By Kevin Beyer (January 8, 2019, 1:31 PM EST) -- Divestitures have become a frequent component of transactions subject to the Committee on Foreign Investment in the United States mitigation terms. Transactions relative to majority foreign ownership of a U.S. company involving critical infrastructure are subject to the CFIUS review process, which frequently end in mitigation where the companies are subject to a national security agreement or letter of assurance agreeing to mitigation terms raised by the committee. Exactly what is to be divested is unique to each deal. Items defined as protected data such as personally identifiable information or intellectual property, such as source code, are common sources of data subject to divestiture. However, while data sources may vary, one thing in common and built into most mitigation agreements is that the data divested be done so in a manner that it is irretrievable....