It’s been a head-spinning week in the world of CFIUS, international trade and cyber security.

First, a few regulatory deadline notifications:

Deadline Notification: Bureau of Economic Analysis form BE-12. Friendly reminder regarding the looming May 31 due date for filing the Bureau of Economic Analysis 5-year benchmark survey on form BE-12. The report covers financial activity through the end of fiscal year 2017, and filing a BE-12 obviates the requirement to file an annual BE-15. Essentially, any U.S. company with a foreign owner of 10% or more of its equity is required to report on form BE-12. The theoretical penalties for failure to make this report are extraordinary—including fines and imprisonment for willful violations.

Deadline Notification: Bureau of Economic Analysis form BE-120. The BEA has implemented a new filing requirement for commercial transactions in the intellectual property space. U.S. entities that had sales to foreign persons involving intellectual property rights, including use of trademark, copyright or—importantly—software licenses are required to report their 2017 activities on form BE-120 by June 29, 2018.

Now on to the real action.

Trade war and peace: China and the U.S. both escalated their trade actions against one another. First, the U.S. announced its plans for $50 billion in tariffs on 301 Chinese products. The list is based on a Section 301 investigation that the U.S. Trade Representative, Robert Lighthizer, undertook at the President’s direction last fall.

Having announced the list, the plan is now subject to the following public comment period before it goes into effect:

• April 23, 2018: Due date for filing requests to appear and a summary of expected testimony at the public hearing and for filing pre-hearing submissions.
• May 11, 2018: Due date for submission of written comments.
• May 15, 2018: The Section 301 Committee will convene a public hearing in the main hearing room of the U.S. International Trade Commission, 500 E Street SW Washington DC 20436 beginning at 10:00 am.
• May 22, 2018: Due date for submission of post-hearing rebuttal comments.

In response, China, which last week announced tariffs of $3 billion on U.S. imports, ranging from fruit to pork to steel pipes, upped the ante to match the U.S. in announcing 25% tariffs on $50 billion of U.S. imports. The full list goods subject to Chinese tariffs can be found here.  The Chinese tariffs seem designed to cause pain among President Trump’s base of support, with soybeans, automobiles, whiskey, chemicals and aircraft (i.e., farm and manufactured goods) composing a heavy portion of the list. In general, China announced a smaller list of tariffed products (128 total), meaning each product bears more of the overall brunt of the $50 billion in tariffs compared to the U.S. version, which applies to a broader set of Chinese products (301 total). Separately the U.S. products depend more heavily on China as a customer than the Chinese products do on the U.S., although, of course, that pain is a two-way street if China cannot quickly find replacements. A very good and succinct analysis of the effect of Chinese tariffs on the U.S. by the Washington Post can be found here.

Fear and loathing in red districts: Even Republican members of commerce are worried. But Commerce Secretary doesn’t see what all the fuss is about, as this has been “telegraphed for days and weeks.” What, exactly, was telegraphed?  In part a full-on trade war, which are easy to win, but also not trade war, because we already lost it years ago. Markets jittered or were cautiously optimistic (depending upon whom you ask and what moment you ask), while the White House acted to soothe investors’ worries by reminding us that, for now, this is all just talk.

That said, the view at this firm is that there is a meaningful possibility that some version of these tariffs will go into effect. President Trump took office in large part by attacking current trade policies that, the argument goes, have destroyed the U.S. middle class. We’ve seen before that the administration will float ideas through abrupt and aggressive rhetoric and eventually a policy in some way resembling the rhetoric emerges. Several of President Trump’s closest advisors, foremost among them U.S. Trade Representative Robert Lighthizer (full disclosure: my former colleague at Skadden), have dealt with China trade issues for decades, and there is a sincere belief in the administration that the U.S. has gotten its policy wrong for the better part of 30 years. For a President who is willing to make sweeping policy changes quite abruptly, it seems entirely plausible that Trump would follow through on his mission to fundamentally change U.S. trade relations with China–in particular because anything less could be seen as weakness. But to avoid tariffs, President Trump will need to convince Chinese President Xi Jinping to relent on trade policies that have been central to China’s transformation from an extremely poor, agrarian society to the second-largest economy in the world and a technological leader in a mere 30 years.

