A recent report disclosing the purchase earlier this year of a 23-acre industrial site in Nashua, New Hampshire by a Chinese billionaire for $67 million USD has sparked national security concerns, particularly given the site’s proximity to several prominent defense contractors, including BAE Systems and other firms providing services under sensitive U.S. government contracts. While the transaction has drawn public and media attention, an accurate legal assessment of the matter requires careful consideration of the regulatory framework imposed by the U.S. Committee on Foreign Investment in the United States (CFIUS), most notably the implementing regulations administered by the U.S. Department of the Treasury (Treasury) at Parts 800 and 802 of Title 31 of the Code of Federal Regulations. Detailed below are the key considerations, beginning with an examination of the geographic setting of the industrial site in the northeastern United States.
Location and Context
Nashua, New Hampshire is in close proximity to multiple defense contractor facilities and federal operations in the greater New England corridor. The site reportedly was acquired for industrial use, potentially in the bottled water sector, although current use, employment generation, and tax contributions remain publicly unclear. Although CFIUS jurisdiction is assessed based on the circumstances existing at the time of acquisition, the additional facts surrounding the site continue to carry weight in shaping public perception and national security narratives.
Covered Control vs. Covered Real Estate Jurisdiction
Although the transaction appears real estate-focused, its characteristics suggest it likely constituted a “U.S. business” under Part 800. Again, under CFIUS rules, jurisdiction is assessed at the time of acquisition, not based on post-closing development activities. Federal courts and CFIUS interpret the term “U.S. business” broadly[1] such that the acquisition of even minimal commercial rights—such as permits, easements, or contracts, in conjunction with real property—may suffice to trigger Part 800 jurisdiction.
In transactions involving majority or full ownership acquisitions (i.e., foreign “control” is obtained), even though the deal involves real estate, it very likely would be treated as a “covered control transaction” under Part 800 and not as a “covered real estate transaction” under Part 802. This follows from 31 C.F.R. § 802.216(b), which states that if a transaction is subject to Part 800, it is automatically excluded from coverage under Part 802. Notably, the framework does not impose a hierarchy or heightened standard of review; rather, it establishes a jurisdictional threshold that, once met, preempts other review processes.
Greenfield vs. Covered Real Estate Investments
CFIUS cannot assert jurisdiction merely because foreign ownership exists. If the transaction truly involved only undeveloped land or assets not engaged in commercial activity at the time of acquisition (i.e., a greenfield investment), there may be no reviewable transaction under the relevant regulations. Instead, a separate basis for jurisdiction must exist, such as a non-excepted investor acquiring “covered real estate”—defined as certain real estate interests located in close proximity to pre-identified, U.S. Government-owned military installations.
Chinese Ownership and Heightened Risk Perception
Where Chinese acquirers are involved, CFIUS inherently applies heightened scrutiny. Treasury, as chair of the interagency, may even presume that certain Chinese investors—even those privately incorporated—are subject to government influence or control. This increases the likelihood of a heightened review and the potential for mitigation or a divestment order, even if a minority or non-controlling “covered investment”[2] is acquired but in a highly sensitive U.S. business. Notably, mandatory CFIUS jurisdiction is broader for acquirers deemed to be foreign government-owned or controlled. In such cases, the mandatory filing requirement applies not only to transactions involving “critical technologies,’” but also where the U.S. business performs other enumerated sensitive functions—such as operating “critical infrastructure” or collecting or maintaining “sensitive personal data” of over one million individuals, including U.S. citizens.
Congressional and Publius Pressure vs. CFIUS Process
While elected officials may publicly demand CFIUS action on a given transaction, these calls typically have little effect on the actual review process. CFIUS’s reputable non-notified team is well-resourced, supported by daily intelligence briefings, and already prioritizes all known Chinese-origin transactions. The fact that a transaction garners public attention should not materially influence the outcome of CFIUS’s review. Moreover, public attention has no bearing whatsoever on the Committee’s jurisdictional determination, which is governed strictly by statutory and regulatory criteria.
