Publications Archives

Amer Ahmed, Anne Champion, Connor Sullivan, and Apratim Vidyarthi cover significant developments in newly-issued Supreme Court decisions in the 2023–24 term involving the First Amendment, following up on a previous webinar covering current First Amendment issues.

PANELISTS:

Amer S. Ahmed is a partner in the New York office of Gibson, Dunn & Crutcher. He is a member of Gibson Dunn’s Litigation; Trials Practice; Appellate and Constitutional Law; and Media, Entertainment and Technology Practice Groups. Amer’s practice focuses on representing institutional and individual clients in a variety of high-profile litigation matters at the investigatory, trial, and appellate levels, ranging from witness preparation to product-liability actions, white-collar criminal defense, and commercial disputes. Amer has played a lead role in many First Amendment and defamation disputes. Among other matters, he has successfully defended The Washington Post against a libel lawsuit in federal court, won a complete dismissal of defamation claims against a leading social media company, advised technology companies on compliance issues under Section 230 of the Communications Decency Act, prosecuted defamation claims on behalf of a high-profile businessman based on a worldwide smear campaign, and is representing the online publication Media Matters for America in its defense of a defamation case lodged by X Corp. Amer authored the practice guide on Defamation and Reputation Management in the USA on Lexology. Amer graduated from Columbia Law School where he was named a Harlan Fiske Stone Scholar and served as an articles editor of the Columbia Law Review. He received his Bachelor of Arts in Human Biology, with distinction, from Stanford University, where he was a President’s Scholar and was elected to the Phi Beta Kappa Society.

Amer is admitted to practice in the State of New York and the District of Columbia, as well as in the Supreme Court of the United States; the United States Courts of Appeals for the District of Columbia Circuit, Second Circuit, and Fourth Circuit; the United States District Court for the District of Columbia; and the United States District Courts for the Southern and Eastern Districts of New York.

Anne M. Champion is a partner in the New York office of Gibson, Dunn & Crutcher. She is a member of the Transnational Litigation, Media Law, and International Arbitration practice groups. Anne has played a lead role in a wide range of high stakes litigation matters, including several high profile First Amendment disputes. She represented CNN’s Jim Acosta and White House Correspondent Brian Karem in successful suits to reinstate their White House press passes, and Mary Trump in her defeat of an attempt to block publication of her best-selling book about the former President, Too Much and Never Enough: How My Family Created the World’s Most Dangerous Man, for which The American Lawyer recognized her along with Ted Boutrous and Matthew McGill as Litigators of the Week. She was previously recognized as Litigator of the Week for the successful defeat of a petition to confirm an $18 billion sham Egyptian arbitration award against Chevron Corporation and Chevron USA, Inc. She has been recognized by Lawdragon as among the “500 Leading Litigators in America,” by Chambers USA 2023 for General Commercial Litigation, and Benchmark Litigation, which named her to its 2022 list of the “Top 250 Women in Litigation.”

Anne is admitted to practice in the courts of the State of New York, the United States District Courts for the Southern, Eastern, and Northern Districts of New York, the Eastern District of Texas, and the United States Courts of Appeals for the Second Circuit, the D.C. Circuit, and the Federal Circuit.

Connor Sullivan is a partner in the New York office of Gibson, Dunn & Crutcher. He is a member of the Firm’s Media, Entertainment, and Technology; Appellate and Constitutional Law; Privacy, Cybersecurity and Data Innovation; and Intellectual Property Practice Groups.

Connor has significant experience in First Amendment matters representing news media organizations and reporters, as well as litigating attempts to restrain speech prior to publication. He has been involved in some of the Firm’s major recent First Amendment victories, including successfully representing members of the White House press corps suing to secure the return of suspended press credentials and representing Mary Trump, the niece of President Donald Trump, in successfully opposing the Trump family’s attempt to enjoin the publication of her bestselling family memoir. Before joining the firm, he served as a member of the trial team in one of the largest defamation suits ever tried. He is a co-author of “Defamation and Reputation Management in the United States” for the global research platform Lexology. Connor has also worked on behalf of pro bono clients in connection with immigration and First Amendment rights.

Connor is admitted to practice in New York and the District of Columbia, and before the United States Courts of Appeals for the Second, Third, Fourth, Sixth, Ninth, and District of Columbia Circuits and the United States District Courts for the Southern and Eastern Districts of New York and the District of Columbia.

Apratim Vidyarthi is a litigation associate in the New York office of Gibson, Dunn & Crutcher. His practice focuses on white collar, law firm defense, technology, and appellate and constitutional law, with a focus on First Amendment law.

Apratim is involved in several First Amendment matters, including representing Media Matters for America in its defense against Twitter/X Corp’s defamation litigation(s), defending a former White House official’s public speech calling out social media platforms’ hosting of misinformation about COVID vaccines, defending a social media company against state investigations, and defending a large technology company against a mandatory data-sharing bill. Apratim also maintains an active First Amendment pro bono docket, having recently filed amicus briefs in Free Speech Coalition v. Paxton, Villarreal v. Alaniz, and Gonzalez v. Trevino at the Supreme Court and in Pernell v. Lamb in the Eleventh Circuit, and defending a Jewish divorcee’s First Amendment rights to protest their ex-husbands’ refusals to grant permissions to divorce.

Apratim graduated cum laude from the University of Pennsylvania Law School, where he served as Philanthropy Editor on the board of the University of Pennsylvania Law Review. He received a Master’s in Engineering from Carnegie Mellon and Bachelors degrees in Nuclear Engineering and Applied Mathematics from the University of California, Berkeley. Prior to law school, Apratim worked at Deloitte Consulting in their technology consulting group. He is admitted to practice in the State of New York, and before the Eleventh Circuit, and the United States District Courts for the Southern and Eastern Districts of New York.

MCLE CREDIT INFORMATION:

This program has been approved for credit in accordance with the requirements of the New York State Continuing Legal Education Board for a maximum of 1.5 credit hour, of which 1.5 credit hour may be applied toward the areas of professional practice requirement. This course is approved for transitional/non-transitional credit.

Attorneys seeking New York credit must obtain an Affirmation Form prior to watching the archived version of this webcast. Please contact [email protected] to request the MCLE form.

Gibson, Dunn & Crutcher LLP certifies that this activity has been approved for MCLE credit by the State Bar of California in the amount of 1.25 hour in the General Category.

California attorneys may claim “self-study” credit for viewing the archived version of this webcast. No certificate of attendance is required for California “self-study” credit.

Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials. The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel. Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.

The bill purports to regulate only the most powerful AI models, trained using large computing capacity, but its requirements are likely to have a broader impact, including on open source models.

On August 28, 2024, the California State Assembly passed proposed bill SB 1047, the Safe and Secure Innovation for Frontier Artificial Intelligence Models Act, through which California seeks to regulate foundational AI models and impose obligations on companies that develop, fine-tune or provide compute resources to train such models.

SB 1047 currently sits with Governor Newsom. As of September 24, it is unclear whether the Governor will sign the bill or veto it; on September 17, Newsom signaled some discomfort with the bill, but stated that he remained undecided even as he signed several other AI-related bills into law.[1] Gov. Newsom has until the end of September to sign or veto the bill; if he does not veto or return the bill to the legislature, SB 1047 will become law and take effect on January 1, 2026, even if he does not sign it.

Controversial since its introduction, SB 1047 represents a major shift in how U.S. states have sought to regulate AI to date, and the novel approach–including its requirements for developers to implement a “kill switch” and subject themselves to third-party compliance audits, and its applicability to startups and open source AI developers–has caused many major players in the technology sector to oppose the bill or work to weaken its provisions.

Below are 8 key takeaways that highlight the most important aspects of SB 1047 and the ways it may shape the AI landscape if it becomes law.

Expansive definitions of “covered models” and “covered model derivatives” are likely to capture many frontier AI models and subsequent modifications. SB 1047 broadly applies to “covered models,” which are AI models that either:
- Cost over $100 million to develop and are trained using computing power “greater than 10^26 integer or floating-point operations” (FLOPs); or
- Are based on covered models and fine-tuned at a cost of over $10 million and using computing power of three times 10^25 integer or FLOPs.[2]

The frontier models that are publicly available are just below the covered AI model threshold, but the next generation of models will most likely hit that regulation mark.

Certain of SB 1047’s requirements also apply to “covered model derivatives,” which include copies of covered models (whether or not they have been modified).

SB 1047’s requirements apply only to companies that develop or provide compute power to train covered models or covered model derivatives, not to companies that merely use covered models. The law’s principal requirements apply to “developers” that initially train a covered model or that fine-tune a covered model or covered model derivative, all based on the applicable cost and compute requirements. Additional requirements apply to operators of computing clusters when one of their customers “utilizes compute resources that would be sufficient to train a covered model[.]”
Before training a covered model, developers are required to implement technical and organization controls designed to prevent covered models from causing “critical harms.” These critical harms include creating or using certain weapons of mass destruction to cause mass casualties; causing mass casualties or at least $500 million in damages by conducting cyberattacks on critical infrastructure or acting with only limited human oversight and causing death, bodily injury, or property damage in a manner that would be a crime if committed by a human; and other comparable harms.
- Kill switch or “shutdown capabilities.” Developers are required to implement a means through which to “promptly enact a full shutdown” of all covered models and covered model derivatives in their control, such that all model operations, including further training, are stopped. In determining whether to enact a full shutdown, developers are required to consider whether it may cause any potential disruptions to critical infrastructure.
- Cybersecurity protections. Developers are required to implement protections “appropriate in light of the risks” to prevent unauthorized access, misuse, or “unsafe post-training modifications” of the covered model and all covered model derivatives in their control.
- Safety protocols. Developers are required to develop a written document safety and security protocol (SSP) and to designate a senior individual to implement the SSP in a manner that complies with the developer’s obligation to exercise reasonable care to mitigate the risk of “foreseeable” downstream misuse of covered models, including by reviewing the SSP for sufficiency on an annual basis. Developers are required to retain an unredacted version of their SSP for the life of the covered model to which it applies plus 5 years, publish a redacted version of the SSP, and to provide an unredacted version to the Attorney General upon request. The SSP is required to:
  - Specify the means through which the developer will comply with its duty to exercise reasonable care as set out above and describe in detail how the developer will comply with SB 1047;
  - Describe how the SSP may be modified;
  - Describes when the developer would implement a full shutdown;
  - Set out testing procedures to determine whether the covered model and its derivatives pose an unreasonable risk of causing or enabling a critical harm or whether the covered model and its derivatives may be modified in a manner that poses such a risk; and
  - States the developer’s compliance obligations in sufficient detail to allow the developer or a third party to determine whether the SSP has been followed.
Developers are subject to rigorous testing, assessment, reporting, and audit obligations.
- Testing and Assessment. Before using a covered model or making it publicly available, a developer is required to assess, including through testing as set out in the SSP, whether there is a possibility that the model could cause critical harm and to record and retain test results from these assessments such that third-parties are capable of duplicating these tests.
- Audits and Reports. Beginning in 2026, developers are required to retain a third-party auditor to perform an independent, annual audit of their compliance with SB 1047. Developers are required to publish redacted copies of their audit reports and to provide unredacted copies to the Attorney General on request. The bill further requires developers to submit annual compliance statements to the Attorney General and to report safety incidents within 72 hours of discovery.
Compute providers are required to implement policies and procedures for customers that use compute sufficient to train a covered model. These procedures are required to include the ability to enact a full shutdown of compute used to train covered models, collecting and verifying identifying information for any customer that uses compute sufficient to train a covered model and assessing whether the customer intends to use the compute resources to train a covered model. Such information is required to be retained for 7 years and shall be provided to the Attorney General on request.
Developers are prohibited from preventing employees from reporting noncompliance internally, to the Attorney General, or to the Labor Commissioner and may not retaliate against employees who do so. These whistleblower protections include requirements that developers inform any employee or contractor working on covered models of their rights and to retain any complaints or reports made by employees or contractors for 7 years. Developers also are required to develop processes through which employees or contractors may make internal reports on an anonymous basis.
Enforcement is exclusively by the Attorney General and does not include a private right of action. The Attorney General may bring a civil action for violations of the bill that cause death or bodily harm; damage, theft, or misappropriation of property; or imminent public safety risks. The Attorney General may seek civil penalties, monetary damages (including punitive damages), injunctive or declaratory relief. Civil penalties for certain violations are capped at 10% of the cost of computing power used to train the covered model.
Certain provisions of SB 1047 may be vulnerable to legal challenge based on constitutional principles. While many of the bill’s provisions will likely pass constitutional muster, including those requiring developers to take technical steps in relation to their covered models, SB 1047 remains subject to legal challenge based on its extraterritorial reach and its assessment requirements.
- No nexus to California. SB 1047 does not have any textual nexus requiring that developers be located in California nor any requirements that covered models be developed, trained, or offered in California for the provisions to apply, standing in opposition to the general presumption that state laws do not apply outside of that state’s borders.
- Assessments may violate the First Amendment. The bill’s assessment provisions may be subject to legal challenge that they are unconstitutional government mandates for developers to create speech, in violation of the First Amendment. The likelihood of such challenges may be increased by the Ninth Circuit’s latest holdings that similar assessment provisions in California’s Age-Appropriate Design Code Act and AB 587 (relating to social media platforms) are facially unconstitutional on First Amendment grounds.[3]

[1] See Jeremy B. White, Gavin Newsom signals concerns about major AI safety bill, Politico (Sept. 17, 2024), https://subscriber.politicopro.com/article/2024/09/gavin-newsom-signals-concerns-about-major-ai-safety-bill-00179727 (setting out Newsom’s concerns that the bill may create a “chilling effect” and make it harder for California to maintain its status as the home of tech innovation).

[2] The proposed computing threshold mirrors the Biden administration’s Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence.

[3] NetChoice v. Bonta, No. 23-2969 (9th Cir. Aug. 16, 2024); X Corp. v. Bonta, No. 24-271 (9th Cir. Sept. 4, 2024).

The following Gibson Dunn lawyers assisted in preparing this update: Christopher Rosina, Frances Waldmann, Emily Maxim Lamm, Cassandra Gaedt-Sheckter, Vivek Mohan, and Eric Vandevelde.

Gibson, Dunn & Crutcher’s lawyers are available to assist in addressing any questions you may have regarding these issues. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any leader or member of the firm’s Artificial Intelligence practice group:

Christopher Rosina – New York (+1 212.351.3855, [email protected])
Frances A. Waldmann – Los Angeles (+1 213.229.7914,[email protected])
Keith Enright – Palo Alto (+1 650.849.5386, [email protected])
Cassandra L. Gaedt-Sheckter – Palo Alto (+1 650.849.5203, [email protected])
Vivek Mohan – Palo Alto (+1 650.849.5345, [email protected])
Robert Spano – London/Paris (+33 1 56 43 13 00, [email protected])
Eric D. Vandevelde – Los Angeles (+1 213.229.7186, [email protected])

The False Claims Act (FCA) is one of the most powerful tools in the government’s arsenal to combat fraud, waste, and abuse involving government funds. Nearly three years ago, the Department of Justice announced the establishment of the Civil Cyber-Fraud Initiative to utilize the False Claims Act to pursue cybersecurity related fraud by government contractors and grant recipients. Since the announcement of the Civil Cyber-Fraud Initiative, the government has continued to promulgate new cybersecurity requirements and reporting obligations in government contracts and funding agreements—which may bring yet more vigorous FCA enforcement efforts by the DOJ. The DOJ, moreover, has entered into several notable FCA settlements premised on alleged cybersecurity violations, and has intervened in a first-of-its kind qui tam case related to DoD cybersecurity regulations. As we approach the third anniversary of the launch of the Civil Cyber-Fraud Initiative, as much as ever, companies that receive government funds—especially companies operating in the government contracting sector—need to understand how the government and private whistleblowers alike are wielding the FCA to enforce required cybersecurity standards, and how they can defend themselves.

Please join this recorded webcast which discusses developments in the FCA, including:

The latest trends in FCA enforcement actions and associated litigation affecting government contractors, including technology companies;
Updates on enforcement actions arising under the DOJ Civil Cyber-Fraud Initiative;
The latest trends in FCA jurisprudence, including developments in particular FCA legal theories affecting your cybersecurity compliance and reporting obligations; and
Updates to the cybersecurity regulations and contractual obligations underlying enforcement actions by DOJ’s Civil Cyber-Fraud Initiative.

PANELISTS:

Winston Y. Chan is a partner in the San Francisco office of Gibson Dunn and Co-Chair of the firm’s White Collar Defense and Investigations practice group, and also its False Claims Act/Qui Tam Defense practice group. He leads matters involving government enforcement defense, internal investigations and compliance counseling, and regularly represents clients before and in litigation against federal, state and local agencies, including the U.S. Department of Justice, Securities and Exchange Commission and State Attorneys General. Prior to joining the firm, Winston served as an Assistant United States Attorney in the Eastern District of New York, where he held a number of supervisory roles and investigated a wide range of corporate and financial criminal matters. Winston is admitted to practice law in the state of California.

Stephenie Gosnell Handler is a partner in Gibson Dunn’s Washington, D.C. office, where she is a member of the International Trade and Privacy, Cybersecurity, and Data Innovation practices. She advises clients on complex legal, regulatory, and compliance issues relating to international trade, cybersecurity, and technology matters. Stephenie ’s legal advice is deeply informed by her operational cybersecurity and in-house legal experience at McKinsey & Company, and also by her active duty service in the U.S. Marine Corps.

Stephenie returned to Gibson Dunn as a partner of the Washington, D.C. office after serving as Director of Cybersecurity Strategy and Digital Acceleration at McKinsey & Company. In this role, she led development of the firm’s cybersecurity strategy and advised senior leadership on public policy and geopolitical trends relating to cybersecurity, technology, and data. Stephenie managed a team of experienced professionals responsible for the firm’s cybersecurity strategic initiatives, cybersecurity standards and certifications program, lifecycle governance initiatives, data analytics and optimization, and digital acceleration efforts across the cyber domain. She previously led McKinsey’s in-house cybersecurity legal team, where she advised on diverse global cybersecurity and technology matters, including strategic legal issues, data localization, regulatory compliance, risk management, governance, preparedness, and response. Stephenie frequently advised at the intersection of cybersecurity, technology, and data and export control and sanctions requirements.

Melissa L. Farrar is a partner in the Washington, D.C. office of Gibson, Dunn & Crutcher. Her practice focuses on white collar defense, internal investigations, and corporate compliance. Melissa represents and advises multinational corporations in internal and government investigations on a wide range of topics, including the U.S. Foreign Corrupt Practices Act, the False Claims Act, anti-money laundering, and accounting and securities fraud, including defending U.S. and global companies in civil and criminal investigations pursued by the U.S. Department of Justice and the U.S. Securities and Exchange Commission. She also has experience representing U.S. government contractors in related suspension and debarment proceedings. In addition, Melissa routinely counsels corporations on the design and implementation of their corporate ethics and compliance programs and in connection with transactional due diligence, with a particular emphasis on compliance with anti-corruption and anti-money laundering laws. She has experience in all areas of corporate compliance, including policy and procedure and code of conduct development, program governance and structure design, risk assessment planning and implementation, and the conduct of internal investigations, among others. Melissa is admitted to practice in the District of Columbia and Virginia.

Michael R. Dziuban is a senior associate in the Washington, D.C. office, where he practices in the Firm’s Litigation Department. Michael represents clients in white collar defense and civil enforcement matters, including investigations and lawsuits under the False Claims Act. He has advised government contractors, technology companies, healthcare companies, and individual executives in various stages of FCA enforcement opposite both government agencies and qui tam relators. Michael also has guided clients through government and internal investigations under anti-corruption and anti-money laundering laws, advised clients in government contracts disputes, and counseled companies on their corporate compliance programs. Michael is admitted to practice law in the Commonwealth of Virginia and the District of Columbia.

MCLE CREDIT INFORMATION:

This program has been approved for credit in accordance with the requirements of the New York State Continuing Legal Education Board for a maximum of 1.0 credit hour, of which 1.0 credit hour may be applied toward the areas of professional practice requirement. This course is approved for transitional/non-transitional credit.

Attorneys seeking New York credit must obtain an Affirmation Form prior to watching the archived version of this webcast. Please contact [email protected] to request the MCLE form.

Gibson, Dunn & Crutcher LLP certifies that this activity has been approved for MCLE credit by the State Bar of California in the amount of 1.0 hour in the General Category.

California attorneys may claim “self-study” credit for viewing the archived version of this webcast. No certificate of attendance is required for California “self-study” credit.

