Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the login-customizer domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home1/natiopq9/public_html/wp-includes/functions.php on line 6131

Deprecated: Function WP_Dependencies->add_data() was called with an argument that is deprecated since version 6.9.0! IE conditional comments are ignored by all supported browsers. in /home1/natiopq9/public_html/wp-includes/functions.php on line 6131

Deprecated: Function WP_Dependencies->add_data() was called with an argument that is deprecated since version 6.9.0! IE conditional comments are ignored by all supported browsers. in /home1/natiopq9/public_html/wp-includes/functions.php on line 6131
The National Law Forum - Page 698 of 753 - Legal Updates. Legislative Analysis. Litigation News.

Drug Lobby Gave $9.4 Million to Nonprofits that Spent Big on 2010 Election

An article by Michael Beckel of the Center for Public Integrity regarding a Drug Lobby’s contribution to the 2010 Elections recently appeared in The National Law Review:

PhRMA gives largest chunk of $4.5 million to conservative group, American Action Network

The drug lobby’s trade association was a multimillion-dollar donor to nonprofit groups that were actively working to elect federal candidates during the 2010 election, an iWatch News analysis of documents filed with the Internal Revenue Service reveals.

The Pharmaceutical Research and Manufacturers of America, better known as PhRMA, doled out $9.4 million to 501(c)(4) “social welfare” nonprofit groups, some of which paid for ads that influenced races in the 2010 midterm election, records show.

In 2010, PhRMA gave about $20 million in “grants and other assistance” to more than 200 nonprofit organizations, including five politically active 501(c)(4) nonprofits, both liberal and conservative, which together received nearly half of the funds.

The groups were: the American Action Network, the American Future Fund, Americans for Tax Reform, America’s Families First, Inc. and the Citizens for Strength and Security Action Fund.

PhRMA’s largest gift in 2010 was a $4.5 million contribution to the American Action Network, a conservative 501(c)(4) that spent big money on a half-dozen high-profile U.S. Senate races and more than two dozen U.S. House races.

In 2010, American Action reported spending more than $26 million on ads to the Federal Election Commission. That was more than any other politically active nonprofit group, with the exception of the U.S. Chamber of Commerce, according to the Center for Responsive Politics.

Overall, the American Action Network reportedly raised more than $30 million in 2010, meaning PhRMA alone was responsible for close to 15 percent of the group’s funds.

Unlike the notorious “super PACs” that have had a major impact on the 2012 presidential election, the nonprofits are not required to reveal their donors. Spending by these groups on political advertisements skyrocketed in the wake of the 2010 U.S. Supreme Court’s Citizens United v. Federal Election Commissiondecision.

They do file annual returns, however, to the Internal Revenue Service. The 990 filing covering calendar year 2010 for PhRMA, which is organized under section 501(c)(6) of the U.S. tax code as a trade association, was received by the IRS in mid-November. Many of the contributions to politically active groups detailed in that filing have never been previously reported.

During 2010, PhRMA spent $22 million on federal lobbying. A top priority was the massive health care reform bill championed by congressional Democrats and President Barack Obama.

PhRMA’s PAC donated $195,300 directly to federal candidates and political action committees, with about 63 percent of that money flowing to Democrats, according to iWatch News’ analysis of records filed with the FEC.

Matthew Bennett, PhRMA’s senior vice president, told iWatch News that his group often makes contributions to other organizations that support its mission, and as such PhRMA gave money to a “variety of organizations” in 2010.

Officials at the politically active nonprofits that received money from PhRMA did not immediately respond to requests for comment.

The American Action Network was launched in February 2010 by top Republicans including former Sen. Norm Coleman (R-Minn.) and Rob Collins, a former chief of staff to House Majority Leader Eric Cantor (R-Va.).

Coleman, who currently serves as chairman of the board of the group, was brought on as a “senior government advisor” last April at the law firm and lobby shop Hogan Lovells, one of the three dozen lobbying firms retained by PhRMA.

Maria Cino, President George W. Bush’s deputy secretary of transportation who became a lobbyist for drug-maker Pfizer in 2009, also sits on the board of the American Action Network.

