Tag: Regulatory

Final Section 336(e) Regulations Allow Step-Up in Asset Tax Basis in Certain Stock Acquisitions

Sheppard Mullin 2012

Final regulations were issued last month under IRC Section 336(e). These regulations present beneficial planning opportunities in certain circumstances.

For qualifying transactions occurring on or after May 15, 2013, Section 336(e) allows certain taxpayers to elect to treat the sale, exchange or distribution of corporate stock as an asset sale, much like a Section 338(h)(10) election. An asset sale can be of great benefit to the purchaser of the stock, since the basis of the target corporation’s assets would be stepped up to their fair market value.

To qualify for the Section 336(e) election, the following requirements must be met:

  1. The selling shareholder or shareholders must be a domestic corporation, a consolidated group of corporations, or an S corporation shareholder or shareholders.
  2. The selling shareholder or shareholders must own at least 80% of the total voting power and value of the target corporation’s stock.
  3. Within a 12-month period, the selling shareholder or shareholders must sell, exchange or distribute 80% of the total value and 80% of the voting power of the target stock.

Although the rules of Section 338(h)(10) are generally followed in connection with a Section 336(e) election, there are a few important differences between the two elections:

  1. Section 336(e) does not require the acquirer of the stock to be a corporation. This is probably the most significant difference; and, to take advantage of this rule, purchasers other than corporations may wish to convert the target without tax cost to a pass-through entity (e.g., LLC) after the purchase.
  2. Section 336(e) does not require a single purchasing corporation to acquire the target stock. Instead, multiple purchasers—individuals, pass-through entities and corporations—can be involved.
  3. The Section 336(e) election is unilaterally made by the selling shareholders attaching a statement to their Federal tax return for the year of the acquisition. Purchasers should use the acquisition agreement to make sure the sellers implement the anticipated tax strategy

Section 336(e) offers some nice tax planning opportunities, by allowing a step up in tax basis in the target’s assets where a Section 338(h)(10) election is not allowed.

Example: An S corporation with two shareholders wishes to sell all of its stock to several buyers, all of which are either individuals or pass-through entities with individual owners. A straight stock purchase would not increase the basis of the assets held inside the S corporation, and an LLC or other entity buyer would terminate the pass-through tax treatment of the S corporation status of the target. A Section 338(h)(10) election is not available since the purchaser is not a single corporation. However, a Section 336(e) election may be available, whereby the purchase of the stock would be treated as a purchase of the corporation’s assets (purchased by a “new” corporation owned by the purchasers). The purchasers could then convert the purchased corporation (the “new” corporation with the stepped-up assets basis) into an LLC, without tax, thereby continuing the business in a pass-through entity (single level of tax) with a fully stepped-up tax asset basis.

Article By:

 of

Consumer Financial Services Basics 2013 – September 30 – October 01, 2013

The National Law Review is pleased to bring you information about the upcoming  Consumer Financial Services Basics 2013.

CFSB Sept 30 2013

When

September 30 – October 01, 2013

Where

  • University of Maryland
  • Francis King Carey School of Law
  • 500 W Baltimore St
  • Baltimore, MD 21201-1701
  • United States of America

Facing the most comprehensive revision of federal consumer financial services (CFS) law in 75 years, even experienced consumer finance lawyers might feel it is time to get back in the classroom. This live meeting is designed to expose practitioners to key areas of consumer financial services law, whether you need a primer or a refresher.

It is time to take a step back and think through some of these complex issues with a faculty that combines decades of practical experience with law school analysis. The classroom approach is used to review the background, assess the current policy factors, step into the shoes of regulators, and develop an approach that can be used to interpret and evaluate the scores of laws and regulations that affect your clients.

Comprehensive Immigration Reform Proceeds to Senate Floor, Heated Debate Expected to Follow

GT Law

On June 11th, the U.S. Senate voted to move the “Border Security, Economic Opportunity, and Immigration Modernization Act” (S. 744), the comprehensive immigration reform bill drafted by the “Gang of Eight,” to the floor for debate, where it is expected to face dozens of amendments in the coming weeks. The final vote to begin debate on the landmark legislation was 84 in favor and 15 against. Below are some of the key issues that this bill faces on its way to a final vote in the Senate:

Border Security: Senator John Cornyn (R-TX) has signaled support for implementing border security triggers – including a 90% apprehension rate of illegal border crossings – before putting undocumented immigrants on the path to permanent residency. Senator Cornyn’s amendment would also introduce a biometric exit system as well as a nationwide electronic employment eligibility verification program. The measure has already stirred opposition from Democratic senators and immigration advocates, who liken it to a “poison pill” that will indefinitely delay the citizenship prospects of the estimated 11 million undocumented immigrants already in the United States.