New Developments

CFTC Approves Final Guidance Regarding the Listing of Voluntary Carbon Credit Derivative Contracts. On September 20, the CFTC approved final guidance regarding the listing for trading of voluntary carbon credit derivative contracts. The guidance applies to designated contract markets (“DCMs”), which are CFTC-regulated derivatives exchanges, and outlines factors for DCMs to consider when addressing certain Core Principle requirements in the Commodity Exchange Act (“CEA”) and CFTC regulations that are relevant to the listing for trading of voluntary carbon credit derivative contracts. The guidance also outlines factors for consideration when addressing certain requirements under the CFTC’s Part 40 Regulations that relate to the submission of new derivative contracts, and contract amendments to the CFTC. [NEW]
CFTC Approves Part 40 Final Rule to Simplify and Enhance Rule and Product Submission Processes. On September 12, the CFTC approved a final rule to amend Part 40 of the CFTC’s regulations. The regulations in Part 40 implement Section 5c(c) of the CEA and govern how registered entities submit self-certifications, and requests for approval, of their rules, rule amendments, and new products for trading and clearing, as well as the CFTC’s review and processing of such submissions. The amendments are intended to clarify, simplify and enhance the utility of the Part 40 regulations for registered entities, market participants and the CFTC. The final rule is effective 30 days after publication in the Federal Register. [NEW]
DC Circuit Court Orders Temporary Stay Suspending Trading on Election Contracts. On September 12, the United States Court of Appeals for the District of Columbia Circuit (the “DC Circuit Court”) ordered a temporary stay suspending trading on election contracts offered by KalshiEx LLC (“KalshiEx”) “to give the court sufficient opportunity to consider the emergency motion for stay pending appeal.” Prior to the temporary stay from the DC Circuit Court, the United States District Court for the District of Columbia (the “DC District Court”) overturned an order blocking KalshiEx from allowing election contract trading on its platform and denied the CFTC’s request for a stay pending appeal. KalshiEx filed a response to the CFTC’s emergency motion on September 12 and the CFTC’s reply is due to the DC Circuit Court by 6:00 pm on September 14.
CFTC Approves Final Rule Regarding Exemptions from Certain Compliance Requirements for Commodity Pool Operators, Commodity Trading Advisors, and Commodity Pools. On September 12, the CFTC published a final rule that amends CFTC Regulation 4.7, a provision that provides exemptions from certain compliance requirements for commodity pool operators (“CPOs”) regarding commodity pool offerings to qualified eligible persons (“QEPs”) and for commodity trading advisors (“CTAs”) regarding trading programs advising QEPs. The final rule amends various provisions of the regulation that have not been updated since the rule’s original adoption in 1992. Specifically, the final rule: (1) increases the monetary thresholds outlined in the “Portfolio Requirement” definition that certain persons may use to qualify as Qualified Eligible Persons; (2) codifies exemptive letters allowing CPOs of Funds of Funds operated under Regulation 4.7 to choose to distribute monthly account statements within 45 days of the month-end; (3) includes technical amendments designed to improve its efficiency and usefulness for intermediaries and their prospective and actual QEP pool participants and advisory clients, as well as the general public; and, (4) updates citations within 17 CFR Part 4, and throughout the CFTC’s rulebook, to reflect the new structure of Regulation 4.7.
CFTC Staff Issues No-Action Letter Related to Reporting and Recordkeeping Requirements for Fully Collateralized Binary Options. On September 4, 2024, the CFTC announced the Division of Market Oversight (“DMO”) and the Division of Clearing and Risk have taken a no-action position regarding swap data reporting and recordkeeping regulations in response to a request from LedgerX LLC d/b/a MIAX Derivatives Exchange LLC (“MIAXdx”), a designated contract market and derivatives clearing organization. The Divisions will not recommend the CFTC initiate an enforcement action against MIAXdx or its participants for certain swap-related recordkeeping requirements and for failure to report data associated with fully collateralized binary option transactions executed on or subject to the rules of MIAXdx to swap data repositories. The no-action letter is comparable to no-action letters issued for other similarly situated designated contract markets and derivatives clearing organizations.

New Developments Outside the U.S.

ESAs Warn of Risks From Economic and Geopolitical Events. On September 10, the three European Supervisory Authorities (“ESAs”) issued their Autumn 2024 Joint Committee Report on risks and vulnerabilities in the EU financial system. In the report, the ESAs underlined ongoing high economic and geopolitical uncertainties, warned of the financial stability risks that they believe stem from these uncertainties and called for continued vigilance from all financial market participants. For the first time, the report also includes a cross-sectoral deep dive into credit risks in the financial sector.
EC Publishes Draghi Report on the Future of European Competitiveness. On September 9, the European Commission (“EC”) published a report, Future of European Competitiveness, authored by former Italian prime minister and head of the European Central Bank Mario Draghi. The report, which was commissioned by EC president Ursula von der Leyen, outlines the EU’s new industrial strategy. Part A of the report outlines the overarching strategy, while Part B discusses sectoral and horizontal policies and related recommendations in more detail. The report covers topics that include energy derivatives, sustainable finance, EU supervision, Basel framework, and collateral. The EC president indicated that she will aim to form a cabinet, with related mission letters that she expects to cover certain aspects of the report as part of future EU policies.
MAS Updates FAQs on OTC Derivatives Reporting Regulations. On September 4, the Monetary Authority of Singapore (“MAS”) further updated the Frequently Asked Questions (FAQs) on the Securities and Futures (Reporting of Derivatives Contracts) Regulations 2013. MAS indicated that the FAQs are to aid implementation of the reporting obligations and elaborate on its intentions for some of the requirements. The new Singapore reporting rules will take effect on October 21, 2024.

New Industry-Led Developments

ISDA Publishes Results of DC Review Consultation. On September 19, ISDA published the results of a market-wide consultation on proposed changes to the structure and governance of the Credit Derivatives Determinations Committees (“DCs”). ISDA reported that the consultation indicated broad market support to implement many of the recommendations, including establishing a separate governance body, implementing certain transparency proposals relating to the publication of DC decisions and appointing up to three independent members of the DCs. Some of the proposals received a significant minority of objections. [NEW]
ISDA Submits Letter to US Treasury Department on Listed Transactions. On September 11, ISDA submitted a letter in response to the US Department of the Treasury’s proposal to identify certain basket contract transactions as listed transactions. In the letter, ISDA arguesd that ISDA believes the proposed regulations would apply to many non-abusive transactions, would inappropriately take the place of substantive guidance and would generate compliance burdens and uncertainty for taxpayers. [NEW]
ISDA Responds to Australia’s CFR on Bonds and Repo Clearing. On September 4, ISDA submitted a response to a consultation from Australia’s Council of Financial Regulators (“CFR”) on the central clearing of bonds and repos in Australia. In response to changes in the size and structure of the Australian bond and repo markets, the CFR sought feedback on the costs and benefits of introducing a central counterparty (“CCP”) in the Australian bond and repo markets. It also sought views on the circumstances under which a bond and repo CCP could be operated safely and efficiently by an overseas operator and what additional protections may be required in Australia. ISDA said that it welcomes the fact that the CFR is not considering the introduction of a clearing mandate. In its response, ISDA set out its opinion on the costs and benefits of voluntary central clearing for the Australian bond and repo markets. ISDA also commented on participation and other factors to consider for a bond and repo clearing offering to be viable. On location, the response states it is not uncommon for an overseas operator to provide clearing services related to non-domestic markets and ISDA indicated that it does not see any increased risk for an overseas operator to provide clearing services for the Australian bond and repo markets, as long as the overseas CCP is appropriately supervised and risk-managed.
ISDA Suggested Operational Practice “P43 Reporting of Post-Trade Events: Trades with no prior P43 Reporting.” On September 5, ISDA republished a Suggested Operational Practice (“SOP”) from July 2024 on approaches (e.g., for partial or full unwinds, partial or full novation, or partial or full exercises) under the CFTC amendments for allocated trades. The SOP recommends reporting the first Part 43 reportable post-trade event on an allocated trade with Action type “NEWT” and Event type “TRAD.”

The following Gibson Dunn attorneys assisted in preparing this update: Jeffrey Steiner, Adam Lapidus, Marc Aaron Takagaki, Hayden McGovern, and Karin Thrasher.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Derivatives practice group, or the following practice leaders and authors:

Jeffrey L. Steiner, Washington, D.C. (202.887.3632, [email protected])

Michael D. Bopp, Washington, D.C. (202.955.8256, [email protected])

Michelle M. Kirschner, London (+44 (0)20 7071.4212, [email protected])

Darius Mehraban, New York (212.351.2428, [email protected])

Jason J. Cabral, New York (212.351.6267, [email protected])

Adam Lapidus – New York (212.351.3869, [email protected] )

Stephanie L. Brooker, Washington, D.C. (202.887.3502, [email protected])

William R. Hallatt , Hong Kong (+852 2214 3836, [email protected] )

David P. Burns, Washington, D.C. (202.887.3786, [email protected])

Marc Aaron Takagaki , New York (212.351.4028, [email protected] )

Hayden K. McGovern, Dallas (214.698.3142, [email protected])

Karin Thrasher, Washington, D.C. (202.887.3712, [email protected])

Join our panelists for an insightful discussion on the intersection of internal audit and government investigations.

PANELISTS:

Patrick Stokes is a partner in Gibson Dunn’s Washington, D.C. office, and Co-Chair of the firm’s Anti-Corruption and FCPA practice group. His practice focuses on internal corporate investigations and enforcement actions regarding corruption, securities fraud, and financial institutions fraud. Prior to joining the firm, Patrick headed the DOJ’s FCPA Unit, managing the FCPA enforcement program and all criminal FCPA matters throughout the United States covering every significant business sector. Previously, he served as Co-Chief of the DOJ’s Securities and Financial Fraud Unit, overseeing investigations and prosecutions of financial fraud schemes involving corporations, financial institutions, and individuals. He also served as an Assistant United States Attorney in the Eastern District of Virginia, where he prosecuted a wide variety of financial fraud, immigration, and violent crime cases. He is a member of the Maryland State Bar and the District of Columbia Bar.

Oleh Vretsona is a partner in the Washington, D.C. office of Gibson, Dunn & Crutcher. He currently practices in the firm’s Litigation Department, where he focuses on white collar criminal defense, internal investigations, regulatory inquiries, antitrust, and corporate compliance. Oleh has represented clients in a wide variety of matters, including matters arising under the U.S. Foreign Corrupt Practices Act and antitrust matters, and he has advised clients on structure and implementation of corporate compliance programs.

Oleh has significant experience in conducting internal investigations and advising clients on the effectiveness of their internal compliance controls. He has participated in and managed numerous internal investigations for publicly held corporations involving operations in Russia, Eastern Europe, and various other countries and regions, and conducted extensive fieldwork in those countries, including numerous witness interviews. Oleh is admitted to practice in New York and the District of Columbia.

Michael S. Diamant is a partner in the Washington, D.C. office of Gibson, Dunn & Crutcher. He is a member of the White Collar Defense and Investigations Practice Group, and serves on the firm’s Finance Committee. His practice focuses on white collar criminal defense, internal investigations, and corporate compliance. He has represented clients in an array of matters, including accounting and securities fraud, antitrust violations, and environmental crimes, before law enforcement and regulators, including the U.S. Department of Justice and the Securities and Exchange Commission. Michael also has managed numerous internal investigations for publicly traded corporations and conducted fieldwork in nineteen different countries on five continents.

Michael regularly conducts internal investigations for corporations regarding possible anti-bribery violations and assists them in complying with government subpoenas and negotiating settlements with enforcement agencies. He also routinely advises corporations on the adequacy of the design and implementation of their corporate ethics and compliance programs. This has included extensive work on all programmatic elements, including whistleblowing and investigative procedures, codes of conduct, expense approval and reimbursement processes, and oversight and governance functions, among many others. Michael is admitted to practice in the District of Columbia and the State of Virginia.

Courtney M. Brown is a partner in the Washington, D.C. office of Gibson, Dunn & Crutcher, where she practices primarily in the areas of white collar criminal defense and corporate compliance. Courtney has experience representing and advising multinational corporate clients, boards of directors, and executives in internal and government investigations and enforcement actions on a wide range of topics, including anti-corruption, anti-money laundering, economic sanctions, financial and accounting, and tax fraud matters. Courtney also counsels corporations on the effectiveness of their compliance programs and in connection with transactional due diligence, with a particular emphasis on compliance with anti-corruption laws, anti-money laundering regulations, and economic and trade sanctions administered by the U.S. Department of Treasury’s Office of Foreign Assets Control. She is a member of the bars of the District of Columbia and Virginia.

MCLE CREDIT INFORMATION:

Attorneys seeking New York credit must obtain an Affirmation Form prior to watching the archived version of this webcast. Please contact [email protected] to request the MCLE form.

Gibson, Dunn & Crutcher LLP certifies that this activity has been approved for MCLE credit by the State Bar of California in the amount of 1.0 hour in the General Category.

California attorneys may claim “self-study” credit for viewing the archived version of this webcast. No certificate of attendance is required for California “self-study” credit.

Gibson, Dunn & Crutcher LLP is pleased to announce with Global Legal Group the release of the International Comparative Legal Guide to Sanctions 2025 – Germany Chapter. Gibson Dunn partner Benno Schwarz and associate Nikita Malevanny are co-authors of the publication which provides an overview of the EU sanctions regime as applied by Germany and covers relevant government agencies, applicable guidance, sanctions jurisdiction, export controls, criminal and civil enforcement, recent developments, and other topics. The chapter was co-authored with Veit Bütterlin-Goldberg and Svea Ottenstein from AlixPartners.

You can view this informative and comprehensive chapter via the link below:

CLICK HERE to view Sanctions 2025 – Germany Chapter.

For further information, please feel free to contact the authors, the Gibson Dunn lawyer with whom you usually work, or any leader or member of the firm’s International Trade practice group.

About Gibson Dunn’s International Trade Practice Group:

Gibson Dunn’s International Trade practice includes some of the most experienced practitioners in the field. Our global experience is unparalleled – the practice’s lawyers have worked extensively across Asia, Europe, the Gulf, and the Americas and many have served in senior government and enforcement roles as principal architects of key sanctions and export controls regimes and relief, including with respect to U.N. sanctions, and U.S. measures against Iran, Russia, Cuba, and Myanmar.

Please visit our International Trade practice page or contact Benno Schwarz (+49 89 189 33-210, [email protected]) or Nikita Malevanny (+49 89 189 33-224, [email protected]) in Munich.

About the Authors:

Benno Schwarz is a partner in the Munich office of Gibson, Dunn & Crutcher and co-chair of the firm’s Anti-Corruption & FCPA Practice Group. He focuses on white collar defense and compliance investigations in a wide array of criminal regulatory matters. For more than 30 years, he has handled sensitive cases and investigations concerning all kinds of compliance issues, especially in an international context, advising and representing companies and their executive bodies. He coordinates the German International Trade Practice Group of Gibson Dunn and assists clients in navigating the complexities of sanctions and counter-sanctions compliance. He is regularly recognized as a leading lawyer in Germany in the areas of white-collar crime, corporate advice, compliance and investigations.

Nikita Malevanny is an associate in the Munich office of Gibson, Dunn & Crutcher, and a member of the firm’s International Trade, White Collar Defense and Investigations, and Litigation Practice Groups. He focuses on international trade compliance, including EU sanctions, embargoes and export controls. He also carries out internal and regulatory investigations in the areas of corporate anti-corruption, anti-money laundering and technical compliance. Handelsblatt / The Best LawyersTM in Germany 2024/2025 have recognized him in their list “Ones to Watch” for litigation and intellectual property law. The Legal 500 Deutschland 2024 and The Legal 500 EMEA 2024 have recommended him for Foreign Trade Law. He holds both German and Russian law degrees and speaks German, English, Russian and Ukrainian. He is a regular member of Gibson Dunn’s cross-border teams supporting and advising clients on global sanctions and export control aspects.

On September 5, 2024, Institutional Shareholder Services (ISS) released its 2024 Proxy Season Review: United States – Executive Compensation. The below chart summarizes our observations of the 2024 data and key takeaways as we look to the 2025 proxy season. While these trends are positive for issuers overall, they underscore that issuers, their boards, compensation committees, and management should continue to take an active role in compensation programs, disclosure, and shareholder engagement practices.

Observations	Key Takeaways
Increased shareholder support for say-on-pay and equity plan proposals. Median say-on-pay support levels rebounded after steadily declining since 2017, though median say-on-pay support did not quite reach 95% (hovering at 94.9%, well below the highs of 2015-2017). Instances of low (less than 70%) say-on-pay support and failed say-on-pay votes each also decreased to 5.1% and 1%, respectively in 2024. Likewise, after declining in 2022 and 2023, equity plan support improved in 2024 and equity plan failure rates normalized at just under 1% (down from 1.6% in 2023).	ISS notes that this is the lowest proxy season say-on-pay failure rate ever observed. We attribute this positive trend to continued transparency in compensation program disclosures and increased attention on shareholder engagement efforts. Issuers should continue to address in their disclosures (1) how their compensation practices affect shareholder dilution and reflect and respond to broader market conditions, including inflationary pressures and economic volatility, and (2) how these factors impact their approach to designing and administering their compensation programs.
Continued positive correlation between pay-for-performance quantitative screen and ISS say-on-pay vote recommendation. Unsurprisingly, higher quantitative screen concern levels correlated to a higher likelihood of an “against” recommendation, with over half of issuers flagged with a “high” concern level receiving “against” recommendations.	Interestingly, the 3% of issuers with a “low” concern level that received “against” recommendations generally were cited for problematic contractual provisions, non-CEO executive pay, insufficient board responsiveness, or severance payouts.
Rising CEO pay. After dipping slightly in 2023, median CEO pay in the S&P 500 reached its highest level since say-on-pay votes began over a decade ago – $15.6 million. The Russell 3000 (excluding the S&P 500) median CEO pay also trended up slightly to $5.3 million, but was still below the high-water mark set in 2021.	ISS notes that the record low say-on-pay failure rates combined with the record high S&P CEO median pay level suggest that investors are considering factors beyond pay magnitude in their voting decisions. Consistent with ISS’s proxy voting guidelines, many large investors’ say-on-pay votes can be swayed by problematic pay practices (such as one-time awards or application of discretion in pay decisions) without clear disclosure of a compelling rationale.
Compensation plan design continues to favor formulaic and performance-based compensation. Annual and long-term incentive awards trended towards non-discretionary and performance-based design, respectively.	ISS’s focus on formulaic performance-based compensation, including the impact of ISS’s pay-for-performance quantitative screen noted above, continues to correlate with the say-on-pay vote recommendation.
Specific sectors and the Russell 3000 continue to use discretionary compensation. While discretionary compensation across all sectors and indices has generally declined or remained steady year-over-year, financial sector CEOs and a higher percentage of Russell 3000 (excluding S&P 500) CEOs continued to receive discretionary bonuses.	Discretionary compensation may still have specific appropriate use cases, though issuers should consider clearly disclosing the business or sector-specific rationale when deploying discretionary compensation. Based on these trends, benchmarking against sector-specific peers may also be helpful.
Higher perquisite numbers driven by aircraft perks and security costs. Median values of CEO “all other compensation” reported in 2024 climbed markedly in the S&P 500, particularly in the upper percentiles of perquisite values.	The ISS report noted that increases in CEO “all other compensation” levels appeared to be primarily driven by larger corporate aircraft perks and security costs. And at the same time, issuers have seen an enhanced focus by the SEC and IRS on reporting and disclosure of these benefits.
Equity plan design trends include continuing rise of evergreen provisions, use of discretion to accelerate vesting, and no minimum vesting requirement. While “problematic” provisions like repricings or cash buyouts of equity awards without shareholder approval, and liberal change in control vesting provisions continued to decline overall, evergreen provisions in equity plans continued a steady rise and were observed in over 15% of 2024 plans up for approval. Issuers seeking plan approval in 2024 continued to eschew limitations on flexibility to accelerate vesting and set vesting schedules.	The prevalence of evergreen provisions is likely attributable in part to the repeal of Section 162(m) of the Internal Revenue Code in 2017 and an increase in SPAC/de-SPAC transactions since 2021. Favoring the ability to set and adjust vesting schedules is unsurprising as issuers balance the need for flexibility in equity plan administration.
No surprises in pay-versus-performance disclosure. Consistent with 2023, most industries used earnings as their most important performance metric and technology, media and telecom looked to revenue. Compensation actually paid (CAP) trended upwards in most industries.	The overall increase in CAP is not surprising given its correlation to increases in stock prices and the year-over-year performance of the relevant industries from fiscal year 2022 to fiscal year 2023.
Modest increases in CEO pay ratio. Median CEO pay ratio in the S&P 500 saw a small increase year-over-year while the other indices (S&P 400, S&P 600, and remaining Russell 3000) remained steady.	Consistent with the trends in CEO pay levels, the median CEO pay-to-median employee ratios in the S&P 500, S&P 400, S&P 600 and remaining Russell 3000 were 189, 111, 73, and 45, respectively.
Say-on-golden parachute failure rate increased. In 2024, proposals seeking advisory approval of compensation payable in connection with a change of control dipped below 80% average support for the first time since 2017, and the failure rate for these proposals hit an all-time-high of 17%.	Say-on-golden parachute support/failure rates have generally correlated to changes in median golden parachute value, which increased 35% year-over-year from 2023 to 2024.

The following Gibson Dunn lawyers assisted in preparing this update: Krista Hanvey, Elizabeth Ising, Ronald Mueller, Ekaterina Napalkova, and Lori Zyskowski.