Other conservative-supporting 501(c)(4) nonprofit groups that reaped rewards from PhRMA included Grover Norquist’s Americans for Tax Reform, which received $75,000, and the American Future Fund, which received $300,000.

For its part, the American Future Fund spent nearly $9.6 million on ads during the 2010 election, including one against Rep. Bruce Braley (D-Iowa) that linked him with the proposed mosque in New York City near Ground Zero, as iWatch News previously reported. The New York Times called the American Future Fund the most successful outside spending group during the 2010 midterms.

Meanwhile, Americans for Tax Reform spent more than $4.1 million on more than a dozen House and Senate races.

Two liberal groups received seven-figure donations from PhRMA in 2010: the Citizens for Strength and Security Action Fund, which collected $2.5 million, and America’s Families First, Inc., which received $2 million.

The Citizens for Strength and Security Action Fund, also called the CSS Action Fund, spent nearly $1.4 million during the 2010 election cycle on so-called “electioneering communications,” or issue ads that mention candidates but don’t explicitly tell viewers to vote for or against them.

The nonprofit reported activity in four races: the Washington Senate race in support of Sen. Patty Murray (D-Wash.), the Colorado Senate race in support of Sen. Michael Bennet (D-Colo.), the West Virginia Senate race in support of Democrat Joe Manchin and the U.S. House race in New York’s 20th Congressional District in support of Rep. Scott Murphy (D-N.Y.).

Meanwhile, America’s Families First, Inc. didn’t directly spend money on any advertisements ahead of the 2010 midterms. However, the group did form a super PAC and transfer $1 million from its 501(c)(4) arm into the new super PAC.

America’s Families First’s super PAC spent nearly $5.9 million during the 2010 elections in more than 20 U.S. House races.

Notably, PhRMA also made a contribution of $356,075 for general support to the American Legislative Exchange Council’s “Scholarship Fund,” a 501(c)(3) nonprofit that received intense media scrutiny last year for creating corporate-backed “model legislation” for ALEC’s state lawmaker- members to introduce in statehouses.

Reprinted by Permission © 2012, The Center for Public Integrity®

The ICC Rules of Arbitration training

ICC (International Chamber of Commerce) will run two-day practical trainings on the 2012 ICC Rules of Arbitration in Paris, for the first time since their publication

Through this training, you will:

  • acquire practical knowledge of the main changes in the 2012 ICC Rules of Arbitration on topics such as Emergency Arbitrator; Case Management and Joinder, Multi-party/Multi-contract Arbitration and Consolidation
  • apply the 2012 ICC Rules of Arbitration to mock cases, studying them in small working group sessions
  • be provided with valuable insights from some of the world’s leading experts in arbitration including persons involved in the drafting of the New ICC Rules.

The revised version of the ICC Rules of arbitration reflects the growing demand for a more holistic approach to dispute resolution techniques and serves the existing and future needs of businesses and governments engaged in international commerce and investment: The 2012 ICC Rules of Arbitration are the result of a two year revision process undertaken by 620 dispute resolution specialists from 90 countries.

Who should attend?

Arbitrators, legal practitioners and in-house counsel who wish to know more about the 2012 Rules of Arbitration.


FERC Decides to Retain Existing Merger Review Policies

The National Law Review recently published an article by Daniel E. Hemli and Jacqueline R. Java of Bracewell & Giuliani LLP regarding a recent FERC Decision on Merger Reviews:

On February 16, 2012, FERC issued an order (February 16 Order) reaffirming its existing merger review policies under Section 203 of the Federal Power Act (FPA) and its current framework for analyzing requests for market-based rate authority under section 205 of the FPA. In March of last year, FERC had sought comment in a Notice of Inquiry (NOI) on whether it should amend its existing policies in these two areas in light of new Horizontal Merger Guidelines (2010 HMG) issued jointly by the Federal Trade Commission (FTC) and Department of Justice (DOJ) on August 19, 2010. The NOI explained that the 2010 HMG deemphasize market definition as a starting point for merger analysis and depart from the sequential analysis found in the prior 1992 version of the Horizontal Merger Guidelines (1992 HMG), and instead support the use of a fact-specific inquiry and greater analytical flexibility.

