Trade security Journal - Economic Laws Practice

Page created by Stacy James
 
CONTINUE READING
Trade security Journal - Economic Laws Practice
trade
  security
  Journal

KYC: a
proCess
ripe for
automation

new anti-corruption legislation to impact corporates in ireland
talking trade security with the founder of China Labor Watch
How to address human rights risks in supply chains: new research
a guide to us data protection
  1 Trade Security Journal Issue 6
understanding india’s offset policy
                                                         Issue 9. September 2018
Trade security Journal - Economic Laws Practice
IN THIS ISSUE

                                     issue 9, septemBer 2018                                                     from tHe editor

3    neWs round-up                                                                                     As we head into deep summer,
     California’s data privacy                                                                         there is (if this latest iteration of
     clampdown: what it                                                                                the Trade Security Journal is to be
     means for businesses                                                                              believed) no letting up in the
                                                                                                       world of compliance. These pages
     India’s corruption law a                                                                          reveal that regulation and
     ‘game-changer’                                                                                    enforcement remain vigorously
                                                                                                       promulgated and enforced (if not
     G20 aims for October                                                                              always and everywhere with the
     deadline on crypto anti-                                                                          same energy, conviction or
     money laundering                                                                                  capacity) – and that new frontiers
     standard                                                                                          of technology create their own
                                                                                                       challenges.
     Uber appoints first data                                                                               All readers will be aware of
     protection and privacy                                                                            the growing focus on human
     chiefs                                                                                            rights issues attached to supply
                                                                                                       chains. In this and recent issues,
     Singapore data breach                                                                             we can see that this is a truly
     hits 1.5m victims                                                                                 global development.
                                                                                                           Meanwhile, Gil Rosen’s article
     EU-Japan deal ‘goes
                                                                                                       on Israel’s data protection regime
     beyond trade’ to include                                          A guide to US data protection
                                                                                                       is a reminder that while there are
     reciprocal data                                                                           27      few in the world who aren’t
     protection                                                                                        GDPR-aware, other jurisdictions
                                                                                                       also possess laws that must be
     Ireland, Greece and              9   data priVaCY             23 teCHnoLogY
                                                                                                       respected and articles from
     Romania face fines for                Five questions you          KYC: a process ripe for          Canada and Russia and the UK
     AML failings                         should ask about            automation                       prove – if proof was ever needed
                                          Bahrain’s new data                                           – that CFIUS isn’t the only
     UK to adopt fifth EU
     anti-money laundering
                                          protection law           31 anti-Corruption                  national security regime in play…
                                                                      Second Circuit Curbs                 BREXIT, elusive though it may
     directive in advance of
                                      10 fraud                        FCPA application to              be, is everywhere at the moment.
     BREXIT
                                         EU final guidelines on        some foreign                     But as our interviewee Caroline
     Facebook and Google                 fraud reporting under        participants in bribery          Barraclough explains, it has put
     urged not to comply                 the Payment Services                                          wider supply chain issues in the
                                                                                                       limelight in a way that they
     with ‘troubling’ Vietnam            Directive                 34 nationaL seCuritY                haven’t hitherto enjoyed. Given
     cybersecurity law                                                Understanding India’s            their increasingly mind-boggling
     Cyber-crime a growing            11 LegaL priViLege              offset policy                     complexity, that, perhaps is at
                                         Common sense prevails                                         least one good thing to have
     threat to UK law firms,
     report warns
                                         in the UK’s battle over   38 nationaL seCuritY                emerged from the triggering of
                                         legal professional           Tightening the screws on         Article 50?
                                         privilege                    FDIs: The Leifeld case                                       Tom Blass
                                                                      and projected                                                 July 2018
                                      17 Human rigHts                 developments in foreign
                                         How to address human         direct investments in                     &
                                         rights risks in supply       Germany                                     )& (+
                                         chains: new research on                                                $)&# !
                                         current practices

                                      21 anti-Corruption
                                         New anti-corruption
                                         legislation to impact
                                         corporates operating in
                                                                                                                                                                                 Cover illustration by MeSamong

                                         Ireland

    TSJ meets Li Qiang, founder of                                                                       * #(
                                                                                                         ! # (&
                                                                                                                       $&&)%( $# !   '! ( $# ($ "% ( $&%$& ( ' # & ! #
                                                                                                                          ' )& (+ * ( (     $)#   &$        #     $&   (
               China Labor Watch                                                                        $* ($          & '' )" # &      (' & ' ' # ')%%!+       #' # * & '   &

                             12
                                                                                                            )     ($         ( %&$( ( $#
                                                                                                        #       &'( # #     #    ,' $-' ( %$! +

2 Trade Security Journal Issue 9
Trade security Journal - Economic Laws Practice
NEWS ROUND-UP

California’s data privacy clampdown: what it
means for businesses
Earlier this summer, California’s                                                                                                       business that earns $25 million in
lawmakers unanimously passed a                                                                                                          revenue per year, sells 50,000
bill on data privacy – the first of its                                                                                                  consumer records per year, or
kind in the United States –                                                                                                             derives 50 percent of its annual
affording residents of the state                                                                                                         revenue from selling personal
unprecedented control over the                                                                                                          information.’ However, SMEs are
way that third parties can use their                                                                                                    still advised to review their
personal information (see Trade                                                                                                         information security and data
Security Journal issue 8).                                                                                                              processing measures.
    The Consumer Privacy Act                                                                                                                In a blog post, lawyers
(also known as AB 375) stipulates                                                                                                       Courtney Bowman and Kristen
that:                                                                                                                                   Mathews at the law firm
                                                                                                                                        Proskauer, say the law ‘has the
l Californians may opt out of the                                                                                                       potential to change the privacy law

                                                                                                                     SHUTTERSTOCK.COM
  sale of their data and request                                                                                                        landscape in the U.S. – not just
  deletion from information                                                                                                             California…The law’s protection
  bases.                                                                                                                                of California-based “consumers”
l Data cannot be taken from                                                                                                             means that many companies, even
  minors (age 13-16) without their       The law – dubbed ‘GDPR-lite’ by some – ‘has the potential to change the                        those based outside California and
  explicit consent, or the consent       privacy law landscape in the U.S. – not just California.’                                      even outside the U.S., will be
  of their parents (under 13).                                                                                                          subject to its requirements.
l Businesses must disclose, upon            The inability to see exactly who        Despited being outwardly                            Businesses will incur significant
  request, how consumer data is          is accessing data, and for what         supportive of consumer rights on                       compliance costs in order to
  being used.                            reasons are all causes for concern      the surface, a number of well-                         update procedures, policies and
                                         for big business, while new             known tech companies are                               Web sites in accordance with the
   The law – dubbed ‘GDPR-lite’          disclosure requirements and the         understood to have helped fund                         new law. Additionally, the Act’s
by some – has already invited            threat     of     penalties      for    opposition to the bill.                                grant of a private right of action
backlash from tech giants, despite       noncompliance introduce a stream           The law will have less of an                        means that companies will have to
being more than 12 months away           of new responsibilities and             impact on smaller businesses. AB                       anticipate a possible flood of
from implementation.                     limitations.                            375 will only apply to ‘any                            consumer-driven litigation.’ n