Gibson Dunn’s lawyers are available to assist with any questions you may have regarding these issues. To learn more about these developments, please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any leader or member of the firm’s Executive Compensation and Employee Benefits or Securities Regulation and Corporate Governance practice groups:

Executive Compensation and Employee Benefits:
Sean C. Feller – Los Angeles (+1 310.551.8746, [email protected])
Krista Hanvey – Dallas (+ 214.698.3425, [email protected])
Kate Napalkova – New York (+1 212.351.4048, [email protected])

Securities Regulation and Corporate Governance:
Elizabeth Ising – Washington, D.C. (+1 202.955.8287, [email protected])
James J. Moloney – Orange County (+1 949.451.4343, [email protected])
Ronald O. Mueller – Washington, D.C. (+1 202.955.8671, [email protected])
Lori Zyskowski – New York (+1 212.351.2309, [email protected])

I. Introduction

For fiscal years beginning on or after April 1, 2023, domestic public companies are required to disclose whether they have adopted insider trading policies and procedures governing the purchase, sale, and/or other dispositions of their securities by their directors, officers and employees, or the companies themselves, and if so to file those policies and procedures as an exhibit to their annual reports on Form 10-K.[1] While calendar year companies must comply with these requirements in their Form 10-K for, or proxy statement following, the fiscal year ending December 31, 2024, 49 S&P 500 companies had addressed these requirements in filings as of June 30, 2024.[2]

As discussed in the summary of our preliminary observations below, while specific provisions vary from company to company, certain common approaches are emerging with respect to key policy terms. That said, company policies and procedures can vary based on a company’s particular circumstances, some companies may have interpretive materials that were not filed but elaborate on the operation of their policies and procedures, and some companies are updating their policies and procedures in light of the new filing requirements. As a result, we caution companies against treating these early observations as “best practices.” Your Gibson Dunn contacts are available to discuss the specifics of your policy and answer any questions you may have.

II. Persons Subject to the Insider Trading Policies

Nearly all policies we reviewed (96%) cover all company personnel (i.e., directors, officers and all employees of companies and their subsidiaries and, in some cases, certain affiliates) and their family members. Additionally, a significant majority of the policies (82%) expressly state that they apply to legal entities such as trusts whose securities transactions are controlled or influenced by company personnel and, in some cases, their family members. A majority of the policies (63%) also apply insider trading restrictions to contractors and/or consultants.[3]

III. Transactions in Company Securities Subject to the Insider Trading Policies

All of the policies specify types of transactions that are subject to, or are exempt from, the policy terms. Aside from open market sales or purchases, which are addressed in all of the policies, the most commonly addressed transactions include the following:

A significant majority of the policies (86%) provide some level of restriction on gifts, addressing to one degree or another the SEC’s position that gifts can constitute a form of insider trading.[4] A majority (61%) specifically address gifts as being subject to the policy for all covered persons (i.e., prohibiting gifts when an individual subject to the policy is in possession of material nonpublic information (“MNPI”) and/or applying window periods and/or pre-clearance restrictions to gifts),[5] although a handful of companies (8%) restrict gifts only if the donor has reason to believe the donee will sell while the donor has MNPI. Of the policies that do not apply gift restrictions to all employees, a majority restrict gifts only for certain covered persons that are subject to additional restrictions, such as blackout periods and/or pre-clearance procedures.
Option Exercises. A majority of the policies (69%) exempt exercises of options when there is no associated sale on the market; however, exercises of options where there is a sale of some or a portion of shares delivered upon exercise (e.g., cashless broker exercise) are typically treated like any other sale. Of this group, approximately a quarter of the policies specifically provide that withholding of shares for tax withholding purposes is exempt, and a smaller minority of policies provide that withholding of shares for tax withholding purposes and/or the payment of exercise price is exempt.
Vesting and Settlementof Other Equity Awards. A majority of the policies (59%) exempt vesting and settlement of equity awards, such as RSUs and restricted stock, and 51% of the policies specifically provide that withholding of shares for tax purposes (i.e., net share settlement) is exempt.

IV. Transactions in Other Company Securities

Nearly all policies (96%) specifically include some form of restriction on trading in the securities of another company when the person is aware of MNPI about that company or its securities. A significant majority of the policies (82%) prohibit trading in the securities of another company when the person is aware of MNPI about such company that was learned in the course of or as a result of the covered person’s employment or relationship with the company. The rest apply the prohibition more broadly to trading in the securities of another company while aware of MNPI about that company, without specifically addressing how the information was learned. Of the 82%, a minority tailor the prohibition to apply only to trading in the securities of another company that has some sort of a business relationship with the company (e.g., customers, vendors, or suppliers) or that is engaged in a potential business transaction with the company, and a smaller subset of these policies also include a specific reference to “competitors” in this prohibition.

V. Blackout Periods and Preclearance Procedures

Persons subject to quarterly blackout periods. A significant majority of the policies (88%) subject directors, executive officers and a designated subset of employees to regular quarterly blackout periods, with a few policies applying two different blackout periods to different groups of employees. Although the groups of persons (other than directors and executive officers) who are subject to quarterly blackout periods tend to be company-specific, most of the policies identify the “restricted persons” to include employees by title (e.g., all Vice Presidents or higher) and/or by department or role (e.g., all officers in accounting, financial planning and analysis, investor relations, legal and finance departments, etc.) as well as other employees who have been identified as having access to systems that have MNPI. Some policies take a less specific approach and identify restricted persons as those who are designated as such by the officer administering the insider trading policy. A minority of the policies (6%) subject all covered persons under the policy to quarterly blackout periods.
Start and end of quarterly blackout periods. The start date of the quarterly blackout periods ranges from quarter end to four weeks or more prior to quarter end. Under almost half of the policies (45%), the quarterly blackout periods start approximately two weeks prior to quarter end, 14% start the blackout periods three to four weeks prior to quarter end, and 18% start four weeks or more prior to quarter end. A significant majority of the policies (76%) end the quarterly blackout periods one to two full trading days after the release of earnings, with more policies ending after one trading day (51%) than two trading days (24%).[6] Additionally, nearly all policies specifically state that from time to time the company may implement additional special blackout periods.
Preclearance procedures. Nearly all policies require that certain covered persons must preclear their transactions with the appropriate officer administering the insider trading policy prior to execution. There is, however, variation in the persons subject to preclearance procedures—for 65% of the policies, the preclearance persons are a subset of the persons subject to blackout periods, while for a minority of the policies (29%), they are the same as the persons subject to the blackout periods. Of the 65% of the policies, a minority (38%) require preclearance only from the company’s directors and executive officers.[7] Regardless of scope, nearly all of the policies provide that directors and executive officers are subject to preclearance procedures.

VI. Special Prohibitions Under the Insider Trading Policies

All of the policies prohibit or otherwise restrict certain types of transactions regardless of whether they involve actual insider trading, in some cases stating that such transactions present a heightened risk of securities law violations or the potential appearance of improper or inappropriate conduct. The most common prohibitions addressed: hedging transactions (96%);[8] speculative transactions (96%); pledging securities as collateral for a loan (90%); and trading on margin or holding securities in margin accounts (82%). Although a significant majority of the policies apply the prohibition on hedging and speculative transactions to all persons subject to the policy, prohibitions on pledging and/or margin trading/accounts are sometimes limited to sub-categories of persons subject to the insider trading policies (39% and 27%, respectively): for instance, some policies apply the prohibition only to directors and executive officers or persons subject to quarterly blackout periods and/or preclearance procedures.[9]

A significant majority of the policies do not specifically address standing or limit orders or short-term trading, but of the ones that do, a significant majority take the approach of discouraging such transactions rather than strictly prohibiting them. Even where standing or limit orders are not strictly prohibited, some policies require that such orders be cancelled if the person becomes aware of MNPI (or prior to the start of a blackout period, if applicable). A few policies prohibit standing or limit orders if they go beyond a specified duration.

VII. Rule 10b5-1 Plans

All of the policies address the availability of Rule 10b5-1 plans. A significant majority of the policies (86%) do not set forth restrictions on who can enter into a Rule 10b5-1 plan so long as approval and other requirements are met, but a minority of the policies (12%) limit the use of 10b5-1 plans to directors and designated officers. A small minority of the policies (6%) require directors and designated officers to trade only pursuant to Rule 10b5-1 plans.

All of the policies require that Rule 10b5-1 plans be approved prior to adoption, but the policies tend to vary in approach when describing the guidelines for entering into Rule 10b5-1 plans (or modifying or terminating them). A significant majority (71%) of the policies describe the specified conditions under the SEC rules for a plan to qualify as a Rule 10b5-1 plan, although some do so in a more streamlined manner than others. Of these policies, a majority include Rule 10b5-1 plan requirements within the body of the policy, although a minority do so in an appendix and one company filed the plan guidelines as a separate exhibit. A minority of the policies (29%) do not describe the specified conditions under Rule 10b5-1, but provide a general statement regarding the affirmative defense from insider trading liability under the securities laws for transactions under a compliant Rule 10b5-1 plan and refer covered persons to the officer administering the policy for more information and guidelines on how to establish such a plan.

VIII. Policies Addressing Company Transactions

As noted above, Item 408(b) of Regulation S-K requires a public company to disclose whether it has adopted insider trading policies and procedures governing transactions in company securities by the company itself, and, if so, to file the policies and procedures, or if not, to explain why. Of the 23 S&P 500 companies subject to Item 408(b) that filed a Form 10-K and proxy statement prior to June 30, 2024, a significant majority (78%) did not address insider trading policies or procedures governing companies’ transactions in their own securities.[10] Of the ones that did, most included a brief sentence or two about the company’s policy of complying with applicable laws in trading in its own securities. Only one company in our surveyed group filed a company repurchase policy as a separate exhibit.

IX. Filing Practices Regarding Related Policies or Documents

A significant majority (88%) of the companies filed only a single insider trading policy and no other related policies or documents (even where they referenced other related policies in their insider trading policy).[11] In the few cases where multiple policies were filed, they appear to be supplemental guidelines/policies covering topics not generally applicable to all employees (e.g., trading windows, preclearance, 10b5-1 plans).

* * * *

We will continue to monitor public company filings of insider trading policies and procedures and expect to update our survey in early 2025 once calendar year-end companies’ Forms 10-K are on file, as we expect disclosure and filing practices to evolve as companies go through the first full year of complying with the new Item 408(b) disclosure and filing requirements.

[1]See Items 408(b) and 601(b)(19) of Regulation S-K, adopted by the SEC in connection with the Rule 10b5-1 amendments in December 2022. If a company has not adopted such policies and procedures, it is required to explain why it has not done so. Disclosure about the adoption (or not) of policies or procedures must appear in a company’s proxy statement (and must also be included in, or incorporated by reference to, Part III of a company’s Form 10-K), whereas the policies and procedures are to be filed as exhibits to the company’s Form 10-K.

[2] This group of 49 S&P 500 companies includes 23 companies that made Item 408(b) disclosures and 26 companies that were not subject to the disclosure requirements but voluntarily filed their insider trading policies and procedures with a Form 10-K filed prior to June 30, 2024.

[3] A minority of policies also include other service providers specific to their businesses.

[4] See Final Rule: Insider Trading Arrangements and Related Disclosures, Release No. 33-11138 (Dec. 14, 2022). In its adopting release, the SEC stated its view that the terms “trade” and “sale” in Rule 10b5-1 include bona fide gifts of securities and that gifts can be subject to Section 10(b) liability, since the Securities Exchange Act of 1934 does not require that a “sale” be for value and instead provides that the terms “sale” or “sell” each include “any contract to sell or otherwise dispose of.”

[5] A small minority of these policies also provide certain exceptions for gifts, including gifts to family members and/or controlled entities that are already subject to the policy, or exceptions on a case by case basis.

[6] Some policies use business days instead of trading days, but many policies do not define either term. We treated them as the same for purposes of our data analysis.

[7] The remaining 6% includes two policies that do not address preclearance procedures and one policy which is unclear.

[8] Item 407(i) of Regulation S-K requires companies to disclose practices or policies they have adopted regarding the ability of employees (including officers) or directors to engage in certain hedging transactions.

[9] A few policies allow for exceptions, subject to preclearance.

[10] For the purposes of this survey, we limited our review to Exhibit 19 filings and did not review the companies’ disclosures in the body of the proxy statement or Form 10-K addressing Item 408(b)(1) of Regulation S-K.

[11] Under Regulation S-K Item 408(b)(2), if all of a company’s insider trading policies and procedures are included in its code of ethics that is filed as an exhibit to the company’s Form 10-K, that satisfies the exhibit requirement. However, many companies do not file their code of ethics and instead rely on one of the alternative means of making the code available allowed under S-K Item 406(c)(2) and (3).

The following Gibson Dunn lawyers assisted in preparing this update: Aaron K. Briggs, Thomas Kim, Brian Lane, Julia Lapitskaya, James Moloney, Ronald Mueller, Michael Titera, Lori Zyskowski, and Stella Kwak.

Gibson Dunn’s lawyers are available to assist with any questions you may have regarding these developments. To learn more, please contact the Gibson Dunn lawyer with whom you usually work, or any leader or member of the firm’s Capital Markets or Securities Regulation and Corporate Governance practice groups:

Capital Markets:
Andrew L. Fabens – New York (+1 212.351.4034, [email protected])
Hillary H. Holmes – Houston (+1 346.718.6602, [email protected])
Stewart L. McDowell – San Francisco (+1 415.393.8322, [email protected])
Peter W. Wardle – Los Angeles (+1 213.229.7242, [email protected])

Securities Regulation and Corporate Governance:
Elizabeth Ising – Washington, D.C. (+1 202.955.8287, [email protected])
James J. Moloney – Orange County (+1 949.451.4343, [email protected])
Lori Zyskowski – New York (+1 212.351.2309, [email protected])
Aaron Briggs – San Francisco (+1 415.393.8297, [email protected])
Thomas J. Kim – Washington, D.C. (+1 202.887.3550, [email protected])
Brian J. Lane – Washington, D.C. (+1 202.887.3646, [email protected])
Julia Lapitskaya – New York (+1 212.351.2354, [email protected])
Ronald O. Mueller – Washington, D.C. (+1 202.955.8671, [email protected])
Michael Scanlon – Washington, D.C.(+1 202.887.3668, [email protected])
Mike Titera – Orange County (+1 949.451.4365, [email protected])

This guidance reflects the increasing willingness of Hong Kong financial regulators to regulate the use of artificial intelligence.

In recent weeks, the Hong Kong Monetary Authority (“HKMA”) has been active in releasing guidance to authorized institutions (“AIs”) regarding their use of artificial intelligence in both customer-facing applications as well as in relating to detection of money laundering and terrorist financing (“ML/TF”). This guidance reflects the increasing willingness of Hong Kong financial regulators to regulate the use of artificial intelligence. We consider that this is reflective of the significant interest of financial institutions in Hong Kong in exploring the use of generative artificial intelligence (“GenAI”) in particular, with 39% of AIs surveyed by the HKMA earlier this year reporting that they either have already adopted GenAI in the provision of general banking products and services as well as daily operations, or that they plan to do so. Given this, we expect other Hong Kong regulators to issue guidance in this space in the coming months.

This client briefing covers:

The guiding principles issued by the HKMA on August 19, 2024 (“GenAI”) in customer-facing applications (“GenAI Guidelines”).[1] The GenAI Guidelines build on a previous HKMA circular “Consumer Protection in respect of Use of Big Data Analytics and Artificial Intelligence by Authorized Institutions” dated November 5, 2019 (“2019 BDAI Guiding Principles”) and provide specific guidelines to AIs on the use of GenAI;[2] and
The circular issued by the HKMA on September 9, 2024 requiring AIs with significant operations in Hong Kong to (a) undertake a study to consider the feasibility of using artificial intelligence in tackling ML/TF, and to (b) submit the feasibility study and an implementation plan to the HKMA by the end of March 2025 (“ML/TF Circular).[3]

I. Background to GenAI Regulation by the HKMA

GenAI is a form of big data analytics and artificial intelligence (“BDAI”) that enables generation of new content such as text, image, audio, video, code or other media, based on vast amounts of data. GenAI’s ability to generate new and original content sets it apart from other forms of traditional artificial intelligence, which is focused on analyzing information and automating processes. While its content-generating ability gives GenAI tremendous potential to streamline business processes and improve efficiency, this ability also creates risks such as hallucination risk (i.e. where a GenAI model generates incorrect or misleading results due to insufficient training data, incorrect assumptions or biases made by the model).

This content-generating ability, combined with the growing interest in GenAI adoption within the banking sector, has prompted the HKMA to issue the GenAI Guidelines. According to a recent survey on the use of BDAI (including GenAI) by AIs conducted by the HKMA, 39% of surveyed AIs reported adopting or planning to adopt GenAI in the provision of general banking products and services, as well as daily operations. While the majority of the current reported use cases in GenAI are in relation to internal business functions, such as summarisation and translation, coding and internal chatbots, the HKMA has stated that it considers that:

the content-generating capability of GenAI lends itself to increased uptake and deployment in relation to customer-facing activities; and
the prospective increase in the use of GenAI in customer-facing activities raises consumer protection concerns due to risks such as lack of explanability and hallucination risks, which in the HKMA’s words ‘could cause even more significant impact on customers’ than the use of less complex BDAI.

Given this, while the HKMA expects all AIs to continue to apply the 2019 BDAI Guiding Principles, the HKMA also expects all AIs to adhere to the additional principles in the GenAI Guidelines in order to ensure appropriate safeguards are in place when GenAI is adopted for customer-facing applications.

II. Summary of the HKMA’s GenAI Guidelines

Using the 2019 BDAI Guiding Principles as a foundation, the GenAI Guidelines adopts the same core principles of governance and accountability, fairness, transparency and disclosure, and data privacy and protection, but introduces additional requirements to address the specific challenges presented by GenAI.

Core Principles	Requirements under GenAI Guidelines
Governance and Accountability	The board and senior management of AIs should remain accountable for all GenAI-driven decisions and processes, and should thoroughly consider the potential impact of GenAI applications on customers through an appropriate committee which sits within the AI’s governance framework.The board and senior management should ensure the following: Clearly defined scope of customer-facing GenAI applications to avoid GenAI usage in unintended areas; Proper policies and procedures and related control measures for responsible GenAI use in customer-facing applications; and Proper validation of GenAI models, including a “human-in-the-loop” approach in early stages, i.e. having a human retain control in the decision-making process, to ensure the model-generated outputs are accurate and not misleading.
Fairness	AIs are responsible for ensuring that GenAI models produce objective, consistent, ethical, and fair outcomes for customers. This includes: That model generated outputs do not lead to unfair outcomes for customers. As part of this, AIs are expected to give consideration to different approaches that may be deployed in GenAI models, such as (a) anonymizing certain data categories; (b) using comprehensive and fair datasets; and (c) making adjustments to remove bias during validation and review; and During the early deployment stage, provide customers with an option to opt out of GenAI use and request human intervention on GenAI-generated decisions as far as practicable. If an “opt-out” option is unavailable, AIs should provide channels for customers to request review of GenAI-generated decisions.
Transparency and Disclosure	AIs should: Provide appropriate transparency to customers regarding GenAI applications; Disclose the use of GenAI to customers; and Communicate the use, purpose, and limitations of GenAI models to enhance customer understanding.
Data Privacy and Protection	AIs should: Implement effective protection measures for customer data; and Where personal data are collected and processed by GenAI applications, comply with the Personal Data (Privacy) Ordinance, including the relevant recommendations and good practices issued by the Office of the Privacy Commissioner for Personal Data, such as the “Guidance on the Ethical Development and Use of Artificial Intelligence” issued on August 18, 2021,[4] and the “Artificial Intelligence: Model Personal Data Protection Framework” issued on June 11, 2024.[5]

Notably, the HKMA has also expressed support for proactive use of BDAI and GenAI in enhancing consumer protection in the banking sector. Examples of suggested use cases include identification of customers who are vulnerable and require more protection and education; identification of customers who may need more information or clarifications to better understand product features, risks, and terms and conditions in the disclosure; or issuance of fraud alerts to customers engaging in transactions with potentially higher risks.

III. Summary of the HKMA Circular

Consistent with the HKMA’s recognition of the potential use of GenAI in consumer protection in the GenAI Guidelines, the HKMA Circular also indicates that the HKMA recognizes the considerable benefits that may come from the deployment of artificial intelligence in monitoring ML/TF. In particular, the HKMA Circular notes that the use of artificial intelligence powered systems ‘take into account a broad range of contextual information focusing not only on individual transactions, but also the active risk profile and past transaction patterns of customers…These systems have proved to be more effective and efficient than conventional rules-based transaction monitoring systems commonly used by AIs.’[6]

Given this, the HKMA has indicated that AIs with significant operations in Hong Kong should:

give due consideration to adopting artificial intelligence in their ML/TF monitoring systems to enable them to stay effective and efficient;
undertake a feasibility study in relation to the adoption of artificial intelligence in their ML/TF monitoring systems and, based on the outcome of that review, should formulate an implementation plan.

The feasibility study and implementation plan should be signed off at the board level and submitted to the HKMA by the end of March 2025.[7]

The HKMA has also indicated that it intends to support the use of artificial intelligence by AIs in this space through the establishment of a dedicated team to provide feedback and guidance to assist AIs, as well as through organisation of an experience sharing forum in November 2024 to allow firms to share regarding their use of artificial intelligence in relation to ML/TF monitoring.