Section 203 of the FPA requires parties to public utility mergers and acquisitions involving jurisdictional facilities to seek FERC authorization before closing. Section 203(a) provides that FERC should approve such transactions if they are consistent with the public interest. As part of that determination, FERC must consider the proposed transaction’s effect on competition in the relevant market(s). FERC currently uses a five-step framework that was adopted from the 1992 HMG, as well as a Competitive Analysis Screen (CAS) which focuses on the first step of the analysis: whether the proposed transaction would significantly increase concentration and result in a concentrated market. One component of the CAS includes an analysis of market concentration using the Herfindahl-Hirschman Index (HHI). Under Section 205 of the FPA, parties that can demonstrate they do not have, or have adequately mitigated, their horizontal and vertical market power are granted authority to make sales of electric energy, capacity and ancillary services at market-based rates. FERC’s analysis under Section 205 includes the use of two indicative screens that rely on market share as well as market concentration as measured by HHI.

In its February 16 Order, FERC declined to follow the 2010 HMG’s approach as the framework for the Commission’s analysis of horizontal market power. The Commission explained that it would retain its five-step framework, including the CAS as part of its first step, as the CAS provides a useful conservative check to allow parties to quickly identify mergers unlikely to present competitive problems at a relatively low cost. The Commission stated that its current approach, which provides analytical and procedural certainty, is also flexible enough to incorporate theories outlined in the 2010 HMG, and that it has previously, and will continue to, look beyond the HHI screens in its review process when warranted.

The Commission also declined to adopt the revised, higher HHI thresholds presented in the 2010 HMG for use in its CAS. Noting its extensive experience with electrical markets and their distinct characteristics, as well as its intent to use the CAS to identify proposed transactions that clearly would have no adverse effect on competition, FERC stated that its current HHI thresholds are appropriate. The Commission also declined to initiate a more formal coordination process with the FTC and DOJ, as requested by one commenter. FERC stated that it will continue to coordinate with the federal antitrust agencies as appropriate, on a case-by-case basis.

Regarding its electric market-based rate program, FERC decided not to modify the current market power analysis and declined to alter the HHI threshold used in that screening process, noting that its current HHI threshold is already consistent with the 2010 HMG approach. With regard to the existing market share screen, FERC explained that, due to the physical and economic characteristics of electricity markets, including low elasticity of demand, market power is more likely to be present at lower market shares. Thus, FERC concluded that the current indicative screens used in its market-based rate analysis provide an appropriate balance between a “conservative but realistic screen” and imposing undue burdens on applicants. FERC also noted that its current analysis provides adequate flexibility to consider additional evidence when raised by an applicant or an intervenor.

© 2012 Bracewell & Giuliani LLP

Labor & Employment Law Forum 2012

Labor & Employment Law Forum

March 21-22, 2012
Hyatt Regency Washington on Capitol Hill
Washington, DC

The Labor & Employment Law Forum provides a unique opportunity for retail executives involved with labor and employment issues to come together to hear from legal experts, fellow retailers and government insiders on the critical employment issues you grapple with every day.

Ensuring compliance with case law and new regulations on employment and labor issues is increasingly difficult for retailers. Issues involving wage and hour, bargaining units, social media usage, and more are continuously changing the retail workplace and your relationship with and obligations to your employees. Through focused sessions and strategic networking, you will gain the tools to address the myriad workplace issues your company faces.

Finally the Final … 408(b)(2) Regulation

Recently The National Law Review published an article by Fred Reish and Bruce L. Ashton of Drinker Biddle & Reath LLP regarding The DOL Service Provider Fee Disclosure Regulations:

The Department of Labor (DOL) has issued the long-anticipated final service provider fee disclosure regulation (the “408(b)(2) regulation”). (A complete copy of the final regulation and its preamble is at http://www.drinkerbiddle.com/files/ftpupload/pdf/408b2regpdf) In this Alert, we describe what the amendment says; in a subsequent piece, we will explain the impact on various service providers.