Confidentiality and Non-Notified Reviews
CFIUS filings are confidential by law. While this transaction is widely presumed to be non-notified, it remains possible that a review is already underway—for example, if the acquirer submitted a filing but has not publicly disclosed its engagement with CFIUS or related compliance efforts. If the target qualifies as a TID U.S. business and the acquirer is foreign government-controlled, a mandatory filing (barring certain exceptions, notably the acquirer qualifying as an “excepted investor”[3]) would have been required no later than 30 days before the transaction’s completion date.[4] However, the absence of enforcement actions (which are public) or related disclosures to date may suggest that the transaction fell outside the scope of CFIUS’s mandatory jurisdiction.
Appendix A and Real Estate Jurisdiction Limits
CFIUS real estate jurisdiction under Part 802 is limited to proximity to U.S. government-owned or operated sites listed in Appendix A. That list does not encompass privately owned defense contractor sites, even where such facilities perform sensitive functions or hold Facility Security Clearances (FCLs). Specifically, real estate jurisdiction is triggered only by proximity to specific U.S. Government-owned sites—either within one mile of facilities listed in Part 1 of Appendix A, or within 100 miles of certain highly sensitive sites designated in Part 2. These proximity limits may apply even in urban areas, subject to certain exemptions.[5]
The MineOne Case as Precedent
The 2024 Presidential Divestment Order targeting Chinese-owned MineOne Wyoming Data Center, LLC (MineOne) illustrates how proximity to a sensitive contractor site may be treated. In that case, MineOne was operating a bitcoin mining facility in close proximity to a Microsoft-leased data center handling classified information for the Defense Information Systems Agency, a component within the Department of Defense. However, this proximity did not create regulatory jurisdiction; rather, MineOne’s North Range facility was also in close proximity to Francis E. Warren Air Force Base — a site listed in Part 1 of Appendix A. That said, the close proximity of Microsoft’s presence and sensitive activities likely influenced CFIUS’s risk assessment—ultimately contributing to its formal recommendation to the President, following an extensive review, to unwind the transaction—once jurisdiction under Part 802 had been established. This demonstrates a core principle: vulnerabilities—even significant ones—do not confer jurisdiction. Rather, they are assessed—often with substantial weight—only after jurisdiction is independently established. Coincidentally, Andrew Astuno was retained to testify as an expert witness on CFIUS-related issues in federal litigation successfully brought by a Wyoming-based services provider against MineOne following its ordered divestment (See Civil Action No. 23CV-79-ABJ – U.S. District Court for the District of Wyoming).
Defense Contractors and Contracting Agency Actions
Contractors determined to be operating in proximity to recently acquired sites by foreign persons may become subject to unilateral or enhanced security requirements imposed by their contracting agencies. These requirements may be triggered independently of any CFIUS action, pursuant to pre-existing contractual clauses that allow the government to reassess or modify security obligations in response to evolving risk assessments. Separately, similarly situated government contractors may face increased scrutiny or obligations from the Defense Counterintelligence and Security Agency (DCSA) or other relevant agency security offices, particularly where classified contracts or facility clearances are involved. Notably, Seiden Law’s Regulatory Group is available to represent government contractors in addressing these strategic and contractual challenges, including engagement with agency security officials, mitigation planning, and compliance with DCSA and CFIUS-related obligations.
Key Takeaways
- Proximity to sensitive sites—including contractor-operated ones—does not trigger jurisdiction under Part 802, unless the site is government-owned and listed in Appendix A.
- However, once CFIUS jurisdiction is established under Part 800 or 802, proximity to sensitive facilities will be considered as part of the national security risk analysis. See again the MineOne case study.