India’s corruption law a ‘game-changer’
In July this year, India’s parliament    the same footing as the UK Bribery                                                             and others to investigate senior
passed      new      anti-corruption     Act – creating a kind of vicarious                                                             politicians and big companies and
legislation which campaigners say        liability of the company for the                                                               has set the tone.’
is possibly a ‘game-changer’ in the      action of its employees and of those                                                               As the legislation, though
fight against graft. The Prevention       associated with the company                                                                    passed, is yet to come into force,
of Corruption (Amendment) Act            (including its subsidiaries and                                                                the response from businesses in
2018 has been some time in coming        agents). Now the onus is on all                                                                the country has been varied. ‘We
– the amendments having first             commercial organisations to have                                                               speak to a lot of companies,’ said
been introduced in 2013.                 anti-corruption          compliance                                                            Banhatti, ‘and it’s clear that at
    The original act is almost three     procedures in place.’                                                                          senior levels [management] is
decades old but has long been in             Prior to the legislation’s                                                                 uncertain as to how the new law
need of a revamp to reflect global        amendment, he said, the law had                                                                will be enforced or if put in place.
developments, say lawyers.               been focused on punishing bribe-        training sessions, and people are                          ‘Some companies, particularly
    Anay Banhatti, a partner at the      takers, not givers. ‘Someone giving     surprised at the strength of the law.                  international companies, have
Mumbai office of Economic Laws             a bribe was not specifically or          Enforcement levels are stronger                        formal anti-corruption plans in
Practice, told TSJ that India had        explicitly covered in the offence,       than they have been in the past,                       place because they’re already
committed to changing the                which was really targeted at            when corruption was considered a                       regulated under the FCPA and
legislation in the light of its          government officials, although            cost of doing business.’                               UKBA. Indian companies –
commitments under international          bribe givers could be charged with          Banhatti said that a series of                     without such documented systems
conventions. ‘The most important         aiding and abetting…’                   scandals in the past decade –                          – are more worried, and this will
change,’ said Banhatti, ‘is that             India      scores    poorly   in    including a case which saw the                         mean a big shift in corporate
under the new legislation the            Transparency          International’s   government undercharging mobile                        culture for them.’
company has committed an                 Corruption Perception index –at         phone companies for frequency                              According to Banhatti, national
offence where anyone within the           number 81 among 180 of the              allocation licences – has been                         resources and the purchase of
organisation or associated with the      countries rated. Nonetheless, says      behind the change. ‘That matter                        defence equipment are likely to be
organisation is proven to have           Banhatti, attitudes are changing,       saw the courts directing the CBI                       particularly in the sights of
given a bribe – so that places it on     albeit slowly. ‘Our firm holds           (Central Bureau of Investigation)                      investigators. n

3 Trade Security Journal Issue 9
Trade security Journal - Economic Laws Practice
NEWS ROUND-UP

G20 aims for October deadline on crypto
anti-money laundering standard
G20 member countries are to                                                                                                        The challenge regulatory
review the global anti-money                                                                                                   authorities        face         with
laundering standard on crypto-                                                                                                 cryptocurrencies is that – since
currency by no later than October,                                                                                             they are so new – many existing
according to a G20 statement.                                                                                                  security laws do not accommodate
    Finance ministers and central                                                                                              them. FATF is already working to
bank     governors     from     the                                                                                            create     binding     rules       for
organisation hosted a meeting in                                                                                               cryptocurrency exchanges that
Argentina on 22 July, resulting in                                                                                             comply      with    global AML
a deadline for the Financial Action                                                                                            regulations. Topics such as know
Task Force (‘FATF’) to explain how                                                                                             your customer (‘KYC’) norms are
its current AML standards will                                                                                                 to be raised, along with
apply to crypto transactions.                                                                                                  establishing licences for sellers.
    Clarifications were originally                                                                                                  Regulation will help provide
asked for by March, as a result of                                                                                             certainty in the cryptocurrency
                                       Because cryptocurrencies are so new, many existing security laws do not
G20’s aim to enforce global                                                                                                    market, director of competition at
                                       accommodate them.
regulations on the subject.                                                                                                    the Financial Conduct Authority
    The statement recognises the                                                                                               Mary Starks hopes: ‘We need to
growing benefits of crypto-assets.      laundering. The risks posed are        surveillance. G20 continues to act               ask ourselves as regulators what
However, it warns that they can        not significant, the Financial          against money laundering, with                   we should do so that we are not
cause problems regarding terrorist     Security Board (‘FSB’) assures, but    the expectation that FATF will                   inhibiting the benefits nor
financing, tax evasion, and money       transactions require ‘vigilant’        provide insight promptly.                        overlooking the risks.’ n

Uber appoints first data protection and privacy chiefs
Between a series of scandals and an    users in 2016, the US Federal Trade                                                     first time an expert has been hired
upcoming IPO, Uber is continuing       Commission (‘FTC’) called for an                                                        to provide full responsibility.
to overhaul its approach to privacy    improved privacy policy at the                                                              Zefo, who is also a member of
with the appointment of two new        High-profile allegations of sexual                                                       the International Association of
officials. Ruby Zefo, former chief       harassment at the company                                                               Privacy Professionals (‘IAPP’), will
security counsel at Intel, has been    brought further discomfort, while                                                       be based in San Francisco. She will
announced as the first ever chief       the threat of losing its licence to                                                     fill ‘a critical global role
privacy officer at the company.          operate in London led to the                                                            responsible for the development
Simon Hania, joining from              company committing to new and                                                           and implementation of privacy
TomTom, will take charge of data       improved governance measures.                                                           standards,     procedures,      and
protection.                                Uber is currently managed by                                                        processes,’ says Uber’s chief legal
    The changes come as a result of    Dara Khosrowshahi, who says he            Though privacy executives                     officer. Hania will be based in
a turbulent few years for the taxi     wishes to ensure that the company      have previously worked in                        Amsterdam, the Netherlands,
service. Following a breach that       is ‘putting integrity at the core of   individual departments such as                   overseeing compliance with the
exposed the data of 57 million         every decision we make’.               engineering and legal, this is the               GDPR. n

