CFIUS and Huawei: Better to Seek Forgiveness Than Get Permission?

February 18, 2011

Reports this week that the Committee on Foreign Investment in the United States (“CFIUS” or the “Committee”) has asked Huawei Technologies to unwind its 2010 acquisition of technology and employees from 3Leaf Systems (“3Leaf”) highlight the fact that national security concerns with foreign direct investment in the U.S high-tech sector can be raised whether or not a transaction is voluntarily submitted for CFIUS review — even after the transaction is closed.

On February 15, the Wall Street Journal reported Huawei’s statement1 that CFIUS has told the company that if it does not reverse the 3Leaf transaction, CFIUS will recommend the President require the deal to be reversed.2 In an unprecedented move, the company announced that it would not follow the typical pattern of withdrawing its application. Instead, the company will wait for President Obama to review the CFIUS decision. The President must rule on the transaction within 15 days of the date the matter is referred to him. Since there is no judicial review of the President’s final decision, if the President upholds the CFIUS recommendation, Huawei would then be forced to sell the 3Leaf assets. If Huawei were to incur a loss, it is an open question whether it would have any legal remedy, such as a claim against the government for compensation; to date there is no precedent for such relief in a CFIUS proceeding.

Huawei’s approach of choosing in the first instance to avoid the CFIUS process, and then, when the process was started on the U.S. government’s initiative, of refusing to accept the CFIUS decision, could have ramifications beyond the specific transaction in question. It may presage more aggressive CFIUS prior screening of transactions, to avoid a recurrence of the “unscrambling the omelet” scenario presented in the Huawei case. It could also portend a retaliatory Chinese response. Recently, China unveiled its own regime for the national security review of inbound foreign investment transactions, and the timing may be more than coincidental.

“Covered Transaction”

Founded in 2004, 3Leaf focused on developing technology solutions based on the concept of virtualization, a key enabling technology for cloud computing.3 According to the Wall Street Journal, Huawei “hired 15 3Leaf employees, owns several former 3Leaf patents and purchased the startup’s servers out of bankruptcy.”4 Under CFIUS regulations, a “covered transaction” subject to CFIUS review is one that could result in the “control” of a “U.S. business” by a “foreign person.” Thus, if a transaction involves the sale of a physical facility but does not include customer lists, intellectual property and other proprietary information, other intangible assets, or the transfer of personnel, then the transaction would not be a “covered transaction.” However, if a transaction involves the acquisition of select key assets, it may well constitute a “covered transaction.”

Huawei took the position that its acquisition of the 3Leaf assets did not constitute a “covered transaction,” and declined to seek CFIUS review. CFIUS decided after the transaction was closed that it did.5

While the CFIUS recommendation and its rationale are confidential, this decision appears to be based on a number of factors: (1) the identity of the purchaser (Huawei); (2) the nature of the technology being acquired; and (3) the fact that 3Leaf employees were hired in addition to the purchased assets, lending weight to the conclusion that a “U.S. business” was being acquired. Press reports also indicate CFIUS committee members may have felt Huawei was attempting to avoid CFIUS review of the transaction.6

The Financial Times has reported that U.S. government employees conducted a “routine review of Huawei” last summer that brought the 3Leaf deal to the Committee’s attention.7 In view of this report, a foreign company whose investments in the U.S. have been subject to CFIUS investigation (as was Huawei’s 2008 proposed 3Com transaction) would be prudent to assume its transactions in the U.S. are being monitored by CFIUS. Such a company should also assume that CFIUS is likely, on its own initiative, to investigate any acquisitions that it determines may be “covered transactions” — whether or not the company determines to seek CFIUS review.

Congressional Oversight

The 3Leaf transaction was also notable for triggering bipartisan criticism from Congress. Several senators wrote to the Obama Administration in August 2010 asking a series of questions about Huawei. Most recently, in a February 10, 2011 letter to the Secretaries of Commerce and the Treasury, Senators Jim Webb and Jon Kyl expressed their concern that “Huawei’s acquisition of only certain parts of 3Leaf was specifically designed to ensure the transaction avoided CFIUS review.” They further asserted that Huawei has “well-established ties with the People's Liberation Army” and “has supplied equipment to Saddam Hussein and the Taliban.” In addition, they claimed that Huawei was “working extensively in Iran’s telecom sector, of which the Iranian Revolutionary Guard Corps owns a significant stake.”8

The Webb-Kyl letter also focused on the fact that the 3Leaf transaction involved the “core technology” of virtualization, upon which U.S. computer networks are increasingly reliant.9 Likely underscoring that concern is the widescale adoption of cloud computing by the federal government. Concerns regarding data security may be particularly acute in connection with Chinese companies’ activities due to the recent Night Dragon controversy, among others.10


A combination of factors — Huawei’s relationship to the Chinese military; its alleged connections to Iran, the Taliban and Saddam Hussein; the potential national security importance of the 3Leaf technology, and the federal government’s exposure to the exploitation of vulnerabilities in cloud computing as it increasingly adopts the technology;11 and concerns that the company was intentionally circumventing the CFIUS process — all likely contributed to the Committee’s ruling.

Regardless of the ultimate disposition, the 3Leaf transaction will have significance for future CFIUS reviews:

  • We expect continued heightened CFIUS scrutiny and congressional oversight of Chinese investment activities in U.S. high-tech sectors.
  • All foreign investors would be wise to consider the broad CFIUS interpretation of “covered transactions” as that term relates to asset purchase deals.
  • Those investors that have mitigation agreements with CFIUS or its constituent agencies, or have had deals investigated by CFIUS, should be aware that their investment activities in the U.S. appear to be subject to continuing close scrutiny by the U.S. government. For such investors, filing voluntarily for CFIUS review appears prudent where there is any possible national security issue.

For more information, please contact the following attorneys:

Carl A. Valenstein, Partner


1 CFIUS rulings are classified and unpublished.

2 Shayndi Raice, “Huawei Set Back on Deal in U.S.,” Online WSJ, February 15, 2011. Available at: (last accessed Feb. 16, 2011).

3 “3Leaf’s Bob Quinn to Present at Cloud Computing Conference in NYC,” January 25, 2009, Virtualization Journal.

4 Shayndi Raice, “Huawei Set Back on Deal in U.S.”, Online WSJ, February 15, 2011. Available at: (last accessed Feb. 16, 2011).

5 See 31 CFR 800.301(c) and 31 CFR 800.302(c).

6 Stephanie Kirchgaessner, “Huawei in Challenge to U.S.,” Financial Times, February 15, 2011. Available at: (last accessed Feb. 16, 2011).

7 Id.

8 Press Release: Sens. Webb, Kyl: Sale of U.S. Computer Technology to Chinese Firm Poses “Serious Risk”, February 11, 2011. Available at: (last accessed Feb. 15, 2011).

9 Id.

10 See Gregg Keizer, “‘Sloppy’ Chinese hackers scored data-theft coup with ‘Night Dragon’”, Computerworld, February 11, 2011. Available at: (last accessed February 15, 2011).

11 Vivek Kundra, Federal Cloud Computing Strategy (2011). Available at: (last accessed Feb. 15, 2011) (noting that one of the key issues relating to the federal government’s move to cloud technology will be how countries will strike the balance between security and the intellectual property of national data).

This article was originally published by Bingham McCutchen LLP.