IV. Conclusion

The issue of the GenAI Guidelines and HKMA Circular by the HKMA reflect the HKMA’s awareness of both the considerable potential of GenAI as well as the prospective risks associated with its deployment. Given the HKMA’s interest in this space, we recommend that AIs review and update their policies and procedures in relation to the use of GenAI to ensure compliance with the GenAI Guidelines. As part of this, AIs should ensure that the use of GenAI in customer-facing activities are thoroughly considered at a board and senior management and governance committee level.

Further, it is important more generally that AIs develop the necessary expertise in understanding the artificial intelligence model that is being adopted. This will not only assist senior management in its decision making process with respect to their deployment of artificial intelligence, but will also aid in the development of appropriate internal systems and controls with respect to the use of artificial intelligence. For instance, AIs can consider implementing staff training on the features and risks of artificial intelligence, to ensure that issues caused by artificial intelligence models are adequately escalated and addressed.

[1] “Consumer Protection in respect of Use of Generative Artificial Intelligence”, published by the HKMA on August 19, 2024, available at: https://www.hkma.gov.hk/media/eng/doc/key-information/guidelines-and-circular/2024/20240819e1.pdf

[2] “Consumer Protection in respect of Use of Big Data Analytics and Artificial Intelligence by Authorized Institutions”, published by the HKMA on November 5, 2019, available at: https://www.hkma.gov.hk/media/eng/doc/key-information/guidelines-and-circular/2019/20191105e1.pdf

[3] “Use of Artificial Intelligence for Monitoring of Suspicious Activities”, published by the HKMA on September 9, 2024, available at https://www.hkma.gov.hk/media/eng/doc/key-information/guidelines-and-circular/2024/20240909e1.pdf

[4] “Guidance on the Ethical Development and Use of Artificial Intelligence”, published by the Office of the Privacy Commissioner for Personal Data on August 18, 2021, available at: https://www.pcpd.org.hk/english/resources_centre/publications/files/guidance_ethical_e.pdf

[5] “Artificial Intelligence: Model Personal Data Protection Framework”, published by the Office of the Privacy Commissioner for Personal Data on June 11, 2024, available at https://www.pcpd.org.hk/english/resources_centre/publications/files/ai_protection_framework.pdf

[6] “Use of Artificial Intelligence for Monitoring of Suspicious Activities”, published by the Hong Kong Monetary Authority on September 9, 2024, available at https://www.hkma.gov.hk/media/eng/doc/key-information/guidelines-and-circular/2024/20240909e1.pdf

[7] Ibid. The HKMA will communicate with AIs on an individual basis regarding the exact timing for the feasibility study and implementation plan and the format in which they should be provided, and will consider further engagement and follow up in due course. Reference should also be made to:

(a) “Report on AML/CFT Regtech: Case Studies and Insights Volume 1” published on 21 January 2021, available at https://www.hkma.gov.hk/media/eng/doc/key-information/guidelines-and-circular/2021/20210121e1a1.pdf;

(b) “Report on AML/CFT Regtech: Case Studies and Insights Volume 2” published on 25 September 2023, available at https://www.hkma.gov.hk/media/eng/doc/key-functions/banking-stability/aml-cft/AMLCFT_Regtech-Case_Studies_and_Insights_Volume_2.pdf ; and

(c) “Thematic Review of Transaction Monitoring Systems and Use of Artificial Intelligence” published on 17 April 2024, which sets out insights for design, implementation and optimisation of transaction monitoring systems, available at https://www.hkma.gov.hk/media/eng/doc/key-information/guidelines-and-circular/2024/20240417e1a1.pdf.

The following Gibson Dunn lawyers prepared this update: William Hallatt, Emily Rumble, and Jane Lu.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. If you wish to discuss any of the matters set out above, please contact any member of Gibson Dunn’s Financial Regulatory team, including the following members in Hong Kong:

William R. Hallatt (+852 2214 3836, [email protected])
Emily Rumble (+852 2214 3839, [email protected])
Arnold Pun (+852 2214 3838, [email protected])
Becky Chung (+852 2214 3837, [email protected])
Jane Lu (+852 2214 3735, [email protected])

Michael Holecek, DJ Manthripragada, and Madeleine McKenna discuss the latest developments in arbitration agreements and mass arbitration. They discuss recent trends in mass arbitration filings and defenses, recent mass arbitration court cases, changes in arbitration provider rules and fee schedules, and approaches to drafting mass arbitration provisions.

PANELISTS:

Michael Holecek is a litigation partner in the Los Angeles office of Gibson, Dunn & Crutcher, where his practice focuses on complex commercial litigation, class actions, and labor and employment law—both in the trial court and on appeal. Michael has first-chair trial experience and has successfully tried to verdict both jury and bench trials, he has served as lead arbitration counsel, and he has presented oral argument in numerous appeals. Michael represents clients in worker classification disputes – including independent contractor misclassification litigation, misclassification lawsuits involving the FLSA and state law, lawsuits under California’s Private Attorneys General Act (“PAGA”), class action employment lawsuits, and lawsuits against staffing agencies and gig economy platforms. He also has considerable experience with drafting arbitration agreements and arbitration clauses, mass arbitration, disputes over arbitration fees, and enforcing arbitration agreements. He has successfully litigated dozens of motions to compel arbitration and class action waivers in California, New York, Florida, Illinois, and other states. In 2023, Michael presented to the ABA National Class Actions Conference on arbitration agreements, class action waivers, and mass arbitration. Michael was recognized in The Best Lawyers in America® 2022 Ones to Watch in Mass Tort Litigation / Class Action.

Dhananjay (DJ) Manthripragada is a partner in the Los Angeles and Washington, D.C. offices of Gibson, Dunn & Crutcher. He is Chair of the firm’s Government Contracts practice group, and also a member of the Litigation, Class Actions, Labor & Employment, and Aerospace and Related Technologies practice groups. DJ has a broad complex litigation practice, and has served as lead counsel in precedent setting litigation before several United States Courts of Appeals, District Courts and state courts in jurisdictions across the country, the Court of Federal Claims, and the Federal Government Boards of Contract Appeals. He has first-chair trial experience and has successfully tried to verdict both jury and bench trials, and has served as lead counsel in arbitration and other alternative dispute resolution forums. His practice spans a wide range of industries, and he has represented some of the world’s leading aerospace and defense, finance, logistics/transportation, high-technology, and pharmaceutical companies in their most significant matters. DJ is also highly regarded as a trusted advisor to clients regarding significant compliance/enforcement, contract, dispute resolution, and employment issues. He was recognized in The Best Lawyers in America® Ones to Watch in Commercial Litigation in 2021 and 2022.

Madeleine McKenna is a litigation associate in Gibson, Dunn & Crutcher’s Los Angeles office. She practices in the firm’s Insurance, Class Actions, Labor and Employment, and Appellate and Constitutional Law Practice Groups, with a focus on complex civil litigation in the trial courts and on appeal. Madeleine has represented clients in a variety of high-stakes, complex litigation matters in state and federal courts, with a particular focus on class and representative actions involving employment and consumer protection claims. She has also litigated a wide variety of appellate matters. Prior to joining Gibson Dunn, she clerked for the Honorable Richard C. Tallman of the U.S. Court of Appeals for the Ninth Circuit.

MCLE CREDIT INFORMATION:

Gibson, Dunn & Crutcher LLP certifies that this activity has been approved for MCLE credit by the State Bar of California in the amount of 1.0 hour.

Gibson, Dunn & Crutcher LLP is authorized by the Solicitors Regulation Authority to provide in-house CPD training. This program is approved for CPD credit in the amount of 1.0 hour. Regulated by the Solicitors Regulation Authority (Number 324652).

Neither the Connecticut Judicial Branch nor the Commission on Minimum Continuing Legal Education approve or accredit CLE providers or activities. It is the opinion of this provider that this activity qualifies for up to 1 hour toward your annual CLE requirement in Connecticut, including 0 hour(s) of ethics/professionalism.

Application for approval is pending with the Colorado, Illinois, Texas, Virginia, and Washington State Bars.

Data center developers, investors, AI companies, and energy companies all stand to benefit from the Administration’s support for AI data center development.

With four months left in his administration, President Biden is making a play for the future with a concerted focus on developing infrastructure to support artificial intelligence (AI). A limiting factor in the advancement of AI is the need to build data centers and their associated energy infrastructure to process the extraordinary quantities of information involved in AI computations and development of large language models. Over the past weeks, the Administration has taken several significant steps to promote the development of AI data centers. Data center developers, investors, AI companies, and energy companies all stand to benefit from the Administration’s support for AI data center development.

Several months ago, Gibson Dunn formed an interdisciplinary task force of partners specializing in energy, infrastructure, real estate, digital and AI, environment, litigation, national security, and public policy to provide integrated advice to clients who are actively pursuing opportunities in the data center sector. We are closely tracking the Administration’s efforts regarding AI data centers and are available to help clients to share their insights with the Administration, as well as to take advantage of the opportunities these high-level initiatives may offer in the coming months.

I. White House Roundtable, Interagency Efforts to Promote AI Data Centers

On September 12, 2024, the Biden Administration convened AI industry leaders, utility companies, and high-level Administration officials to discuss how to ensure the United States continues to lead in AI. After the roundtable, the White House announced several new initiatives to promote AI in ways that will advance national security and protect the environment.

Most significantly, the Administration launched its Task Force on AI Datacenter Infrastructure to coordinate federal government policy across agencies. Led by the National Economic Council, National Security Council, and the White House Deputy Chief of Staff’s office, the Task Force involves the highest levels of the Biden Administration, indicating the importance the Administration is placing on this initiative. The Task Force will work with private sector leaders to identify growth opportunities, as well as with agencies to prioritize AI data center projects.

The Administration also announced that it is tasking the Federal Permitting Improvement Steering Council to work with AI data center developers and federal agencies to set comprehensive timelines for project development, provide technical assistance to the permitting agencies, and distribute funding to agencies to expedite the permitting process for data centers. The U.S. Army Corps of Engineers also will be identifying nationwide permits to expedite the construction of AI data centers. AI data centers require substantial amounts of land, water, and energy—all resources protected or regulated by federal, state, and local permitting regimes. This focus on easing the permitting process for data center developers may give investors some comfort about the shorter-term return on their investments and potentially serve as a model for broader infrastructure permitting reform.

II. Department of Energy Developments

Given AI data centers’ need for significant amounts of energy, combined with the Administration’s clean-energy goals, it is no surprise that the Department of Energy (DOE) is taking the lead on several significant projects to support AI data centers. Of interest to clients, the DOE is planning a series of convenings with industry stakeholders to discuss the challenges associated with data centers’ energy needs.

Moreover, multiple offices within the DOE are working to provide solutions to stakeholders. In August, the DOE Office of Policy developed a list of resources to help data center developers, owners and operators, and interconnection stakeholders take advantage of tax credits, financing programs, and technical assistance.

In July, the DOE Secretary of Energy Advisory Board convened a Working Group on Powering AI and Data Center Infrastructure and presented its recommendations to Jennifer Granholm, the Secretary of Energy.

The Working Group’s report encouraged the DOE to adopt several key immediate and longer-term impact recommendations for supporting AI-driven data center power demand while limiting harm to existing customers and greenhouse gas emissions. The Working Group’s three immediate impact recommendations to the DOE encouraged the DOE to:

explore flexible siting and geographic distribution of AI large language model data centers in an effort to reduce highly concentrated loads;
foster dialogue between energy utilities, data center developers and operators, and other key stakeholders to manage current electricity supply bottlenecks and encourage real-time data sharing; and
rapidly assess reliability, cost, performance, and supply chain issues facing generation, storage, and grid technologies to support data center expansion.

As longer term recommendations, the Working Group encouraged the DOE to:

establish an AI testbed within the DOE to allow researchers to develop and assess algorithms for energy-efficient AI training, and advance the United States’ AI capabilities;
work with other government agencies and the private sector to develop a standardized and adaptable framework for orchestrating grid services; and
accelerate and de-risk private investment in emerging technologies, particularly nuclear, geothermal, long-duration storage, and carbon capture and sequestration.

The DOE’s focus on providing data center solutions will continue as it works in conjunction with other government agencies and the private sector to drive development, provide incentives, and discover efficiencies with respect to AI-driven data center power demands.

III. Department of Commerce Developments

Along with the DOE, the Department of Commerce will play a significant role in the Administration’s efforts to promote data center development. The National Telecommunications and Information Administration (NTIA), a component of the Department of Commerce, has invited comments on data center security and supporting data center growth in the United States. The NTIA is tasked with advising the President on issues related to the internet economy, including internet infrastructure, cybersecurity, and online privacy. Much of its work focuses on expanding broadband access and adoption, particularly in rural parts of the country, and the NTIA administers grant funding programs to support expansion of broadband infrastructure.

The NTIA will use the comments to inform its work on a comprehensive report for the executive branch offering policy recommendations about how the federal government can promote data center development. The NTIA is coordinating its efforts with the DOE. The Administration seeks comments on a variety of data center development topics including AI data center usage, barriers to data center competition, supply chain vulnerabilities, risk management practices, staffing shortages, and power supply challenges.

Offering comments to the NTIA will allow interested parties to shape the recommendations made within the executive branch on the best path toward maximizing data center infrastructure. The NTIA’s advisory role and its coordination with the DOE on this report will allow commenters to reach multiple interested executive agencies through this comment process. Comments are due November 4.

Given the economic, strategic, and national security implications of the AI race, these efforts are likely just the start of a federal government campaign to support AI data centers, regardless of outcome of the November elections. In light of the Administration’s keen interest in collaborating with the private sector on AI data center development, industry participants who want to shape the future of AI and data center policy should take this opportunity to make their voices heard.

Gibson Dunn’s Data Center Task Force attorneys are available to assist clients by offering strategic advice; drafting comment letters to agencies; arranging and preparing for high-level executive branch and congressional meetings; and helping clients take advantage of potential opportunities emerging from the rapidly changing regulatory environment.

The following Gibson Dunn lawyers prepared this update: F. Joseph Warin, Eric Feuerstein, Stephenie Gosnell Handler, William R. Hollaway, Ph.D., Michael D. Bopp, Tory Lauterbach, Amanda Neely, David Casazza, and Simon Moskovitz.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these issues. For additional information about how we may assist you, please contact the Gibson Dunn lawyer with whom you usually work, any leader or member of the firm’s Artificial Intelligence, Energy Regulation & Litigation, National Security, Public Policy, Real Estate, or White Collar Defense & Investigations practice groups, or the following authors:

Vivek Mohan – Co-Chair, Artificial Intelligence Practice Group, Palo Alto (+1 650.849.5345, [email protected])

William R. Hollaway, Ph.D. – Chair, Energy Regulation & Litigation Practice Group, Washington, D.C. (+1 202.955.8592, [email protected])

Tory Lauterbach – Partner, Energy Regulation & Litigation Practice Group, Washington, D.C. (+1 202.955.8519, [email protected])

Stephenie Gosnell Handler – Partner, National Security Practice Group, Washington, D.C. (+1 202.955.8510, [email protected])

Michael D. Bopp – Co-Chair, Public Policy Practice Group, Washington, D.C. (+1 202.955.8256, [email protected])

Eric M. Feuerstein – Co-Chair, Real Estate Practice Group, New York (+1 212.351.2323, [email protected])

F. Joseph Warin – Co-Chair, White Collar Defense & Investigations Practice Group, Washington, D.C. (+1 202.887.3609, [email protected])

Amanda H. Neely – Of Counsel, Public Policy Practice Group, Washington, D.C. (+1 202.777.9566, [email protected])

With this final rule, BIS seeks to tip the scales in favor of more frequent disclosures and introduces new factors to consider when assessing engagement with U.S. regulators.

In a final rule effective September 16, 2024, the Department of Commerce’s Bureau of Industry and Security (“BIS”) updated its process for handling voluntary self-disclosures from industry and expanded its discretion to impose higher monetary penalties for violations of export control laws. Whether to submit a voluntary self-disclosure remains a fact-dependent decision and requires careful weighing of factual, legal, practical and policy considerations.

Background

Corporate violations of U.S. sanctions, export control laws, and foreign direct investment determinations are a key enforcement priority for BIS, the Department of Justice, the Department of the Treasury, and the Committee on Foreign Investment in the United States (“CFIUS”), with each taking an increasingly aggressive enforcement posture through new guidance, compliance expectations, and record-setting penalties in recent years.

On September 12, 2024, BIS announced the publication of a final rule updating its policies regarding voluntary self-disclosures (“VSD”) and the BIS Penalty Guidelines, found at Supplement No. 1 to Part 766 of the Export Administration Regulations (“EAR”). The rule finalizes a series of policy changes by the Office of Export Enforcement (“OEE”) that were first articulated in memoranda publicly issued by BIS beginning in 2022 and that seek to strengthen BIS’s administrative enforcement program and encourage voluntary disclosures of apparent export control violations.^[1]

As we summarized in our 2023 Year-End Sanctions and Export Control Update, these changes aim to:

streamline self-disclosure of minor or technical violations, facilitate corrective action that might otherwise be prohibited, and prioritize enforcement actions against “significant” violations by establishing a dual-track process for VSD submission and processing;
incentivize VSDs by treating failure to disclose significant apparent violations as an aggravating factor;
enhance OEE’s discretion in assessing penalties when warranted;
incentivize compliance-minded firms to report violations committed by other firms or competitors; and
coordinate enforcement efforts through the appointment of a new Chief of Corporate Enforcement position.

The final rule, outlined in greater detail below, highlights BIS’s continued commitment to streamlining the VSD program to facilitate faster resolutions of non-egregious apparent violations and at the same time highlights BIS’s desire to focus its resources on significant infractions, including by expanding its discretion to impose higher civil monetary penalties.

1. Dual-Track VSD Processing, Streamlined Submission of Minor or Technical Violations, and Corrective Action Provisions

a. Dual-Track VSD Processing

Minor or Technical Violations Track

Section 764.5 of the EAR previously set forth a single track for handling VSDs, regardless of the severity of the violation at issue. The final rule adds a new paragraph regarding disclosure of minor or technical violations, defined as any violation that does not include aggravating factors.

These revisions permit firms to disclose minor or technical violations through a “fast-track” process that will be resolved in 60 days, either through a no-action letter or a warning letter. For such apparent violations, firms may submit by email an abbreviated narrative report in lieu of more burdensome narrative and documentation requirements previously set forth in Sections 764.5. For minor or technical violations, the rule also removes the recommendation that firms conduct a five-year lookback, unless OEE suspects that aggravating factors are present. Firms may also “bundle” multiple minor or technical apparent violations into a single submission, if such apparent violations occurred within the prior quarter.

OEE offered several examples of “minor or technical” violations, including immaterial Electronic Export Information filing errors and the incorrect use of one license exception where another license exception was available.

“Significant” Violations Track

For VSDs that concern a “significant violation,” firms should follow the prior procedures, including submission of a full narrative report.

The rule notes that parties unsure whether a disclosure involves a minor or technical violation or a significant violation are advised to follow the procedures for disclosing a significant violation.

Following disclosure of a “significant” apparent violation, OEE will conduct an investigation and may, depending on the facts and circumstances of the case, issue a warning letter or initiate an administrative enforcement proceeding. OEE may also refer the matter to DOJ for criminal prosecution.

b. Treatment of Unlawfully Exported Items

The final rule revises the EAR with regards to the treatment of unlawfully exported items. Consistent with a 2024 policy memorandum, the final rule clarifies that OEE authorizes any person, not just a party submitting a VSD, to request permission to engage in corrective activities otherwise prohibited by Section 764.2(e) (often referred to as a “General Prohibition 10 Waiver”). The rule also authorizes firms to seek the return of any unlawfully exported item to the United States following notification to OEE and removes the need for firms to receive authorization from OEE for such return-related activities. Further, items that have been returned to the United States do not require additional authorization from OEE, provided that those future activities comply with any applicable EAR requirements. This change is likely due in part to the increase in General Prohibition 10 Waiver requests related to items exported, reexported, or transferred (in-country) to Russia and Belarus (including aircraft) following the imposition of strict export controls on these destinations.

Any re-export from abroad or transfer outside of the United States of an item that has been the subject of a self-disclosure would require a license from BIS.

2. Nondisclosure as Aggravating Factor

Assistant Secretary Axelrod previously explained in a January 2024 speech at NYU Law School, “when someone affirmatively chooses not to file a VSD, [BIS] want[s] them to know that they risk incurring concrete costs.”

Consistent with that statement and previous policy memoranda, the final rule confirms that BIS will consider a deliberate decision by a firm not to disclose a significant apparent violation to be an aggravating factor when determining what administrative penalty, if any, should be applied.

A “deliberate decision” occurs when a firm uncovers a significant apparent violation but then chooses not to file a VSD.

The rule adds a new Aggravating Factor D to the BIS Penalty Guidelines for “[f]ailure to disclose a significant violation.”

3. Penalty Guidelines and Increased Discretion

The final rule enhances OEE’s discretion in calculating potential penalties for apparent violations in several significant ways.

First, the rule removes the base penalty caps for non-egregious cases and instead links penalties to transaction value and other circumstances.

As a result, for non-egregious VSD cases, the base penalty amount is no longer capped at a maximum of $125,000, but is instead capped at one-half of the transaction value. For a non-egregious case that is not initiated by a VSD, the base penalty amount is no longer capped at $250,000, but is instead capped at the full transaction value. The rule describes this change as permitting OEE to “impose penalties with sufficient deterrent effect in situations where transaction values are high.”