>   The extension of the compliance date from April 1, 2012 to July 1, 2012

>   The fact that service providers are not required to provide a summary of the disclosures, though the DOL provided a sample “guide” that is not mandatory

>   The addition of the requirement to describe the arrangement between the service provider and the payer of indirect compensation

>   Limited relief for disclosures for brokerage accounts and similar arrangements

>   Clarification that electronic disclosure of the disclosures is permitted

>   Relief from the disclosure requirements for “frozen” 403(b) contracts

>   The requirement that plan sponsors terminate the relationship with a service provider who fails or refuses to provide information on request

Background

The 408(b)(2) regulation requires most service providers to retirement plans – including pension, profit sharing, 401(k) and 403(b) plans subject to ERISA – to make written disclosure of their services, fiduciary and/or RIA status and total compensation. The regulation was first proposed in 2007, was issued as an “interim final” regulation in July 2010 and has now been finalized with today’s release.

In light of its “interim final” status, it had been widely anticipated that amendments to the regulation would be issued; and the DOL invited comments on several issues in the 2010 release. In August of this year, the DOL publicly announced that it was working on an amendment and as a result extended the compliance date. Now, in issuing the final rule, the compliance date has once again been extended, though for only three months (i.e., July 1, 2012). Given the scope of some of the changes, this may not be sufficient time for covered service providers to develop and disseminate the required information on an orderly basis…which could result in errors.

Because of the delayed compliance date, some service providers have deferred starting the process of preparing the forms and creating the systems needed to comply with the disclosure requirements. Some did so to avoid having to make changes and others may have hoped for a more extended delay. That is not going to happen, and service providers should circle July 1, 2012 (barely five months away) on their calendars to make sure they are in full compliance by that date for existing clients and that they are prepared to comply with advance disclosures for any new clients.

The Final Regulation

The most important changes in the newly released amendment are:

  • Covered Plan – The definition of covered plan now excludes annuity contracts and custodial accounts in 403(b) plans that were issued to employees before January 1, 2009, where no additional contributions have been made and the contract is fully vested and enforceable by the employee.
  • Indirect Compensation – The final regulation has made a fairly significant change in the disclosure of indirect compensation (that is, compensation received from a source other than the plan or plan sponsor). The disclosure must now include both identification of the payer and a description of the arrangement between the payer and the covered service provider, affiliate or subcontractor pursuant to which the indirect compensation is paid. There is limited relief for disclosures related to brokerage accounts and similar arrangements.
  • Investment Information – The regulation modifies the information that must be provided by recordkeepers and others to better track the disclosures required in the participant disclosure regulation. It also adds a requirement to disclose information that is within the control of (or reasonably available to) the covered service provider and that is required for the plan administrator to comply with the participant disclosure regulation.
  • Form of Disclosure – There was speculation that the DOL would require service providers to include a summary of the disclosures and a “roadmap” for finding the disclosures in the documents provided. It did not do so and has indicated that it will be issuing a proposed rule regarding a summary or roadmap (now referred to as a “guide”) requirement in the future. In the meantime, the DOL did provide a sample guide that may, but is not required, to be used. That said, in the preamble, the DOL states, “Similarly, to the extent a responsible plan fiduciary experiences difficulty finding and reviewing the required disclosures in lengthy, technical, or multiple disclosure documents received from a covered service provider pursuant to the requirements of the final rule, the fiduciary should consider requesting assistance from the covered service provider, for example, discussing with the covered service provider the feasibility and cost of using the attached sample guide.”
  • Manner of Delivery – The final regulation clarifies that nothing in the regulation limits the ability to use electronic media.
  • Change Notice – The interim final regulation required that changes in the information previously provided had to be given to the responsible plan fiduciary not later than 60 days after the service provider becomes aware of it. This “update requirement” applied to all disclosures, including investment-related information. The final rule changes this requirement to say that the deadline for disclosure of investment-related information is “at least annually.” In other words, for this type of information, the updating requirement is now annual.
  • Reporting and Disclosure Response – The interim final rule required a service provider to give information necessary for a plan administrator to comply with the plan’s reporting and disclosure requirements under ERISA within 60 days after a written request. This has been changed to say that the information must be provided (in response to a written request) reasonably in advance of when the plan administrator must comply with its reporting obligation.
  • Compensation Definition – The final regulation amends the definition of compensation to permit a service provider to provide a “reasonable and good faith” estimate of compensation if it is not otherwise readily able to describe its compensation, though the covered service provider in this case is also required to explain the methods and assumptions used for the estimate.
  • Plan Fiduciary Relief – The regulation provides an exemption for plan fiduciaries if the service provider fails to provide required disclosures so long as various requirements are met. The exemption originally stated that if the service provider failed to provide the information upon request, the plan fiduciary was required to consider whether to continue the relationship with the service provider. The final rule now requires the plan fiduciary to terminate the relationship if the service provider fails to provide requested information relating to future services.

