFAS in finished products that are sent to the EU. However, PFAS may be used in manufacturing processes that inadvertently contaminate goods with PFAS. In addition, many U.S. companies rely on overseas companies for supply chain sourcing. Quite commonly, supply chain sources outside of the U.S. do not voluntarily provide chemical composition information for components or goods that they supply. Inquiring of those companies for such information, or certifications that the good contain no PFAS, can be extremely difficult. Getting overseas companies to provide such information often proves impossible and even when certifications are made, the devil may be in the details in terms of what is actually being certified. For example, certifying that goods contain “no hazardous substances” or “no hazardous PFAS” sound reassuring, but by what measure of “hazardous” is the statement being made? Under what country’s regulations? Using which scientific definition? The result of all of these complexities may be that many U.S. based companies need to test their products themselves, which not only increases time to market issues and financial costs associated with production, but also risks to the companies doing business in the U.S. that they may open themselves up to environmental pollution or personal injury lawsuits by conducting such testing. In addition, alternatives may not be as cost effective as PFAS, which impacts businesses and has the potential trickle-down impact of passing some of the costs on to consumers.

While debate continues in the U.S. as to the scientific validity of the “whole class” approach to regulating PFAS (of which there are over 12,000 types according to the EPA), the EU PFAS ban leapfrogs the U.S. debate stage and goes directly to proposing a regulation that would embrace such a “whole class” regulatory scheme. Without a doubt, chemical manufacturers, industrial and manufacturing companies, and some in the science community are expected to strenuously oppose such an approach to regulations for PFAS. The underlying arguments will follow ones advanced and debated already in the U.S. – i.e., not all chemicals act identically, nor have the vast majority of PFAS been shown to date to present health concerns. Proper scientific method does not permit sweeping attributions of testing on legacy PFAS like PFOA and PFOS to be extrapolated and applied to all PFAS. The EU’s response to this via their proposal is that the costs of remediating PFAS from the environment are significant enough that it warrants regulating PFAS as a class to avoid costly, decades-long, and potentially repetitive remediation work in the EU.

Conclusions

It is of the utmost importance for businesses to evaluate their PFAS risk. Public health and environmental groups urge legislators to regulate these compounds in the U.S. and abroad. One major point of contention among members of various industries is whether to regulate PFAS as a class or as individual compounds.  While each PFAS compound has a unique chemical makeup and impacts the environment and the human body in different ways, some groups argue PFAS should be regulated together as a class because they interact with each other in the body, thereby resulting in a collective impact. Other groups argue that the individual compounds are too diverse and that regulating them as a class would be over restrictive for some chemicals and not restrictive enough for others.

Companies should remain informed so they do not get caught off guard. States are increasingly passing PFAS product bills that differ in scope. For any manufacturers, especially those who sell goods overseas, it is important to understand how the various standards among countries will impact them, whether PFAS is regulated as individual compounds or as a class. Conducting regular self-audits for possible exposure to PFAS risk and potential regulatory violations can result in long term savings for companies and should be commonplace in their own risk assessment.

©2023 CMBG3 Law, LLC. All rights reserved.
For more Environmental Law news, click here to visit the National Law Review

Nigeria’s Energy Sector: Looking Back at 2022 and Looking Ahead in 2023

We review the key events of 2022 in Nigeria’s energy sector – a year that saw significant steps in the implementation of PIA, intermittent M&A activity and the continuing effects of crude theft. We also consider what we can expect in 2023, ahead of what appears to be Nigeria’ closest presidential election yet.

2022: What happened in legal matters?

The Petroleum Industry Act (PIA) entered its second year of effectiveness and continued its slow march of implementation . The most notable step was the official “relaunch” of The Nigerian National Petroleum Corporation as NNPC Limited in July in a high profile ceremony led by President Buhari. As mandated in the PIA, NNPC Limited was incorporated as a new CAMA company which is wholly owned by the Nigerian government. Key consequences of this transition include:

  • Commercial entity: NNPC Limited is a limited liability company (rather than a state-owned and state-funded corporation) and is intended to operate as a commercial entity. It is expected to publish annual reports and audited accounts and declare dividends to its shareholders – the Nigerian government, and therefore should remain a vital contributor to state revenues.

  • Independence from government and self supporting: The new NNPC Limited is independent and should not depend on government support for its operations. It is expected to raise its own funds, which may lead to wider adoption of the incorporated joint venture model (as provided for, but is not mandatory, under PIA). Whether this will help unlock NNPC’s capability to be a functioning and cash call paying partner in its joint operations remains to be seen. The extent of actual government control and direction over NNPC Limited will also only become clear through practice. PIA retains (for now) total government ownerships of NNPC Limited and control over the selection of its management team.