For egregious VSD cases, the base penalty amount is capped at one-half of the statutory maximum—which is $364,992 or twice the full transaction value, whichever is greater. For an egregious case that is not initiated by a VSD, the base penalty amount is capped at the statutory maximum.

Second, the rule permits BIS to issue non-monetary resolutions for non-egregious conduct that has not resulted in serious national security harm yet nonetheless merits stronger response than a no-action or warning letter. The final rule indicates that such resolutions are likely to “require remediation through the imposition of a suspended denial order with certain conditions, such as training and compliance requirements.”

Third, the final rule removes from the Penalty Guidelines all specific percentage ranges for potential penalty reduction based on mitigating factors. As the rule explains, “[t]he inclusion of specific percentage ranges for some mitigating factors and not for other factors led parties to incorrect assumptions about the range of reduction to which they were entitled.” With the revisions, “OEE is making clear that the civil monetary penalty will be adjusted (up or down) to reflect the applicable factors for administrative action set forth in the BIS Penalty Guidelines.”

Fourth, the final rule amends Aggravating Factor C, “Harm to Regulatory Program Objectives,” to include transactions that enable human rights abuses as a specific consideration when assessing the potential impact of an apparent violation on U.S. foreign policy objectives.

Fifth, the final rule amends General Factor E (previously D), for “Individual Characteristics,” by expanding the scope of past corporate criminal resolutions that OEE may consider when calibrating an enforcement response. Previously, this factor only mentioned prior conviction of an export-related criminal violation. As revised, it includes not only where a respondent has been convicted or entered a guilty plea, but also where a party has entered into any other type of resolution with the Department of Justice or other authorities, including a Deferred Prosecution Agreement or a Non-Prosecution Agreement.

4. Exceptional Cooperation for Third-Party Tips

As explained by Assistant Secretary Axelrod in his January 2024 speech, BIS seeks to ensure a “level playing field” for compliance-minded firms, recognizing that rule-following firms can suffer as firms that flout regulations book business.

The revised Penalty Guidelines now clarify that disclosure of conduct by others that leads to an enforcement action counts as “exceptional cooperation.” BIS will provide cooperation credit for such tips in “a future enforcement action, even for unrelated conduct,” if such an action is ever brought.

The decision to provide cooperation credit for tips as to suspected third-party violations is unusual and marks a significant departure from other VSD programs with uncertain implications for industry.

5. Chief of Corporate Enforcement

Mirroring action taken by the Department of Justice’s National Security Division (“NSD”) in 2023, BIS announced the appointment of Raj Parekh as the agency’s first Chief of Corporate Enforcement. An accompanying press release to the final rule indicates that Mr. Parekh will “serve as the primary interface between BIS’s special agents, the Department of Commerce’s Office of Chief Counsel for Industry and Security, and the Department of Justice,” with the aim of “advance[ing] significant corporate investigations.”

Mr. Parekh joins BIS from the U.S. Attorney’s Office for the Eastern District of Virginia, where he served as Acting U.S. Attorney. He previously worked at DOJ NSD, and the press release notes that this appointment “further reflect[s] BIS’s commitment to this effort.”

Conclusion

In his January speech, Assistant Secretary Axelrod touted the early successes of recent changes to BIS’s VSD program. Specifically, BIS received nearly 80 percent more VSDs containing potentially serious violations in FY2023 than in FY2022, even as the overall number of VSDs remained relatively constant. BIS also experienced a 33 percent uptick in third-party disclosures from industry.

The revised rule reflects BIS’s continued focus on corporate compliance with export controls and the increased centrality of economic statecraft to U.S. national security policy. It also demonstrates that BIS seeks to focus its investigative resources on infractions most likely to damage U.S. national security interests, and its willingness to impose steeper penalties to incentivize compliance. In April 2023, for instance, BIS announced the largest standalone penalty in the agency’s history—a $300 million civil penalty against affiliates of a technology company that allegedly sold hard disk drives to Huawei Technologies Co. Ltd. BIS is not alone in this prioritization, with CFIUS announcing in August 2024 that it imposed the largest penalty in its history—$60 million—for the breach of a mitigation agreement that resulted in harm to U.S. national security equities, and the Treasury’s Office of Foreign Assets Control levying two of the largest civil penalties in its history last year, including a $968 million settlement, for violations of U.S. sanctions law.

In addition, over the last two years, officials at DOJ have sounded a drumbeat of announcements indicating that criminal enforcement of U.S. export control and sanctions law is one of their highest priorities, with the Department hiring 25 new NSD prosecutors to “investigate national security-related economic crimes” and the publication of an updated NSD Enforcement Policy that “strongly encourages companies to voluntarily self-disclose directly to NSD all potentially criminal … violations of the U.S. government’s export control and sanctions regimes.”

While a decision to submit a voluntary self-disclosure will be the result of considering many factors, BIS is seeking to raise the consequences of a decision not to submit a self-disclosure where aggravating factors are present. The factors highlighted in this new rule, as well as the heightened importance of international trade controls in the United States’ response to global challenges, should remain at the forefront when considering a voluntary self-disclosure of any apparent export control violations to BIS or other regulators.

[1] See Memorandum from Bureau of Indus. & Sec., Further Strengthening Our Administrative Enforcement Program (June 30, 2022), https://www.bis.gov/sites/default/files/files/Administrative%20Enforcement%20Memo.pdf; Memorandum from Bureau of Indus. & Sec., Clarifying Our Policy Regarding Voluntary Self-Disclosures and Disclosures Concerning Others (Apr. 18, 2023), https://www.bis.gov/sites/default/files/files/VSD%20Policy%20Memo%20%2804.18.2023%29.pdf; Memorandum from Bureau of Indus. & Sec., Further Enhancements to Our Voluntary Self-Disclosure Process (Jan. 16, 2024), https://www.bis.gov/sites/default/files/files/VSD%20MEMO.pdf.

The following Gibson Dunn lawyers prepared this update: Cody Poplin, Christopher Timura, David Burns, Adam M. Smith, Stephenie Gosnell Handler, Samantha Sewall, Chris Mullen, and Audi Syarief.

Gibson Dunn lawyers are monitoring the proposed changes to U.S. export control laws closely and are available to counsel clients regarding potential or ongoing transactions and other compliance or public policy concerns.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these issues. For additional information about how we may assist you, please contact the Gibson Dunn lawyer with whom you usually work, the authors, or the following leaders and members of the firm’s International Trade practice group:

United States:
Ronald Kirk – Co-Chair, Dallas (+1 214.698.3295, [email protected])
Adam M. Smith – Co-Chair, Washington, D.C. (+1 202.887.3547, [email protected])
Stephenie Gosnell Handler – Washington, D.C. (+1 202.955.8510, [email protected])
Christopher T. Timura – Washington, D.C. (+1 202.887.3690, [email protected])
David P. Burns – Washington, D.C. (+1 202.887.3786, [email protected])
Nicola T. Hanna – Los Angeles (+1 213.229.7269, [email protected])
Courtney M. Brown – Washington, D.C. (+1 202.955.8685, [email protected])
Samantha Sewall – Washington, D.C. (+1 202.887.3509, [email protected])
Michelle A. Weinbaum – Washington, D.C. (+1 202.955.8274, [email protected])
Mason Gauch – Houston (+1 346.718.6723, [email protected])
Chris R. Mullen – Washington, D.C. (+1 202.955.8250, [email protected])
Sarah L. Pongrace – New York (+1 212.351.3972, [email protected])
Anna Searcey – Washington, D.C. (+1 202.887.3655, [email protected])
Audi K. Syarief – Washington, D.C. (+1 202.955.8266, [email protected])
Scott R. Toussaint – Washington, D.C. (+1 202.887.3588, [email protected])
Claire Yi – New York (+1 212.351.2603, [email protected])
Shuo (Josh) Zhang – Washington, D.C. (+1 202.955.8270, [email protected])

Asia:
Kelly Austin – Hong Kong/Denver (+1 303.298.5980, [email protected])
David A. Wolber – Hong Kong (+852 2214 3764, [email protected])
Fang Xue – Beijing (+86 10 6502 8687, [email protected])
Qi Yue – Beijing (+86 10 6502 8534, [email protected])
Dharak Bhavsar – Hong Kong (+852 2214 3755, [email protected])
Felicia Chen – Hong Kong (+852 2214 3728, [email protected])
Arnold Pun – Hong Kong (+852 2214 3838, [email protected])

Europe:
Attila Borsos – Brussels (+32 2 554 72 10, [email protected])
Patrick Doris – London (+44 207 071 4276, [email protected])
Michelle M. Kirschner – London (+44 20 7071 4212, [email protected])
Penny Madden KC – London (+44 20 7071 4226, [email protected])
Irene Polieri – London (+44 20 7071 4199, [email protected])
Benno Schwarz – Munich (+49 89 189 33 110, [email protected])
Nikita Malevanny – Munich (+49 89 189 33 224, [email protected])
Melina Kronester – Munich (+49 89 189 33 225, [email protected])
Vanessa Ludwig – Frankfurt (+49 69 247 411 531, [email protected])

The new regulations control quantum computing, advanced semiconductor items, and additive manufacturing technologies.

On September 6, 2024, the Department of Commerce’s Bureau of Industry and Security (BIS) published new regulations to control certain advanced and emerging technologies, including quantum computing, semiconductor manufacturing equipment, Gate All-Around Field-Effect Transistor (GAAFET) technology, and additive manufacturing.[1] The regulations—which were effective when issued but published as an interim final rule (IFR)—are noteworthy because they introduce tools to both build and recognize new ad hoc agreements with like-minded nations on export controls to regulate advanced and emerging technologies, an objective that has been more and more out of reach due to the inability to achieve consensus through the broader multilateral Wassenaar Arrangement (WA) process. This IFR is a key example of BIS’s efforts to enhance international collaboration among U.S. allies and key suppliers of critical inputs for advanced and emerging technologies to implement consistent export controls. Specifically, in the regulations, BIS creates a new License Exception Implemented Export Controls (IEC) to recognize and reward countries who impose similar export controls with easier access to the technology, software, and commodities that enable the development of emerging technologies. BIS also continues a several-year experiment with modified deemed export controls. The new deemed export control framework created by the regulations will help ensure that the United States retains and continues to attract the international talent now working with U.S. universities, research institutes, and companies in advanced and emerging technologies and that BIS’s new export controls will not disrupt the work of non-U.S. collaborators with individual license requirements for foreign nationals on their teams. The regulations became effective on September 6, 2024, however, parties transferring certain quantum technologies to Wassenaar participating states are not required to comply with corresponding license requirements until November 5, 2024.

I. Major features of the Interim Final Rule

BIS’s first step toward reaching a new agreement among like-minded countries on the regulation of advanced and emerging technologies represents a departure from BIS’s typical process of achieving consensus through iterative working group and plenary meetings of the WA. The WA is a voluntary agreement among participating states (today 42 states participate) to control the export of conventional arms and certain dual-use goods to contribute to regional and international security. Although certain states such as Israel, the People’s Republic of China, and Singapore do not participate in WA, the influence of the WA control lists extends beyond the current membership of the WA because many non-participating countries opt to adopt most or all of the same control parameters and exclusions into their own national controls. The specific items that are described on the WA control lists change from year to year through the adoption of amendments to the control lists at annual plenary meetings. However, the ability of the United States and many like-minded countries to reach consensus on the adoption of new controls on several advanced and emerging technologies has been stymied in recent years by the refusal of the Russian Federation, among others, to support the imposition of new controls.

In its new regulations, BIS seeks to encourage the development of new plurilateral controls outside the WA and without the Russian Federation’s support. Since the export control reform efforts of the 2010s, the United States and many observers have described the goal of U.S. export controls as building higher fences around smaller yards. The new framework is designed to enable the United States to coordinate faster fence building in other countries’ yards where critical advances in emerging technologies are also occurring. In the IFR, BIS achieves this aim by imposing new permutations of world-wide licensing requirements on the export, reexport, and in-country transfer (collectively, “export”) of specified items and by creating a new license exception—License Exception IEC—which authorizes exports to and among countries who implement similar export control licensing requirements on these technologies.

Adds new, and revises existing Export Control Classification Numbers (ECCNs) to identify controls on emerging advanced quantum computing, semiconductor manufacturing, GAAFET technology, and additive manufacturing technologies

BIS imposes its new, worldwide licensing requirements on the targeted technologies through amendments to the Export Administration Regulations’s (EAR’s) Commerce Control List (CCL)[2] which now includes additional ECCN entries for certain commodities, software, and technology that enable the design, manufacture, and functionality of (1) quantum computers, (2) semiconductor devices and circuitry, (3) high-performance computing chips, and (4) additive manufacturing items that produce metal or metal alloy components. Examples of listed items in the interim rule include quantum computers and related electronic assemblies and components; cryogenic cooling systems and components; complimentary metal-oxide semiconductor (CMOS) integrated circuits; technology for the development or production of integrated circuits or devices, using GAAFET structures; additive manufacturing equipment, designed to produce metal or metal alloy components; and, technology related to coating systems; among others. The newly-controlled commodities, software, and technology can be found at the following ECCNs: 2B910, 2D910, 2E903, 2E910, 3A901, 3A904, 3B903, 3B904, 3C907, 3C908, 3C909, 3D901, 3D907, 3E901, 3E905, 4A906, 4D906, and 4E906. The IFR also revises the following nine ECCNs: 2E003, 3A001, 3B001, 3C001, 3D001, 3D002, 3E001, 4D001, and 4E001, which are ECCNs that have historically reflected WA controls, to include certain newly-controlled items.

BIS also amends the EAR to enable the agency to more easily identify these and other emerging technologies that it plans to make subject to non-WA-based worldwide export control licensing requirements. Specifically, these items will be assigned ECCNs with a third digit of “9” and the fourth digit as a number from 0 to 7 (i.e., 3A901).

BIS creates a new license exception and adopts new licensing policies that favor exports to like-minded and allied countries

While the new controls on emerging technologies are similar to BIS’s existing controls on other ECCNs controlled for national security and regional stability reasons, BIS will make available a more limited set of license exceptions and will apply different licensing review policies. BIS amends the EAR to create a new License Exception IEC, which authorizes the export of specific technologies to countries that have agreed to adopt the same technical parameters and restrictions in their own export control regimes. And for those countries who have not adopted similar controls, BIS will apply new license review policies that are keyed to the EAR’s country groups, reflective in part of a given state’s participation in different multilateral agreements and U.S. national security determinations and arms embargoes.[3] Thus, when a proposed export involves items controlled by one of the new or modified ECCNs to a country that has not yet implemented similar controls, BIS will apply a presumption of approval for destinations specified in Country Groups A:1 (which includes all WA countries), A:5, and A:6, a presumption of denial for destinations specified in Country Groups D:1 (countries designated for U.S. national security reasons) and D:5 (countries subject to U.S. or UN arms embargoes), and a case-by-case review policy for destinations for the remaining balance of countries.

Alongside the creation of the new License Exception IEC, BIS makes a procedural change to more immediately reward countries that adopt parallel controls. Specifically, BIS bypasses the need to publish every change related to IEC exception availability through Federal Register notices. BIS does this by developing a mechanism to more quickly identify countries that have implemented the same controls through a cross-referenced list that will be available outside of the Federal Register publication. This new License Exception IEC Eligible Items and Destinations list will be maintained by BIS, hosted by the National Archives and Records Administration, and made available by a BIS website hyperlink. By maintaining the list outside of the Federal Register, BIS will be able to more quickly expand the applicability of License Exception IEC by ECCN and by country when a given country adopts sufficient controls. Were BIS obligated to reflect each of these changes in Federal Register notices, collaborators in the United States and like-minded countries would possibly need to wait months, rather than weeks or days, after their governments reached agreement on new controls to take advantage of the new IEC authorization.

BIS uses General Orders to grandfather and authorize exports of specific advanced technologies in recognition of a limited, global talent pool

Over the past two years, BIS has grappled with the challenge of ensuring its new controls on emerging technologies do not disrupt ongoing work involving foreign nationals in the United States or dissuade talented foreign nationals from seeking employment in the United States or in other countries whose companies collaborate with U.S. companies. This disruption can occur when licensing controls are placed on the release of software and technology to non-U.S. persons. These transfers to non-U.S. persons located in the United States are referred to as “deemed exports,” because the release of controlled technology and software to foreign persons is deemed to be an export to the person’s most recent country of citizenship or legal permanent residence. Similarly, a deemed reexport occurs when software or technology is released to a foreign person of a country other than the foreign country of the entity authorized to receive the controlled technology (e.g., a Syrian national employed by a company in France). Given the scarcity of individuals with expertise in many areas of emerging technology and that many specially trained foreign nationals come from jurisdictions that often trigger export control licensing requirements such as China, BIS’s new approach to foreign national licensing is critical to ensuring that the United States does not undermine ongoing work involving emerging technologies and that U.S. companies can continue to recruit the talent they need to advance such activities.

BIS’s experiment with foreign national licensing in the context of advance technology exports started in October 2022, when BIS included an exclusion from the requirement to seek deemed export licenses for certain advanced semiconductor controls and other specified items, such as items related to advanced computing chips and computer technologies, controlled for new “regional stability” purposes. In October 2023, BIS issued additional semiconductor controls and clarifications, which included updated ECCN item tables so as to “not undermine the deemed export and reexport exclusion.”[4] BIS underscored in the same interim rule its interest in receiving comments from businesses on the impact of deemed export provisions which BIS could use to better inform potential additional changes to deemed export licensing requirements. Finally, in April 2024, BIS released its most recent round of clarifications concerning semiconductor controls and reiterated that such controls did not require licensing for the deemed export or reexport of items controlled for “national security” reasons.

The present IFR introduces a few new permutations of deemed export authorizations. The first authorization grandfathers U.S. and non-U.S. entities who had hired foreign national contractors or employees to advance their work as of the effective date of BIS’s new controls (i.e., September 6, 2024), except for those working with certain GAAFET technology.[5] BIS also opted to wholly exclude from deemed export and reexport requirements the release of certain advanced semiconductor technology and software and to partially exclude other semiconductor manufacturing and quantum technology and software for all foreign nationals except those from Group D:1 countries, which are subject to U.S. national security export licensing requirements, and D:5 countries, which are subject to U.S. or United Nations arms embargoes.[6]

To authorize Group D:1 and Group D:5 foreign nationals’ access to controlled software and technology, BIS issues more specific authorizations through general orders, which provide the required authorization subject to certain reporting requirements. One general order authorizes Group D:1 and Group D:5 foreign nationals working as contractors or employees of entities and having access to the newly controlled GAAFET technology, provided that the individuals were supporting GAAFET technology projects as of September 6, 2024.[7] BIS also created a parallel authorization for foreign nationals from the same jurisdictions supporting work with newly controlled quantum technologies, though without a restriction on when these foreign nationals were hired or assigned to supporting these projects.[8] To take advantage of the general licenses, exporters are obligated to file annual reports with BIS (due for 2024 on November 4, 2024 and on February 1 for every year thereafter) that detail the GAAFET and quantum software and technology that the foreign nationals are using or to which they otherwise receiving access in their work, as well as reports concerning the voluntary or involuntary termination of such employees.

Although the Federal Register notice does not offer a specific rationale for the new annual reporting requirements, BIS will be able to use the information gathered to help trace where the contractors and employees authorized to work with these advanced technologies go when their work terminates. In accordance with newly added 15 C.F.R. §§ 743.7 and 743.8, entities must report the identity of the foreign personnel, the specific technology in question, when the person is terminated, and whether, upon termination, the person intends to go to a destination specified in Country Group D:1 or D:5. The introduction of a regulatory requirement to that will allow BIS to track the movement of foreign national employees who are advancing the leading edges of emerging technologies is unprecedented, but may serve as the model for similar authorizations that BIS will extend to foreign nationals working with other emerging technologies.

Use of the export, reexport, and deemed export and reexport licenses set forth in clauses (f)(1) and (f)(2) of General Order No. 6 (which license certain GAAFET exports, reexports, and deemed exports and reexports ongoing prior to September 6, 2024) are also conditioned on the specific application of the technology and software. In particular, although these general licenses extend to companies located in Country Groups A:5 and A:6, they expressly exclude any companies that are working at the direction of companies headquartered or whose ultimate parent is located in a sensitive jurisdiction (Country Groups D:1 or D:5) to develop or produce certain controlled items. Thus, for example, the authorization could not be used to support GAAFET or quantum development or production projects being directed by companies in China or other listed jurisdictions.

II. More fences around more yards, more quickly

The set of amendments that BIS implements through the IFR are among the more complex we have seen. The rule reflects the increasingly innovative tools BIS is employing to address the complicated issues that have arisen over the last two years in imposing controls on emerging technologies advanced semiconductor, semiconductor manufacturing, and supercomputing technologies. Moreover, BIS’s new License Exception IEC and novel use of grandfathering and general orders to mitigate the impact of new controls on the multinational teams collaborating to advance emerging technologies, among other rule features, constitute a playbook, and a new set of regulatory tools, for BIS to recruit like-minded countries to implement important controls outside of the consensus restraints associated with the WA.