Singapore data breach hits 1.5m victims
A     quarter     of    Singapore’s    and repeatedly targeted Prime              Singapore’s data regulations                 accessed.     Critical     services,
population – including the island      Minister Lee Hsien Loong's             have been fortified in recent years,              including energy, aviation, and
state’s prime minister – has been      personal       particulars     and     the most notable change being the                media, as well as healthcare, are
affected in the island state’s single   information on his outpatient          Cybersecurity Act 2018. This new                 required by the government to
largest data breach to date.           dispensed medicines.’                  law calls for the appointment of a               strengthen their network security
    A statement issued by the              The ‘attackers’ were said to       Cybersecurity Commissioner to                    in response to possible attacks.
Ministry of Communications and         have illegally copied the names,       oversee the protection of critical                   The Personal Data Protection
Information and the Ministry of        addresses,       and    outpatient     information infrastructure (‘CII’) –             Commission, Singapore’s privacy
Health described a ‘deliberate,        dispensed medicines of 1.5 million     any information which could                      watchdog, will investigate the
targeted, and well-planned’ cyber-     Singaporean residents. Officials         cause harm to the state if wrongly               attack. n
attack on SingHealth, one of           believe that an advanced persistent
Singapore’s major healthcare           threat (‘APT’) group – described as     for further information on singapore’s Cybersecurity regime, see:
organisations. ‘It was not the work    an organisation that commits            ‘Draft Cybersecurity Bill introduced in Singapore – five key takeaways for your organisation,’
of casual hackers or criminal          careful, premeditated cyber attacks     Trade Security Journal, issue 3, September 2017
gangs. The attackers specifically       – carried out the hack.

4 Trade Security Journal Issue 9
Trade security Journal - Economic Laws Practice
NEWS ROUND-UP

EU-Japan deal ‘goes beyond trade’ to
include reciprocal data protection
A third of the global economy and
about 600 million people will
benefit from what has been called
‘the largest bilateral trade deal
ever.’ So says the European
Council, after council president
Donald Tusk signed a bilateral
economic partnership agreement
with Japan’s prime minister Shinzō
Abe, which, the European Union
says, ‘goes beyond trade deals
only’.
    Key elements of the deal
include:

l Tariffs on more than 90% of the       ‘The mutual adequacy finding marks the first reciprocal recognition of data privacy equivalency between the EU
  EU’s exports to Japan will be        and a third country.’
  eliminated. Over time around
  85% of EU agri-food products            necessary to ensure ‘the world’s     Protection Regulation (“GDPR”) –                   They predict that the ability to
  will be allowed to enter Japan          largest area of safe data            and Japan have prohibited, with                freely transfer data between the EU
  entirely duty-free.                     transfers’.                          certain exceptions, cross-border               and Japan ‘should make business
l Reciprocal data adequacy,                                                    transfers of personal data unless              transactions within the combined
  meaning that information such            In a briefing, lawyers at            the data recipient is located in a             area more cost- and time-efficient,
  as credit card details and           Debevoise & Plimpton noted: ‘The        country designated as providing                bolstering the impact of the
  browsing habits can be               EU Commission and Japan’s               an adequate level of protection.               reduced and eliminated tariffs
  accessible between Japan and         central data protection authority –     The Commission and the PPC are                 agreed to under the trade deal.
  the EU. Currently, only 12           the      Personal      Information      now to begin the internal                      However, they warned: ‘Until the
  nations are permitted to store       Protection Commission (“PPC”) –         procedures necessary to formally               adequacy decisions are fully
  European persons’ information        have been discussing a mutual           designate the data protection                  adopted, businesses exporting data
  on their servers. A joint            adequacy finding since January           regimes of the other as adequate –             from Japan to the EU or vice versa
  statement, issued to ease            2017. Since recent reforms to           the EU by formal adoption of an                should remain vigilant to ensure
  concern about data safety,           Japan’s Act on the Protection of        “adequacy decision” with regard                that cross-border transfers are
  maintains that the EU and            Personal Information (“APPI”), the      to Japan, and the PPC by                       conducted with advance consent or
  Japan would adhere to the            data protection regimes of both the     designating the EU’s data                      in compliance with GDPR- or
  ‘relevant internal procedures’       EU – the EU General Data                protection system as “equivalent”.’            APPI-approved mechanisms.’ n

Ireland, Greece and Romania face fines for AML failings
The European Commission has            let any EU country be the weakest           According      to   The    Irish           place in 2017, has since been
referred Ireland, Greece and           link. Money laundered in one            Examiner, a spokesman for                      replaced. ‘The fifth addresses
Romania to the European Court of       country can and often will support      Ireland’s ‘Justice Minister, Charlie           issues of tax evasion and fraud,
Justice ‘for failing to implement      crime in another country. This is       Flanagan, said most of the                     exposing the names of trust
the 4th Anti-Money Laundering          why we require that all Member          provisions of the directive would              beneficiaries     and     extending
Directive into their national law’.    States take the necessary steps to      be transposed by the Criminal                  customer verification require-
    The       Commission         has   fight money laundering, and              Justice Money Laundering and                   ments, and must be followed by all
‘proposed that the Court charges a     thereby also dry up criminal and        Terrorist Financing Amendment)                 EU member states by 2020,’ notes
lump sum and daily penalties until     terrorist funds. We will continue to    Bill, which has already passed all             the Commission. ‘These new rules
the three countries take the           follow implementation of these EU       stages in the Dáil [lower house of             aim at ensuring a high level of
necessary action.’ It is understood    rules by Member States very             the Irish parliament] and is due to            safeguards for financial flows from
that this means that Ireland, which    closely and as a matter of priority."   come before the Seanad [upper                  high-risk     third      countries,
the         Commission          said       EU Member States had till 26        house] after the summer recess,                enhancing the access of Financial
‘implemented only a very limited       June 2017 to transpose the 4th          with all required measures due to              Intelligence Units to information,
part of the rules’ faces a €1.7        Anti-Money Laundering Directive         be in place before the end of the              creating centralised bank account
million fine, plus additional daily     into national legislation. The          year.’                                         registers, and tackling terrorist
penalties.                             directive aims to strengthen the            The      fourth     anti-money             financing risks linked to virtual
    Věra Jourová, Commissioner         risk-assessment obligations of          laundering directive, put into                 currencies and pre-paid cards.’ n
for Justice, Consumers and Gender      banks, lawyers, and accountants
Equality said: ‘Money laundering       and improve transparency in the           the Commission’s announcement can be seen at:
and terrorist financing affect the       beneficial        ownership         of     http://europa.eu/rapid/press-release_IP-18-4491_en.htm
EU as a whole. We cannot afford to      companies.