  • Royalty-paying entity: NNPC Limited is, like any other oil and company operating in Nigeria, required to pay its share of all fees, rents, royalties, profit oil shares and taxes to the government in relation to any participating interests it holds in petroleum leases or licences.

NNPC Limited’s first actions as a commercial entity were notable: these included exercising pre-emption rights over a 40% stake in OML 86 and OML 88 and buying OVH Energy’s downstream assets (giving NNPC access to 380 fuel stations and eight liquefied petroleum gas plants), along with other purported pre-emptions over upstream M&A transactions. NNPC Limited has partnered with Afreximbank to raise US$5 billion to support NNPC Limited’s upstream business and energy transition plans.  NNPC Limited also made senior appointments in 2022 with Senator Margery Chuba Okadigbo as chair and Mele Kyari continuing as CEO.

Another consequential step in PIA implementation was the promulgation of the Nigeria Upstream Petroleum Host Communities Development Regulations in June, setting out the requirements for the establishment and funding of host community development trusts. The new trust structure was one of the more controversial parts of PIA, with licence holders required to pay into the trust a levy of 3% of their actual annual operating expenditure of the preceding financial year in the upstream petroleum operations affecting the host communities for which the fund was established.

What happened in politics / regulatory matters?

The continuing impact of the global pandemic, the war in Ukraine, rising energy costs and the consequences of crude theft and spills made for a challenging final year in office for President Buhari.

Progress was made on some of Nigeria’s key gas projects that form part of the “Decade of Gas” programme. Construction is under way on Nigeria LNG’s Train 7 project, which promises to increase LNG production capacity by 35%. The Assa North-Ohaji South Gas project moves closer to completion and promises to accelerate Nigeria’s transition towards cleaner fuels and improve availability of natural gas for power generation.

New projects were also lined up: Nigerian Minister of State for Petroleum Resources Timipre Sylva, alongside the Ministers of Energy of Niger and Algeria signed a memorandum of understanding to build an over 4,000km trans-Saharan gas pipeline at an estimated cost of US$13 billion. The pipeline is intended to start in Nigeria and end in Algeria and be connected to existing pipelines that run to Europe.

The government launched its energy transition plan in 2022 as it works towards Nigeria’s commitment to reach net zero by 2060 and provide access to affordable, reliable and sustainable energy to all of its citizens by 2030. Vice President H.E Yemi Osinbajo said that Nigeria would need to spend an additional US$10 billion per annum on energy projects. Nigeria’s federal minister of power, Engr. Abubakar D. Aliyu also announced new renewable energy policies: the national renewable energy and energy efficiency policy, the national renewable energy action plan, the national energy efficiency action plan and the sustainable energy for all action agenda.

Crude theft was rampant in 2022 and remains a huge critical and unresolved issue for Nigeria, resulting in the shutdown of two of Nigeria’s major pipelines in July. Its impact is significant: the petroleum regulator estimated that Nigeria suffered a US$1 billion loss in revenue in the first quarter of 2022 as a result, and the (attempted) flight of international oil companies from the worst-affected onshore acreage has continued.

What deal activity happened?

Panoro Energy received government approval for the sale of its interest in OML 113 to PetroNor at the start of the year. The Majors divestment plans continued but encountered significant delays, with some being indefinitely postponed and others becoming mired in regulatory approval roadblocks and facing the new appetite of NNPC to assert purported pre-emptory rights.

What is expected in 2023?

  • Politics: The 2023 elections loom large, with the Presidential and National Assembly elections commencing on 25 February and Governorship and State House elections following on 11 March. The Presidential election is presently too close to call and we make no predictions. The onset of electioneering will slow regulatory decision making. International investments may pause until the election outcome is decided, key appointments made and the direction of economic and energy policies are explained.

  • Legal: Industry participants will continue to grapple with the new PIA regime, while its implementation continues over the coming year. Expected key steps include:

    • The deadline for voluntary conversion of existing OPLs and OMLs into their new forms was set for February 2023. Licence holders will need to decide whether to adopt early conversion, balancing the extent of improved PIA fiscal terms against the consequences, including termination of all outstanding arbitration and court cases related to the relevant OPL / OML, removal of any stability provisions or guarantees given by NNPC, and relinquishment of no less than 60% of the acreage. If not converted by this date, then it becomes mandatory on licence expiry / renewal.

    • The deadline for segregation of upstream, midstream and downstream operations also falls in February. Any midstream and downstream activities that were being carried out as part of upstream operations require the grant of a new midstream / downstream licence.

  • Regulatory: A new licensing round covering seven deepwater blocks has been announced for 2023, marking Nigeria’s first offshore bid round in 15 years. A pre-bid conference is taking place this month with pre-qualification applications due by the end of January.