Other countries are already adopting equivalent export controls concerning quantum computing and other technologies that will make them eligible for License Exception IEC. For example, on September 7, 2024, a day after the IFR took effect, the Netherlands amended its Regulation on Advanced Production Equipment for Semiconductors to require chip manufacturing giant ASML to apply for a Netherlands export license—rather than a U.S. export license—in order to export its TWINSCAN NXT:1970i and 1980i DUV immersion lithography systems outside the European Union. This amendment, which follows the Netherlands’ original restrictions targeting deep ultraviolet light machines (promulgated in September 2023), has the practical effect of building new walls around the flow of semiconductor manufacturing equipment to sensitive jurisdictions like China. ASML noted in an official statement, that it “believes this requirement will harmonize the approach for issuing export licenses.”

We expect other nations to similarly mirror IEC items licensing requirements and potential exclusions for quantum computing and other emerging technologies in the coming months. In response to the U.S. controls, as well as any potential future controls imposed by like-minded states, companies in the quantum computing, semiconductor manufacturing, GAAFET technology, and additive manufacturing industry should re-evaluate their previous item classifications, update deemed export and reexport policies as needed, and ensure that any required reports are filed in a timely manner. Companies operating in these industries should also evaluate the potential applicability of License Exception IEC—as well as related licensing policies—to their products. Finally, companies in these industries may wish to consider revising or re-evaluating human resources policies in order to more effectively comply with the above-described controls and authorizations relating to foreign nationals’ access to controlled software and technology.

[1] See Commerce Control List Additions and Revisions; Implementation of Controls on Advanced Technologies Consistent With Controls Implemented by International Partners, 89 Fed. Reg. 72,926 (Sept. 6, 2024).

[2] See 15 C.F.R. Part 774, Supplement No. 1.

[3] See 15 C.F.R. Part 740, Supplement No. 1.

[4] Implementation of Additional Export Controls: Certain Advanced Computing Items; Supercomputer and Semiconductor End Use; Updates and Corrections, 88 Fed. Reg. 73,458, 73,485 (Oct. 25, 2023) (codified at 15 C.F.R. § 774, Supplement No. 1).

[5] Commerce Control List Additions and Revisions; Implementation of Controls on Advanced Technologies Consistent with Controls Implemented by International Partners, 89 Fed. Reg. 72,926, 72,929 (Sept. 6, 2024) (to be codified at 15 C.F.R. §§ 742.4(a)(5)(i) &742.6(a)(10)(i)).

[6] Id. at 72,929.

[7] Id. at 72,936 (to be codified at 15 C.F.R. Part 736, Supplement No. 1 , General Order No. 6, subsections (f)(1) and (f)(2)).

[8] Id. at 72,936 (to be codified at 15 C.F.R. Part 736, Supplement No. 1 , General Order No. 6, subsection (f)(3)).

The following Gibson Dunn lawyers prepared this update: Nicole Martinez, Christopher Timura, Chris Mullen, Zach Kosbie, Stephenie Gosnell Handler, and Adam M. Smith.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these issues. For additional information about how we may assist you, please contact the Gibson Dunn lawyer with whom you usually work, the authors, or the following leaders and members of the firm’s International Trade practice group:

*Nicole Martinez, an associate in the firm’s New York office, is not admitted in New York.

We are pleased to provide you with Gibson Dunn’s ESG update covering the following key developments during July and August 2024. Please click on the links below for further details.

I. GLOBAL

The Network for Greening the Financial System (NGFS) publishes two complementary reports on nature-related risks

On July 2, 2024, NGFS published two reports. The first report is the final version of the Conceptual Framework for nature-related financial risks, which will provide policy guidance for central banks and financial supervisors. The NGFS published its initial version of this report in September 2023, but the final Conceptual Framework includes two cases to exemplify the application of the risk assessment framework to freshwater and forest ecosystems.

The second report outlines the key emerging trends related to nature-related litigation, including cases concerning biodiversity loss, ocean degradation and carbon sinks, and explores the potential relevance for central banks and the financial system. The two reports are complementary: the Conceptual Framework outlines the broad framework for nature-related risks, the second report aims to raise awareness more specifically about nature-related litigation risks.

The Taskforce on Nature-related Financial Disclosures (TNFD) and Glasgow Financial Alliance for Net Zero (GFANZ) to launch separate consultations on nature and transition plans

On July 4, 2024, the TNFD, a global organization established to provide companies with a framework to quantify and disclose nature-related financial risks and opportunities, announced a new consultation which will focus on what a nature transition plan should include and how it should be disclosed. It will ask organizations to “describe the effect nature-related dependencies, impacts, risks and opportunities” have had on the organization’s business strategy and financial planning. The TNFD plans to publish its final guidance in Q2 of 2025.

GFANZ’s consultation will focus on how nature could be further considered in its net-zero transition plan (NZTP) framework, which will cover how nature-related levers can support net-zero implementation. The GFANZ has 36 members from across the net-zero alliances working on this initiative and aims to publish voluntary supplemental guidance on nature in NZTP in Q1 of 2025.

NGFS publishes information note “Improving Greenhouse Gas Emissions Data”

On July 16, 2024, the NGFS published an information note on improving greenhouse gas (GHG) emissions. The NGFS focuses on GHG emissions data because it is one of the most significant data gaps and is a key factor in monitoring progress towards the transition to a low-carbon economy.

In its note, the NGFS expert network presents practical examples of how NGFS members use GHG emissions data, for example to classify bond issuers based on emission intensity. Such classification of bonds presents numerous practical challenges, such as discrepancies in the calculation of emissions metrics. NGFS’ guidance provides a set of collaborative measures and best practices that can tackle these challenges.

Among other items, the note states that financial institutions need to accelerate their collection of data on financed emissions. It also suggests that central banks, supervisors and regulators could provide information through their websites to increase supervised entities’ awareness of the importance of sustainability indicators.

NGFS publishes their 2023 Annual Report

On July 25, 2024, the NFGS published its Annual Report for the year 2023. In this Annual Report, NGFS announced a growth in membership numbers with 13 new members and two new observers. Among the main issues that the NGFS focused on in 2023 was the potential use of transition plans from a micro prudential perspective, the enrichment of its long-term climate scenarios to prepare a theoretical note which would help develop a first set of short-term climate scenarios to help the financial system assess the economic impact of climate-related risks and held a number of knowledge and best practices sharing workshops, including on climate-related disclosures for central banks. 2023 was also a prolific year for publications as the NGFS also launched works on nature-related risks and a report on blended climate finance on ways to deploy private capital for climate mitigation and adaptation.

Science Based Targets initiative (SBTi) publishes papers as part of its consultation on the SBTi Corporate Net-Zero Standard

On July 30, 2024, the SBTi published four technical papers as an early step in the process of reviewing the SBTi Corporate Net-Zero Standard. The publications focus on reviewing the approach to scope 3 emissions which on average account for 75% of a company’s emissions.

The scope 3 discussion paper outlines the SBTi’s initial considerations for refining scope 3 emissions targets, which includes encouraging companies to focus on reducing critical emission sources instead of relying on carbon credits. The paper outlines scenarios where carbon credits from outside the value chain may support evidence of corporate decarbonization or offset residual emissions, but stresses that credits should not replace direct value chain decarbonization.

The International Accounting Standards Board (IASB) provides illustrative examples on reporting climate-related effects and other uncertainties in financial statements

On July 31, 2024, the IASB published a consultation document with eight different examples on how companies can apply the IFRS Accounting Standards when reporting on the effects of climate-related and other uncertainties in their financial statements, aiming to provide guidance on how the requirements in the Standards should be applied to provide investors with better information about this sort of risks. The illustrative examples come in response to requests from stakeholders concerned that the information they were reporting was insufficient or inconsistent with information provided outside the financial statements, particularly information reported in other general purpose financial reports. The examples focus on areas such as materiality judgments, disclosures about assumptions, credit risk, decommissioning and restoration provisions and disaggregated information. The IASB has opened a consultation process to invite stakeholders to provide feedback on the proposed examples. The deadline for submitting comment letters is November 28, 2024.

In case you missed it…

Banks get International Capital Market Association (ICMA) and Loan Market Association (LMA) guidance on using bonds to fund sustainability-linked loan portfolios

On June 25, 2024, the ICMA and LMA jointly published new Guidelines for Sustainability-linked Loans Financing Bonds (SLLBs). The guidelines recommend transparency and disclosure for issues of SLLBs. For SLLBs to align with the guidelines, issuers must adhere to the four core components, which cover:

the use of proceeds;
the process for sustainability-linked loans evaluation and selection;
the management of proceeds;
and the reporting of information on portfolios.

Per the guidelines, issuers should also explain the alignment of their SLLBs in a framework document and ensure that external reviews are carried out and made publicly available.

II. UNITED KINGDOM

The King’s Speech sets out 40 bill proposals from the new Labour government under which the party aim to boost industry growth and bring major changes to workers’ rights

On July 17, 2024, King Charles delivered the new UK Prime Minister’s legislative agenda in the King’s Speech at the state opening of parliament. Prime Minister Sir Keir Starmer has proposed 40 bills which he claims will commence “a decade of national renewal”. Amongst the bills outlined were several planning and transport proposals including the renationalization of Britain’s rail operators, greater power for local councils to develop their own bus services and the removal of potential obstacles to new housing developments in selected areas.

A notable proposal in the energy sector are plans for a new state-run company, GB Energy, which will be set up to manage and operate Britain’s clean energy projects. The new Labour government also intends to improve worker rights by banning zero-hours contracts which they consider exploitative, end “fire and rehire” practices as a means of employers unilaterally amending workers’ terms and conditions, making flexible working a day one right for all workers and improving access to parental leave and sick pay for new employees. The proposals would also remove previous Conservative legislation which placed restrictions on the ability of trade unions to take strike action which has been welcomed by unions.

The new Labour government sets a record budget for this year’s renewable energy auction

On July 31, 2024, the UK’s Energy Secretary announced a £1.5 million budget for this year’s renewable energy auction, an increase of £500 million from last year’s budget. Each year the UK government holds an auction to encourage companies to bid for green energy projects to supply the UK national grid with electricity, for which they will receive a guaranteed price for the electricity generated from the government. Last year, there were no bids for offshore wind power projects as they were considered unviable due to their low price. In response, the former Conservative government significantly increased the guaranteed price for such projects last year. The new Labour government aims to quadruple Britain’s offshore wind power by 2030, and therefore the majority of this year’s budget will be directed towards such projects.

Financial Conduct Authority (FCA) publishes downloadable labels for distributors subject to Sustainability Disclosure Requirements and investment labeling regime

On July 31, 2024, firms subject to the FCA’s labeling scheme were allowed to begin using the fund labels, which aim to tackle greenwashing. Firms are required to notify the FCA when using an investment label and have until December 2, 2024 to ensure the labeling of their funds are compliant.

The labeling scheme includes four labels for sustainable funds:

Sustainability Improvers: funds that invest in assets that may not currently be sustainable but aim to improve their sustainability profile over time;
Sustainability Impact: funds that invest in assets with clearly “pre-defined, positive, measurable impact in relation to an environmental and/or social impact”;
Sustainability Focus: funds that invest in other sustainable assets; and
Sustainability Mixed Goals: funds that invest in a combination of assets from the above three categories.

To comply with the FCA labeling rules, asset managers need to demonstrate that at least 70% of the fund’s assets support the label of choice.

New bill proposed to regulate ESG rating agencies

On August 8, 2024, the UK’s Chancellor of the Exchequer announced a bill proposed by the new Labour government to regulate ESG rating agencies. ESG rating agencies are unregulated, electing to follow a voluntary code of conduct instead. This bill aims to enhance transparency and accountability in the ESG space and alleviate current concerns about the lack of consistency amongst ESG ratings provided by different agencies. ESG ratings play a key role in the direction of sustainability investments and the current inconsistency has led to investor confusion. It is envisaged that this new legislation will make it easier for investors to make informed decisions, as well as mirroring similar regulatory measures being taken in the EU.

Royal Institute of Chartered Surveyors (RICS) issues new guides on Whole Life Carbon Assessment (WLCA) for the built environment

The RICS 2^nd edition was published in September 2023 and is effective from July 1, 2024. RICS members now need to follow the 2^nd edition standard’s requirements when completing a WLCA.

The transition from the 1^st to the 2^ndedition of the RICS WLCA marks a move towards a more comprehensive and integrated approach to carbon measurement in the built environment. The RICS’ guides support the new ‘Whole life carbon assessment, RICS – 2^nd Edition’ tool, which was created to meet the requirements of the RICS 2^nd edition. The tool will enable measurement of whole-life carbon emissions, manage carbon budgets, reduce life cycle emissions and deliver a net-zero future for the built environment.

The tool can be applied to any type of construction or built asset in the UK involving (i) new constructions or new-build assets; (ii) demolition of existing and construction of new assets; (iii) retrofit or refurbishment of existing assets; and (iv) fit-out of built assets. However, it cannot be used for infrastructure assets or civil engineering works.

Oceana UK files legal challenge, calling recent oil & gas license “unlawful”

Oceana UK has filed a case at the High Court challenging fossil fuel exploration licenses in UK waters. In the claim, Oceana alleges that the previous UK government’s decision to issue 31 new oil and gas licenses in May 2024 was unlawful because it failed to consider the extreme impact of oil spills on marine life, as well as on several other grounds. Oceana and other members of the Ocean Alliance Against Offshore Drilling have now written to Ed Miliband, the Secretary of State for Energy Security and Net Zero in the new Labour government, urging the new government to concede the case and signal a commitment to, and clear departure from, reliance on fossil fuels.

III. EUROPE

European Parliament publishes study on the current implementation of the Sustainability-related Financial Disclosures Regulation (SFDR)

On July 3, 2024, the European Parliament published a study on the SFDR. The study was provided by the Policy Department for Economic, Scientific and Quality of Life Policies at the request of the Committee on Economic and Monetary Affairs.

The SFDR is the centerpiece of the sustainable finance strategy for funds and other financial products. However, its provisions are too complex and don’t interact effectively with provisions shaping corporate reporting, indexes, or client preferences. The study states that a revised SFDR should aim to include more recognizable product labels or categories which will: enable transition investments; smoothly interact with corporate reporting; and expand the scope of disclosure obligations.

The European Securities and Markets Authority (ESMA) issues Public Statement on the European Sustainability Reporting Standards (ESRS)

On July 5, 2024, ESMA published a statement on the ESRS in addition to its final report on the guidelines on enforcement of sustainability information. The public statement on the first application of the ESRS acknowledges the significant changes for the sustainability reporting practices due to the new EU requirements.

Both the statement and the report underline the areas of focus for in-scope companies preparing to issue their first sustainability statements due to be published in 2025 in accordance with the Corporate Sustainability Reporting Directive (CSRD). Significant points include the establishment of governance arrangements and internal controls, designing and conducting materiality assessments, and creating connectivity between financial and sustainability information.

Corporate Sustainability Due Diligence Directive (CSDDD) published in Official Journal

On July 5, 2024, the Official Journal of the European Union published the CSDDD, following its adoption by the European Parliament and the Council of the EU earlier this year. The CSDDD introduces a due diligence duty on large EU companies and non-EU companies with significant EU activity to address adverse human rights and environmental impacts in their own operations, their subsidiaries and their supply chains.

EU member states must transpose the CSDDD rules into national measures by July 26, 2026.

From July 26, 2027, the CSDDD measures will become applicable in stages, based on whether the company is based in the EU, its number of employees and turnover.

Companies can start to prepare by:

conducting risk assessments to identify actual and potential adverse impacts within their own operations, subsidiaries and value chains;
adopting measures to prevent or where this is not possible, minimize the identified adverse impacts; and
preparing suitable and fair contractual assurances to be included in direct and indirect business partner agreements.
New monitoring rules agreed for the EU Emissions Trading System (ETS)

On August 29, 2024 EU Member States represented in the Climate Change Committee endorsed an amendment to the Monitoring and Reporting Regulation proposed by the Commission.

The revisions agreed introduce zero-rating of emissions from the combustion of renewable fuels of non-biological origin, recycled carbon fuels and synthetic low carbon fuels in the EU ETS, subject to compliance with the criteria set out in the Renewable Energy Directive, ensuring that such emissions are properly accounted for.

The changes to the rules also include zero-rating of biomass fuels concerning the use of a recently established EU-wide database; detailed monitoring and reporting requirements for alternative aviation fuels; harmonization of small emitter thresholds; and monitoring and reporting requirements for non-CO2 aviation effects per flight.

The Association for Financial Markets in Europe (AFME) calls for UK’s green alignment with EU on its partnerships with the financial sector to deliver green growth

In its new paper, published last month, the AFME welcomed the UK’s new Labour government’s plans to make the UK a leading center for green finance while simultaneously encouraging the government to recognize that, in order to create opportunities for finance and investment to support green growth, conditions need to be in place to enable the real economy to transition. The AFME recommended that the government prioritize: (i) progression of UK Sustainability Reporting Standards which are aligned with the standards developed by the International Sustainability Standards Board; (ii) consulting on the adoption of transition plan disclosures for listed and unlisted companies; and (iii) following up on the recommendations of the Transition Finance Market Review to facilitate transition finance.

Further AFME recommendations include: (i) scaling up the role of blended finance; (ii) linkage of the UK ETS with the EU ETS; and (iii) before moving forward with delivering a UK Greem Taxonomy, wide engagement with companies and financial institutions to ensure that there is a clear use case for one.

The European Securities and Markets Authority (ESMA) publishes Guidelines on funds’ names using ESG or sustainability-related terms

On August 21, 2024, ESMA, ESMA, the EU’s financial markets regulator and supervisor, published the translations in all official EU languages of its Guidelines on funds’ names using ESG or sustainability-related terms. The Guidelines are aimed at ensuring that investors are protected against unsubstantiated or exaggerated sustainability claims in fund names, and to provide asset managers with clear and measurable criteria to assess their ability to use ESG or sustainability-related terms in fund names. The Guidelines will start to apply on November 21, 2024. Funds created on or after such date will be immediately subject to the Guidelines, while existing funds will be entitled to a six-month transitional period. By October 21, 2024, national competent authorities must notify ESMA whether they: (i) comply; (ii) do not comply, but intend to comply; or (iii) do not comply and do not intend to comply with the Guidelines.

IV. NORTH AMERICA

U.S. Attorneys General seek answers from asset managers regarding support for environmental shareholder proposals

On August 29, a group of 24 attorneys general sent letters targeting the “twenty-five large asset managers . . . who”—between 2020 and 2023—had “voted 75% or more of the time” in support of proposals that Institutional Shareholder Services (ISS) had recommended votes “for” and which Ceres had flagged in its climate-related proposals database. The letter raises concerns that these asset managers had failed in their fiduciary duties by outsourcing their voting responsibilities to ISS or others.

Large asset managers report declining support for environmental and social shareholder proposals during 2024 proxy season

On August 29, Vanguard released its 2024 U.S. Regional Brief disclosing its investment stewardship activities for the past proxy season. Vanguard-advised funds supported none of the 400 environmental and social shareholder proposals considered at U.S. portfolio companies’ meetings. The lack of support was attributed to Vanguard determining that “the proposals did not address financially material risks to shareholders,” “were overly prescriptive in their requests,” or repeated “previously filed proposals that companies [had] taken action to address.” Vanguard also noted that in some cases, it did not find a governance practice or disclosure gap that the proposal would address.

On August 14, BlackRock released its 2024 Investment Stewardship Voting Spotlight regarding its proxy voting and engagement activities in the most recent proxy season. BlackRock supported only 20 of the 493 global environmental and social proposals it voted on during the 2024 proxy season, as a “majority of [such] proposals . . . were overreaching, lacked economic merit, or sought outcomes that were unlikely to promote long-term shareholder value.” BlackRock also noted that some proposals concerned risks that companies had already addressed. The month before, BlackRock released new Climate and Decarbonization Stewardship Guidelines describing its approach to voting “on behalf of funds with explicit decarbonization or climate-related investment objectives.”

For more information on trends from the 2024 proxy season, including shareholder proposals, see our recent client alert.

Indiana sends BlackRock cease and desist order

On August 23, the office of the Secretary of State, Securities Division of Indiana issued a cease and desist order naming several BlackRock entities as engaged in alleged securities fraud in violation of Indiana law. In particular, the order alleges BlackRock made “various untrue statements of material fact” regarding its use and implementation of ESG standards. BlackRock had previously been placed on a watch list by the state’s Treasurer following the enactment of a law prohibiting the state’s public retirement system from investing assets with firms that use ESG principles in investment decisions.

Interfaith Center on Corporate Responsibility (ICCR) asks Business Roundtable for information on its opposition to the SEC’s climate rules

On August 22, 2024, ICCR announced it had sent a letter to the Business Roundtable (BRT) regarding the amicus brief it filed in June 2024 opposing the SEC’s climate rules. In particular, ICCR noted that the BRT’s position in the brief did “not appear to be aligned with the positions and values of many BRT members” and sought more information about the “governance process” that led to the brief’s submission.

Missouri Court strikes down anti-ESG investment rules

On August 14, 2024, a federal district court in Missouri granted summary judgment and a permanent injunction in favor of the Securities Industry and Financial Markets Association (SIFMA) in its challenge to certain state anti-ESG investment rules. The rules had required securities professionals and firms to collect signed consent forms from investors in the state before including social or nonfinancial objectives in investment advice or securities recommendations. The court held the rules were preempted by federal law and violated the First and Fourteenth Amendments.