Senator Marco Rubio (R-FL), a member of the “Gang of Eight,” has also indicated that he may not be able to support the legislation in its current form without strengthened border security measures. To this end, Senator Rubio and his colleague, Senator Tom Coburn (R-OH) may propose an amendment that would transfer the responsibility for drafting, but not enforcing, a border security plan from the U.S. Department of Homeland Security (DHS) to Congress. Several other drafters of the bill, including Senator Charles Schumer (D-NY), expressed a willingness to include border security triggers so long as they are “both achievable and specific.”

Taking a more expansive approach, Senator Rand Paul (R-KY) plans to offer an amendment that would require Congress to draft and enforce a border security plan, as well as to vote on border security every year for the first five years after the bill takes effect. Democratic senators and immigration advocates oppose this measure, citing unpredictability and partisanship as future hurdles to implementing a path to citizenship.

Taxes: Senator Jeff Sessions (R-AL) plans to re-introduce two amendments that would require families to provide a valid Social Security number to receive a child tax credit and deny the earned-income tax credit to immigrants with temporary legal status, respectively. Both measures previously failed in committee on a party-line vote.

Senator Orrin Hatch (R-UT) is also expected to offer an amendment that would require immigrants to demonstrate that they have paid back taxes and remained current on present obligations as they progress toward citizenship. Senator Hatch may also introduce a measure that would ban immigrants who are legal permanent residents from receiving Affordable Care Act subsidies for five years.

Guns: Senator Richard Blumenthal (D-CT) may offer two amendments restricting access to guns for undocumented immigrants. One of the provisions would eliminate the loophole that allows certain immigrants to purchase firearms, while another would require the Attorney General to alert the Secretary of Homeland Security when an undocumented immigrant or temporary visitor to the U.S. attempts to buy a firearm. Currently, both categories of individuals are legally barred from purchasing firearms.

Same-Sex Benefits: Senator Patrick Leahy (D-VT) is weighing whether to revive an amendment that he reluctantly declined to introduce in committee due to the opposition of his Republican colleagues. The measure would permit U.S. citizens in state-recognized same-sex marriages to apply for permanent residency on behalf of a same-sex spouse, a benefit that is currently afforded to heterosexual couples only.

Article By:

 of

Handbags and High-Heeled Shoes: Recent Trademark Disputes in the World of Fashion

Dickinson Wright Logo

When Paul Simon first sang about “diamonds on the soles of her shoes” in the 1980’s, he was apparently more fashion forward than we realized.  Less than a decade later, in the early 1990’s, the fashion house of Christian Louboutin began selling women’s high-fashion designer footwear displaying a distinctive red, glossy sole on the bottom of high-heeled shoes. Legend has it, Louboutin came up with the idea when he painted red nail polish on a pair of women’s shoes because they “lacked energy.”  These shoes soon became highly sought after by celebrities and consumers of haute couture everywhere.

Louboutin federally registered its red-colored sole for footwear as a trademark with the U.S. Patent and Trademark Office in 2008. In 2011, Louboutin sought to enforce those rights by suing Yves Saint Laurent for selling red shoes that displayed red soles. In its Resort 2011 collection, the American branch of YSL featured purple, navy, green…and red shoes that all had soles of matching color. Louboutin took exception to the red-soled shoes and tried to stomp out YSL’s allegedly infringing activity.

At the district court level, a New York judge ruled against Louboutin’s request that YSL be enjoined from selling red-soled shoes. On appeal in September of 2012, the U.S. Court of Appeals for the Second Circuit expressly held that Louboutin could protect its iconic red-soled shoes, except when the entire shoe itself is red.  Therefore, YSL was allowed to continue selling its monochromatic red shoes. Both parties have claimed victory and the case was dismissed in December.

The defendant in a case brought by Coach, Inc., and recently decided, did not fare quite so well. In 2010, Coach sued the owner of the Southwest Flea Market located in Memphis, Tennessee for contributory trademark infringement, claiming he knew, or should have known, that some of the vendors at the flea market were selling counterfeit Coach Handbags and other infringing products. Prior to filing suit, Coach had sent letters to the defendant, putting him on notice of the infringement. Even after the filing of the suit, multiple raids were conducted at the flea market, and more than 4,600 counterfeit Coach products were seized.

In the case pending in the U.S. District Court for the Western District of Tennessee, the magistrate judge granted summary judgment to Coach in 2012, ruling that the owner of the flea market was contributorily liable for the infringement, and the jury awarded Coach more than $5 million in damages. The case was appealed and last month the U.S. Court of Appeals ruled, for the first time ever, on the question of whether the owner of a flea market can be held liable for contributory trademark infringement. The answer was a resounding “yes”, as the court upheld the lower court’s ruling and the $5.04 million damage award. In its ruling, the court admonished the flea market owner for engaging in “ostrich-like behavior”, willfully ignoring the infringing activities occurring at the market, showing that the high price of fashion applies not just to the cost of the merchandise, but also to not respecting the trademarks by which that merchandise is known.