  • Transaction activity: Upstream deals may need to wait for the dust from the 2023 election to settle, but there should be a resumption of the divestment programmes of the Majors in 2023.  Outside of M&A, Nigeria is due to go to trial in London in January 2023 as it seeks to overturn an approximately US$11 billion (including interest) arbitration award won by Process and Industrial Developments Ltd in relation to a 2010 gas project agreement. The award is now worth about a third of Nigeria’s foreign reserves.

  • Projects: Following significant delays, in part due to the COVID-19 pandemic, we understand that the Dangote refinery is expected to be officially commissioned by President Buhari in January and start up mid-2023. First gas from both the Ajaokuta-Kaduna-Kano pipeline and from Seplat’s Assa North-Ohaji South Gas project is forecast for the first half of 2023.

© 2023 Bracewell LLP

Washington’s Focus on the Electric Vehicle Supply Chain in 2023

If a picture is worth a thousand words, the “photo-op” of the president test driving Ford’s new electric F-150 in May of 2021 was the burning image that foretold the US policy direction for the electric mobility industry.

In 2022, the president and US Congress solidified their support of the industry by passing sweeping legislation aimed at funding and incentivizing US electric mobility manufacturing for the next decade and beyond.

Looking ahead to 2023, the Administration will be writing the rules to implement that support. This will take the form of rulemaking for key statutes such as the Infrastructure Investment and Jobs Act (IIJA), the CHIPS Act, and the more recent Inflation Reduction Act of 2022 (IRA). On the non-tariff front, Congress passed, and the president signed, the 2021 Uyghur Forced Labor Prevention Act.

Background

  • The IIJA authorized $18.6 billion to fund new and existing electric vehicle (EV)-related programs, including a nationwide network of 500,000 EV charging stations and monies for publicly accessible alternative fuel infrastructure. Also, the law injected $10.9 billion in funding for transitioning school buses, transit buses, and passenger ferries to low- and/or zero-emissions alternatives.
  • The CHIPS Act allocated $11 billion in support of advanced semiconductor manufacturing research and set up a $2 billion fund to support technology transfers from laboratory to applications.
  • The IRA, perhaps the most significant development from Washington, DC, injected billions of dollars in tax credits and other incentives to spur US domestic manufacturing of electric vehicles.
  • In December 2022, news came that a United States-Mexico-Canada Agreement (USMCA) Dispute Settlement Panel had completed its findings on a complaint by Mexico and supported by Canada that the United States has been misinterpreting the product origin calculations for “core parts” for USMCA vehicle qualification. In January of 2023, that ruling was made public. See Long Awaited USMCA Panel Decision on Automotive “Core Parts” – What Happened and What’s Next.
  • In June 2022, the Administration published its “Strategy to Prevent the Importation of Goods Mined, Produced, or Manufacture with Forced Labor.” Customs and Border Protection (CBP) has launched a vigorous and highly intrusive enforcement strategy for a number of key sectors, including the automotive industry.

What to Know

Based on the legislative developments from the last year, the EV industry should expect:

  • Import Enforcement. If 2022 was the year of federal infusion of funding and policy development, 2023 will be the year of import enforcement and accountability. Supply chains will be scrutinized, and compliance will have to be demonstrated. In addition, claims of tariff preferences under US trade agreements will be closely monitored to guard against fraudulent product descriptions or county of origin. In terms of US forced labor legislation, a January 2023 article in a well-read trade media reported on a meeting with US Trade Representative Katherine Tai at which the Ambassador “suggested that auto or auto parts imported from China could be in CBP crosshairs.” (International Trade Today, January 6, 2023 Vol 39, No 4).
  • Accountability. With the massive funding from Congress and the White House, federal agencies will be scrutinizing how monies have been spent, particularly whether they have been spent to meet the goals to incentive US domestic production. Global supply chains will come under the microscope. A December 2022 Treasury Department publication can be read here.
  • Corporate Readiness. Companies that engage in the global marketplace dread the unknown. There is no crystal ball. But what corporate executives can do to mitigate the risk of potentially bad news on the trade front is to monitor developments, conduct self-assessments, and, where possible, build in flexibilities.
  • Know Your Customer. Know Your Suppliers. Know Your Suppliers’ Suppliers. A common thread weaving throughout these developments on the trade front is Washington’s not so subtle objective of determining the essential source of imported products. That effort will shift the onus onto the private sector, with companies having to provide far more transparency into their product’s life span.

For product development and marketing executives in the electric mobility sector, 2023 is potentially a very good news story. But for general counsels and corporate compliance and procurement officers, the uncertainties of regulatory change will require extra attention. In the interim, company officials are taking a fresh look at the current legal and regulatory exposures of their supply chains to be best prepared for the trade policy changes ahead. The adage “when in uncertain times, start with what you know” is particularly relevant today.