Additional briefing submitted in U.S. Securities and Exchange Commission (SEC) climate rules litigation

On August 6, the SEC filed its consolidated response brief in the multi-district litigation challenging the climate-related disclosure rules adopted last Spring (and summarized here). The SEC asserted it had sufficient Congressional authority to adopt the rules; that it complied with the requirements of the Administrative Procedure Act when proposing and adopting the rules; and that the rules are consistent with the First Amendment of the U.S. Constitution. Filings by amici both in support and in opposition to the climate rules were subsequently filed on August 19, 2024. Oral argument has not yet been scheduled.

California State Teachers’ Retirement System (CalSTRS) reports climate-related expectations for portfolio companies and 2024 climate-related voting

On August 1, CalSTRS reported that during the 2024 proxy season, it had focused on climate risk disclosure and voted against the boards of directors at more than 2,250 companies. The press release also summarized the pension fund’s expectation that portfolio companies:

publish sustainability-related disclosure aligned with the International Financial Reporting Standards;
disclose Scope 1 and Scope 2 greenhouse gas emissions; and
for high-emitting companies, including those on the Climate Action 100+ list, to set “appropriate targets to reduce GHG emissions.”

ISS and Glass Lewis release 2024 policy surveys

On August 1, ISS Governance opened its annual benchmark policy survey, soliciting investor views on environmental and social topics such as Scope 3 GHG emission reduction target disclosure and the relevant factors to consider for climate- and workforce-diversity-related shareholder proposals. Responses were due by September 5, 2024.

Glass Lewis opened its 2024 policy survey in July. ESG-related questions focused on whether companies should consider transitioning to a B Corporation; if it is appropriate for an entity’s financial auditor to also be responsible for sustainability reporting assurance; what factors are relevant when voting on Say on Climate proposals or shareholder proposals more generally; whether the identity of a shareholder proposal proponent is relevant in voting decisions; whether information related to climate transition strategies and oversight would be helpful in proxy reports; and what factors would drive a vote against non-financial reporting by certain EU countries. Responses were due by August 30, 2024.

The results of these surveys are expected to inform future updates of ISS and Glass Lewis policies, research, and vote recommendations.

ISS ESG announces new emission intensity solution

On July 31, ISS ESG announced its new industry average emission intensity data as an addition to its current climate solutions offering. The data focuses on supporting insurance companies and banks in their compliance with mandatory disclosures on climate matters.

Republican lawmakers send letter to Climate Action 100+ signatories

On July 30, the chairmen of the House Judiciary Committee and the Subcommittee on the Administrative State, Regulatory Reform and Antitrust issued a press release regarding letters they sent to over 130 government pension programs, companies, and retirement systems seeking information as to “their involvement with the woke ESG cartel Climate Action 100+.”

SEC issues Spring 2024 regulatory agenda

On July 8, the SEC released its Spring 2024 regulatory agenda. Compared to the Fall 2023 agenda, the SEC delayed proposed rules on human capital management from April 2024 to October 2025 and proposed rules on corporate board diversity from October 2024 to April 2025. The agenda also pushed back the timing for adoption of final rules seeking disclosure requirements from investment companies and advisers on ESG factors from April 2024 to October 2024. These timeframes are not hard deadlines for future SEC rulemaking, and the SEC retains flexibility to change this timing further in future agendas.

In case you missed it…

The Gibson Dunn Workplace DEI Task Force has published its updates for July and August summarizing the latest key developments, media coverage, case updates, and legislation related to diversity, equity, and inclusion.

V. APAC

Climate Bonds Initiative (CBI) and the Institute for Global Environmental Strategies (IGES) develop a Transition Strategies Toolkit

On July 29, 2024, CBI and IGES collaboratively released the Transition Strategies Toolkit, a guidance tool based on scientific evidence to promote transition finance in Japanese industries. The toolkit provides guidance for Japanese companies to develop and implement credible, science-based transition plans and for investors to promote investments that support the transition to decarbonization. The Transition Strategy Toolkit builds on the Guidance for Assessing Transition Plans published by CBI in 2023 which outlined key features and frameworks for reliable transition planning. Based on this guidance, the Transition Strategy Toolkit is primarily intended to promote understanding of the basic characteristics and elements that Japanese companies should incorporate when developing transition plans in response to climate change.

Australia’s opposition party calls for an end to the country’s nuclear energy ban

Australia’s opposition party has called for a change in the law to reverse the country’s 1998 ban on nuclear power and has instead pledged commitment to the construction of new nuclear plants. The current government is focused on the rapid phase-out of coal and scale-up of renewable energy sources, passing legislation which targets: a 43% cut in carbon emissions from 2005 levels by 2030; net zero emissions by 2050; and delivery of 82% of electricity from renewable sources by 2030. The government has described the opposition’s nuclear aspirations as too expensive, too slow to build and too risky. Energy policy is likely to remain a prominent issue in Australia in the lead up to next year’s election.

China voices its opposition to the European Union Deforestation Regulation (EUDR)

The EUDR, which is set to take effect in December 2024 and is designed to limit deforestation, requires geolocational data for all forest products imported into the EU. China, a key supplier of forest products such as timber, paper and pulp, has recently voiced its opposition, citing security concerns with the sharing of such data. A potential withdrawal of China from compliance with the EUDR could materially disrupt global supply chains. This development follows resistance from the US, which is pushing for delayed implementation of the EUDR on the basis that it will impose “impossible standards” and act as a non-tariff trade barrier.

Please let us know if there are other topics that you would be interested in seeing covered in future editions of the monthly update.

Warmest regards,
Susy Bullock
Elizabeth Ising
Perlette M. Jura
Ronald Kirk
Michelle M. Kirschner
Michael K. Murphy
Selina S. Sagayam

Chairs, Environmental, Social and Governance Practice Group, Gibson Dunn & Crutcher LLP

For further information about any of the topics discussed herein, please contact the ESG Practice Group Chairs or contributors, or the Gibson Dunn attorney with whom you regularly work.

The following Gibson Dunn lawyers prepared this update: Lauren Assaf-Holmes, Natalie Lamb, Georgia Derbyshire, Magdalena Augé, Alex Eldredge*, Elizabeth Ising, Cynthia Mabry, Michelle Kirschner and Selina S. Sagayam.

Gibson Dunn lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any leader or member of the firm’s Environmental, Social and Governance practice group:

Environmental, Social and Governance (ESG):

Susy Bullock – London (+44 20 7071 4283, [email protected])
Elizabeth Ising – Washington, D.C. (+1 202.955.8287, [email protected])
Perlette M. Jura – Los Angeles (+1 213.229.7121, [email protected])
Ronald Kirk – Dallas (+1 214.698.3295, [email protected])
Michelle Kirschner – London (+44 20 7071 4212, [email protected])
Michael K. Murphy – Washington, D.C. (+1 202.955.8238, [email protected])
Selina S. Sagayam – London (+44 20 7071 4263, [email protected])

*Alex Eldredge, a trainee solicitor in the London office, is not admitted to practice law.

This edition of Gibson Dunn’s Federal Circuit Update for August 2024 summarizes the current status of petitions pending before the Supreme Court and recent Federal Circuit decisions concerning obviousness-type double patenting, Article III standing, and attorneys’ fees under Section 285.

Federal Circuit News

Noteworthy Petitions for a Writ of Certiorari:
There were no new potentially impactful petitions filed before the Supreme Court in August 2024. We provide an update below of the petitions pending before the Supreme Court that were summarized in our July 2024 update:

In United Therapeutics Corp. v. Liquidia Technologies, Inc. (US No. 23-1298), after the respondent waived its right to respond, a response was requested by the Court. The response brief was filed on August 27, 2024, and the reply brief was filed on September 10, 2024.
In Chestek PLLC v. Vidal (US No. 23-1217), the response brief was filed on August 14, 2024, and the reply brief was filed on August 29, 2024. Five amicus curiae briefs had been filed.
In Cellect LLC v. Vidal (US No. 23-1231), the response brief was filed on August 21, 2024, and the reply brief was filed on September 4, 2024. An additional amicus curiae brief was also filed on August 21, 2024. A total of eight amicus curiae briefs have now been filed.

All three petitions will be considered during the Court’s September 30, 2024 conference.

Other Federal Circuit News:

Release of Materials in Judicial Investigation. The Federal Circuit released additional materials in connection with the proceeding under the Judicial Conduct and Disability Act and the implementing Rules involving Judge Pauline Newman. The materials may be accessed here. In particular, the Judicial Council of the Federal Circuit has ordered that Judge Newman “not be permitted to hear or participate in any cases . . . for a period of one year beginning with the issuance of this Order.”

Notice of Proposed Amendments to Federal Circuit Rules of Practice. The Federal Circuit has published proposed amendments to the Federal Circuit Rules of Practice available here. Here is a summary of some of the proposed amendments:

Amending Rule 15 to extend the time to appeal from the Secretary of Veterans Affairs from 60 days to 6 years.
Amending Rule 30 to require parties to add information in the submitted appendices designating how a document was designated at the reviewed tribunal (such as docket numbers).
Combing Rule 35 regarding en banc rehearing with Rule 40 regarding panel rehearing.

Public comments must be received on or before October 4, 2024.

Upcoming Oral Argument Calendar

The list of upcoming arguments at the Federal Circuit is available on the court’s website.

Key Case Summaries (August 2024)

Allergan USA, Inc. et al. v. MSN Laboratories Private Ltd. et al., No. 2024-1061 (Fed. Cir. Aug. 13, 2024): Allergan markets and sells eluxadoline tablets under the brand name Viberzi®. Allergan owns patents that cover the drug compound and composition. The first-filed application issued as the ‘356 patent and had a total patent term adjustment (PTA) of 467 days. Continuing applications were filed claiming the same priority date as the ‘356 patent, which issued as the ‘011 and ‘709 patents. The ‘011 and ‘709 patents did not receive any PTA, and each was therefore set to expire before the ‘356 patent. Defendant argued based on In re Cellect, LLC, 81 F.4th 1216 (Fed. Cir. 2023), that the ‘011 and ‘709 patents were obviousness-type double patenting (ODP) references that rendered the ‘356 patent invalid. The district court agreed.

The Federal Circuit (Lourie, J., joined by Dyk and Reyna, JJ.) reversed. The Court held that a “first-filed, first-issued, later-expiring claim” cannot “be invalidated by a later-filed, later-issued, earlier-expiring reference claim having a common priority date.” The Court explained that a contrary result would be “antithetical to the principles of ODP,” which is “to prevent patentees from obtaining a second patent on a patentably indistinct invention to effectively extend the life of a first patent to that subject matter.”

(Judge Dyk concurred on the ODP issue but dissented with respect to other issues addressed by the Court.)

A more detailed summary of this case may be found here.

Platinum Optics Technology Inc. v. Viavi Solutions Inc., No. 23-1227 (Fed. Cir. Aug. 16, 2024): Viavi sued Platinum Optics (PTOT) alleging infringement in two civil actions on a patent directed to optical filters including layers of hydrogenated silicon and sensor systems comprising such optical filters. PTOT then petitioned for inter partes review (IPR), and the Patent Trial and Appeal Board (Board) concluded that PTOT failed to prove that the challenged claims were unpatentable. PTOT challenges the Board’s decision in this appeal. However, before the Board issued its final written decision, Viavi’s patent infringement claims regarding the challenged patent were dismissed with prejudice in both district court cases.

The Federal Circuit (Cecchi, J. (district judge sitting by designation), joined by Moore, C.J., and Taranto, J.) dismissed the appeal for lack of standing. Although a party does not need Article III standing to appear before an agency, PTOT failed to show it had standing to seek judicial review of the agency’s final action in federal court. In particular, the Court concluded that PTOT could not show that it had suffered an injury in fact, because it had not established there were concrete plans for future activity that created a substantial risk of infringement. The Court determined that a Viavi letter that stated Viavi did “not believe” PTOT could fulfill its supply agreements without infringing was mere speculation and insufficient to show a substantial risk of future infringement. Moreover, this letter was sent prior to the start of the district court cases, and the relevant claims had been dismissed with prejudice. The Court also determined that PTOT’s declaration regarding the continued development of new bandpass filters failed to identify any concrete plans that would implicate the challenged patent.

Realtime Adaptive Streaming LLC v. Sling TV, LLC, No. 23-1035 (Fed. Cir. August 23, 2024): Realtime sued DISH and related Sling entities for infringing patents directed to digital data compression. Over the next six years, a series of events related to determinations of ineligibility or invalidity of the asserted patent and its related patents occurred in various forums, leading the district court to ultimately find the asserted claims of the asserted patent ineligible. While that determination of ineligibility was on appeal, the district court granted DISH’s motion for attorneys’ fees, highlighting six events that it considered “red flags,” finding that “Realtime’s dogged pursuit of the case notwithstanding those danger signals render[ed] this an exceptional case.”

The Federal Circuit (Albright, J. (district judge sitting by designation), joined by Moore, C.J. and Lourie, J.) vacated and remanded. The Court determined that, although the district court did not err in giving weight to the decisions from two different district courts in determining that certain claims of a related patent were ineligible (one of the “red flags”), the district court erred in giving weight to the other five red flags. The Court determined that the district court erred in finding that the Adaptive Streaming decision from the Federal Circuit should have put Realtime on notice that its patent claims were meritless. The Court explained that Adaptive Streaming was about technology that was different from that claimed in the asserted patent. The Court also determined that the district court failed to explain why the final written decisions from the Board invalidating certain claims of a related patent and non-final office actions rejecting claims of the asserted patents were relevant to its decision to award attorneys’ fees. The Court next explained that a notice letter DISH had sent to Realtime contained “no analysis sufficient to put the patentee on notice that its arguments regarding ineligibility are so meritless as to amount to an exceptional case.” “Simply being on notice of adverse case law and the possibility that opposing counsel would pursue 285 fees does not amount to clear notice” that the claims in question were invalid and therefore did not support a finding of exceptionality. Finally, the Court held that the district court erred in finding that the opinions of DISH’s expert regarding noninfringing alternatives should have put Realtime on notice that its arguments “were so without merit as to amount to an exceptional case.”

The following Gibson Dunn lawyers assisted in preparing this update: Blaine Evanson, Kate Dominguez, Jaysen Chung, Audrey Yang, Vivian Lu, Julia Tabat, and Michelle Zhu.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding developments at the Federal Circuit. Please contact the Gibson Dunn lawyer with whom you usually work, any leader or member of the firm’s Appellate and Constitutional Law or Intellectual Property practice groups, or the following authors:

Blaine H. Evanson – Orange County (+1 949.451.3805, [email protected])
Audrey Yang – Dallas (+1 214.698.3215, [email protected])

Appellate and Constitutional Law:
Thomas H. Dupree Jr. – Washington, D.C. (+1 202.955.8547, [email protected])
Allyson N. Ho – Dallas (+1 214.698.3233, [email protected])
Julian W. Poon – Los Angeles (+ 213.229.7758, [email protected])

Intellectual Property:Kate Dominguez – New York (+1 212.351.2338, [email protected])
Y. Ernest Hsin – San Francisco (+1 415.393.8224, [email protected])
Josh Krevitt – New York (+1 212.351.4000, [email protected])
Jane M. Love, Ph.D. – New York (+1 212.351.3922, [email protected])

From the Derivatives Practice Group: This week, there were developments in the election event contracts case in the DC District Court and the DC Circuit Court and the CFTC amended exemptions from certain compliance requirements for commodity pool operators, commodity trading advisors, and commodity pools, which had not been amended since 1992.

New Developments

DC Circuit Court Orders Temporary Stay Suspending Trading on Election Contracts. On September 12, the United States Court of Appeals for the District of Columbia Circuit (the “DC Circuit Court”) ordered a temporary stay suspending trading on election contracts offered by KalshiEx LLC (“KalshiEx”) “to give the court sufficient opportunity to consider the emergency motion for stay pending appeal.” Prior to the temporary stay from the DC Circuit Court, the United States District Court for the District of Columbia (the “DC District Court”) overturned an order blocking KalshiEx from allowing election contract trading on its platform and denied the CFTC’s request for a stay pending appeal. KalshiEx filed a response to the CFTC’s emergency motion on September 12 and the CFTC’s reply is due to the DC Circuit Court by 6:00 pm on September 14. [NEW]
CFTC Approves Final Rule Regarding Exemptions from Certain Compliance Requirements for Commodity Pool Operators, Commodity Trading Advisors, and Commodity Pools. On September 12, the CFTC published a final rule that amends CFTC Regulation 4.7, a provision that provides exemptions from certain compliance requirements for commodity pool operators (“CPOs”) regarding commodity pool offerings to qualified eligible persons (“QEPs”) and for commodity trading advisors (“CTAs”) regarding trading programs advising QEPs. The final rule amends various provisions of the regulation that have not been updated since the rule’s original adoption in 1992. Specifically, the final rule: (1) increases the monetary thresholds outlined in the “Portfolio Requirement” definition that certain persons may use to qualify as Qualified Eligible Persons; (2) codifies exemptive letters allowing CPOs of Funds of Funds operated under Regulation 4.7 to choose to distribute monthly account statements within 45 days of the month-end; (3) includes technical amendments designed to improve its efficiency and usefulness for intermediaries and their prospective and actual QEP pool participants and advisory clients, as well as the general public; and, (4) updates citations within 17 CFR Part 4, and throughout the CFTC’s rulebook, to reflect the new structure of Regulation 4.7. [NEW]
CFTC Staff Issues No-Action Letter Related to Reporting and Recordkeeping Requirements for Fully Collateralized Binary Options. On September 4, 2024, the CFTC announced the Division of Market Oversight (“DMO”) and the Division of Clearing and Risk have taken a no-action position regarding swap data reporting and recordkeeping regulations in response to a request from LedgerX LLC d/b/a MIAX Derivatives Exchange LLC (“MIAXdx”), a designated contract market and derivatives clearing organization. The Divisions will not recommend the CFTC initiate an enforcement action against MIAXdx or its participants for certain swap-related recordkeeping requirements and for failure to report data associated with fully collateralized binary option transactions executed on or subject to the rules of MIAXdx to swap data repositories. The no-action letter is comparable to no-action letters issued for other similarly situated designated contract markets and derivatives clearing organizations.
CFTC Grants Kalshi Klear LLC DCO Registration. On August 29, the CFTC announced it has issued Kalshi Klear LLC (“Kalshi”) an Order of Registration as a derivatives clearing organization (“DCO”) under the Commodity Exchange Act. Kalshi’s affiliate, KalshiEx LLC, is registered with the CFTC as a designated contract market.
CFTC Staff Extends Brexit-Related No-Action Positions. On August 29, the CFTC’s DMO and Market Participants Division (“MPD”) announced they are extending temporary no-action positions in connection with the withdrawal of the United Kingdom (“UK”) from the European Union (“EU”), known as Brexit. In addition, DMO is amending its no-action position to include two additional multilateral trading facilities (“MTFs”) authorized in the UK. The no-action position was also amended to remove an MTF and an organized trading facility because the facilities are no longer authorized in the UK.
CFTC Staff Issues No-Action Letter for EU-Based and UK-Based DCOs Regarding Certain Requirements Applicable to DCOs. On August 23, the CFTC’s Division of Clearing and Risk (“DCR”) issued a no-action letter to address the applicability of certain CFTC regulations to registered DCOs based in either the EU or the UK. This letter replaces CFTC Letter 16-26, which applied only to EU-based DCOs and was issued in 2016 as part of the CFTC’s response to the EU equivalence determination with regard to the CFTC’s regulatory framework for DCOs. DCR has updated CFTC Letter 16-26 to explicitly apply it to UK-based DCOs post-Brexit.

New Developments Outside the U.S.

ESAs Warn of Risks From Economic and Geopolitical Events. On September 10, the three European Supervisory Authorities (“ESAs”) issued their Autumn 2024 Joint Committee Report on risks and vulnerabilities in the EU financial system. In the report, the ESAs underlined ongoing high economic and geopolitical uncertainties, warned of the financial stability risks that they believe stem from these uncertainties and called for continued vigilance from all financial market participants. For the first time, the report also includes a cross-sectoral deep dive into credit risks in the financial sector. [NEW]
EC Publishes Draghi Report on the Future of European Competitiveness. On September 9, the European Commission (“EC”) published a report, Future of European Competitiveness, authored by former Italian prime minister and head of the European Central Bank Mario Draghi. The report, which was commissioned by EC president Ursula von der Leyen, outlines the EU’s new industrial strategy. Part A of the report outlines the overarching strategy, while Part B discusses sectoral and horizontal policies and related recommendations in more detail. The report covers topics that include energy derivatives, sustainable finance, EU supervision, Basel framework, and collateral. The EC president indicated that she will aim to form a cabinet, with related mission letters that she expects to cover certain aspects of the report as part of future EU policies. [NEW]
MAS Updates FAQs on OTC Derivatives Reporting Regulations. On September 4, the Monetary Authority of Singapore (“MAS”) further updated the Frequently Asked Questions (FAQs) on the Securities and Futures (Reporting of Derivatives Contracts) Regulations 2013. MAS indicated that the FAQs are to aid implementation of the reporting obligations and elaborate on its intentions for some of the requirements. The new Singapore reporting rules will take effect on October 21, 2024. [NEW]
Markets Increasingly Sensitive After Strong Performance in Early 2024. On August 29, ESMA published its second risk monitoring report of 2024, setting out the key risk drivers currently facing EU financial markets. The report stated that external events continue to have a strong impact on the evolution of financial markets, and ESMA also sees high or very high overall risks in the markets within its remit.