Finally, the compliance effective date for the participant disclosures has also been pushed back. For calendar year plans, the initial disclosures of plan and investment information must be provided by August 30, 2012, and the first quarterly expense statement is required by November 14, 2012 (covering the third quarter).

We will be discussing the impact of the changes and the compliance issues in a month or so in another, more detailed bulletin. However, we wanted to get this information to you as quickly as possible.

©2012 Drinker Biddle & Reath LLP

Inside Counsel presents the 12th Annual Super Conference in Chicago

National Law Review is pleased to bring you information about the upcoming 12th Annual Super Conference sponsored by Inside Counsel .

Reasons why you should Attend This Year’s Event:

  1. Meet with Decision Makers: You’ll meet face-to-face with senior-level in-house counsel
  2. Networking Opportunities: SuperConference offers several networking opportunities, including a cocktail reception, refreshment breaks, and a networking lunch.
  3. Gain Industry Knowledge: You will hear the latest issues facing the industry today with your complimentary full-conference passes.

Who Should Attend – General Counsel and Other Senior Legal Executives from Top Companies Attend SuperConference:

  • Chief Legal Officers
  • General Counsel
  • Corporate Counsel
  • Associate General Counsel
  • CEOs
  • Senior Counsel
  • Corporate Compliance Officers

The 12th Annual IC SuperConference will be held at the NEW Radisson Blu Chicago.
Radisson Blu Aqua Hotel

221 N. Columbus Drive

Chicago, IL 60601

Don’t forget – The early discount deadline using the NLR discount code is February 24th!

Are Bloggers’ Free Speech Rights Under Attack?

The National Law Review recently published an article by Jesse L. Jenike-Godshalk of Dinsmore & Shohl LLP regarding Blogger’s Free Speech:

A recent legal opinion has some concerned about just how broad free speech rights may be for bloggers who are not associated with institutional media, such as newspapers and television stations. In Obsidian Finance Group, LLC v. Cox, No. CV-11-57-HZ, slip op. (D. Or. Nov. 30, 2011), a federal judge ruled that a self-proclaimed “investigative blogger” was not “media” and, therefore, was not entitled to certain First Amendment protections that are reserved for the media.Despite the alarm that this case has generated, it actually is not a major setback for the free speech rights of bloggers.

The Case: Obsidian Finance Group, LLC v. Cox

From late 2010 to early 2011, Crystal Cox made numerous blog posts in which she accused Obsidian Finance, LLC and one of the company’s senior principals, Kevin Padrick, of corrupt, fraudulent, and illegal conduct. Obsidian and Padrick subsequently sued Cox for defamation. Rather than hiring an attorney, Cox chose to defend pro se.

In August 2011, before the case went to trial, the judge granted summary judgment to Cox with regard to all but one of her blog posts, because the posts were statements of opinion protected by the First Amendment. See Obsidian Finance Group, LLC v. Cox, No. CV-11-57-HZ, slip op. (D. Or. Aug. 23, 2011). A statement, such as a blog post, can be the basis for a defamation suit only if the statement is a provable assertion of fact. In contrast, statements of opinion are protected by the First Amendment. According to the judge, blog posts, by their very nature, are usually statements of opinion.