Article By:

 of

Yahoo!/Tumblr Deal and the Tax Cost of Cash Acquisition Payments

McBrayer NEW logo 1-10-13

When Yahoo! recently acquired the blogging service Tumblr, the two companies structured the deal so that virtually all of the $1.1 billion price tag for Tumblr will be paid in cash. In the current economy, many companies, particularly tech companies, have a lot of cash available, making the more traditional payment in stock appear less desirable. However, tax planning during mergers or acquisitions can be invaluable because, with proper counsel, the organizations can anticipate and mitigate the tax ramifications for the companies, individuals and shareholders.

Specific information about any tax planning in the Yahoo!/Tumblr deal hasn’t been released, but let’s consider the potential tax consequences of an essentially all-cash deal.

Most of Tumblr’s existing shareholders likely purchased their stock for substantially less than it was valued at the time of Yahoo’s acquisition. Since capital gains taxes are levied on the difference between the purchase price and the sale price, those Tumblr shareholders may be facing a hefty capital gains tax bill that will come due as soon as the transaction is complete.

If the deal had been structured as a stock transaction, on the other hand, it might have been structured to defer the capital gains tax for those shareholders until they actually sell their stock to Yahoo! There are a number of methods, such as 1031 exchanges, Section 368 tax-free reorganizations, and or 338(h)(10) stock purchase elections, that might also be effective in mitigating the tax burden.

An all-cash deal also presents challenges for Yahoo! in that it could affect the incentives for Tumblr’s founder and senior management going forward. In a tax-free reorganization, for example, they would generally be compensated in Yahoo! stock, which automatically creates an incentive for Tumblr’s leadership to build value for Yahoo! Without stock, a different incentive plan is needed.

According to The New York Times’ DealBook blog, Yahoo! may not need to worry about incentivizing Tumblr’s leadership, however, as it plans to continue to run the blog service as a separate company with the same group of executives. That may leave the existing incentives for success in place.

In this particular case, we don’t have enough information to determine why Yahoo! and Tumblr structured the acquisition as an all-cash deal. Well-considered tax planning, however, is essential for any business considering a merger or acquisition, stock sale, or major asset sale. Anticipating and minimizing transactional taxes, including business transfer taxes and business succession taxes, can help ensure that companies garner all potential benefits of the deal.

 of

Supreme Court Ruling on Defense of Marriage Act (DOMA) Could Lead to Refunds of Federal Taxes

McDermottLogo_2c_rgb

Employers providing benefits for employees’ same-sex spouses may want to consider the availability of federal payroll tax refunds if the Supreme Court of the United States finds Section 3 of the Defense of Marriage Act (DOMA) unconstitutional.  Employers currently must impute income to an employee for the fair market value of benefit coverage for a non-dependent same-sex spouse.  Such imputed income is subject to federal income and payroll taxes, as well as state income taxes in the majority of states.

The Supreme Court of the United States is expected to rule in late June on the constitutionality of Section 3 of the Defense of Marriage Act (DOMA).  A ruling that DOMA is unconstitutional will favorably reverse the federal tax treatment of employer-provided benefits for non-dependent same-sex spouses.  Such a reversal may lead to refunds of federal payroll taxes paid by employers and federal income taxes paid by employees on income imputed to employees for same-sex spouse benefit coverage.

Current Law

The Supreme Court is considering the constitutionality of Section 3 of DOMA in United States v. Windsor.  Windsor is a surviving spouse who was required to pay $350,000 in federal estate taxes after her same-sex spouse died—taxes she would not have had to pay if her same-sex marriage that was legally recognized in her home state of New York was also recognized under federal law.  Section 3 of DOMA provides that for all purposes of federal law, the word “marriage” means “only a legal union between one man and one woman as husband and wife,” and the word “spouse” refers “only to a person of the opposite-sex who is a husband or wife.”

Employees who enroll a non-dependent same-sex spouse or partner under an employer-sponsored benefit plan currently must pay federal income taxes on the fair market value of such coverage.  While federal law excludes amounts that an employer pays toward medical, dental or vision benefits for an employee and the employee’s opposite-sex spouse and dependents from the employee’s taxable income, employers that provide these same benefits to employees’ same-sex spouses or partners are required to impute the fair market value of the benefits as income to the employee that is subject to federal income tax, unless the same-sex spouse or partner otherwise qualifies as the employee’s “dependent” as defined for federal income tax purposes.  Employers are required to withhold federal payroll taxes from the imputed amount, including income, Social Security and Medicare taxes.  In addition, employers must pay their share of Social Security and Medicare taxes on the imputed amount, as well as Federal Unemployment Tax Act taxes.  The majority of states follow the federal income tax rules approach and also require employers to impute income on the value of such benefits for state income tax purposes.

