Originally published in the Spring 2020 edition of the State Bar of Michigan International Law Section’s Michigan International Lawyer
The outbreak of the coronavirus in China and its recent global spread present business and legal problems; this article discusses three relevant legal issues.
1. The Outbreak of the Coronavirus Tests the Authority of the WHO
After the outbreak of the Severe Acute Respiratory Syndrome (“SARS”) in China in 2003, the World Health Organization (WHO) issued the International Health Regulations (2005) (“IHR”). The purpose and scope of the IHR are two-fold: one is to “prevent, protect against, [and] control” the international spread of the disease, and the other is to “avoid unnecessary interference with international traffic and trade”.
Under the IHR, the member states of the WHO have 24 hours to report a potential Public Health Emergency of International Concern (“PHEIC”) to the WHO. Pursuant to Annex 2 of IHR, a list of diseases on the right box of Appendix 2 are notifiable only if they have a “serious public health impact”, are “unusual or unexpected”, and pose a “significant risk of international spread”; whereas the diseases in the left box of Appendix 2 (SARs, smallpox, poliomyelitis due to wild-type poliovirus and any new subtype of human influenza) are always notifiable and are a PHEIC which does not require WHO to declare as such. For those of unknown causes or those involving other events or diseases than those listed in the left box and the right box of Appendix 2, when a country is not certain whether the WHO should be notified, it should refer to the criteria set forth in the IHR. Pursuant to Article 6 of the IHR, the WHO should be notified if any two of the four following questions are affirmed: (i) is the public health impact of the event serious?, (ii) is the event unusual or unexpected?, (iii) is there a significant risk of international spread?, and (iv) is there a significant risk for international travel or trade restrictions?
The outbreak of the coronavirus in China is obviously a notifiable event, but the issue is whether China notified the WHO timely. Based on the date that China notified the WHO, and the date when the coronavirus was declared a PHEIC by the WHO, it appears that China was not late in reporting. On December 31, 2020, China alerted the WHO of several cases of unusual pneumonia in Wuhan, China. At that time, the virus was still unknown. On January 23, 2020, the WHO said that the outbreak did not yet constitute a public emergency of international concern and there was no evidence of the virus spreading among humans outside of China.
On January 30, 2020, the WHO declared that the outbreak of the coronavirus constitutes a PHEIC. This is the 6th PHEIC the WHO has declared since 2009. The previously declared PHEICs are: the 2009 H1N1 (or swine flu) pandemic, the 2014 polio declaration, the 2014 outbreak of Ebola in Western Africa, the 2015-16 Zika virus epidemic, and the 2018-20 Kivu Ebola epidemic. On February 11, 2020, the WHO officially named the coronavirus 2019-nCoV.
Upon declaring a PHEIC under IHR, the WHO may make temporary recommendations that include health measures to be implemented by the state party experiencing the public health emergency of international concern and by other state parties, regarding persons, baggage, cargo, containers, conveyances, goods and/or postal parcels to prevent or reduce the international spread of the disease and avoid unnecessary interference with international traffic. On January 30, 2020, when the WHO declared the PHEIC in China, it did not recommend any travel or trade restrictions. Furthermore, it required other countries to inform the WHO about travel measures taken and cautioned countries against taking actions that promote stigma or discrimination, in line with the principles of Article 3 of the IHR. 
As recent as February 27, 2020, the WHO issued a joint statement with the World Tourism Organization (UNWTO) announcing that they are working to assist states in ensuring that health measures be implemented in ways that minimize unnecessary interference with international traffic and trade. Travel restrictions going beyond these measures may cause unnecessary interference with international traffic, including negative repercussions on the tourism sector. Under Article 43 of the IHR, state parties implementing additional health measures that significantly interfere with international traffic (refusal of entry or departure of international travelers, baggage, cargo, containers, conveyances, goods, and the like, or their delay for more than 24 hours) are obliged to send the public health rationale and justification of their actions to the WHO within 48 hours of implementation. The WHO will then review the justification and may request countries to reconsider their measures. The WHO is required to share with other state parties the information about measures and the justifications received.