Prior to the trial, the judge still had several issues that he needed to resolve. Among these issues was Cox’s claim that she was “media” and therefore, based on U.S. Supreme Court precedent, the plaintiffs could not recover damages from her for defamation without proof that she was at least negligent in making the allegedly defamatory statements. The judge rejected that Cox was “media,” writing:

Defendant cites no cases indicating that a self-proclaimed “investigative blogger” is considered “media” . . . . Without any . . . authority on the issue, I decline to conclude that defendant in this case is “media” . . . .

Defendant fails to bring forth any evidence suggestive of her status as a journalist. For example, there is no evidence of (1) any education in journalism; (2) any credentials or proof of any affiliation with any recognized news entity; (3) proof of adherence to journalistic standards such as editing, fact-checking, or disclosures of conflicts of interest; (4) keeping notes of conversations and interviews conducted; (5) mutual understanding or agreement of confidentiality between the defendant and his/her sources; (6) creation of an independent product rather than assembling writings and postings of others; or (7) contacting “the other side” to get both sides of a story. Without evidence of this nature, defendant is not “media.”

Obsidian Finance Group, LLC v. Cox, No. CV-11-57-HZ, slip op. at 9 (D. Or. Nov. 30, 2011). Following this ruling, the case went to trial, and the jury found for the plaintiffs, awarding $2.5 million in damages.

Not a Major Setback

Despite the concern that this case has generated, the case is not a major setback for the free speech rights of bloggers, and it can even be regarded as a pro-free speech case. First, some of the judge’s statements suggest that bloggers enjoy expansive First Amendment rights. In his ruling on summary judgment, the judge stated that blog posts, by their very nature, are usually “opinions” and not provable assertions of fact. Such “opinion posts” are protected under the First Amendment and are not actionable as defamation—regardless of whether the writer is “media.”

Second, the judge established a very low bar for what a blogger must do to enjoy the additional free speech protections that are reserved for “media.” To wit, a blogger must present some evidence that he or she is a journalist. Cox lost this issue because she presented no evidence.

The judge provided her with a list of seven types of evidence that she could have offered. This list does not create an exacting standard of proof for a blogger to meet. To be considered “media,” a blogger would not need to offer all seven types of evidence. In fact, a blogger would not necessarily need to offer any of the seven types of evidence. The list is not exhaustive, but is merely “[f]or example.” A blogger must present “evidence of this nature.” Thus, a blogger could prove that he or she is “media” by presenting types of evidence not on the list. In addition, most bloggers probably would be able to present some evidence of the types that are on the list—e.g., “proof of editing,” “keeping notes of conversations,” or “creation of an independent product rather than assembling writings and postings of others.”

Had Cox hired an attorney, the attorney almost surely would have been able to offer some evidence that Cox was “media.” Actually, had Cox hired an attorney, she might have won the entire case on summary judgment—and she would have entirely avoided the issue of whether she was “media.” Herein lies the real lesson from this case: If you are sued for defamation, get yourself an attorney.

© 2012 Dinsmore & Shohl LLP.

2012 Launching & Sustaining Accountable Care Organizations Conference

The National Law Review is pleased to bring you information on the Launching & Sustaining Accountable Care Organizations Conference will be a two-day, industry focused event specific to CEOs, COOs, CFOs, CMOs, Vice presidents and Directors with responsibilities in Accountable Care Organizations, Managed Care and Network Management from Hospitals, Physician Groups, Health Systems and Academic Medical Centers.

By attending this event, industry leaders will share best practices, strategies and tools on incorporating cost-sharing measures in a changing healthcare landscape to strengthen the business model and ensure long-term success.