Consider Filing a Protective Claim Now

Employers that have imputed income on the fair market value of benefits for employees’ same-sex spouses should consider filing protective FICA tax refund claims and should be poised to change their systems to allow for the future exclusion of benefits provided to same-sex spouses.  Although filing a complete refund claim can be burdensome from an administrative perspective, it is relatively easy for an employer to file a protective claim to preserve the statute of limitations on employment tax refund claims for open years and later file a supplementary claim with necessary employee consents and exact calculations. 

In general, the statute of limitations for tax refund claims is three years.  The due date for the protective claim is three years from April 15 of the calendar year following the year in which the income was imputed to the employee.  For example, for employment taxes paid on income imputed in 2010, a protective claim should be filed by April 15, 2014.  If not filed already, a refund claim cannot be filed with respect to employment taxes paid on income imputed before 2010 as the statute has run for that year.

If an employment tax refund had already been filed and the Internal Revenue Service (IRS) issued a notice of claim disallowance, the taxpayer must either bring suit to contest the disallowance within two years after the issuance of the notice or obtain an extension of the time to file such a suit with the IRS—this process can be initiated by filing IRS Form 907, Agreement to Extend the Time to Bring Suit.

Next Steps

Until the Supreme Court rules on Windsor, employers are advised to continue imputing income on the value of benefit coverage for employees’ non-dependent same-sex spouses and partners and to continue withholding and paying federal payroll taxes on the imputed amount.

View “Supreme Court Oral Arguments on DOMA, Proposition 8: Potential Employee Benefit Plan Implications” for more information on the employee benefit plan implications of the Supreme Court’s possible rulings on the constitutionality of DOMA in Windsor and California’s Proposition 8 in Hollingsworth v. Perry.

Health Care Obligations of Employers Under the Affordable Care Act

Giordano Logo

For most employers, the most important part of the Patient Protection and Affordable Care Act (commonly referred to as the “ACA” or “Obamacare”) will be the section known as the employer shared responsibility provision.  Many media outlets continue to incorrectly suggest that this provision requires employers to provide health insurance to all of their employees.  This is not actually the case.  Instead, this provision subjects employers to taxes or penalties if they fail to offer “adequate” and “affordable” health insurance to their employees.   Another fact commonly misunderstood is that for now, the only employers who need to be concerned about this issue are those who employ 50 or more “full time” employees (the ACA uses a very specific formula to determine who is considered full time) or those who employ under 25 employees and are looking to take advantage of the small business tax credit.

The employer shared responsibility provision goes into effect on Jan 1, 2014.   In most cases, in order to determine who is a full time employee, the employer reviews each employee’s full time status by “looking back” at a past employment period of between three (3) and twelve (12) months.   As a result, it is critically important that employers start thinking about their obligations under the ACA right now so they can be prepared for January 1, 2014.

Determining who is considered a full time employee under the ACA can be complex.  Under the ACA, a full time employee is someone who works 30 or more hours per week, on average.  Also taken into consideration are full time equivalent employees (“FTE”).  The number FTE employees are determined by adding up the total number of hours worked in a given month by part time employees and dividing than number by 120.  So for example, 10 part time employees working 60 hours per month would be counted as 5 FTE employees (10×60 = 600; 600/120=5).  Special rules also apply for seasonal employees, temporary employees, etc.

For those employers who have 50 or more full time employees under the ACA, the employer shared responsibility provision leaves the employer with several options:

Option 1– Provide health care coverage that is both “adequate” and “affordable” under the ACA.  Determining if coverage meets these requirements requires analysis of the costs of the plan to full time employees and the number of full time employees eligible under the plan.  The employer must also determine if providing coverage is more costly than the fines it would be subject to if it chose not to provide coverage.

Option 2 – Do nothing and provide no coverage to the employees, potentially subjecting the employer to a $2000 fine per employee.  Rather than simply rejecting this option of out of hand, the employer needs to determine the potential fine it faces and whether or not certain exemptions are applicable that could greatly reduce, if not eliminate the fine entirely.

Option 3 – Provide coverage that is not considered “affordable” under the ACA, subjecting the employer to a $3000 fine for each employee who chooses not to partake in the employer offered health plan and who instead purchases coverage through an insurance exchange and receives a tax credit or subsidy.  Before taking this route, an employer must carefully consider whether it believes its employees will seek coverage through an exchange and whether the savings it will gain from not paying its portion of the employee’s health care coverage will offset any potential penalty.