To that end, the USMCA can play a critical “bridge” for many companies with strategic business interests in the US market.

© 2023 ArentFox Schiff LLP

Exporting U.S. Antitrust Law: Are We Really Ready for NOPEC?

The year is 1979. Inflation and lines at the gas pumps caused by a revolution in Iran have stunned Americans. Driven to action, the International Association of Machinists (IAM) files suit in the Central District of California against OPEC and its 14 member countries for participating in a cartel that controls the worldwide price of oil. None of the defendants made any kind of appearance before the court. Nonetheless, the union lost, and its case was dismissed.

Under the Constitution, federal courts are courts of limited jurisdiction. A district court has no power to decide a case over which it has no subject matter jurisdiction. The requirement cannot be waived or avoided; a court that lacks subject matter jurisdiction has no legal authority to entertain the matter. A federal statute known as the Foreign Sovereign Immunity Act of 1976 (FSIA) limits the court’s jurisdiction in cases involving foreign sovereigns and, subject to a few specific exceptions, grants foreign states immunity from the jurisdiction of U.S. courts. The court in IAM v. OPEC raised the FSIA on its own (there being no defendants present) and, finding the OPEC states immune (OPEC itself could not be served), dismissed the case. Thusly did the IAM lose its antitrust case against defendants who never even showed up in court.

The judiciary has resisted the innumerable attempts since 1979 to hold the OPEC cartel accountable for violating U.S. antitrust laws, even though the court’s IAM decision has proven erroneous. Acts by a sovereign “based upon a commercial activity” in the U.S., or affecting U.S. commerce, do not enjoy immunity under FSIA. Although the district court in IAM didn’t think so, the Ninth Circuit on appeal made clear that pricing of oil on world markets is indeed commercial activity that affects the U.S. economy and, therefore, not entitled to sovereign immunity. But the Appeals Court nonetheless sidestepped the case, taking refuge in the judge-made Act-of-State doctrine. The doctrine is prudential, as opposed to jurisdictional, and amounts to a voluntary renunciation of jurisdiction by a court when its decision could interfere with the conduct of foreign policy by the executive branch. Indeed, it is easy to see how a suit against the members of OPEC for price fixing might intrude into a sensitive foreign policy area.

In the four decades since IAM, these considerations have obstructed U.S. courts from holding OPEC accountable for a cartel formed for the purpose of and with the effect of stabilizing the price of a commodity in interstate or foreign commerce, which is illegal per se. As recently as 2010, the Obama administration urged the Fifth Circuit to dismiss an antitrust suit brought by private plaintiffs on Act-of-State grounds, it being up to the executive branch and not the courts to conduct foreign policy and protect national security interests.

Since 2000, when the first No Oil Producing and Exporting Cartels (NOPEC) Act was introduced in the House, the same legislation has been introduced no less than four times. NOPEC came closest to passage in 2007, when different versions of the bill passed the House and the Senate but were not reconciled. The House and Senate judiciary committees have now both approved the bill, and the latest version is on the Senate’s legislative calendar. Congress could act quickly if there is bipartisan support, otherwise it will take several months and require reintroduction in 2023.

NOPEC consists of three operative parts.

  • First, it would amend the Sherman Antitrust Act by adding a new Section 7(a) that explicitly makes it illegal for any foreign state to act collectively with others to limit production, fix prices, or otherwise restrain trade with respect to oil, natural gas, or other petroleum products. Judicial enforcement and a remedy would be available only to the Department of Justice, so the bill does not create a private right of action.

  • Second, it would amend FSIA to explicitly grant jurisdiction to U.S. court against foreign sovereigns to the extent they are engaged in a violation of the new Section 7(a).

  • Third, the legislation clarifies that the Act-of-State doctrine does not prevent U.S. courts from deciding antitrust cases against sovereigns alleged to have violated the new Section 7(a).

Calls for taking a harder line against OPEC are growing stronger in light of recent actions taken by the cartel. In May, for example, Saudi Arabia and 10 other OPEC members voted to slash oil production – resulting in high gas prices – as the U.S. and other nations imposed embargoes on Russian oil. OPEC’s production cuts provided Russia with a substantial lifeline in its increasingly difficult, costly, and prolonged invasion of Ukraine.

The Senate bill is sponsored by ​​Senate Judiciary Committee Ranking Member Chuck Grassley and cosponsors Sens. Amy Klobuchar (D-MN) Mike Lee (R-UT), and Patrick Leahy (D-VT), who argue that OPEC’s price-fixing goes directly against the idea of fair and open markets, with current laws leaving the U.S. government “powerless” over OPEC. But are we really ready for NOPEC?