Attending This Event Will Enable You to:
1. Understand the initial outcomes and lessons learned from launching ACOs, with a focus on how to sustain these partnerships in the future
2. Hear from the early adopters of ACOs or similar cost-reducing partnerships and understand their initial operational and implementation challenges.
3. Learn about the final regulations regarding ACOs and their impact on those who want to initiate the formation process
4. Gain a clear understanding of regulatory issues and accreditation processes
5. Conquering initial hurdles for establishing an ACO
6. Gain knowledge from newly-formed ACOs
7. Ensure longevity by establishing a robust long-term plan

Cybersecurity Act of 2012 Introduced

On February 14, a bipartisan group of senators introduced to the U.S. Senate the Cybersecurity Act of 2012, under which the Department of Homeland Security (DHS) would assess the risks and vulnerabilities of critical infrastructure systems and develop security performance requirements for the systems and assets designated as covered critical infrastructure. The bill is sponsored by Homeland Security and Governmental Affairs Committee Chairman Joe Lieberman (I-CT), committee ranking member Susan Collins (R-ME), Commerce Committee Chairman Jay Rockefeller (D-WV), and Select Intelligence Committee Chairman Dianne Feinstein (D-CA). As explained in the statement announcing the measure, “[t]he bill envisions a public-private partnership to secure those systems, which, if commandeered or destroyed by a cyber attack, could cause mass deaths, evacuations, disruptions to life-sustaining services, or catastrophic damage to the economy or national security.”

Infrastructure Protection Obligations

Title I of the bill provides the key provisions of the critical infrastructure protection obligations that would be imposed by the bill. Under Title I, DHS, in consultation with entities that own or operate critical infrastructure, the Critical Infrastructure Partnership Advisory Council, the Information Sharing and Analysis Organizations, and other appropriate state and local governments, is required to conduct an assessment of cybersecurity threats, vulnerabilities, and risks to determine which sectors pose the most significant risk. Once the sectors have been prioritized based on risk, DHS, along with the other agencies and organizations, must conduct a cybersecurity risk assessment of the critical infrastructure in each sector. These risk assessments must consider the actual or assessed threat, the threatened harm to health and safety, the threat posed to national security, the risk of damage to other critical infrastructure, the risk of economic harm, and each sector’s overall resilience, among other factors. In conducting these assessments, DHS is called upon to cooperate with owners and operators of critical infrastructure.

DHS, in conjunction with the same agencies and organizations, must also develop procedures that will be used to designate certain critical infrastructure at the system or asset level as “covered critical infrastructure,” therefore making those systems and assets subject to the cybersecurity requirements developed under the bill. This infrastructure is to be identified based on an analysis of whether damage or unauthorized access to the system or asset could result in any of the following:

  • Harm to life-sustaining services that could result in mass casualties or mass evacuation
  • Catastrophic economic damage to the United States
  • “Severe degradation” of national security

Technology products themselves or services provided in support of such products may not be designated as covered critical infrastructure based solely on the finding that the products are capable of being used in covered critical infrastructure.

Following the identification of covered critical infrastructure, DHS must also develop, on a sector-by-sector basis, cybersecurity performance requirements that require the owners of covered critical infrastructure to remediate the cybersecurity risks identified through the risk assessment performed by DHS for that sector. The bill requires that, in establishing the performance requirements, DHS have a process through which it considers performance requirements proposed by asset owners, voluntary standards development organizations, and other groups, as well as existing industry practices, standards, and guidelines. If DHS determines that the existing or proposed performance requirements are insufficient, DHS is required to develop performance requirements on its own.

Once the covered critical infrastructure is identified and the performance requirements defined, asset owners will be required to take steps to secure the covered critical infrastructure assets and systems, and to that end the bill tasks DHS with promulgating regulations to require covered critical infrastructure owners to do the following:

  • Receive notifications of cybersecurity risks
  • Implement cybersecurity protections that the owner “determines to be best suited to satisfy” the performance requirements
  • Maintain continuity of operations and incident response plans
  • Report cybersecurity incidents

Each owner of covered critical infrastructure will be required to certify yearly that it has implemented cybersecurity protections sufficient to satisfy DHS’s approved security performance requirements or to submit a third-party assessment regarding compliance with those performance requirements that satisfies certain standards for the training, certification, and independence of the assessors.