Article By:

 of

Big Box Retailers and Major Fast Food Chains Targeted by Unions and National Labor Relations Board (NLRB)

Michael Best Logo

The NLRB Rules Against Target

There are more than 1,750 Target stores nationwide, and none have been organized by a union. This fact was not lost on the National Labor Relations Board (the Board) when, on April 26, 2013, it affirmed the decision of an Administrative Law Judge that Target Corporation (Target)’s no-solicitation/no-distribution policy violated the National Labor Relations Act (the Act) and ordered Target to amend its policies nationwide. The consolidated cases, known as Target Corporation and United Food & Commercial Workers (UFCW) Local 1500, 359 NLRB No. 103 (2013), originated when the UFCW filed charges with the Board following an unsuccessful organizing campaign at a Target store in Valley Stream, New York.

The key issue addressed by the Board was whether Target maintained a no-solicitation/no-distribution policy that violated employees’ Section 7 rights under the Act. Target’s policy prohibited solicitation on the store’s premises at all times if it was for “personal profit,” “commercial purposes,” or “a charitable organization that isn’t part of the Target Community Relations program and isn’t designed to enhance the company’s goodwill and business.” The Board focused on the ban on solicitation “for commercial purposes,” finding that Target failed to define the phrase or provide illustrative examples to clarify what it meant. Because the phrase was undefined, the Board found that Target employees could have interpreted the phrase to ban solicitation and distribution on behalf of unions, which would violate the Act.[1]  

Ultimately, the Board ordered Target to rescind nationwide its no-solicitation/no-distribution rule and to:

[f]urnish all current employees nationwide with inserts for their current employee handbooks that (1) advise that the unlawful rules listed above have been rescinded, or (2) provide lawfully-worded rules on adhesive backing that will cover the unlawful rules; or publish and distribute to all current employees nationwide revised employee handbooks that (1) do not contain the unlawful rules, or (2) provide lawfully-worded rules.

The Board also set aside the union’s unsuccessful election attempt and ordered a new election to take place under the direction and supervision of the Regional Director.

Is Walmart The Next Target?

Walmart has more than 4,500 retail locations in the United States, and like Target, none are unionized. In recent months, the UFCW-backed group OUR Walmart has been advocating for strikes in several locations. On May 28, 2013, several media outlets reported a new round of strikes coordinated by OUR Walmart in advance of Walmart’s June 7, 2013 annual shareholder meeting.

In addition to the strike efforts, the UFCW, OUR Walmart, and Walmart have filed dozens of NLRB charges against each other in 2013. In May, the labor-backed group filed a new round of charges with the NLRB. Meanwhile, Walmart has filed lawsuits against the UFCW and OUR Walmart in Florida and California state courts in recent months alleging trespass and unlawful organizing activity on Walmart property.

Though the Board is currently under scrutiny based on recent court decisions invalidating the President’s recess appointments, the charges against Walmart provide it with another opportunity to make a nationwide statement against a non-union employer. Given the Board’s recent penchant for union activism, do not be surprised if it takes a close look at Walmart’s policies and practices in the coming months.

The Fast Food Industry

On May 15, 2013 hundreds of Milwaukee fast food workers walked off their jobs and launched a one-day strike demanding a raise to $15 per hour and the right to unionize without intimidation or retaliation. This was the fifth such strike in six weeks, following strikes in St. Louis and Detroit the week before, and in New York and Chicago in April. In each of those strikes, local groups organized fast food workers with support from the Service Employees International Union (SEIU), one of the nation’s largest unions. All of these strikes were preceded or followed by the filing of a slew of NLRB charges against the employers, alleging myriad unfair labor practices.

These strikes share several common characteristics. Each was a one-day strike by fast food workers, backed by ad hoc coalitions of unions and community groups. In the case of the Milwaukee strike, the organizing group was called “Wisconsin Citizen Action,” and the campaign was called “Raise Up, MKE.” The St. Louis campaign was called “STL Can’t Survive on $7.35,” and Detroit’s was called “D15.” These strikes have all been part of “minority unionism” campaigns, where the focus is on staging actions by a minority of the workforce designed to inspire their co-workers, rather than waiting until they have gained support from a majority of the workers. The short duration of the strike is calculated to minimize the risk that striking workers will be replaced by their employers after walking off.

The spread of these fast food strikes, as well as strikes by non-union workers in retailers like Walmart, comes amid a long-term decline in strikes in the U.S. Both the fast food and retail industries are overwhelmingly not unionized. The strategy pursued by the groups organizing these strikes is thus one of spectacle or demonstration, calling attention to the wages and working conditions of the employees in these industries.

[1] Oddly, the Board overruled a second finding by the Administrative Law Judge that a policy instructing employees to report unknown persons seen loitering the parking lot also violated Section 7 of the Act. The Board noted it would not conclude that a reasonable employee would read a rule to violate Section 7 simply because the rule could be interpreted that way.

