Merger Control and National Security – Potential Impact on Technology and Communications Infrastructure

Background

Earlier this year, the UK Government further extended its powers to review mergers in certain key strategic sectors on national security grounds (read more here). The additional sectors added were artificial intelligence, cryptographic authentication and advanced materials. The changes came into force on 21 July 2020.

The new powers follow changes made by the Government in 2018 to increase its ability to intervene in mergers involving the acquisition of businesses active in the following sectors: dual use/military use, computing hardware and quantum technology.

Further powers to undertake national security reviews of investments in the UK are expected to be proposed shortly as part of a new National Security and Investment Bill. The Bill is likely to build on proposals set out in a 2018 Government White Paper on National Security and Investment. We take a look at the recent changes as well as the proposed Bill and consider what this might mean for companies involved in technology and communications infrastructure.

What are the most recent changes?

The Government can intervene on public interest grounds, including national security, in mergers that qualify for review under the UK merger control rules or the EU merger regulation, as well as mergers involving certain defence contractors which have been notified that they hold confidential information.

In 2018, the Government amended the jurisdictional thresholds under the UK merger control rules in relation to transactions in three areas: the dual use and military use sector, computing hardware and quantum technology.

The Government recently extended the application of these amended thresholds to mergers involving target businesses in three additional areas: artificial intelligence, cryptographic authentication and advanced materials.

The amended thresholds are that a transaction involving a target active in any of these areas will be caught if:

• the UK turnover of the target exceeds £1 million (the normal threshold is £70 million); or
• the target supplies or acquires goods or services in any of these areas that account for at least 25% of those goods or services supplied or acquired in the UK or a substantial part of it (the normal threshold, which continues to apply as a separate threshold, is that the transaction must increase the share to 25% or more, meaning that both parties have to supply or acquire the same goods or services in order for the transaction to be caught).

What is the impact of the most recent changes?

The effect of the most recent changes is that, in the additional areas of artificial intelligence, cryptographic authentication and advanced materials, a much greater number of transactions now qualify for review under the UK merger control rules than was previously the case – and therefore are potentially at risk of intervention both by the Competition and Markets Authority (CMA) on competition grounds and the Government on public interest grounds (including, but not only, national security).

That said, the CMA has issued guidance indicating that it does not expect the changes to bring about a material change in its approach to the assessment of mergers on competition grounds in these areas.  It is also worth noting that the changes not only apply to transactions involving foreign investment – they also apply to purely domestic transactions.

Where the Government decides to intervene on national security grounds, it can clear the merger (where it considers no concerns arise) or, if it considers that there are concerns, make clearance conditional on certain remedies being put in place or block the merger.

What is covered by artificial intelligence, cryptographic authentication and advanced materials?

According to the Government’s guidance:

• Artificial intelligence refers to technology enabling the programming, or execution of a computational process capable of undertaking complex tasks commonly associated with human intelligence. These tasks are often data intensive, including but not restricted to analysis, decision making, image processing and recognition, natural language understanding, autonomous operation in complex domains, reflection or introspection.
• Cryptographic authentication enables information to be protected whilst in storage or in transit by making it inaccessible or unreadable by everyone except those who have the information needed to access or read it.
• Advanced materials include materials that are capable of modifying (including in real time) the appearance, detectability, traceability or identification of any object to a human or to sensors within the range 1.5e13 Hz up to and including ultraviolet and alloys that are formed by chemical or electrochemical reduction of feedstocks in the solid state.

Although the provisions cover a broad range of areas, the Government has indicated that it does not intend to use its powers to intervene where the relevant target’s products and systems are generally available to the public and for use by consumers. Examples given include virtual artificial intelligence assistants that are capable of undertaking certain actions by voice commands and authentication by means of username and password access, in order to log on locally to computers running consumer operating systems.

Critical National Infrastructure

One of the important reasons cited for the recent changes included the changing national security threat in particular with regard to cyber-threats and hostile activity undertaken either using or taking advantage of new technologies and targeting, amongst other things, critical national infrastructure. If we think about how internet connectivity has been integrated into daily life as well as supply chains for most essentials, we can see how hostile activity to target technology and communications systems could be more detrimental than ever. The Government wants to make sure it has the powers necessary to deal with threats that could arise from mergers involving such businesses.

According to the Centre for the Protection of National Infrastructure (CPNI) the following are considered national infrastructure sectors in the UK: Chemicals, Civil Nuclear, Communications, Defence, Emergency Services, Energy, Finance, Food, Government, Health, Space, Transport and Water (read more here). Not everything within this would be considered “critical” and the Government’s official definition of critical national infrastructure is:

“Those critical elements of infrastructure (namely assets, facilities, systems, networks or processes and the essential workers that operate and facilitate them), the loss or compromise of which could result in:

1. a) Major detrimental impact on the availability, integrity or delivery of essential services – including those services whose integrity, if compromised, could result in significant loss of life or casualties – taking into account significant economic or social impacts; and/or
2. b) Significant impact on national security, national defence, or the functioning of the state.”

Considering this, we can see how investments in technology and communications infrastructure, and the companies that operate in this space, could fall under scrutiny. If not under the recent amendments to the Enterprise Act 2002, then potentially under future further amendments to that Act (e.g. to add additional “public interest” grounds as described in Section 58 of that Act) or under proposals in the new National Security and Investment Bill.

What else might be proposed in the National Security and Investment Bill?

An important focus of the bill was noted by the Government (read more) as being to strengthen the Government’s powers to scrutinise and intervene in business transactions (takeovers and mergers) to protect national security. The Government also wants to “ensure that hostile parties cannot circumvent the law by acquiring an asset that has national security implications, such as intellectual property, rather than acquiring the business itself” amongst other things.

We highlight this extract in particular as it has interesting implications: while a broad range of transactions structured as share sales can be caught by the existing rules, the National Security and Investment Bill might also extend the intervention to cover the acquisition of assets, where there are national security implications. While the background paper calls out intellectual property, presumably all manner of other assets could be caught by this, particularly if they were necessary for critical national infrastructure or had other national security implications.

Implications for Technology and Communications Infrastructure

Mergers and acquisitions in the technology and communications infrastructure sector (whether by share sale or asset sale) could be subject to more detailed review, particularly where the delivery of essential services is involved.

The Government is likely already reviewing those other parts of our infrastructure where foreign direct investment requires additional scrutiny, such as critical suppliers (which would include technology suppliers) to businesses which are involved in specific security-sensitive categories of work and land which is proximate to sites which are sensitive for national security reasons. 

However, it seems that not only is the law imposing specific requirements in this area but contracting parties themselves are going beyond the merger control rules and imposing additional hurdles or consent requirements for such transactions.

We have already observed in practice an increasing sensitivity towards change of control in the technology and communications infrastructure space. An important instance of this being data centre customers scrutinising in great detail any change to the ownership of the data centre facility and imposing change of control restrictions in their contracts.

This is particularly important to pick up at the negotiating stage when you can consider alternatives to change of control restrictions, rather than leaving this to become another hurdle at the transaction stage, which together with any merger control notifications and clearances that may need to be obtained can slow things down and add complexity to the project.

This article was written by Tanya Wilkie and Paul Stone. For more information, please contact Paul on +44 (0)20 7203 5110 or at paul.stone@crsblaw.com.