5 Trade Security Journal Issue 9
Trade security Journal - Economic Laws Practice
NEWS ROUND-UP

UK to adopt fifth EU anti-money laundering
directive in advance of BREXIT
The UK is likely to enforce an EU                                                                                  Channel Islands or to offshore
law that is expected to expose                                                                                     financial centres such as Bermuda
thousands of tax evaders. The fifth                                                                                 and     the     Cayman      Islands.
anti-money laundering directive                                                                                    However,       a    Labour     Party
came into effect in the EU early in                                                                                 amendment to the sanctions and
July and EU Member States have                                                                                     anti-money laundering bill already
to until 10 January 2020 to                                                                                        requires such territories to declare
transpose      it   into   national                                                                                public registers of company
legislation – a deadline roughly                                                                                   ownership.
nine months after that currently                                                                                       Brexit does not officially take
set for the UK to leave the EU.                                                                                    place until next March 2019, and
    According to the UK’s                                                                                          the UK is required to adhere to all
Department for Business, Energy                                                                                    European Union laws until then.
and Industrial Strategy (‘BEIS’),                                                                                  Nonetheless, the choice to adopt
the fifth directive should be                                                                                       the fifth directive outside of the EU
implemented        into    national                                                                                would signal motion towards an
legislation shortly. A response to                                                                                 international clampdown on
the Panama Papers investigation,                                                                                   financial secrecy.
the fifth directive seeks to combat    BEIS: ‘These proposals will ensure we have the appropriate safeguards to         ‘These proposals will ensure
terrorism, corruption, and anti-      protect our national security.’                                              we     have      the    appropriate
money       laundering.    Notable                                                                                 safeguards to protect our national
elements include:                     l Access to the names of bank         l A right for the government to        security,’ said Greg Clark BEIS
                                        account holders for national          ‘call in’ large transactions that    business secretary, whilst ensuring
l Public registers of company           financial intelligence units;          cause a national security threat.    the economy stays ‘open to high
  owners in every EU Member           l Access to the names of the                                                 levels of foreign investment in the
  State;                                beneficiaries of trusts;                 The law does not apply to the      future.’ n

          Business and Human Rights
          Customs and Import Trade                                                “The firm is absolutely superior. It always
          Defense Trade and National Security                                     provides a rapid response and represents
          Export Controls and Economic Sanctions                                  great value for money. In addition, it has
          FCPA and International Anti-Corruption                                  a pragmatic outlook that translates to a
          Internal Investigations                                                 very business-friendly approach.”
          International Trade Remedies                                                                           - Chambers and Partners
          Trade Policy
          White Collar Defense

               Miller & Chevalier Chartered . 900 16th Street NW . Washington, DC 20006 . millerchevalier.com

6 Trade Security Journal Issue 9
Trade security Journal - Economic Laws Practice
NEWS ROUND-UP

Facebook and Google urged not to comply
with ‘troubling’ Vietnam cybersecurity law
A group of US lawmakers has                                                                                                  vital sources of the country’s
urged Facebook and Google not to                                                                                             income. However, the head of the
comply with Vietnam’s new                                                                                                    committee which drafted the law
cybersecurity law amid concerns                                                                                              maintained that its requests for the
about storing users’ personal data                                                                                           social media sites were reasonable:
within the countryand threatening                                                                                            ‘Placing data centres in Vietnam
human rights.                                                                                                                increases costs for businesses but
   ‘This broad and vaguely                                                                                                   is a necessary requirement to meet
worded law would allow the                                                                                                   the cybersecurity need of the
communist authorities to access                                                                                              country.’
private data, spy on users, and                                                                                                  Writing in issue 8 of Trade
further restrict the limited online                                                                                          Security Journal, lawyers from
speech freedoms enjoyed by                                                                                                   Baker McKenzie noted: ‘The Draft
Vietnamese citizens.’ So wrote 17                                                                                            Law changes the scope of data
bipartisan members of the US                                                                                                 subjects from “Vietnamese users”,
Congress in a letter to Google CEO     US lawmakers are concerned about the implications of the new legislation.             which includes users with
Sundar Pichai and Facebook chief                                                                                             Vietnamese nationality only, to
Mark Zuckerberg. A similar letter      sites to locally store important user   more weapon for the government                “users in Vietnam”, which
from senators is expected.             data, as well as opening offices in       against dissenting voices,’ said              includes all users of any
   According to the Vietnamese         Vietnam. Article 15 outlines illegal    Brad Adams, Asia director of                  nationality who use services
authorities, the 16th draft of the     cyber activities including ‘anti-       Human Rights Watch. ‘It is no                 within Vietnam.
Law on Cybersecurity is intended       state information’ – meaning that       coincidence that it was drafted by                ‘In sum, a plain reading of the
to combat defamation, protect          users could be banned from              the country’s Ministry of Public              law suggests that the scope of this
minors, and uphold cybersecurity       expressing dissent online. Under        Security, notorious for human                 requirement has been broadened,
standards within the country.          the law, offending content must be       rights violations.’                           which in effect would mean that it
However, there are concerns            removed within 24 hours of                 Within Vietnam, there has been             is      easier     for     overseas
among observers regarding certain      receiving a request from the            some push back against the law                telecommunications and Internet
obligations.                           Ministry of Public Security.            amid worries that it will impact              service providers to fall within the
   The law would require global            ‘This bill will provide yet one     foreign trade and investment –                purview of this provision.’ n

Cyber-crime a growing threat to UK law firms, report warns
The United Kingdom’s National          UK legal sector’, was created in        international corporate firms,’                view and understanding of cyber
Cyber Security Centre (‘NCSC’)         conjunction with the Law Society        reads the report.                             threats and their impact. It’s a
has published its first report          of England and Wales and other              Despite the warnings, Law                 positive step to help our members
highlighting the growing cyber         major law firms involved in              Society      president    Christina           spot vulnerabilities and put
threat to the legal sector. It says    Industry 100, a scheme developed        Blacklaws sees the report as an               relevant       safeguards        and
that due to the nature of the          by the NCSC to enable a wider           opportunity for awareness rather              protections in place,’ she said.
information they typically deal        understanding of cyber security.        than fear. ‘As data controllers, law              Last year, DLA Piper, one of the
with (sensitive client information,        The report discusses the            firms handle significant volumes of             largest law firms in the world, fell
sizeable funds, etc.), law firms are    ‘strategic necessity’ of cybercrime     confidential       and     sensitive           victim to a sustained cyber attack
becoming a prime target for cyber      awareness post-GDPR, as well as         information and client monies as              across multiple offices, leaving
criminals. The frequency of online     advising law firms on the best           part of their daily work. In the              phone and IT systems down and
attacks is increasing exponentially,   ways to protect their information.      post-GDPR world and as the sector             its      reputation      somewhat
with 60% of firms affected in 2018,      Findings indicate that the primary      delivers and transacts more online,           compromised        as    operations
compared to 42% in 2014. It’s          threats are phishing, data breaches,    it’s vital that we get a common               ground to a halt. n
estimated that £11 million of funds    and ransomware. ‘The cyber threat
have been stolen by cybercriminals     applies to law firms of all sizes and
from firms in the UK in the past 12     practice, from sole practitioners,       download 'the cyber threat to uK legal sector' here:

months.                                high street and mid-size firms, in-       https://www.ncsc.gov.uk/legalthreat