Article By:

New Cybersecurity Guidance Released by the National Institute of Standards and Technology: What You Need to Know for Your Business

Mintz Logo

The National Institute of Standards and Technology (“NIST”)1 has released the fourth revision of its standard-setting computer security guide, Special Publication 800-53 titled Security and Privacy Controls for Federal Information Systems and Organizations2 (“SP 800-53 Revision 4”), and this marks a very important release in the world of data privacy controls and standards. First published in 2005, SP 800-53 is the catalog of security controls used by federal agencies and federal contractors in their cybersecurity and information risk management programs. Developed by NIST, the Department of Defense, the Intelligence Community, the Committee on National Security Systems as part of the Joint Task Force Transformation Initiative Interagency Working Group3over a period of several years with input collected from industry, Revision 4 “is the most comprehensive update to the security controls catalog since the document’s inception in 2005.”4

Taking “a more holistic approach to information security and risk management,5” the new revision of SP 800-53 also includes, for the first time, a catalog of privacy controls (the “Privacy Controls”) and offers guidance in the selection, implementation, assessment, and ongoing monitoring of the privacy controls for federal information systems, programs, and organizations (the “Privacy Appendix”).6 The Privacy Controls are a structured set of standardized administrative, technical, and physical safeguards, based on best practices, for the protection of the privacy of personally identifiable information (“PII”)7 in both paper and electronic form during the entire life cycle8of the PII, in accordance with federal privacy legislation, policies, directives, regulations, guidelines, and best practices.9 The Privacy Controls can also be used by organizations that do not collect and use PII, but otherwise engage in activities that raise privacy risk, to analyze and, if necessary, mitigate such risk.

Description of the Eight Families of Privacy Controls

The Privacy Appendix catalogs eight privacy control families, based on the widely accepted Fair Information Practice Principles (FIPPs)10 embodied in the Privacy Act of 1974, Section 208 of the E-Government Act of 2002, and policies of the Office of Management and Budget (OMB). Each of the following eight privacy control families aligns with one of the eight FIPPs:

  1. Authority and Purpose. This family of controls ensures that an organization (i) identifies the legal authority for its collection of PII or for engaging in other activities that impact privacy, and (ii) describes the purpose of PII collection in its privacy notice(s).
  2. Accountability, Audit, and Risk Management. This family of controls ensures that an organization (i) develops and implements a comprehensive governance and privacy program; (ii) documents and implements a privacy risk management process that assesses privacy risk to individuals resulting from collection of PII and/or other activities that involve such PII; (iii) conducts Privacy Impact Assessments (“PIAs”) for information systems, programs, or other activities that pose a privacy risk; (iv) establishes privacy requirements for contractors and service providers and includes such requirements in the agreements with such third parties; (v) monitors and audits privacy controls and internal privacy policy to ensure effective implementation; (vi) develops, implements, and updates a comprehensive awareness and training program for personnel; (vii) engages in internal and external privacy reporting; (viii) designs information systems to support privacy by automating privacy controls, and (ix) maintains an accurate accounting of disclosures of records in accordance with the applicable requirements and, upon request, provides such accounting of disclosures to the persons named in the record.
  3. Data Quality and Integrity. This family of controls ensures that an organization takes reasonable steps to validate that the PII collected and maintained by the organization is accurate, relevant, timely, and complete.
  4. Data Minimization and Retention. This family of controls addresses (i) the implementation of data minimization requirements to collect, use, and retain only PII that is relevant and necessary for the original, legally authorized purpose of collection, and (ii) the implementation of data retention and disposal requirements.
  5. Individual Participation and Redress. This family of controls addresses implementation of processes (i) to obtain consent from individuals for the collection of their PII, (ii) to provide such individuals with access to the PII, (iii) to correct or amend collected PII, as appropriate, and (iv) to manage complaints from individuals.
  6. Security. This family of controls supplements the security controls in Appendix F and are implemented in coordinating with information security personnel to ensure that the appropriate administrative, technical, and physical safeguards are in place to (i) protect the confidentiality, integrity, and availability of PII, and (ii) to ensure compliance with applicable federal policies and guidance.
  7. Transparency. This family of controls ensures that organizations (i) provide clear and comprehensive notices to the public and to individuals regarding their information practices and activities that impact privacy, and (ii) generally keep the public informed of their privacy practices.
  8. Use Limitation. This family of controls addresses the implementation of mechanisms that ensure that an organization’s scope of use of PII is limited to the scope specified in their privacy notice or as otherwise permitted by law.

