Where Are My Chips?

Please contact Tim Flamank with any questions.

If you subscribe to the view that Artificial Intelligence (AI) is going to change life as we know it, then you will have a vested interest in the semiconductor industry. Semiconductors, or chips, are the workhorses behind AI and nearly every modern digital technology. Chips are so vital that they have been described as the “oil of the 21st century”, turning companies like Nvidia and TSMC (leaders in advanced chip design and manufacturing respectively) into household names.

It is therefore surprising that the supply chains underpinning this crucial component remain some of the most precarious.

Key risks include:

  • Chip manufacturing remains a highly globalised activity, despite recent initiatives by governments to “onshore” more of the supply chain.
  • Key stages of the production process are geographically concentrated. Localised disruption can therefore have global ramifications for supply, demand and pricing dynamics.
  • Global supply and demand can be volatile. While some companies, like Nvidia, have benefited from strong demand, other parts of the industry have seen oversupply. The long-term growth potential of key demand drivers, such as AI, is still uncertain.
  • Governments employing more muscular trade policies, for example through export controls and sanctions.

It is fair to say that chips increasingly resemble a commodity. As disputes lawyers, we deal in the legal mechanisms and frameworks which have developed to respond to disruptions in similar markets. The purpose of this article is to consider how, from an English law perspective, some of these concepts may apply to contractual arrangements in the chip sector. In so doing, we hope to show the practical value that advanced thinking about potential disruption can bring.

Most people will be familiar with the concept of force majeure. We have written about its potential applicability to chip contracts in the past. Force majeure clauses generally operate to release contractual parties from their obligations upon the occurrence of certain disruptive events, for example extreme weather or war.

Read the full insight here.

Cross-Post from Discourse Magazine:  The Rise and Fall of the WTO

This is a Cross-Post from Discourse Magazine.  Please contact Everett Eissenstat with any questions.

Both U.S. presidential candidates have taken firm stances against free trade.  This bipartisan support marks a significant change in our country’s historical stance on promoting open markets and reductions in tariffs.  For a deeper dive into the transformation of the U.S. ‘s trade policy and potential future of global trade, please read this article from our colleague Everett Eissenstat.

PVH Facing the Risk of Being Placed on China’s Unreliable Entities List

On September 24, 2024, China’s Ministry of Commerce (MOFCOM) announced that the Working Mechanism of the Unreliable Entities List (the “Working Mechanism”) had initiated an investigation of the PVH Group, a global clothing company and owner of brands such as Tommy Hilfinger, Calvin Klein, Warner’s, Olga and True & Co.

The action was taken pursuant to the Provisions on the Unreliable Entities List (UEL), a relatively new law in China that allows the Chinese government to impose countersanctions against foreign entities, including companies, organizations or individuals. The Working Mechanism indicated that PVH Group is being investigated for suspected violation of normal market transaction principles, suspension of normal transactions with Chinese enterprises, organizations or individuals, and adoption of discriminatory measures with respect to products from the Xinjiang Uygur Autonomous Region.

You can read the full insight prepared by D. Michael Kaye, Sarah K. Rathke, Ludmilla L. KasulkeJeremy W. Dutra, and Shawn Harwood here:

U.S. House Of Representatives Passes The BIOSECURE Act During “China Week”

On September 9, 2024, the U.S. House of Representatives commenced “China Week,” during which the House passed 25 bills intended to limit the influence of the Chinese Communist Party in the United States.[1]  Among these was the BIOSECURE Act—a piece of legislation that would prohibit federal funding for equipment or services provided by a “biotechnology company of concern.”[2]  The House voted in favor of the bill by a vote of 306 to 81 on Monday, and it will now move to the Senate.[3] 

A brief history of the BIOSECURE Act, a summary of its provisions, and an analysis of its supply chain implications are described in the following post.

Continue Reading

Supply Chain Legislation On The Horizon

On May 15, the U.S. House of Representatives passed the Promoting Resilient Supply Chains Act of 2023 by a vote of 390 to 19.  The bill, authored by Rep. Lisa Blunt Rochester (D-Del.) and Rep. Larry Bucshon M.D. (R-Ind.), is a bi-partisan effort and collaboration between the federal government and private entities to “map[], monitor[], and proactively strengthen[] American supply chains, bringing manufacturing jobs back home, and lowering costs for American consumers.”[1]

Continue Reading

Supply Chains Are The Next Subject of Cyberattacks

The cyberthreat landscape is evolving as threat actors develop new tactics to keep up with increasingly sophisticated corporate IT environments. In particular, threat actors are increasingly exploiting supply chain vulnerabilities to reach downstream targets.

The effects of supply chain cyberattacks are far-reaching, and can affect downstream organizations. The effects can also last long after the attack was first deployed. According to an Identity Theft Resource Center report, “more than 10 million people were impacted by supply chain attacks targeting 1,743 entities that had access to multiple organizations’ data” in 2022. Based upon an IBM analysis, the cost of a data breach averaged $4.45 million in 2023.