    The report, ‘The cyber threat to   house legal departments up to

    trade security Journal welcomes your news
    and comment. Contact the editor at
    tom@tradesecurityjournal.com

7 Trade Security Journal Issue 9
Trade security Journal - Economic Laws Practice
NIN
                                                                            G...
                                                                                TRA
                                                                                   INI
                                                                                      N            G..N
                                                                                                        OV       EMB
                                                                                                                    ER
                                                                                                                         15-
                                                                                                                            16.
         Export controls, ICPs and good practice                                                                               .

           A 2-day training programme, with Strong & Herd
                      in association with WorldECR
     Award-winning Export Controls Consultancy
     strong & Herd, in association with WorldeCr,             outcomes and benefits of attending
     the journal of export controls and sanctions,      Attendees of this intensive, two-day training can look forward
                                                        to leaving with greater confidence that they understand, and
     is delighted to present this two-day, in-depth      can apply within their own organisations, key concepts and
     training on export controls and creating an          requirements of export control compliance, and generate a
                                                         checklist of best practice requirements relevant to their own
     Internal Compliance Plan which is practical,                               company needs.
     fit for purpose, and tailored to your
                                                            All attendees will receive a certificate of attendance.
     company’s specific needs.

     While eminently suitable for those new to
     export controls, established professionals       preparing for BreXit
     will find it a stimulating refresher – and a      In the light of the UK’s intended departure
     rare opportunity to share ideas.                 from the European Union, it is imperative for
                                                      EU and UK companies to understand:
                                                      • New licensing requirements for UK exports
     The course will cover:                              to the EU and vice versa
                                                      • Implications of Brexit for controlled goods
     the Basics                                          supply chains and intra-company transfers
     • An introduction to export controls –           • Potential for further divergence as EU
       looking at the UK export control system in        export controls evolve
       global perspective
     • Military Goods and Dual-Use goods – how        export controls and my company
       do they differ in law? How do I distinguish    • Where should responsibility for compliance
       between them?                                    ‘sit’ in your company?
     • Who, in my company, is responsible for         • Who should be trained in export controls?
       compliance?                                    • Ensuring export control awareness
     • How is the transfer of intangible                company-wide
       technology controlled and why?                 • Record-keeping and preparing for an audit
     • Record-keeping and technical information
                                                      Case studies presented on the course will
     the anatomy of export Controls – an              explore situations such as
     introduction to                                  • The classification of goods in different
     • Licensing                                        scenarios
     • End-users, end-user statements and             • Impact of supplying the same goods to
       undertakings                                     different markets (assessing need for end-
     • Catch-all                                        use statements or undertakings)
     • Sanctions                                      • Sending equipment for repairs or
                                                        temporarily, for marketing purposes
     export controls in the united Kingdom            • How US controls apply in the United
     • The Export Control Joint Unit (ECJU) – its       Kingdom/European Union
       role and function
     • Licensing applications – getting started       the training will include break-out, industry-
       with SPIRE                                     specific sessions for representatives from
     • Knowing your OIELS from your OGELs:            • Oil/ gas/ energy • Aerospace
       distinguishing between types of licence        • Vehicles • Chemical industries
       and their application requirements             • Technology – IT/ encryption

w Export controls, ICPs and good practice, a 2-day training event, will take place on
  15-16 November 2018 at The Strand Palace Hotel, 372 Strand, London WC2R 0JJ
w Attendance costs £945 (+VAT where appropriate) and includes 2 days of training,
  breakfast, lunch and morning and afternoon refreshments. Special rates are available
  for organisations wishing to send 3 or more delegates.
w For further information or to reserve your place, email mark.cusick@worldecr.com
Trade security Journal - Economic Laws Practice
BULLETINS

Five questions you should ask
about Bahrain’s new data
protection law
By Dino Wilkinson, Clyde & Co.
www.clydeco.com

t
       he Kingdom of Bahrain has become      personal or family affairs or processing        subject) unless it falls within one of the
       the second country in the GCC to      that relates to national security              five grounds for processing in Article 4 of
       issue a national data protection      undertaken by security authorities in the      the Law.
law. Organisations operating in Bahrain      Kingdom.                                           These      grounds       include      the
or processing the personal data of                                                          performance of contracts or legal
consumers from Bahrain should be             What data is protected?                        obligations, protecting the data subject’s
aware of the new obligations and             The Law defines personal data as                vital interests, and safeguarding the data
sanctions in the legislation that will       information relating to an identified or        controller's legitimate interests. There are
become effective in 2019. Here are the        identifiable individual. This is largely        derogations for the processing of
five questions you should be asking to        consistent with European and similar           personal data for journalistic, artistic or
understand how the new law will impact       international definitions of personal data      literary purposes and more stringent
you.                                         or personally identifying information          rules applying to the processing of
    Bahrain’s Personal Data Protection       (‘PII’) under equivalent legislation,          ‘sensitive personal data’ (i.e., personal
Law No. 30 of 2018 (‘the Law’) has been      although there is express reference to         data that directly or indirectly reveals
published in the Official Gazette on 19        identification of an individual via their       racial or ethnic origin, political or
July 2018. The Law aims to be consistent                                                    philosophical views, religious beliefs,
with international practices in the                                                         trade union membership, criminal
protection of personal data and to                The Law aims to be                        record, health or sexual condition).
enhance the attractiveness of Bahrain to      consistent with international                     One interesting feature of Bahrain’s
foreign investors by providing a clear                                                      legislation is the role of the ‘Data
framework for processing personal data.
                                              practices in the protection of                Protection Supervisor’. This is an
It is anticipated to be supplemented by           personal data and to                      accredited third party that may be
resolutions that are due to be issued by 1
                                              enhance the attractiveness of                 appointed by data controllers at their
February 2019.                                                                              discretion or, in some cases, at the
                                              Bahrain to foreign investors.                 direction of the data protection authority.
Who is affected?                                                                             The Data Protection Supervisor must
The Law will apply to any processing of      Personal ID Card in addition to other          exercise its role in an ‘independent and
personal data wholly or partly by            factors specific to the individual's            neutral manner’ (unlike, for example, the
automated means or the manual                physical, mental, cultural, economic or        data protection officer appointed by
processing of personal data that will        social identity. Data subjects will have       European entities under the GDPR).
form part of an organised filing system.      rights of access to personal data and to           Its responsibilities include monitoring
   The Law is stated to apply to             information concerning the processing of       and verifying the data controller’s
individual residents or workers in           their personal data, as well as the right to   compliance with the law, supporting the
Bahrain, locally established businesses      object to processing for direct marketing      data controller in exercising its rights and
and any businesses outside Bahrain that      or automated decision making.                  performing its obligations, maintaining a
process personal data ‘by means                                                             register of processing, and coordinating
available within the Kingdom’ other than     What are the key obligations?                  between the data protection authority
for purely transitory purposes.              Many of the obligations placed on ‘data        and the data controller.
   This means that non-Bahraini              managers’ (controllers) will be familiar to        The Law prohibits the transfer of
businesses operating data centres or         organisations that operate under data          personal data outside Bahrain to
using third-party data processors in         protection laws in other parts of the          jurisdictions that are not approved by the
Bahrain will be caught by the Law. Any       world, including requirements to process       data protection authority unless the data
non-resident person or business that is      data fairly and lawfully, to collect           subject provides consent or the transfer
subject to the Law must appoint an           personal data for legitimate, specific and      falls under a specific derogation,
authorised representative in the             clear purposes, and to ensure that data is     including transfers necessary for the
Kingdom to perform its local legal           adequate, relevant and not excessive as        performance of contracts, protection of
obligations.                                 to the purpose for which it was collected.     the data subject’s vital interests or
   The Law does not apply to processing      Data cannot be processed without the           preparing, pursuing or defending a legal
of personal data within the context of       consent of the relevant individual (data       claim. The Law also requires data