The concern over interference with foreign policy is far from trivial.

The American Petroleum Institute (API) recently sent a letter to Congress opposing the NOPEC bill, stating it would harm U.S. military, diplomatic, and business relations. API President and CEO Mike Sommers warned that while NOPEC is a noble endeavor designed to protect consumers, it would open the U.S. up to reciprocal lawsuits by foreign entities, writing that this could devastate certain political relations and trigger retaliation from OPEC countries. Other NOPEC critics say OPEC countries may limit other business dealings with the U.S., including lucrative arms deals or by pulling in their investments, as Saudi Arabia threatened to do in 2007, when the Deputy Saudi Oil Minister said the country would pull out of a multi-billion Texas oil refinery project unless the DOJ filed a statement of interest urging dismissal of an antitrust case then pending in the U.S. courts. In 2019, Saudi Arabia and OPEC threatened to start selling their oil in currencies other than the dollar, which would weaken the dollar’s position as the global vehicle currency.

For these reasons, it’s not clear what the White House would do if NOPEC passes. The Biden administration’s view of the measure seems to have shifted a bit, but it hasn’t come out strongly one way or the other. This is hardly surprising given the delicate and complex nature of the issue, the ongoing impact of Russia’s war on Ukraine, and the great importance voters place on the price of gas. Then-Press Secretary Jen Psaki said on May 5, 2022, that the “potential implications and unintended consequences of this legislation require further study and deliberation.” More recently, National Security Advisor Jake Sullivan and Brian Deese, President Biden’s Director of the National Economic Council, said that nothing is off of the table – that the administration is assessing the situation and inviting recommendations. On Oct. 5 the Department of Energy said it would release another 10 million barrels of oil from the Strategic Petroleum Reserve. In making that announcement, Sullivan and Deese said the administration will consult with Congress on “additional tools and authorities to reduce OPEC’s control over energy prices.” They also reiterated the importance of investing in clean American-made energy to reduce reliance on foreign fossil fuels.

OPEC has such tremendous sway over U.S. gas prices and national security it is no wonder Congress continues to try to do something to free U.S. from OPEC’s whims and hold it accountable for going against the ideals of free markets. But whether NOPEC is the right approach remains an open question.

The antitrust laws represent a national ideological perspective on the most beneficial way to organize an economy. Policy differences between nations are supposed to occur in the diplomatic arena, not in the courts of one country or another. And if OPEC or its members lose an antitrust case in a U.S. court, how will the court enforce its judgment?

© MoginRubin LLP

Supply Chain Shortages in the Meat and Poultry Industries

With Thanksgiving fast approaching, you have probably heard that there is a turkey shortage1 – brought about by a combination of rising costs for feed and fuel, continued labor shortages, and – if that were not enough –a virulent strain of avian flu decimating turkey flocks across the U.S.

Although industries across the board have felt the effects of supply chain disruptions brought on by the COVID-19 pandemic, the meat and poultry industry has been particularly hard-hit. So much so that the Biden Administration, in concert with the United States Department of Agriculture (USDA), has moved forward with regulatory actions aimed at easing the supply bottleneck. Whether they will have the intended effect remains to be seen.

In July 2021, President Biden signed an Executive Order on Promoting Competition in the American Economy (the Executive Order).2 The Executive Order directs 72 different actions across the federal government, including several rulemaking directives to the USDA aimed at increasing competition within the meat and poultry industry. Among other things, the Executive Order directs the USDA to issue new rules defining when meat can bear “Product of USA” labels, to address perceived loopholes in the current rules, and to issue new rules under the Packers and Stockyards Act. Following the Executive Order, the USDA has made progress on these new rules, and recently announced new initiatives to ramp up antitrust enforcement in the meat industry.

(For more on this Executive Order and its implications across industries, see a prior article from our Foley colleagues, President Biden’s Executive Order on Competition Could Mean Broad Changes Across a Range of Industries.)

Modernizing the Packers and Stockyards Act

The Packers and Stockyards Act (PSA), enacted in 1921, is a federal law designed to combat labor abuses by meatpackers and processors. Specifically, the PSA makes it illegal for livestock and poultry producers to engage in any unfair, unjustly discriminatory, or deceptive practice,3 or to give any undue or unreasonable preference or advantage to any person or locality.4 Congress explicitly intended the protections in the PSA to be broader than those found in other federal statutes, such as the Sherman Antitrust Act.5 However, the USDA believes the force of the PSA has been reduced by a combination of regulatory narrowing, budget and administrative cuts, and under-enforcement in previous decades. For that reason, the USDA announced three rulemaking actions designed to address livestock and poultry markets as they exist today so the PSA fulfills Congress’s goal to protect livestock producers and poultry growers.