Some of the Privacy Controls, such as Data Quality and Integrity, Data Minimization and Retention, Individual Participation and Redress, and Transparency also contain control enhancements, and while these enhancements reflect best practices which organizations should strive to achieve, they are not mandatory.11 The Office of Management and Budget (“OMB”), tasked with enforcement of the Privacy Controls, expects all federal agencies and third-party contractors to implement the mandatory Privacy Controls by April 30, 2014.

The privacy families must be analyzed and selected based on the specific operational needs and privacy requirements of each organization and can be implemented at various operational levels (e.g., organization level, mission/business process level, and/or information system level12). The Privacy Controls and the roadmap provided in the Privacy Appendix will be primarily used by Chief Privacy Officers (“CPO”) or Senior Agency Officials for Privacy (“SAOP”) to develop enterprise-wide privacy programs or to improve an existing privacy programs in order to meet an organization’s privacy requirements and demonstrate compliance with such requirements. The Privacy Controls supplement and complement the security control families set forth in Appendix F (Security Control Catalog) and Appendix G (Information Security Programs) and together these controls can be used by an organization’s privacy, information security, and other risk management offices to develop and maintain a robust and effective enterprise-wide program for management of information security and privacy risk.

What You Need to Know

The Privacy Appendix is based upon best practices developed under current law, regulations, policies, and guidance applicable to federal information systems, programs, and organizations, and by implication, to their third-party contractors. If you provide services to the federal government, work on government contracts, or are the recipient of certain grants that may require compliance with federal information system security practices, you should already be sitting up and paying attention. This revision puts privacy up front with security.

Like other NIST publications, this revision will be looked at as an industry standard for best practices, even for commercial entities that are not doing business with the federal government. In fact, over the last few years, we have seen increasing references to compliance with NIST 800-53 as setting a contractual baseline for security. We expect that this will continue, and now will include both the Security Controls and the Privacy Controls. As such, general counsel, business executives and IT professionals should become familiar with and conversant in the Privacy Controls set forth in the new revision to SP 800-53. At a minimum, businesses should undertake a gap analysis of the privacy controls at their organization against these Privacy Controls to determine if they are up to par or if they have to enhance their current privacy programs. And, if NIST 800-53 appears in contract language as the “minimum standard” to which your company’s policies and procedures must comply, the gap analysis will at least inform you of what needs to be done to bring both your privacy and security programs up to speed.

1 The National Institute of Standards and Technology is a non-regulatory agency within the U.S. Department of Commerce, which, among other things, develops information security standards and guidelines, including minimum requirements for federal information systems to assist federal agencies in implementing the Federal Information Security Management Act of 2002.

2 See Security and Privacy Controls for Federal Information Systems and Organizations, NIST Special Publ. (SP) 800-53,
Rev. 4 (April 30, 2013), http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf.

3 The Joint Task Force Transformation Initiative Interagency Working Group is an interagency partnership formed in 2009 to produce a unified security framework for the federal government. It includes representatives from the Civil, Defense, and Intelligence Communities of the federal government.

4 See NIST Press Release for SP 800-53 Revision 4 at http://www.nist.gov/itl/csd/201304_sp80053.cfm. Revision 4 of
SP 800-53 adds a substantial number of security controls to the catalog, including controls that address new technology such as digital and mobile technologies and cloud computing. With the exception of the controls that address evolving technologies, the majority of the cataloged security controls are policy and technology neutral, focusing on the fundamental safeguards and countermeasures required to protect information during processing, while in storage, and during transmission.

5 See NIST Press Release for SP 800-53 Revision 4 at http://www.nist.gov/itl/csd/201304_sp80053.cfm.

6 See Appendix J, Privacy Control Catalog to Security and Privacy Controls for Federal Information Systems and Organizations, NIST Special Publ. (SP) 800-53, Rev. 4 (April 30, 2013),http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf. Appendix J was developed by NIST and the Privacy Committee of the Federal Chief Information Officer (CIO) Council.

7 Personally Identifiable Information is defined broadly in the Glossary to SP 800-53 Revision 4 as “Information which can be used to distinguish or trace the identity of an individual (e.g., name, social security number, biometric records, etc.) alone, or when combined with other personal or identifying information which is linked or likable to a specific individual (e.g., date and place of birth, mother’s maiden name, etc.). See page B-16 of Appendix B, Privacy Control Catalog to Security and Privacy Controls for Federal Information Systems and Organizations, NIST Special Publ. (SP) 800-53, Rev. 4 (April 30, 2013),http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf. However, as stated in footnote 119 in Appendix J, “the privacy controls in this appendix apply regardless of the definition of PII by organizations.”

8 Collection, use, retention, disclosure, and disposal of PII.

9 See page J-4 of Appendix J, Privacy Control Catalog to Security and Privacy Controls for Federal Information Systems and Organizations, NIST Special Publ. (SP) 800-53, Rev. 4 (April 30, 2013),http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf.