Despite the provisions set forth in IHR and statements made by the WHO, many countries almost immediately suspended the issuance of visas to Chinese nationals and imposed travel bans on China, after the WTO declared the coronavirus a PHEIC on January 30, 2020. On January 31, 2020, the U.S. Department of Health and Human Services (HHS) declared the 2019-nCoV situation to be a public health emergency in the United States. HHS issued a quarantine order for specific airline passengers returning to the United States from the Hubei Province of China. The same day, President Trump issued a proclamation on the Suspension of Entry as Immigrants and Non-immigrants of Persons Who Pose a Risk of Transmitting the 2019 Novel Coronavirus. This proclamation includes temporary suspension of foreign nationals (with some exceptions such as vessel crewmembers) who were physically present in the People’s Republic of China (excluding Hong Kong and Macau) during the 14-day period preceding their entry or attempted entry into the United States, to enter into effect February 2, 2020 at 5:00 pm Eastern Standard Time. On the same day, major airlines including Delta, United, and American, cancelled flights between China and the United States. Similar measures have been taken by other countries, including Australia, Singapore, and the Philippines. Russia, on February 18, 2020, banned Chinese nationals for an indefinite period from entering the country and closed off the long land border with China and Mongolia.
With the outbreak of the coronavirus in Iran, South Korea and Italy, other countries started closing off their borders as well. For example, Turkey has officially closed its border with Iran and suspended all travelers from Iran as of February 24, 2020.
Although the determination of a PHEIC should not constitute a basis for discrimination, Russia has adopted a special monitoring system to track Chinese nationals and has requested public transit conductors in Moscow to identify Chinese passengers and inform the police of their presence. In some cases, people were even forcibly quarantined. In the United States, racist assaults and ignorant attacks against Asians occurred in various places.
The author recognizes that some actions are “official” government actions, such those taken by Russia; whereas others shall not be attributed to the government, such as the racist assaults in the US. However, the official measures taken by some member states in contradiction to the WHO’s cautionary advice raise concerns about the legal authority of the IHR and the authority of the WHO. Perhaps, the question is an old one: Is “international law”, such as the IHR, really law that has a binding effect on its member states? Upon the actions taken by Russia, and various travel bans taken by many other countries, the WHO seems to lack any authority to sanction the violating member states; and each member state continues doing what it thinks is in the best interest of its own people.
2. Is the Coronavirus a Force Majeure Event?
2019-nCoV has already impacted the supply chain globally. Companies organized under Chinese law may refer to the doctrine of “force majeure” to seek full or partial excuse from the performance of domestic supply contracts. In the General Principle of Civil Law of the People’s Republic of China and the Contract Law of the People’s Republic of China “force majeure” means any objective circumstances which are unforeseeable, unavoidable or insurmountable. To seek the partial or full excuse from performance, the party who suffers a force majeure event shall have the duty to notify the other party to mitigate the losses that may be caused to the other party and shall provide evidence of the force majeure event within a reasonable time.
However, for international contracts, whether the Chinese party can be excused from performance will depend on the governing law, the existence of a force majeure clause in the contract, and how the force majeure clause is written.
To help Chinese suppliers prove the existence of a force majeure event, on February 2, 2020, the China Council for the Promotion of International Trade (“CCPTI”) issued the first force majeure certificates to evidence that the 2019-nCoV outbreak constitutes a force majeure event for international trade purposes. To apply for the force majeure certificates, companies in China shall provide (i) the announcement made by local government; (ii) the announcement made by the air carrier, train or other transportation agency regarding the cancellation of the freight etc.; and (iii) the relevant contract/purchase order. Since the degree of severity of the 2019-nCoV in different cities and provinces vary, not all companies meet the conditions for CCPTI to issue a certificate. Even with the certificate in hand, CCPTI made it clear that obtaining such certificate will not excuse performance automatically; the company concerned must carefully review the language set forth in the contract.
Since both China and the United States are parties to the United Nations Convention on Contracts for the International Sale of Goods (“CISG”), a Chinese company may be able to cite the occurrence of an “impediment” event to excuse late delivery or non-performance, if the relevant contract is governed by CISG. Article 79 of CISG provides that a party is not liable for a failure to perform any of its obligations if: “he proves that the failure was due to an impediment beyond his control and that he could not reasonably be expected to have taken the impediment into account at the time of the conclusion of the contract or to have avoided or overcome it or its consequences.” In February, 2020, many local government authorities in China mandated the lockdown of factories, and employees from places that are not located within the same village or town where the factory is located were prohibited from entering the manufacturing facility. In some places, however, the local government selectively allows certain companies to resume the business while others are still not permitted to engage in manufacturing activities. Therefore, whether the outbreak of the coronavirus constitutes a force majeure event for a company should be studied case by case, and the Chinese party will need to carry the burden of proof that the occurrence of the coronavirus constitutes a force majeure event in light of the specific circumstances.
