Wiley reports that executive order requires Beijing Shiji Information Technology to unwind acquisiti
On March 6, 2020, President Trump issued an Executive Order prohibiting the Chinese company Beijing Shiji Information Technology Co., Ltd. (Shiji) from acquiring the American software company StayNTouch, Inc. due to national security concerns. The Executive Order notes “credible evidence” that Shiji “might take action that threatens to impair the national security of the United States.” StayNTouch provides hotel property management software that organizes hotel and guest data and services. The national security threat appears to have centered on StayNTouch's management of, and potential access to, guest data. The Executive Order directs Shiji to divest all interests in StayNTouch and to “refrain from accessing . . . hotel guest data through StayNTouch.”
This is the third time that the Trump administration has formally blocked a deal following a review by the Committee on Foreign Investment in the United States (CFIUS), though many other deals may have been blocked informally. According to the most recent data, CFIUS opened 331 investigations between 2017 and 2018, and 41 of those deals were ultimately abandoned because of national security concerns. Parties withdrew from the transactions because either CFIUS was unable to resolve its national security concerns and was prepared to refer the matter to the President for decision, or the parties chose not to accept CFIUS’s proposed mitigation terms.
The deal between Shiji and StayNTouch closed in 2018, so it appears that the parties did not voluntarily submit a notice of transaction, and instead, CFIUS exercised its authority to investigate non-notified transactions. Non-notified transactions were addressed under the recent CFIUS reform legislation, the Foreign Investment Review Risk Modernization Act of 2018 (FIRRMA). FIRRMA directed CFIUS to outline the additional resources it needed to better address non-notified transactions. In addition, FIRRMA codified CFIUS’s authority to review and address national security concerns related to a foreign person's access to sensitive personal data.
Following FIRRMA’s enactment, CFIUS now has a heightened focus on personal data security, and the CFIUS agencies have additional resources to review non-notified transactions. Parties to transactions involving tech, infrastructure, and data in particular should fully consider and address CFIUS matters prior to closing transactions.