The first proposed rule, released in draft form on June 7, 2022,6 is intended to promote transparency in poultry production contracting by revising the list of disclosures and information live poultry dealers must furnish to poultry growers and sellers with whom the dealers contract. The proposed rule establishes additional disclosure requirements in connection with the use of poultry grower ranking systems by live poultry dealers to determine settlement payments for poultry growers.

The second proposed rule, released in draft form on October 3, 2022,7 identifies retaliatory practices taken by regulated entities – which the PSA defines as swine contractors, live poultry dealers, or packers – that interfere with lawful communications, assertions of rights, and participation in associations (among other protected activities), as “unjust discrimination.” The proposed rule also identifies unlawfully deceptive practices with respect to contract formation, performance, termination, and refusal. Specifically, USDA proposes to:

  • Prohibit, as “undue prejudices,” disadvantages and other adverse actions against “market vulnerable” individuals who are deemed to be at heightened risk of adversely differential treatment in relevant markets;

  • Prohibit, as “unjust discrimination,” retaliatory and adverse actions that interfere with lawful communications, assertions of rights, associational participation, and other protected activities;

  • Prohibit, as deceptive practices, regulated entities employing pretexts, false or misleading statements, or omissions of material facts, in contract formation, performance, termination, and refusal; and

  • Require recordkeeping to support USDA monitoring, evaluation, and enforcement of compliance with aspects of the rule.

The USDA is presently seeking comments on this proposed rule, with the rulemaking docket open for comment until December 2, 2022. Following the comment period, the third potential rule, which has not yet been released, will focus on certain unfair practices and undue preferences. In addition, the third rule will explain whether and when a showing of harm to competition is—or is not—required under sections 202(a) and (b) of the PSA.

Increased Focus on Antitrust Enforcement

A recurring theme underlying the USDA’s recent rulemaking efforts is a perception that existing federal laws aimed at protecting farmers, ranchers, and other agricultural producers have been under-enforced. Earlier in 2022, the USDA and the U.S. Department of Justice (DOJ) jointly expressed a shared commitment to enforcing “federal competition laws that protect farmers, ranchers, and other agricultural producers and growers from unfair and anticompetitive practices.”8 One notable component of this agency cooperation is a new USDA website, www.farmerfairness.gov, which allows anyone to report complaints of potential violations of antitrust laws and the PSA. In addition, the website incorporates existing PSA confidentiality and whistleblower protections against retaliation for those who report criminal antitrust concerns.

In September 2022, the USDA also announced the availability of $15 million in funding to encourage state Attorneys General (AGs) to partner with the USDA on competition issues in the food and agricultural space. The USDA expects to engage state AGs through a combination of renewable cooperation agreements and memoranda of understanding aimed at improving state AGs’ ability to conduct on-the-ground investigations of competition issues. The USDA says it will work directly with state AG offices to solicit applications for funding.

These recent agency efforts come on the heels of multiple civil lawsuits alleging price-fixing and other anticompetitive practices by producers across the beef, pork, and poultry industries.

Conclusion: Will the Turkey Shortage Affect Your Thanksgiving?

It is too early to say whether the USDA’s recent efforts to address competition in the meat and poultry industry will result in lower prices – in part because the effects of the COVID-19 pandemic (e.g., labor shortages, shipping disruptions, and higher prices for inputs like fuel and animal feed) still linger. However, as national and global supply chains begin to return to pre-pandemic operations, consumers can hope for a less expensive turkey on the dinner table by next Thanksgiving.

For more Biotech, Food & Drug Law news, click here to visit the National Law Review

© 2022 Foley & Lardner LLP


FOOTNOTES

1 https://www.nytimes.com/2022/10/21/dining/thanksgiving-turkeys-cost-infl…

2 Executive Order 14036, Promoting Competition in America’s Economy, 86 Fed Reg. 36987, July 9, 2021.

3 7 U.S.C. § 192(a).

4 7 U.S.C. § 192(b).

5 See, e.g., Wilson & Co. v. Benson, 286 F.2d 891, 895 (7th Cir. 1961).

6 Docket No. AMS-FTPP-21-0044.

7 Docket No. AMS-FTPP-21-0045.

8 https://www.usda.gov/media/press-releases/2022/01/03/agriculture-department-and-justice-department-issue-shared

Threats of Antitrust Enforcement in the Supply Chain

With steep inflation and seemingly constant disruptions in supply chains for all manner of goods, the Biden Administration has turned increasingly to antitrust authorities to tame price increases and stem future bottlenecks. These agencies have used the myriad tools at their disposal to carry out their mandate, from targeting companies that use supply disruptions as cover for anti-competitive conduct, to investigating industries with key roles in the supply chain, to challenging vertical mergers that consolidate suppliers into one firm. In keeping with the Administration’s “whole-of-government” approach to antitrust enforcement, these actions have often involved multiple federal agencies.