What is a supply chain cyberattack?

Supply chain cyberattacks are a type of cyberattack in which a threat actor targets a business offering third-party services to other companies. The threat actor will then leverage its access to the target to reach and cause damage to the business’s customers. Supply chain cyberattacks may be perpetrated in different ways.

  • Software-Enabled Attack: This occurs when a threat actor uses an existing software vulnerability to compromise the systems and data of organizations running the software containing the vulnerability. For example, Apache Log4j is an open source code used by developers in software to add a function for maintaining records of system activity. In November 2021, there were public reports of a Log4j remote execution code vulnerability that allowed threat actors to infiltrate target software running on outdated Log4j code versions. As a result, threat actors gained access to the systems, networks, and data of many organizations in the public and private sectors that used software containing the vulnerable Log4j version. Although security upgrades (i.e., patches) have since been issued to address the Log4j vulnerability, many software and apps are still running with outdated (i.e., unpatched) versions of Log4j.
  • Software Supply Chain Attack: This is the most common type of supply chain cyberattack, and occurs when a threat actor infiltrates and compromises software with malicious code either before the software is provided to consumers or by deploying malicious software updates masquerading as legitimate patches. All users of the compromised software are affected by this type of attack. For example, Blackbaud, Inc., a software company providing cloud hosting services to for-profit and non-profit entities across multiple industries, was ground zero for a software supply chain cyberattack after a threat actor deployed ransomware in its systems that had downstream effects on Blackbaud’s customers, including 45,000 companies. Similarly in May 2023, Progress Software’s MOVEit file-transfer tool was targeted with a ransomware attack, which allowed threat actors to steal data from customers that used the MOVEit app, including government agencies and businesses worldwide.

Continue Reading

Supply Chain Disruptions: Drafting Contract Clauses to Mitigate Risks, Navigate a Breach, Avoid Litigation”

Alexis Chandler will be participating in a CLE webinar on April 2, 2024 from 1pm-2:30pm EDT titled “Supply Chain Disruptions: Drafting Contract Clauses to Mitigate Risks, Navigate a Breach, Avoid Litigation.”  The panel will discuss the following:

  • What are the recent trends in supply chain litigation?
  • What should supply chain contracts include regarding the timing of deliverables in light of global or other disruptions?
  • How can a force majeure provision be drafted to provide an enforceable defense?
  • When should companies abandon commercial negotiations and pursue litigation when suppliers default?
  • What are the latest trends in relation to ESG and supply chain risk management?

Squire Patton Boggs has ten complimentary passes for the webinar.  If you would like to attend, please contact Kristi Vitaz (kristi.vitaz@squirepb.com) by 5pm today, April 1, 2024.  As a bonus, you will receive CLE credit!

You may also register for the webinar here.

White House Issues Executive Order to Strengthen Cybersecurity at US Ports

This is an legal insight prepared by D. Michael Kaye, Sarah K. Rathke, Bridget McGovern, Michael J. Wray, Shea Leitch, John P. Flynn, Darien Flowers, and Michelle Story. Please contact one of the authors with any questions.

On February 21, 2024, the White House issued an executive order implementing various measures to bolster the security of US ports by expanding the US Coast Guard’s authority to regulate maritime cybersecurity, requiring the reporting of cyber incidents and investing in the US port critical infrastructure.

Read the full insight here.

Forced Labor Legal Developments in Europe: EU Council and Parliament Negotiate Final Text for Proposed Regulation

This is a legal insight prepared by colleagues Ludmilla L. Kasulke, D. Michael Kaye, Thomas Delille, Christina Economides, Amjad Wakil, María Vara Pitarch. Please contact the authors with any questions.

While many have focused in recent months on the US enforcement of the forced labor import ban (19 U.S.C. 1307) and the Uyghur Forced Labor Prevention Act (UFLPA) (Public Law No. 117-78), the EU is working on its own set of regulations prohibiting products made with forced labor from entering the EU market.

Read the full insight here.

FMC Announces Hearing on Shipping Conditions in the Red Sea

As Yemen’s Houthi rebels have increased attacks against vessels sailing through the Red Sea and the Gulf of Aden, global trade stakeholders have responded. It has been announced in the media that oil majors and large global shipping lines are suspending shipping operations in the Red Sea.

In light of the current geopolitical climate, the Federal Maritime Commission (FMC) announced that it will hold an informal public hearing on February 7, 2024, to examine how conditions in the Red Sea and Gulf of Aden regions are impacting commercial shipping and global supply chains. The hearing will allow stakeholders in the supply chain to communicate with the FMC on how operations have been disrupted by attacks on commercial shipping emanating from Yemen, steps taken in response to these events, and the resulting effects.

The full insight was prepared by colleagues Michael Wray (Houston), Michael Kaye (DC), John J. Reilly (NY), Darrien Flowers (DC), John P. Flynn (DC), and Jack Kingston (DC).

LexBlog