9 Trade Security Journal Issue 9
Trade security Journal - Economic Laws Practice
BULLETINS

controllers to enter written contracts with            statements concerning established violat-    have to notify the authority prior to
third parties that process personal data               ions and referring potential crimes to the   conducting any data processing unless
on their behalf (data processors).                     public prosecutor. Individuals may claim     they appoint a Data Protection
However, there is no mandatory data                    compensation for damage suffered due to       Supervisor or the processing is limited to
breach notification provision in the Law.               any processing of their personal data by     certain activities set out in Article 14 of
                                                       a data controller in breach of the Law.      the Law.
How will the law be enforced?                                                                          Some types of data processing
A range of criminal and administrative                 What should organisations do now?            (including automated processing of
fines may be imposed under the Law.                     The Law will become effective from 1          sensitive personal data, biometric data
Criminal offences – including the                       August 2019, but any organisations that      for identification purposes, genetic
processing of sensitive personal data or               are involved in processing personal data     information and video monitoring) will
transfer of personal data outside the                  in Bahrain should start conducting an        require the express prior approval of the
Kingdom in violation of the Law or                     assessment of their processing activities    authority. Ongoing awareness and
failure to notify as required by the Law –             at the earliest opportunity in order to      training in data protection is likely to
may attract fines of up to BD 20,000                    understand the implications of the Law       become a more commonplace feature for
(US$ 53,200) or imprisonment for up to                 and implement appropriate compliance         companies in Bahrain and we would
one year.                                              measures. This process would typically       expect to see organisations adopting data
    Administrative fines for other offences              start with a due diligence exercise to       governance policies, procedures and
may be imposed on a scale up to BD                     understand the flows of data around the       practices in line with international
20,000 (US$ 53,200) for one-off fines or                 organisation. Contracts with third parties   standards. Processes will need to be in
daily penalties of up to BD 1,000                      will also need to be reviewed along with     place to ensure that organisations can
(US$ 2,650), which may be increased for                privacy policies, consent forms and          comply with their obligations and
repeat offences. Other sanctions available              employment agreements. Once the law          respect the new rights afforded to data
to the regulator include publishing                    comes into effect, data controllers will      subjects. n

EU final guidelines on fraud
reporting under the Payment
Services Directive
By Thomas Donegan, Shearman & Sterling LLP
www.shearman.com

o
       n 18 July 2018, the European                    the European Central Bank. Existing data     consultation last year on proposed
       Banking Authority published final                reporting practices vary across the EU.      guidelines, a number of changes have
       guidelines on fraud reporting                   The EBA has worked with the ECB to           been made, including aligning the
under the revised Payment Services                     develop these Guidelines to ensure that      requirements with those in the ECB
Directive. PSD2 aims to increase the                   data is reported consistently and that the   Regulation on payment statistics
security of electronic payments and                    data is comparable and reliable.             (ECB/2013/43). The main changes are:
decrease the risk of fraud. The Directive,                 The final Guidelines are addressed to
which has applied since 13 January 2018,               PSPs, except account information service     l It had been proposed that quarterly
requires payment service providers to                  providers, and to their national               reporting of high-level data would be
provide, at least on annual basis, data on             regulators. The guidelines cover               required with a more detailed set of
fraud relating to different means of                    payment transactions that have been            data on a yearly basis. Instead, the
payment to their national regulator. The               initiated and executed, including the          final guidelines impose one uniform
regulators must in turn provide such                   acquiring of payment transactions for          set of reporting requirements on a
data in aggregated form to the EBA and                 card payments, identified by reference          semi-annual basis;
                                                       to: (a) fraudulent payment transactions      l Country-by-country data breakdowns
                                                       data over a defined period of time; and         are no longer required; and
  the final guidelines are available at:                (b) payment transactions over the same       l Fraudulent transactions where the
  http://www.eba.europa.eu/documents/10180/2281937/G   defined period. The guidelines also set         payer is the fraudster are no longer
  uidelines+on+fraud+reporting+under+Article+96%286
  %29%20PSD2+%28EBA-GL-2018-
                                                       out how national regulators should             within the scope of the guidelines.
  05%29.pdf/5653b876-90c9-476f-9f44-507f5f3e0a1e.      aggregate the data.
                                                           Following the feedback to the EBA’s         The guidelines apply from 1 January

10 Trade Security Journal Issue 9
BULLETINS

2019, except for the reporting of data                      authentication provided for in the             (Commission Delegated Regulation (EU)
linked to the exemptions from the                           Regulatory Technical Standards on              2018/389), which will apply from 14
requirement to use strong customer                          strong     customer    authentication          September 2019. n

Common sense prevails in the
UK’s battle over legal
professional privilege
By Amanda Seddon, Matthew Burn, Amanda Raad
and Sarah Lambert-Porter, Ropes & Gray
www.ropesgray.com

