CFIUS disapproval of Huawei-3Leaf Systems deal puts new focus on US controls over cloud computing technology

The US Committee on Foreign Investment in the United States (CFIUS) recently blocked Chinese telecommunications company Huawei Technologies Ltd. (Huawei) from acquiring the cloud computing-related technology of, and hiring employees from, insolvent US firm 3Leaf Systems. On February 18, 2011, Huawei issued a statement that it would not contest CFIUS’s recommendation that Huawei withdraw its application to CFIUS for national security clearance of the transaction. The CFIUS action may signal an important development in US control of cloud computing technology and US regulation of foreign investment.  

The parties did not seek CFIUS approval before the transaction. According to a Huawei statement, no CFIUS approval was sought because Huawei had timely sought and received approval for its acquisition of 3Leaf Systems technology from the US Bureau of Industry and Security (BIS) in the US Department of Commerce. CFIUS did not agree that the BIS actions satisfied the government’s concerns with the technology transfers, and it later asked Huawei to submit the deal for national security review.  

The CFIUS action came after Senators Jim Webb and Jon Kyl and three other lawmakers wrote Commerce Secretary Gary Locke and Treasury Secretary Timothy Geithner to question the Administration’s stance on the Huawei-3Leaf Systems deal and its regulation of cloud computing. In their February 10, 2010, letter, the legislators asked for a description of “the technology classification process as it relates to the export of resource virtualization or cloud computing technology.” They also asked for a description of “the review taken by the Commerce Department that allowed a foreign company, with close ties to the Chinese military, to obtain an export license for this technology.”

The CFIUS action and the focus by members of Congress on these issues come as the Department of Commerce is developing its policies on cloud computing. On January 11, 2011, the Department issued guidance stating that “the service of providing computational capacity through grid or cloud computing is not subject to the Export Administration Regulations (EAR), since the service provider is not shipping or transmitting any commodity, software or technology subject to the EAR to the user.” The Department had issued earlier guidance consistent with this position in January 2010.  

CFIUS does not issue policy guidance, and its recommendations on the Huawei transactions are not public. However, the disapproval of Huawei’s actions may signal that CFIUS views foreign acquisition of US cloud computing technology as raising heightened national security concerns. For the Department of Commerce, though its guidance apparently has not directly dealt with acquisition of the technology for creating and maintaining a cloud computing network, rather than its operation, the CFIUS action and congressional pressure may encourage the Department to tighten its review of cloud computing-related activities.