10 See NIST description and overview of Fair Information Practice Principles at http://www.nist.gov/nstic/NSTIC-FIPPs.pdf.

11 See pages J-4 of Appendix J, Privacy Control Catalog to Security and Privacy Controls for Federal Information Systems and Organizations, NIST Special Publ. (SP) 800-53, Rev. 4 (April 30, 2013),http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf.

12 See page J-2 of Appendix J, Privacy Control Catalog to Security and Privacy Controls for Federal Information Systems and Organizations, NIST Special Publ. (SP) 800-53, Rev. 4 (April 30, 2013),http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf.

Securities and Exchange Commission (SEC) Issues Guidance on Resource Extraction Issuer Rules

Morgan Lewis logo

FAQs clarify which entities and payments are subject to the final rules.

On May 30, the Securities and Exchange Commission (SEC) released frequently asked questions (FAQs) providing guidance on certain aspects of its final rules for resource extraction issuers (the Resource Extraction Rules).[1] The Resource Extraction Rules, which were adopted on August 22, 2012 pursuant to section 1504 of the Dodd-Frank Wall Street Reform and Consumer Protection Act (the Dodd-Frank Act), require companies that are engaged in the commercial development of oil, natural gas, or minerals and required to file annual reports with the SEC to disclose certain payments made to the U.S. federal government or foreign governments (and related entities) for the purpose of commercial development of oil, natural gas, or minerals.[2] The FAQs provide guidance, among other things, as to which issuers are subject to the reporting requirements, what the meaning of “minerals” is, which payments must be reported and how they should be reported, and the consequences of a failure to timely file a Form SD.

Questions Answered by the FAQs

Which entities are resource extraction issuers?

  • Holding companies may be resource extraction issuers. Question 1 clarifies that a holding company is a resource extraction issuer if a subsidiary or other controlled entity is engaged in the commercial development of oil, natural gas, or minerals.
  • Entities engaged in associated services only are not resource extraction issuers. Questions 2 and 4 clarify that an issuer providing services associated with the exploration, extraction, processing, and export of a resource is not a resource extraction issuer. Only issuers directly engaged in the commercial development of oil, natural gas, or minerals must disclose payments to governments. Issuers providing associated services not covered by the Resource Extraction Rules include the following:
    • Issuers providing hardware and logistics for exploration or extraction
    • Issuers providing hydraulic fracturing or drilling services for an operator
    • Issuers providing transport services, including between countries, so long as the issuer does not have an ownership interest in the transported resources

Question 4 further clarifies that transportation activities are generally not included within the definition of “commercial development” unless they are directly related to the export of a resource. Generally, however, the SEC staff would view the movement of a resource across an international border from one host country to another country by a company with an ownership interest in the resource as export.

  • The term “minerals” has been defined. Question 3 provides clarity as to the definition of “minerals” under the Resource Extraction Rules by stating that “minerals” are any materials commonly understood to be minerals. Materials extracted and gathered by means of mining activity—including any materials for which disclosure would be required under Industry Guide 7, “Description of Property by Issuers Engaged or to Be Engaged in Significant Mining Operations”[3]—are encompassed in the definition and include materials such as metalliferous minerals, coal, oil shale, tar, sands, and limestone.

Which payments are subject to the Resource Extraction Rules?

For payments to be subject to the Resource Extraction Rules, they must be made to further the commercial development of oil, natural gas, or minerals and take the forms of taxes, royalties, fees, production entitlements, bonuses, dividends, or payments for infrastructure improvements.

  • Certain payments are excluded. Questions 5, 6, and 8 clarify that certain payments are not subject to disclosure pursuant to the Resource Extraction Rules. These include the following:
    • Payments made to majority-owned government entities for services or activities that are ancillary or preparatory to the commercial development of oil, natural gas, or minerals, such as payments for providing transportation services to supply people or materials to a job site.
    • Penalties or fines related to resource extraction.
    • Corporate-level income tax payments to governments on income not generated by the commercial development of oil, natural gas, or minerals. (However, a resource extraction issuer is not required to segregate this income and may disclose that the information includes payments made for purposes other than the commercial development of oil, natural gas, or minerals.)
  • The format for payment disclosure has been clarified. Question 7 provides that a resource extraction issuer is to present payment information on an unaudited, cash basis for the year in which the payments are made.

What are the consequences of failing to timely file a Form SD?

Question 9 provides that, if a resource extraction issuer fails to timely file a Form SD, the issuer does not lose eligibility to use Form S-3.

[1]. View the FAQs here.

[2]. For more information on the Resource Extraction Rules and the implications for affected companies, see our September 19, 2012 LawFlash, “SEC Adopts Payment Disclosure Rules for Resource Extraction Issuers,” available here.

[3]. View SEC Industry Guide 7 here.