D.C. Circuit Rejects Environmentalist Arguments, Sides with Industry over TSCA CBI Rule

EPA’s 2023 rule revising confidential business information (CBI) claims under the Toxic Substances Control Act (TSCA) is only unlawful insofar as it could lead to certain inadvertent waivers of confidentiality by downstream entities, the D.C. Circuit ruled on December 20, 2024.

The case, Environmental Defense Fund v. EPA, No. 23-01166, consolidated petitions from the Environmental Defense Fund (EDF) and the American Chemistry Council (ACC).  EDF’s arguments in favor of narrower confidentiality protections were rejected by the court, whose ruling leaves EPA’s CBI rule largely intact.

However, the court agreed with ACC’s challenge to a provision in the rule that allowed downstream entities to waive CBI protections put in place by the upstream manufacturer when reporting information to EPA.  Specifically, ACC argued that the rule’s requirement that downstream entities assert and substantiate confidentiality claims for chemical identities reported via an “accession number” is arbitrary and capricious.  Under the CBI rule, if “any submitting entity fails to substantiate a confidentiality claim for a chemical identity…the chemical identity is no longer entitled to confidential treatment.”

Accession numbers are non-confidential identifiers assigned to chemicals whose identities are claimed as CBI.  Downstream entities reporting information to EPA using an accession number may have no knowledge of the chemical’s actual identity, the court noted, and may not have any incentive to keep it secret.  Nor would they necessarily have the information needed to adequately substantiate a claim, the opinion continues.

“This regulatory scheme cannot be squared with the commands of the statute, which require EPA to protect from disclosure chemical identities for which CBI claims have been properly assessed,” the court held, vacating the CBI rule “to the extent it allows for the unlawful disclosure of confidential information.”

Key Provisions are “Best Reading”

EDF challenged three provisions of the CBI rule.  The court rejected these challenges, explaining that EPA’s positions were  consistent with the “best reading” of the statute—the new legal framework adopted by the Supreme Court in Loper Bright v. Raimondo, the decision that struck down Chevron deference.

EDF argued that the rule’s use of “permissive” language and revised timeframe for when a CBI claim must first be substantiated were arbitrary and capricious.  However, the court found that the CBI rule sufficiently justified why those changes were necessary.  The permissive language at issue included a provision allowing EPA discretion in whether to disclose information that has lost CBI protection, unlike earlier regulations requiring its immediate and automatic release.

EDF also challenged the scope of the CBI rule’s definition of a “health and safety study,” which are statutorily ineligible for CBI protection.  EDF contended that the definition should include the entirety of any written report submitted to EPA that presents findings of a health and safety study, including information like the identity of the company submitting the report and the name of the lab that conducted the study—information which is currently eligible for CBI protection.  The court disagreed, holding that the statutory definition of health and safety study “suggest[s] that the term refers only to the evaluation of a chemical’s health and environmental effects, not the entire document containing that evaluation.”

More on the CBI rule can be found in a previous blog post.  An earlier post on this case, written after EDF filed its statement of issues, can be found here.

Environmental Group Petitions for Review of EPA’s New Confidential Business Information Rule

On June 29, 2023, the Environmental Defense Fund (EDF), a non-profit organization, filed a petition in the US Court of Appeals for the District of Columbia requesting a review of EPA’s recently finalized rule Confidential Business Information Claims Under the Toxic Substances Control Act (TSCA) (88 FR 37155).  As described in a previous Verdant Law blog post, the final rule implements new requirements for the assertion and treatment of TSCA confidential business information (CBI) claims in light of the Lautenberg Amendments to TSCA.

In a non-binding statement of issues filed August 21, EDF listed the following as preliminary issues to be raised in the petition: whether the final rule is arbitrary, capricious, an abuse of discretion, or otherwise contrary to law because…

  1. It would allow submitters to assert CBI claims to shield the information from the public that TSCA makes categorically ineligible for CBI protection;
  2. It would not require substantiation or EPA review of a CBI claim that was asserted before a chemical’s commercialization for specific chemical identity once the chemical is commercialized;
  3. It unlawfully adopts a regulatory definition of “health and safety study” that is narrower than the TSCA definition, denying TSCA-mandated public access to important information on chemicals;
  4. The Agency purports to give itself unlawfully broad discretion through its regulations where TSCA imposes a duty upon the Agency; or because
  5. It reduces the transparency previously required under EPA’s CBI review procedures without adequate justification.

Briefs have not yet been filed, and EDF did not file a memorandum detailing its positions, so no additional information on EDF’s positions is currently available.

EPA Finalizes TSCA CBI Rule

On June 7, 2023, EPA finalized a rule (88 Fed. Reg. 37155) that puts forth new and amended requirements for parties asserting confidential business information (“CBI”) claims under the Toxic Substances Control Act (“TSCA”). The new rule details specific procedures for the regulated community to submit and support CBI claims and for the Agency to review CBI claims and communicate their determinations to submitters. Additionally, the rule reorganizes existing provisions of the CBI regulations.

The following are the most substantial changes to procedures for submitting and supporting CBI claims under TSCA:

Substantiation Requirements Applicable at Time of Submission

The rule requires that confidentiality claims be asserted and substantiated at the time of submission; substantiation data requires submissions of supporting statements and certification, including but not limited to asserting that the party has taken reasonable measures to protect the confidentiality of the information, and a reasonable basis to believe that the information is not readily available through reverse engineering. (40 CFR 703.5(a)).

Supporting Statement and Certification

Certification of CBI claims is required at the times the statements are submitted.  Submitters will be required to answer a number of questions, many or all of which have been used for some time in EPA’s CBI substantiation templates and certain CDX submissions (e.g., CDR).  Submitters should note that certifications are submitted under penalty of perjury; any knowing and willful misrepresentation is subject to criminal penalty pursuant to 18 U.S.C. § 1001.

Electronic Reporting

The final rule mandates that short of very limited exceptions, all CBI claims must be submitted electronically. This requirement is detailed in 40 CFR 703.5(f). Parties should be particularly conscious of this with TSCA Section 8(e) reporting, notifications under TSCA Section 12(b), and polymer exemption notices under TSCA Section 5 because this rule is the first mandating these types of reporting are to be done electronically.

Requirement to Report Health and Safety Information Using Organization for Economic Cooperation and Development (“OECD”) Harmonized Templates

Under the final rule, health and safety information must be provided using OECD harmonized templates. This is in addition to existing requirements that require submitters to provide a full study report. According to the Federal Register notice, the Agency will elaborate on instructions for including OECD harmonized template files (e.g., currently acceptable file types and IUCLID software versions). This requirement can be found at 40 CFR 703.5(g).

Maintenance and Withdrawal of Confidentiality Claims

EPA is requiring that, going forward, company contact information be kept up to date through CDX. When contacting a submitter concerning confidentiality claims, EPA will contact the submitter either through CDX directly or using the contact information provided by the submitter in CDX. When a confidentiality claim is being reviewed, a notice of the review and opportunity to substantiate or re-substantiate the confidentiality claim will be sent to the submitter using the information provided in CDX. Often, this will be done by sending the submitter an email from a CDX account notifying them that a document is available for download from CDX, which is why it is particularly important to have up-to-date information within the CDX platform. The details of this requirement are within 40 CFR 703.5(h).

EPA has also detailed the process for voluntarily withdrawing confidentiality claims submitted either in CDX or by other means. (40 CFR 703.5(i)). For CDX-submitted claims, the submitters must remove confidentiality markings, revise their documents, and resubmit these documents in CDX. For submissions not originally submitted through CDX, there is now a process for withdrawing the CBI claims through CDX using document-identifying details.