C
       ompanies around the world can                           so-called ‘Code tests’ and is set to           The Court of Appeal rejected the first
       finally breathe a sigh of relief today                   bring charges.                              instance judge’s conclusion that litigation
       with respect to the UK’s position on                         On the facts of this case, the Court   privilege could not apply to this material
privilege in criminal investigations. In a                     of Appeal found that the advice of          on the basis that if ENRC had chosen to
much-anticipated judgment on the ENRC                          ENRC’s external counsel that the            co-operate with the SFO, much of this
case (Serious Fraud Office (SFO) v Eurasian                      evidence unearthed by their internal        material would have been handed over.
Natural Resources Corp. Ltd [2018] EWCA                        investigation meant that there was ’a          As a result of this decision, English
Civ 2006), the English Court of Appeal                         real and serious risk of law                law in relation to privilege is now far
has clarified the boundaries of legal                           enforcement       and/or      regulatory    more closely aligned to that in the US.
professional privilege. The judgment                           intervention, including criminal            The Court of Appeal explicitly
realigns the UK’s position on privilege in                     prosecution’ was sufficient basis to          acknowledged in its judgment that it was
criminal investigations with that of other                     conclude that litigation – in the form      advantageous         to     multinational
common law jurisdictions by taking a                           of a criminal prosecution – was in          companies for there to be some
common sense approach and more                                                                             ‘commonality’ in privilege law across
readily protecting the work of lawyers                                                                     common law countries.
and other advisors. This decision will be                      As a result of this decision,                  In addition, the Court of Appeal
of great interest to companies who deal                         English law in relation to                 commented on one of the thornier
regularly      with      regulators      and                                                               questions of English law on privilege:
prosecutors in the UK (such as the FCA                          privilege is now far more                  who is the client? In a case known as
and SFO) or are involved in multi-                               closely aligned to that                   Three Rivers (5), the House of Lords had
jurisdictional investigations.                                                                             held that, in companies, the client was
   The key elements of the judgment are
                                                                        in the US.                         whoever was instructed to give or receive
as follows:                                                                                                legal advice. The Court of Appeal noted
                                                               reasonable contemplation, notwith-          that while it did not have grounds to
1. The test for the application of                             standing that the SFO had not yet           depart from a decision of the House of
   litigation privilege in English law is                      commenced a criminal investigation,         Lords, it was of the view that the rule in
   whether or not litigation is in                             let alone a prosecution.                    Three Rivers (5) was more appropriate to
   reasonable contemplation. In criminal                    2. Litigation privilege applies to:            the 19th Century. In this regard, the
   proceedings (as has long been                               a. Notes of interviews.                     Court of Appeal acknowledged that in
   acknowledged to be the case in civil                        b. Documents containing the factual         large, complex, multinational companies
   proceedings) whether or not litigation                         evidence presented by a company’s        the information needed to seek legal
   is in reasonable contemplation is a                            external lawyers to the company’s        advice is not often in the hands of the
   question of fact. The Court of Appeal                          board.                                   board or those who are specifically
   explicitly rejected the first instance                       c. Reports created by an external firm       authorised to seek legal advice (e.g., the
   judge’s proposition that in criminal                           of forensic accountants.                 general counsel). Accordingly, if a
   proceedings litigation can only be said                                                                 multinational company cannot ask its
   to be in reasonable contemplation                           The Court of Appeal considered that         lawyers to obtain the information needed
   once the prosecutor has satisfied the                     the above-listed material was created at a     to give advice (including from employees
                                                            time when litigation was reasonably in         with the relevant first-hand knowledge)
                                                            contemplation and that the documents           knowing that it is protected by legal
  the enrC decision can be located at:                      had been brought into existence for the        privilege, then multinational companies
  https://www.bailii.org/ew/cases/EWCA/Civ/2018/2006.html   dominant purpose of resisting or               will be in a less advantageous position
                                                            avoiding criminal proceedings.                 than smaller, less complex ones. n

11 Trade Security Journal Issue 9
TALKING TRADE SECURITY

                                                                                                      ROBERT ESSEL

Look, listen and learn
An increased awareness of potential liabilities for human rights violations in international supply
chains, means companies are well advised to have a good understanding of suppliers’ practices and
worker treatment. Trade Security Journal meets Li Qiang, founder of China Labor Watch, to find out
what questions companies with manufacturing operations in China should be asking.

