Photo of David Fagan

David Fagan

David Fagan co-chairs the firm’s top ranked practices on cross-border investment and national security matters, including reviews conducted by the Committee on Foreign Investment in the United States (CFIUS), and data privacy and cybersecurity.

Mr. Fagan has been recognized by Chambers USA and Chambers Global for his leading expertise on bet-the-company CFIUS matters and has received multiple accolades for his work in this area, including twice being named Dealmaker of the Year by The American Lawyer for 2016 and 2019. Clients laud him for providing “excellent advice,” “know[ing] everything there is to know about CFIUS” and being “extremely well regarded” by key regulators. (Chambers USA)

In the foreign investment and national security area, Mr. Fagan is known for his work on matters requiring the mitigation of foreign ownership, control or influence (FOCI) under applicable national industrial security regulations, including for many of the world’s leading aerospace and defense firms, private equity firms, and sovereign investors, as well as telecommunications transactions that undergo a public safety, law enforcement, and national security review by the group of agencies known as “Team Telecom.”

Mr. Fagan’s practice covers representations of both foreign and domestic companies before CFIUS and related national security regulators. The representations encompass matters in which the principal assets are in the United States, as well as those in which there is a smaller U.S. nexus but where solving for the CFIUS issues – including through proactive mitigation and carve-outs – is a critical path for the transaction. Mr. Fagan is also routinely called upon to rescue transactions that have run into challenges in CFIUS, and to negotiate solutions with the U.S. government that protect national security interests, while preserving shareholder and U.S. business interests.

Reflecting his work on U.S.-China investment issues and his experience on complex U.S. national security matters intersecting with China, Mr. Fagan is regularly engaged by multi-national companies, including the world’s leading technology companies, to advise on strategic legal projects, including supply chain matters, related to their positioning in the emerging competition between the U.S. and China. Mr. Fagan also has testified before a congressional commission regarding U.S. national security, trade, and investment matters with China.

In the privacy and data security area, Mr. Fagan has counseled companies on responding to some of the most sophisticated documented cyber-based attacks on their networks and information, including the largest documented infrastructure attacks, as well as data security incidents involving millions of affected consumers. He has been engaged by boards of directors of Fortune 500 companies to counsel them on cyber risk and to lead investigations into cyber attacks, and he has responded to investigations and enforcement actions from the Federal Trade Commission (FTC) and state attorneys general. Mr. Fagan has also helped clients respond to ransomware attacks, insider theft, vendor breaches, hacktivists, state-sponsored attacks affecting personal data and trade secrets, and criminal organization attacks directed at stealing personal data, among other matters.

In addition, he routinely counsels clients on preparing for and responding to cyber-based attacks on their networks and information, enhancing their supply chain and product development practices, assessing their security controls and practices for the protection of data, developing and implementing information security programs, and complying with federal and state regulatory requirements. He also frequently advises clients on transactional matters involving the transfer of personal data.

On the heels of Russia’s invasion of Ukraine, pandemic-induced supply chain disruptions, and U.S.-China tensions over Taiwan, 2022 accelerated a sweeping effort within the U.S. government to make national security considerations—especially with respect to China—a key feature of new and existing regulatory processes. This trend toward broader national security regulation, designed to help maintain U.S. strategic advantage, has support from both Republicans and Democrats, including from the Biden Administration. National Security Advisor Jake Sullivan’s remarks in September 2022 capture the tone shift in Washington: “…[W]e have to revisit the longstanding premise of maintaining ‘relative’ advantages over competitors in certain key technologies…That is not the strategic environment we are in today…[w]e must maintain as large of a lead as possible.”

This environment produced important legislative and regulatory developments in 2022, including the CHIPS and Science Act (Covington alert), first-ever Enforcement and Penalty Guidelines promulgated by the Committee on Foreign Investment in the United States (“CFIUS” or the “Committee”) (Covington alert), President Biden’s Executive Order on CFIUS (Covington alert), new restrictions under U.S. export control authorities targeting China (Covington alert), and proposals for a new regime to review outbound investments by U.S. businesses (Covington alert). The common thread among these developments is the U.S. government’s continuing appetite to use both existing and new regulatory authorities to address identified national security risks, especially where perceived risks relate to China.

With a Republican majority in the U.S. House of Representatives riding the tailwinds of this bipartisan consensus, 2023 is looking like a pivotal moment for national security regulation—expanding beyond the use of traditional authorities such as trade controls and CFIUS, into additional regulatory domains touching upon data, communications, antitrust, and possibly more. In parallel, the U.S. focus on national security continues to gain purchase abroad, with foreign direct investment (“FDI”) regimes maturing in tandem with CFIUS, and outbound investment screening gaining traction, for example, in the European Union (“EU”). It is crucial for businesses to be aware of these developments and to approach U.S. regulatory processes with a sensitivity towards the shifting national security undercurrents described in greater detail below.Continue Reading Will 2023 Be an Inflection Point in National Security Regulation?