Whatever an entity’s role in the supply chain, that company can make a unilateral decision to raise its prices in response to changing economic conditions. But given the number of enforcement actions, breadth of the affected industries, and the government’s more aggressive posture toward antitrust enforcement in general, companies should tread carefully.

What follows is a survey of recent antitrust enforcement activity affecting supply chains and suggested best practices for minimizing the attendant risk.

Combatting Inflation as a Matter of Federal Antitrust Policy

Even before inflation took hold of the U.S. economy, the Biden Administration emphasized a more aggressive approach to antitrust enforcement. President Biden appointed progressives to lead the antitrust enforcement agencies, naming Lina Kahn chair of the Federal Trade Commission (FTC) and Jonathan Kanter to head the Department of Justice’s Antitrust Division (DOJ). President Biden also issued Executive Order 14036, “Promoting Competition in the American Economy.” This Order declares “that it is the policy of my Administration to enforce the antitrust laws to combat the excessive concentration of industry, the abuses of market power, and the harmful effects of monopoly and monopsony….” To that end, the order takes a government-wide approach to antitrust enforcement and includes 72 initiatives by over a dozen federal agencies, aimed at addressing competition issues across the economy.

Although fighting inflation may not have been the initial motivation for the President’s agenda to increase competition, the supply disruptions wrought by the COVID-19 pandemic and persistent inflation, now at a 40-year high, have made it a major focus. In public remarks the White House has attributed rising prices in part to the absence of competition in certain industries, observing “that lack of competition drives up prices for consumers” and that “[a]s fewer large players have controlled more of the market, mark-ups (charges over cost) have tripled.” In a November 2021 statement declaring inflation a “top priority,” the White House directed the FTC to “strike back at any market manipulation or price gouging in this sector,” again tying inflation to anti-competitive conduct.

The Administration’s Enforcement Actions Affecting the Supply Chain

The Administration has taken several antitrust enforcement actions in order to bring inflation under control and strengthen the supply chain. In February, the DOJ and FBI announced an initiative to investigate and prosecute companies that exploit supply chain disruptions to overcharge consumers and collude with competitors. The announcement warned that individuals and businesses may be using supply chain disruptions from the COVID-19 pandemic as cover for price fixing and other collusive schemes. As part of the initiative, the DOJ is “prioritizing any existing investigations where competitors may be exploiting supply chain disruptions for illicit profit and is undertaking measures to proactively investigate collusion in industries particularly affected by supply disruptions.” The DOJ formed a working group on global supply chain collusion and will share intelligence with antitrust authorities in Australia, Canada, New Zealand, and the UK.

Two things stand out about this new initiative. First, the initiative is not limited to a particular industry, signaling an intent to root out collusive schemes across the economy. Second, the DOJ has cited the initiative as an example of the kind of “proactive enforcement efforts” companies can expect from the division going forward. As the Deputy Assistant Attorney General for Criminal Enforcement put it in a recent speech, “the division cannot and will not wait for cases to come to us.”

In addition to the DOJ’s initiative, the FTC and other federal agencies have launched more targeted inquiries into specific industries with key roles in the supply chain or prone to especially high levels of inflation. Last fall, the FTC ordered nine large retailers, wholesalers, and consumer good suppliers to “provide detailed information that will help the FTC shed light on the causes behind ongoing supply chain disruptions and how these disruptions are causing serious and ongoing hardships for consumers and harming competition in the U.S. economy.” The FTC issued the orders under Section 6(b) of the FTC Act, which authorizes the Commission to conduct wide-ranging studies and seek various types of information without a specific law enforcement purpose. The FTC has in recent months made increasing use of 6(b) orders and we expect may continue to do so.

Amid widely reported backups in the nation’s ports, the DOJ announced in February that it was strengthening its partnership with and lending antitrust expertise to the Federal Maritime Commission to investigate antitrust violations in the ocean shipping industry. In a press release issued the same day, the White House charged that “[s]ince the beginning of the pandemic, these ocean carrier companies have been dramatically increasing shipping costs through rate increases and fees.” The DOJ has reportedly issued a subpoena to at least one major carrier as part of what the carrier described as “an ongoing investigation into supply chain disruption.”

The administration’s efforts to combat inflation through antitrust enforcement have been especially pronounced in the meat processing industry. The White House has called for “bold action to enforce the antitrust laws [and] boost competition in meat processing.” Although the DOJ suffered some well-publicized losses in criminal trials against some chicken processing company executives, the DOJ has obtained a $107 million guilty plea by one chicken producer and several indictments.