12 Trade Security Journal Issue 9
TALKING TRADE SECURITY

e
      arlier this summer, Trade Security      glen Kelley (‘gnK’): I’ve read your bio on
      Journal editorial board member          the CLW website. Could you tell me a            about China Labor Watch
      Glen Kelley visited the offices of        little more about how you decided to
                                                                                              CLW views Chinese workers’ rights as
fellow New Yorker Li Qiang to discuss         focus full time on shining a spotlight on
                                                                                              inalienable human rights and is
working conditions and the role of            labour conditions and labour rights in
                                                                                              dedicated to workers’ fair share of
multinationals in China.                      China?
                                                                                              economic development under
    These are, of course, interesting times   LI QIANG (‘LQ’): Earlier in life I was a
                                                                                              globalization.
for US-Chinese relations: indeed, they        worker at a state-owned enterprise
                                                                                                  CLW increases transparency of
verge on the acrimonious, with the US         (‘SOE’) in China. I had a licence to
                                                                                              supply chains and factory labor
government alleging that China is in          practise as an attorney. I felt that the
                                                                                              conditions, advocates for workers’
breach of WTO rules – and looking to          SOEs were treating workers unfairly – for
                                                                                              rights, and supports the Chinese labor
plunder US technological advances for         example, only the leadership received
                                                                                              movement.
the country’s own gain. Meanwhile,            housing benefits.
                                                                                                  Founded in 2000, China Labor
many US companies say they can keep                In 1997 I was almost detained in
                                                                                              Watch (CLW) is an independent not-
up with consumer demand only by               Sichuan by Chinese officials, for activities
                                                                                              for-profit 501(c)(3) organization. Over
taking advantage of China’s cheap             including giving legal advice to laid off
                                                                                              the past 17 years, CLW has
labour supply. And in so doing, say           workers. I fled to Guangdong and found
                                                                                              collaborated with unions, labor
campaigners like Mr Li, they may well         conditions for workers were even worse
                                                                                              organizations, and the media to
find themselves complicit with a mode          in privately-owned companies that had
                                                                                              conduct in-depth assessments of
of production that disregards worker          received foreign investment than in the
                                                                                              factories in China that produce toys,
rights in favour of profit.                    SOE factories.
                                                                                              bikes, shoes, furniture, clothing, and
    Mr Li is the founder of the advocacy           Since then we have sent people into
                                                                                              electronics for some of the largest
group China Labor Watch (‘CLW’). He           factories producing goods for many
                                                                                              multinational brand companies. CLW’s
moved to the United States in 2000. Prior     major MNCs (multinational companies)
                                                                                              New York office creates reports from
to that time, Li Qiang played a leading       including Nike, Walmart and Toys R Us,
                                                                                              these investigations, educates the
role in organiSing networks of labour         to work and research the conditions
                                                                                              international community on supply
activists, researching factory labour         there. People from many of the Fortune
                                                                                              chain labor issues, and pressures
conditions, and conducting worker             500 companies have visited our offices
                                                                                              corporations to improve conditions for
education and legal assistance                over the years, to discuss labour issues in
                                                                                              workers.
programmes in China. Since then, CLW          their factories in China.
has conducted over 400 assessments of
                                                                                              source: http://chinalaborwatch.org
labour conditions in Chinese factories        gK: What do you consider to be the main
making products for multinational             labour and related civil rights concerns in
companies across industries ranging           China today?                                  A lot of officials in the Communist party
from furniture to shoes, stationary to        LQ: One of our first and main concerns is      have strong interests in the way factories
toys, and garment to electronics. The         that the factories are violating Chinese      in China are functioning. Multi-national
assessments typically use a combination       labour laws, for example the working          companies and Chinese factories have
of undercover investigation and off-site       hours. Another primary concern is that        very strong economic interests in how the
worker interviews. In some cases, CLW’s       workers still do not have real freedom of     factories are functioning.
efforts have resulted in workers being         association. Workers have to put in a lot         Given these strong countervailing
paid substantial amounts of owed back         of overtime now just for a sustainable        interests, because workers don’t have the
pay or other significant improvements in       standard of living.                           freedom of association, the ability to
workers’ rights and working conditions.                                                     organise to protect their rights, it means
    Glen Kelley is partner at the             gnK: So it seems that it’s a problem with     it’s hard to implement the labour laws
international trade law firm Jacobson          Chinese laws not being followed, but also     that do exist in China. Factories take a
Burton Kelley PLLC, based in New York.        it seems the laws are not set up well to      more targeted (reactive) approach when
His practice focuses on economic and                                                        it comes to rights.
trade sanctions, export controls, anti-
corruption, anti-money laundering and
                                                  ‘One of our first and main                    For example, if workers complain,
                                                                                            that’s when factories go ahead and
national security law. Prior to joining the     concerns is that the factories              actually try to abide by the laws. [But] the
firm, Glen was the chair of the regional
leaders of the global sanctions and trade
                                                 are violating Chinese labour               penalties [for breaching labour laws]
                                                                                            aren’t sufficiently heavy to be effective –
group of a leading international law                laws, for example the                   so it is still more profitable to exploit their
firm. Glen has served as an Attorney                    working hours.’                      workers. These are still major problems
Adviser at the US Department of State.                                                      even though the law is still being better
    All Mr Li’s comments were voiced by                                                     implemented than it was in 2000.
Elaine Lu, a Program Officer at China           protect workers from very bad
Labor Watch who interpreted the               conditions. Do you think that’s fair to say   gnK: Okay. So, how is CLW trying to
interview. There are points in the            – that there’s also a need to change to       shine a light on these concerns and bring
conversation where Ms. Lu has added           laws as well as applying and enforcing        about change?
her own comments based on her                 them?                                         LQ: We continue to do a lot of factory
understanding of and familiarity with         Li Qiang: The most important thing is for     research and investigations and we target
Mr Li’s thinking.                             workers to have freedom of association.       the    MNCs’       products    that   are

13 Trade Security Journal Issue 9
TALKING TRADE SECURITY

manufactured in China to try highlight           changes to the conditions for their                products, so the wage increases are not
the rights of workers.                           dispatch workers [a type of temporary              really benefiting workers in the long run.
   Some of these MNCs, such as Apple             worker status not entitled to the rights of            A lot of the MNCs that have moved
and Samsung, have made changes in                full-time employees under Chinese law].            their factories to other countries from
their factories after we have released our       The majority of [them] started to be               China have done so [for reasons besides
reports. On the other hand, when we              converted to regular workers, which was            the increase in labour costs]. And
investigated [certain] Chinese companies,        important because [previously] there               workers are also the victims of this.
we actually received a lot of retaliation        were too many dispatch workers at                      If you break down the revenues from
from the Chinese government through              Foxconn.                                           manufacturing operations in China, first
the local public security bureau [police            After we released a report on one of            a large portion goes to the companies’
office].                                           Apple’s suppliers, they paid back their            profits.      Second,       the     Chinese
   But we have seen that some of these           workers 3.7 million RMB in overdue                 government’s revenues [taxes, licensing
companies do make changes and we try             wages.                                             and other fees] are a large portion. Then
to identify and target companies that                                                               the bank [financing, interest payments
may be willing to do so. Increased               gnK: In the last few years, a lot of               etc] costs and property costs are a large
freedom of association in their factories        multinational companies have been                  portion. Out of the total profits [revenues
provides support and resources for the           focused on the rising cost of                      generated from manufacturing done in
local NGOs to really push for freedom.           manufacturing in China, including rising           China], labour costs only take a really
                                                 labour costs. I think there’s an                   small share of the pie. So even if they
gnK: Is there just one CLW office in China?        assumption that labour rights must be              gave more to workers, manufacturing
LQ: We used to have two, but last year           improving because wages are rising. Is             costs could nonetheless decrease. The
our Shenzhen office closed because of the          the average worker actually seeing a lot           Chinese government gets a share. The
Ivanka Trump investigations. The                 of benefit from those increases in the              banks get a share. MNCs get a share, so
government took all of our computers             cost of production? Are the conditions in          in the end no-one wants to give way and
and everything.                                  China really improving?                            say, ‘Let’s give more money to workers.’
                                                 LQ: I don’t believe that there are                 That’s why attention has been focused on
gnK: Recently, it seems like there have          improvements for workers. It’s really              the labour costs.
been some CLW investigations that get a          [inflation]. The prices of consumer
lot of attention. Ivanka Trump products          products have increased and that’s                 gnK: Are there any steps being taken by
was one. Another is Amazon.com which I           what’s pushed the increase in wages                the Chinese government to address any
think is working with Foxconn. They              more than anything else. Property prices           of these concerns regarding labour
attracted a lot of coverage for your             have increased, and basically products             conditions, labour rights? For example,
activities. Does that help, or is it more of     like eggs, vegetables, meat, these prices          [are] there reforms of the official labour
a distraction?                                   have also increased in China as well. We           unions? Is that something that’s still
LQ: Generally, it is helpful; for example        can say that workers’ wages have                   being discussed in the government?
in the Amazon case, Foxconn made some            increased but so have the costs of basic           LQ: The steps that are taken are very

TSJ editorial board member, Glen Kelley met Li Qiang at the China Labour Watch offices this summer.

14 Trade Security Journal Issue 9
You can also read