CISG, however, is not applicable to service contracts, since CISG is only applicable to the sales of goods. Between US purchasers and Chinese manufacturers, the governing law for service contracts generally is the state law of the US purchaser. Under these circumstances, whether the occurrence of the coronavirus constitutes an event of force majeure will be decided by U.S. state law.
3. Will the Chinese Government fight for its citizens’ Data Privacy as it fights against Coronavirus?
To curb the spread of the coronavirus, the health authorities, airlines, rail operators and property management companies in China have collected personal data from many people. There is a common joke in China that every person is asked three questions on daily basis: “who are you”, “where are you from”, and “where are you going”. People must provide their real name, identification information or passport information, and their facial recognition any time they buy food, drugs, masks, or take the subway, bus, taxi, train, or airplane. With this information, people can easily locate confirmed and suspected cases in real time so they can avoid being infected, however, collecting even more data has led to privacy breaches. In response to these concerns, the National Health Commission of China and the Cyberspace Administration of China (CAC) issued an official Notice on the Protection of Personal Information when Using Big Data for Joint Support and Defense on February 4, 2020. The notice provides some guidance on the collection and use of the personal data obtained during the 2019-nCoV period:
- Only entities authorized under the Cybersecurity Law of the PRC, the Laws of the People’s Republic of China on Prevention and Treatment of Infectious Disease, and the Regulations on Responses to Public Health Emergencies may collect personal information. Other entities may not collect personal information without obtaining consent from individuals;
- The scope of the personal information must be minimized, the authorized entities can only collect personal information from diagnosed individuals, persons with symptoms, and person who have close contacts with the aforesaid people;
- The personal information collected for the purpose of fighting 2019-nCoV shall not be used for other purposes; and
- The entities which collect or process the personal information must adopt strict technical measures to protect the data and prevent data theft and leakage.
Any individual or entity that discovers a violation with respect to the use, collection, and disclosure of personal information may report this violation to the CAC or the Public Security Bureau (PSB). Network operators and service providers who violated the regulations may be subject to a fine, penalty, income confiscation, and the person or persons directly responsible or in charge of the entity which violated the regulations will face personal liability and may lose their operating license. Should the victims suffer damages, the violators shall also be responsible for civil liabilities.
Although these provisions seem protective of individuals’ personal information, there are a number of problems. For one, the authorized entities covered by the above referenced laws and regulations are very broad. For example, the authorized entities under the Cybersecurity Law include network operators and network service providers, cyberspace administrators, “other related departments” which are not defined, the telecommunication department, the public security department, and “other related authorities” which are not defined. Furthermore, the Regulations on the Responses to Public Health Emergencies permit the health administration department of the local government on the county level and above to collect information and handle health emergencies, and the Laws of the PRC on the Prevention and Treatment of Infectious Diseases allow any community to collect and obtain personal information in order to participate in the prevention and control of the coronavirus. This means that landlords, property management companies, and drug stores are all required to collect personal information. Individuals, on the other hand, have no right to object, but must give their consent; otherwise, they may not be able to go back to their home, do their shopping, or buy their daily necessities online. The second problem with the provisions is that to date, almost every person and not only those with diagnosed symptoms, is required to provide personal information such as the individual’s name, age, identification number, telephone number, home address, and personal contacts. Finally, many individuals do not know how their personal information is used. For Chinese individuals, the leakage of their personal information is almost a certainty to everyone; the question is only how far the information has been leaked.
With Chinese people’s enhanced awareness to protect their data privacy, will Chinese government fight as hard to protect personal information of the individuals within its jurisdiction and other data privacy as it did to fight against the coronavirus? Since many authorized entities that collect personal information are governmental entities, it remains to be seen how these laws and regulations apply to unauthorized entities collecting personal information, authorized entities’ unauthorized use of the rightfully collected information, or authorized entities that exceed their authorities to engage in excessive collection of personal information.