Most recently, the FTC launched an investigation into shortages of infant formula, including “any anticompetitive [] practices that have contributed to or are worsening this problem.” These actions are notable both for the variety of industries and products involved and for the multitude of enforcement mechanisms used, from informal studies with no law enforcement purpose to criminal indictments.

Preventing Further Supply-Chain Consolidation

In addition to exposing and prosecuting antitrust violations that may be contributing to inflation and supply issues today, the Administration is taking steps to prevent further consolidation of supply chains, which it has identified as a root cause of supply disruptions. DOJ Assistant Attorney General Kanter recently said that “[o]ur markets are suffering from a lack of resiliency. Among many other things, the consequences of the pandemic have revealed supply chain fragility. And recent geopolitical conflicts have caused prices at the pump to skyrocket. And, of course, there are shocking shortages of infant formula in grocery stores throughout the country. These and other events demonstrate why competition is so important. Competitive markets create resiliency. Competitive markets are less susceptible to central points of failure.”

Consistent with the Administration’s concerns with consolidation in supply chains, the FTC is more closely scrutinizing so-called vertical mergers, combinations of companies at different levels of the supply chain. In September 2021, the FTC voted to withdraw its approval of the Vertical Merger Guidelines published jointly with the DOJ the year before. The Guidelines, which include the criteria the agencies use to evaluate vertical mergers, had presumed that such arrangements are pro-competitive. Taking issue with that presumption, FTC Chair Lina Khan said the Guidelines included a “flawed discussion of the purported pro-competitive benefits (i.e., efficiencies) of vertical mergers” and failed to address “increasing levels of consolidation across the economy.”

In January 2022, the FTC and DOJ issued a request for information (RFI), seeking public comment on revisions to “modernize” the Guidelines’ approach to evaluating vertical mergers. Although the antitrust agencies have not yet published revised Guidelines, the FTC has successfully blocked two vertical mergers. In February, semiconductor chipmaker, Nvidia, dropped its bid to acquire Arm Ltd., a licenser of computer chip designs after two months of litigation with the FTC. The move “represent[ed] the first abandonment of a litigated vertical merger in many years.” Days later Lockheed Martin, faced with a similar challenge from the FTC, abandoned its $4.4 billion acquisition of missile part supplier, Aerojet Rocketdyne. In seeking to prevent the mergers, the FTC cited supply-chain consolidation as one motivating factor, noting for example that the Lockheed-Aerojet combination would “further consolidate multiple markets critical to national security and defense.”

Up Next? Civil Litigation

This uptick in government enforcement activity and investigations may lead to a proliferation of civil suits. Periods of inflation and supply disruptions are often followed by private plaintiff antitrust lawsuits claiming that market participants responded opportunistically by agreeing to raise prices. A spike in fuel prices in the mid-2000s, for example, coincided with the filing of class actions alleging that four major U.S. railroads conspired to impose fuel surcharges on their customers that far exceeded any increases in the defendants’ fuel costs, and thereby collected billions of dollars in additional profits. That case, In re Rail Freight Fuel Surcharge Antitrust Litigation, is still making its way through the courts. Similarly, in 2020 the California DOJ brought a civil suit against two multinational gas trading firms claiming that they took advantage of a supply disruption caused by an explosion at a gasoline refinery to engage in a scheme to increase gas prices. All indicators suggest that this trend will continue.

Reducing Antitrust Risk in the Supply Chain and Ensuring Compliance

Given the call to action for more robust antitrust enforcement under Biden’s Executive Order 14036 and the continued enhanced antitrust scrutiny of all manner of commercial activities, companies grappling with supply disruptions and rampant inflation should actively monitor this developing area when making routine business decisions.

As a baseline, companies should have an effective antitrust compliance program in place that helps detect and deter anticompetitive conduct. Those without a robust antitrust compliance program should consider implementing one to ensure that employees are aware of potential antitrust risk areas and can take steps to avoid them. If a company has concerns about the efficacy of its current compliance program, compliance reviews and audits – performed by capable antitrust counsel – can be a useful tool to identify gaps and deficiencies in the program.

Faced with supply chain disruptions and rampant inflation, many companies have increased the prices of their own goods or services. A company may certainly decide independently and unilaterally to raise prices, but those types of decisions should be made with the antitrust laws in mind. Given the additional scrutiny in this area, companies may wish to consider documenting their decision-making process when adjusting prices in response to supply chain disruptions or increased input costs.

Finally, companies contemplating vertical mergers should recognize that such transactions are likely to garner a harder look, and possibly an outright challenge, from federal antitrust regulators. Given the increased skepticism about the pro-competitive effects of vertical mergers, companies considering these types of transactions should consult antitrust counsel early in the process to help assess and mitigate some of the risk areas with these transactions.

© 2022 Foley & Lardner LLP