- Treasury could, in theory, amend Appendix A to include certain privately operated contractor sites; however, doing so would require formal rulemaking and raise significant regulatory and constitutional concerns. In particular, such an expansion would implicate the Fifth Amendment, which affords robust property rights and protections to private landowners. (Because this would involve federal—not state—action, it would not implicate the Fourteenth Amendment, but rather the Due Process Clause and Takings Clause of the Fifth Amendment.) Expanding Appendix A to regulate land use based solely on proximity to sensitive activities would likely prompt legal challenges on the grounds that such regulation is either impermissibly vague or constitutes a regulatory taking—effectively depriving property owners of economically viable use of their land without just compensation.
- Contractors determined to be operating in proximity to recently acquired sites by foreign persons—particularly non-excepted investors—may become subject to unilateral or enhanced security requirements imposed by their contracting agencies. These requirements may be triggered independently of any CFIUS or DCSA action, pursuant to pre-existing contractual clauses allowing the government to reassess or modify security obligations in response to evolving risk assessments.
- The latest reported $67 million USD acquisition in New Hampshire by China’s largest bottled water company underscores the expansive jurisdictional reach of Part 800: even transactions that appear to involve only real estate may, in fact, constitute a covered acquisition of a U.S. business. Accordingly, proximity concerns arising from co-location with privately operated facilities leased to sensitive government contractors—while very real—are already substantially addressed under the existing scope of Part 800. This regulatory authority remains remarkably broad and, at times, unanticipated in its reach and, in the author’s assessment, indicates that the current framework effectively mitigates the need for any immediate expansion of Appendix A under the CFIUS real estate rules.
For further information or case-specific CFIUS analysis, please contact Andrew Astuno or one of Seiden Law’s other Regulatory Group practitioners. Our firm’s regulatory practice is also well-equipped to represent government contractors in their engagements with agency security officials, including mitigation planning and ongoing compliance efforts.
Acknowledgment: Special thanks to Albert Schultz, President of Kaerus Consulting LLC—a firm of former intelligence officers specializing in CFIUS, DCSA, and Team Telecom matters—for his inspiration to evaluate this matter and related insights.
Disclaimer: The information contained herein is provided for educational and informational purposes only and does not constitute legal advice. Recipients of this material should not act or rely upon it without seeking independent legal counsel. This communication does not create, and is not intended to create, an attorney-client relationship between Seiden Law LLP and any recipient or other party.
[1] See, e.g., Ralls Corp. v. CFIUS, 758 F.3d 296, 308 (D.C. Cir. 2014) (noting the breadth of CFIUS authority); 31 C.F.R. § 800.252 (defining “U.S. business” as “any entity, irrespective of the nationality of the persons that control it, engaged in interstate commerce in the United States”).
[2] 31 C.F.R. § 800.211, referring to an investment in a “TID U.S. business” (defined at 31 C.F.R. § 800.248 to mean any U.S.-based company that produces, designs, tests, manufactures, fabricates, or develops one or more critical Technologies, (b) performs specified functions related to covered investment critical Infrastructure, or (c) maintains or collects sensitive personal Data on greater than one million individuals, including U.S. citizens).
[3] An “excepted investor” is a foreign person who meets the criteria under 31 C.F.R. § 800.219, including being from an “excepted foreign state” (e.g., the UK, Australia, New Zealand or Canada) and satisfying specific ownership, governance, and compliance requirements, thereby exempting them from CFIUS jurisdiction over certain non-controlling investments and real estate transactions.
[4] 31 C.F.R. § 800.206 (defining “completion date” as the earliest date upon which any ownership interest is conveyed, assigned, delivered, or otherwise transferred to a person). In a transaction where the ownership interest is conveyed before the foreign person receives the corresponding rights, the “completion date” is the earliest date upon which the foreign person acquired any of the equity interest. See pertinent FAQs on CFIUS’s website, updated in May 2023 and available online at: https://home.treasury.gov/policy-issues/international/the-committee-on-foreign-investment-in-the-united-states-cfius/cfius-frequently-asked-questions
[5] 31 C.F.R. § 802.216(c), establishing an “urbanized area” or “urban cluster” exemption which may exclude certain transactions from CFIUS jurisdiction if the property is located entirely within an urbanized area and not in close proximity to a pre-identified sensitive site.