Who will blink first? Here, midterm elections loom for President Trump, while President Xi just finished getting himself elected “President-for-Life” of China. Look to the EU, Australia, Japan and South America to tip the scales. The EU is still incensed that President Trump initiated tariffs against it several weeks ago, and a natural response would be to find ways to decouple its economy from the United States’ wherever possible. However, the EU and Japan recently joined the U.S.’s WTO proceeding against China’s intellectual property practices, citing similar discriminatory treatment by China. Despite the turmoil, all other countries have great leverage against both the U.S. and China for the foreseeable future as both seek to consolidate alliances in the looming trade war.

Buckle up: Indeed, as this post was about to go live, President Trump tripled the ante with a request to the U.S. Trade Representative to levy an additional $100 billion in tariffs on Chinese goods. “Rather than remedy its misconduct, China has chosen to harm our farmers and manufacturers,” the President said in a statement. He added, “The United States is still prepared to have discussions in further support of our commitment to achieving free, fair, and reciprocal trade.”

Beijing promised to “hit back forcefully and without hesitation.” Interestingly, President Trump ordered the Secretary of Agriculture  to “implement a plan to protect our farmers and agricultural interests” from Chinese retaliation. 

We’re in the early innings here. Expect continued ante-raising, quiet negotiations behind the scene, market schizophrenia for months–or longer–as this continues to play out. And if the tariffs go into effect, we will all feel the effect.

Now on to non-trade war news:

All the King’s men…were sanctioned: In a surprise move, the U.S. expanded its sanctions regime against senior Russian officials and state-owned companies, citing “the totality of the Russian government’s ongoing and increasingly brazen pattern” of disruptive actions on an international scale — most notably, its efforts to subvert democracies. The sanctions include a number of oligarchs close to President Putin, including his son-in-law. Expect a counter from Moscow before the weekend is up.

Re-emphasis on “critical”: A recent industry survey revealed that the heads of 60% of critical infrastructure companies believe their companies are not adequately equipped to guard against cybersecurity threats. Just over two-thirds reported that they had “little visibility” into the current state of security at their company, while a shocking 20% reported having “no visibility.” Such a lack of operational controls raises a host of potential liability issues in the event of a breach, but on a broader scale, the U.S. government is almost certainly aware of this lack of preparedness and is taking more aggressive measures to prevent it, such as through its recent public announcement of Russian exploitation of U.S. critical infrastructure companies, and related joint technical release regarding details of such exploits (as previously covered on this site). 

The silver lining annual report: While the survey mentioned above is deeply concerning, this may be, in part, a case of a problem seeming worse because it is more visible. FireEye, considered by many to be the gold standard in cybersecurity defense, released its annual trend report. The report noted several important findings:

• Companies are generally becoming more savvy at detecting network compromises internally, rather than being informed by an external group such as law enforcement. This is very good news, as internal detection generally reduces the aggregate “dwell time” that an attacker resides on a network following a compromise.
• The Chinese government has generally complied with the terms of the September 2015 ‘Obama-Xi Agreement,’ under which China agreed not to use state-sponsored hackers to steal the intellectual property of U.S. companies.
• However, FireEye has seen an increase in the number of attacks against U.S. companies that have resulted in the theft of business information such as bid prices, contracts, and information related to mergers and acquisitions. FireEye has also seen a surge in cyber espionage campaigns targeting business-to-business services such as cloud providers, telecommunications companies and law firms.
• Phishing continues to be a primary preferred method of compromising organizations because of its simplicity and effectiveness.

Digital wiseguys: While bereft of the Godfather-like drama of a mafia goon selling fire insurance to local businesses, this NPR article about Panera’s network vulnerabilities highlights an interesting aspect of the world of cyber security: the people best positioned to detect and remedy security vulnerabilities often are the ones who might otherwise exploit them. That helps to explain Panera’s reportedly slow and not-particularly-enthusiastic response to an outsider who contacted them to let them know that they were making available millions of customers’ personal information through their website.

Last but not least: Facebook. It is, frankly, a grim story. And the ancillary coverage also ranges from bad (advertising tobacco to minors) to far, far worse (secretly attempting to access hospital patient data). If there is something good to be said here, it’s that at least Mark Zuckerberg acknowledged the host of problems, including the difficulty in solving them.