The bill provides that DHS may exempt from the performance requirements any system or asset if the owner can demonstrate that the system or asset is sufficiently protected against the risks identified by DHS or that compliance with the performance requirements would not “substantially” improve the security of the system or asset.

Enforcement

The enforcement regime proposed by the bill provides that any federal agency with responsibility for security of the covered critical infrastructure at issue may enforce the regulations. However, DHS itself may enforce the regulations (i) if there is no other appropriate agency, (ii) if DHS is requested to do so by the agency with responsibility for the security of the covered critical infrastructure in question, or (iii) if the agency with responsibility for the security of the covered critical infrastructure fails to take enforcement action as requested by DHS. Civil penalties are available for violations of section 105 of the bill, under which the performance requirements are established. However, no private right of action would exist.

Owners and operators of covered critical infrastructure would be exempt from punitive damages related to identified cybersecurity risks so long as they have implemented security measures that satisfy the performance requirements, are substantially compliant with the performance requirements, and have completed the annual assessments.

Avoiding Duplicative Regulation

While the cybersecurity obligations imposed by this bill would be far-reaching and could conceivably overlap with the Critical Infrastructure Protection (CIP) Reliability Standards approved by the Federal Energy Regulatory Commission (FERC) for certain bulk-power system infrastructure, the bill attempts to carve out existing cybersecurity protections, and provides several mechanisms to ensure that critical infrastructure that is already regulated will not receive duplicative regulation under this proposal.

When developing performance requirements, DHS is required to determine whether there are existing regulations in effect that cover the identified critical infrastructure and address the risks identified by DHS. If such regulations are in place, DHS is instructed to develop performance requirements only if the existing regulations do not provide an appropriate level of security. This will likely require an analysis of the existing CIP Reliability Standards by DHS, including an analysis of whether those standards cover all of the covered critical infrastructure for the electric sector identified by DHS, and whether those standards provide a sufficient level of security to protect against the risks identified by DHS.

Another method by which the existing CIP Reliability Standards framework may remain unchanged is the presidential exemption authority provided under the bill. Pursuant to that provision, the President is authorized to exempt critical infrastructure from these requirements if the appropriate “sector-specific regulatory agency” (FERC for electric infrastructure) “has sufficient specific requirements and enforcement mechanisms to effectively mitigate” the risks identified by DHS.

Additionally, DHS and the other “sector-specific agencies” with responsibility for regulating critical infrastructure security are required to coordinate their efforts to eliminate duplicative reporting or compliance requirements. Similarly, any new rules developed by sector-specific agencies must be coordinated with DHS to ensure that they are consistent with DHS’s efforts.

Copyright © 2012 by Morgan, Lewis & Bockius LLP.

2012 Young Professionals in Energy International Summit

The National Law Review is pleased to bring you information on the 2012 Young Professionals in Energy International Summit:

2012 YOUNG PROFESSIONALS IN ENERGY INTERNATIONAL SUMMIT

April 23-25, 2012
Planet Hollywood Resort & Casino
Las Vegas, Nevada

About the YPE:

Young Professionals in Energy (“YPE”) is the first and only interdisciplinary networking and volunteer organization for people in the global energy industry – a place where bankers can connect with engineers, accountants with geologists and so on. Our mission is to provide a forum for knowledge sharing and camaraderie among future leaders of the energy industry.

The event will feature panel discussions and presentations by YPE members from around the world on such vital energy issues as the world oil supply, shale, renewable energy, career issues and funding new energy projects.

Confirmed speakers include YPE members from the American Petroleum Institute, ExxonMobil, Fulbright & Jaworski L.L.P. the India Ministry of Petroleum and Natural Gas, the Nevada Institute for Renewable Energy Commercialization, Pemex, the University of Southern California and the U.S. Dept. of Commerce.

Highlighting the three-day conference is a keynote speech by Daniel Yergin, author of the best-selling “The Quest: Energy, Security and the Remaking of the Modern World (www.danielyergin.com).