New Industry-Led Developments

ISDA Responds to Australia’s CFR on Bonds and Repo Clearing. On September 4, ISDA submitted a response to a consultation from Australia’s Council of Financial Regulators (“CFR”) on the central clearing of bonds and repos in Australia. In response to changes in the size and structure of the Australian bond and repo markets, the CFR sought feedback on the costs and benefits of introducing a central counterparty (“CCP”) in the Australian bond and repo markets. It also sought views on the circumstances under which a bond and repo CCP could be operated safely and efficiently by an overseas operator and what additional protections may be required in Australia. ISDA said that it welcomes the fact that the CFR is not considering the introduction of a clearing mandate. In its response, ISDA set out its opinion on the costs and benefits of voluntary central clearing for the Australian bond and repo markets. ISDA also commented on participation and other factors to consider for a bond and repo clearing offering to be viable. On location, the response states it is not uncommon for an overseas operator to provide clearing services related to non-domestic markets and ISDA indicated that it does not see any increased risk for an overseas operator to provide clearing services for the Australian bond and repo markets, as long as the overseas CCP is appropriately supervised and risk-managed. [NEW]
ISDA Suggested Operational Practice “P43 Reporting of Post-Trade Events: Trades with no prior P43 Reporting.” On September 5, ISDA republished a Suggested Operational Practice (“SOP”) from July 2024 on approaches (e.g., for partial or full unwinds, partial or full novation, or partial or full exercises) under the CFTC amendments for allocated trades. The SOP recommends reporting the first Part 43 reportable post-trade event on an allocated trade with Action type “NEWT” and Event type “TRAD.”
ISDA and IIF Respond to BCBS Consultation on CCR Management. On August 28, ISDA and the Institute of International Finance (“IIF”) submitted a joint response to the Basel Committee on Banking Supervision’s (“BCBS”) consultation on guidelines for counterparty credit risk (“CCR”) management. The new guidelines represent an update to the Sound Practices for Banks’ Interactions with Highly Leveraged Institutions, published in January 1999, to incorporate recent lessons and best practices. In the response, the associations stress the guidelines should be risk-based and proportional, considering a diverse universe of counterparties and financial markets across the world. The associations stated that they believe a common understanding and coordination between central banks, supervisors and banks can enhance the effectiveness of CCR practices.

The following Gibson Dunn attorneys assisted in preparing this update: Jeffrey Steiner, Adam Lapidus, Marc Aaron Takagaki, Hayden McGovern, and Karin Thrasher.

Jeffrey L. Steiner, Washington, D.C. (202.887.3632, [email protected])

Michael D. Bopp, Washington, D.C. (202.955.8256, [email protected])

Michelle M. Kirschner, London (+44 (0)20 7071.4212, [email protected])

Darius Mehraban, New York (212.351.2428, [email protected])

Jason J. Cabral, New York (212.351.6267, [email protected])

Adam Lapidus – New York (212.351.3869, [email protected] )

Stephanie L. Brooker, Washington, D.C. (202.887.3502, [email protected])

William R. Hallatt , Hong Kong (+852 2214 3836, [email protected] )

David P. Burns, Washington, D.C. (202.887.3786, [email protected])

Marc Aaron Takagaki , New York (212.351.4028, [email protected] )

Hayden K. McGovern, Dallas (214.698.3142, [email protected])

Karin Thrasher, Washington, D.C. (202.887.3712, [email protected])

Gibson Dunn’s Workplace DEI Task Force aims to help our clients develop creative, practical, and lawful approaches to accomplish their DEI objectives following the Supreme Court’s decision in SFFA v. Harvard. Prior issues of our DEI Task Force Update can be found in our DEI Resource Center. Should you have questions about developments in this space or about your own DEI programs, please do not hesitate to reach out to any member of our DEI Task Force or the authors of this Update (listed below).

Key Developments:

On August 29, 2024, America First Legal Foundation (AFL), the conservative organization founded and run by former Trump policy advisor Stephen Miller, sent a letter to Jeremy Gosch, CEO of Hy-Vee, Inc., demanding that the supermarket chain terminate its “Hy-Vee OpportUNITY Inclusive Business Summit’s Pitch Competition,” through which Hy-Vee pledged to give $50,000 to local minority and women-owned businesses in Iowa and the surrounding states. The competition is open to businesses with “at least 51% ownership, operation and control by the [] diversity classifications defined by the Small Business Administration[, including] minority, women, and/or other disadvantaged populations.” AFL alleges that the program unlawfully limits eligibility by race and gender and precludes “white and/or male” individuals from participating, in violation of 42 U.S.C. § 1981.

On September 3, 2024, AFL announced that it had filed a federal civil rights complaint with the EEOC against Williams-Sonoma, Inc., alleging that the company sets diversity goals for hiring and promotion based on race and sex, in violation of Title VII. AFL also sent a letter to Williams Sonoma’s board of directors demanding that the company end its allegedly discriminatory practices. The complaint references the company’s 2024 Annual Report, which states that its Equity Action Plan has led to approximately 68.1% of the workforce identifying as female and about 41.1% identifying as a member of an ethnic minority group. AFL contends that the Equity Action Plan illegally tracks and sets goals for diversity among employees and board members. The complaint also criticizes statements on the company’s website, including a goal to “consciously increase Black representation among our vendors, partners, and collaborators.” Williams Sonoma has yet to respond to AFL’s complaint.

Several elite colleges and universities in the United States have reported a decline in enrollment of minority students following the Supreme Court’s SFFA decision striking down affirmative action in college admissions. Harvard University, Amherst College, Tufts University, and the Massachusetts Institute of Technology (MIT) all reported a decrease in the percentage in enrollment of Black students. At MIT, for example, the percentage of incoming Black students dropped from 15% to 5%. In addition, the percentage of Latino students decreased from 16% to 11%, while the percentages of white and Asian American students increased.

Media Coverage and Commentary:

Below is a selection of recent media coverage and commentary on these issues:

Washington Post, “Fearless Fund settles with DEI foes, ends grant program for Black women” (September 11): The Washington Post’s Julian Mark and Taylor Telford report on the settlement between Fearless Fund, a venture capital firm started by Black women to invest in businesses owned by women of color (represented by Gibson Dunn, among others), and the American Alliance for Equal Rights (AAER), a conservative nonprofit organization. Mark and Telford say that, as part of the agreement, Fearless Foundation has decided to permanently close its Fearless Strivers grant contest, which previously awarded $20,000 grants to Black female-owned businesses. AAER, led by conservative activist Edward Blum, sued Fearless Fund on August 2, 2023, alleging discrimination against non-Black businesspeople. Alphonso David, one of Fearless Fund’s attorneys, described the settlement as “narrow,” and said that Fearless Fund’s intent was to limit the case’s impact to the Eleventh Circuit. Civil rights activist Reverend Al Sharpton, who has supported Fearless Fund since the outset, described the settlement as a “sacrifice,” commenting that “if we had fought, and Blum and them wanted to go all the way to the Supreme Court, we’d have lost the fight for generations.”
Wall Street Journal, “Fearless Fund Shuts Down Grant Program for Black Founders After Legal Settlement; The outcome of a legal battle with Edward Blum’s organization is a setback for diversity efforts in venture capital” (September 11): Yuliya Chernova of The Wall Street Journal reports on the closure of Fearless Foundation’s grant program for Black female entrepreneurs, which comes as part of a legal settlement with the American Alliance for Equal Rights. Chernova notes that the settlement has prompted concerns about the potential impact on other initiatives aimed at diversifying the venture capital industry. According to Chernova, venture-backed startups remain predominantly led by white men, and U.S. companies with at least one female founder have secured just 22.6% of all venture funding. Edward Blum, president of AAER, commented that “race-exclusive programs like the one the Fearless Fund promoted are divisive and illegal. Opening grant programs to all applicants, regardless of their race, is enshrined in our nation’s civil rights laws and supported by significant majorities of all Americans.” In response, Arian Simone, CEO of Fearless Fund, affirmed that her organizations will continue their efforts to help under-resourced entrepreneurs despite the program’s closure.
Financial Times, “Meet Robby Starbuck, the anti-woke activist who is shaking up boardrooms” (September 6): Taylor Nicole Rogers of The Financial Times reports on conservative activist Robby Starbuck’s recent campaigns against corporate DEI initiatives. Known for his social media campaigns against a number of companies, Starbuck has now turned his focus to Molson Coors, the maker of Coors Light and Miller beers. As a result of his efforts, Rogers says that Molson Coors announced that it would no longer participate in the Human Rights Campaign’s scoring system, which rates companies based on LGBTQ+ inclusion in the workspace, and that the company will eliminate its supplier-diversity goals. Rogers reports that Starbuck, who engages his 600,000 followers on X and employs two staff members to research companies’ diversity efforts, has shifted his focus from companies with conservative customer bases to those with more neutral or diverse audiences. According to Starbuck, “The situation these companies are facing is a very different new world where I have a direct line to a sizeable portion of their customers. These customers are engaged and they now understand something very important: their wallets are a weapon.”
Bloomberg, “Investors Craft Counterattacks After Influencer’s Anti-DEI Blitz” (September 6): Bloomberg’s David Hood reports on the efforts by shareholder groups to reinstate DEI commitments at companies that have been targeted by conservative activist Robby Starbuck. Hood says that these groups are exploring a range of strategies—from proxy proposals to litigation—to restore DEI polices at companies attacked by Starbuck. Andy Behar, CEO of shareholder advocacy group As You Sow, indicated that his organization is considering helping investors launch campaigns to replace board members at companies that reversed course on DEI. Additionally, Brad Lander, New York City’s Comptroller, who oversees funds totaling nearly $500 million across seven companies targeted by Starbuck, stated that companies yielding to Starbucks’s demands should be “on notice” and warned that “we’re not going to stand by as folks with no track record in investing try to roll back proven strategies for advancing diversity of companies across the economy in effective ways.”
Wall Street Journal, “Molson Coors Rolls Back DEI Initiatives” (September 3): The Wall Street Journal’s Joseph Pisani reports that Molson Coors, the maker of Coors Light and Miller beers, has decided to pull back on its diversity policies and initiatives. The company announced that it would no longer participate in the Human Rights Campaign’s scoring system, which rates companies based on LGBTQ+ inclusion in the workspace. Additionally, Pisani reports that Molson Coors will eliminate its supplier-diversity goals. Conservative activist Robby Starbuck claimed responsibility for the changes at Molson Coors, stating that he messaged company executives the week before the announcement. Molson Coors representatives indicated that this shift is intended to broaden its DEI efforts to ensure that all employees feel welcomed.
CalMatters, “California may ban legacy admissions at colleges. The end of affirmative action is a reason why” (August 29): Mikhail Zinshteyn of CalMatters, a nonprofit news organization that covers California state politics and policies, reports that California’s legislature passed a bill on August 28, 2024, barring the state’s private nonprofit colleges from making admissions decisions based on whether family members of students donated money to the school or had attended the school themselves. If signed by Governor Newsom, California would join Illinois, Maryland, Virginia, and Colorado in banning legacy preferences in admissions at either public or private institutions. Currently, only six private colleges in California use legacy as a factor in admissions, while no public colleges in the state do. If the bill becomes law, schools will be prohibited from considering an applicant’s legacy or donor connections in admissions decisions starting September 1, 2025. Zinshteyn reports that the bill is intended to serve as “a necessary corrective” to the Supreme Court’s ruling that banned colleges from using race as a factor in admissions. According to Democratic Assemblymember Phillip Ting, the bill is intended to “make sure that everyone’s getting in because of their own merit, because of their grades, their test scores, what they provide to that institution, not because of their pocketbooks, of their parents or their family members.”
Forbes, “Chicago Bears Settle Lawsuit Over ‘Legal Diversity Fellow’ Role” (August 28): Forbes’ Chris Deubert reports that the Chicago Bears have confidentially settled a lawsuit filed by Jonathan Bresser, a law student at DePaul University College of Law. Bresser challenged the constitutionality of the team’s “Legal Diversity Fellow” program, which provided opportunities for local law students to work with the Bears’ legal team and DEI department on various goals and initiatives. Deubert reports that the fellowship was open only to law students who are women or persons of color. Bresser, who is a white male, applied for the fellowship in November 2023 but was not selected. He subsequently filed a lawsuit in the U.S. District Court for the Northern District of Illinois, alleging that the Bears and several of its employees violated Title VII and its Illinois equivalent by not hiring him based on his race and gender. According to the court records, the matter was settled on August 27, 2024.

Case Updates:

Below is a list of updates in new and pending cases:

1. Contracting claims under Section 1981, the U.S. Constitution, and other statutes:

American Alliance for Equal Rights v. Southwest Airlines Co., No. 24-cv-01209 (N.D. Tex. 2024): On May 20, 2024, American Alliance for Equal Rights (AAER) filed a complaint against Southwest Airlines, alleging that the company’s ¡Latanzé! Travel Award Program, which awards free flights to students who “identify direct or parental ties to a specific country” of Hispanic origin, improperly discriminates based on race. AAER is seeking a declaratory judgment that the program violates Section 1981 and Title VI, a temporary restraining order barring Southwest from closing the next application period (set to open in March 2025), and a permanent injunction barring enforcement of the of the program’s ethnic eligibility criteria.
- Latest update: On August 22, 2024, Southwest filed a motion to dismiss, arguing that the case was moot because the company had signed a covenant with AAER that eliminated the challenged provisions from any and all future program application cycles. The program is now open to students who are “enrolled at a college/university located at least 200 miles from a student’s home” and is “not limited by race, ethnicity, or national origin.” On August 29, 2024, the court stayed proceedings in the case, pending resolution of Southwest’s motion to dismiss. Oral argument on the motion is scheduled for November 12, 2024.

2. Employment discrimination and related claims:

Newman v. Elk Grove Education Association, No. 2:24-cv-01487 (E.D. Cal. 2024): On May 24, 2024, a white teacher at the Elk Grove Unified School District in Sacramento, California, sued the teachers’ union under Title VII and California law, after the District created an executive board position called the “BIPOC At-Large Director” open only to those who “self-identify” as “African American (Black), Native American, Alaska Native, Native Hawai’ian, Pacific Islander, Latino (including Puerto Rican), Asian, Arab, and Middle Eastern.” The plaintiff alleges that he is a union member who “wants to run for union office to address the District’s recent adoption of what he believes to be aggressive and unnecessary Diversity, Equity & Inclusion (‘DEI’) policies,” but is ineligible for this board seat because of his race.
- Latest update: On August 26, 2024, the defendant filed a motion to dismiss, arguing that the plaintiff’s claims are moot because the union “no longer has any position with any eligibility criteria that is based on race” and has replaced the BIPOC At-Large Director position with a new Racial Equity Director At-Large position that is open to all members regardless of race. The defendant also moved to dismiss the plaintiff’s claims for punitive damages, arguing that he had not pled any facts sufficient to show malice, reckless indifference, or oppression. Oral argument on the hearing is scheduled for October 15, 2024.
Harker v. Meta Platforms, Inc., No. 23-cv-7865 (S.D.N.Y. 2023): A lighting technician who worked on a set where a Meta commercial was produced sued Meta and a film producers association, alleging that their diversity initiative Double the Line (DTL) violated Title VII, Sections 1981 and 1985, and New York law. The plaintiff also claimed that he was retaliated against after raising questions about the qualifications of a coworker hired pursuant to the DTL initiative. On December 19, 2023, the defendants moved to dismiss the plaintiff’s first amended complaint. On January 25, 2024, the plaintiff filed his opposition to Meta’s motion.
- Latest update: On August 29, 2024, the court granted the defendants’ motions to dismiss for lack of standing. The court reasoned that because the plaintiff did not apply, attempt to apply, or even express interest in applying for, a lighting technician position under the DTL program, he had not alleged any injury-in-fact sufficient to establish standing. The court further denied leave to amend the complaint and entered judgment closing the case.

3. Challenges to agency rules, laws and regulatory decisions:

Do No Harm v. Lee, No. 3:23-cv-01175-WLC (M.D. Tenn. 2023): On November 8, 2023, Do No Harm sued Tennessee Governor Bill Lee under the Equal Protection Clause, seeking to enjoin a 1988 Tennessee law requiring the governor to “strive to ensure” that at least one board member of the six-member Tennessee Board of Podiatric Medical Examiners is a racial minority. On February 2, 2024, Governor Lee moved to dismiss the complaint for lack of standing. On August 8, 2024, the court granted Governor Lee’s motion to dismiss and entered judgment in the case, holding that Do No Harm had not demonstrated injury in fact.
- Latest update: On August 30, 2024, Do No Harm appealed the district court’s decision to the Sixth Circuit.

Young Americans for Freedom v. United States Department of Education, No. 3:24-cv-00163 (D.N.D. 2024): On August 27, 2024, the University of North Dakota Chapter of Young Americans for Freedom (YAF) sued the U.S. Department of Education (DOE) over its McNair Post-Baccalaureate Achievement Program, a research and graduate studies grant program that supports incoming graduate students who are either low-income first-generation college students or “member[s] of a group that is underrepresented in graduate education.” Relevant federal regulations define these underrepresented groups as “Black (non-Hispanic), Hispanic, American Indian, Alaskan Native, Native Hawaiians, and Native American Pacific Islanders.” YAF alleges that the McNair program violates the Equal Protection Clause by restricting admission based on race, and violates the Administrative Procedure Act as an agency action that is “contrary to a constitutional right.” See 5 U.S.C. § 706(2)(B). YAF requests, among other things, a preliminary injunction enjoining the DOE from enforcing all race-based qualifications for the McNair program.
- Latest update: On September 4, 2024, YAF filed a motion for preliminary injunction, requesting that the court prevent the DOE from enforcing the racial and ethnic qualifications of the McNair program, and requiring the DOE to notify all participating institutions of higher education that they cannot impose or rely upon such classifications. YAF argues that the racial eligibility criteria fails the strict scrutiny test for affirmative action policies because the government did not have evidence of discrimination when it started the McNair program. The docket does not reflect that the DOE has been served.

4. Actions against Educational Institutions:

Students for Fair Admissions v. United States Naval Academy, No. 1:23-cv-02699 (D. Md. 2023): On October 5, 2023, Students for Fair Admissions (SFFA) sued the U.S. Naval Academy, arguing that consideration of race in its admissions process violates the Fifth Amendment. On December 20, 2023, the district court denied SFFA’s preliminary injunction motion, holding that SFFA did not show that it would succeed on the merits of its Equal Protection claim because it failed to show that the defendants’ justifications for their policies did not satisfy strict scrutiny.
- Latest update: On August 15, 2024, SFFA filed a motion for partial summary judgment on the issue of standing, arguing that the four anonymous SFFA members, each of whom applied for admission at the Naval Academy but were denied, would have standing to sue in their own right. SFFA argued that each member sustained an injury of being denied the opportunity to compete for admission to the Naval Academy on an equal basis and is “ready to apply” if the court redresses the issue. On August 23, 2024, the Naval Academy opposed the motion, urging the court to consider the issue of standing after trial because there are disputed issues of material fact as to whether SFFA members are “able and ready” to apply. On August 28, 2024, SFFA replied, arguing that the disputes over their members’ “ability and readiness to apply” are not material or genuine, and therefore should not be a bar to granting partial summary judgment ahead of trial. A pretrial conference and hearing on motions in limine was held on September 5, 2024, and a bench trial is scheduled for September 16–27, 2024.

The following Gibson Dunn attorneys assisted in preparing this client update: Jason Schwartz, Mylan Denerstein, Blaine Evanson, Molly Senger, Zakiyyah Salim-Williams, Matt Gregory, Zoë Klein, Mollie Reiss, Jenna Voronov, Alana Bevan, Marquan Robertson, Janice Jiang, Elizabeth Penava, Skylar Drefcinski, Mary Lindsay Krebs, David Offit, Lauren Meyer, Kameron Mitchell, Maura Carey, and Jayee Malwankar.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Labor and Employment practice group, or the following practice leaders and authors:

Jason C. Schwartz – Partner & Co-Chair, Labor & Employment Group
Washington, D.C. (+1 202-955-8242, [email protected])

Katherine V.A. Smith – Partner & Co-Chair, Labor & Employment Group
Los Angeles (+1 213-229-7107, [email protected])

Mylan L. Denerstein – Partner & Co-Chair, Public Policy Group
New York (+1 212-351-3850, [email protected])

Zakiyyah T. Salim-Williams – Partner & Chief Diversity Officer
Washington, D.C. (+1 202-955-8503, [email protected])

Molly T. Senger – Partner, Labor & Employment Group
Washington, D.C. (+1 202-955-8571, [email protected])

Blaine H. Evanson – Partner, Appellate & Constitutional Law Group
Orange County (+1 949-451-3805, [email protected])

Julia Lapitskaya, Ronald Mueller and Stella Kwak are the authors of “How Companies Are Approaching Insider Trading Policies” [PDF] published by Law360 on September 11, 2024.

Europe

08/06/2024

Council of Europe | Report | Neural data

The Council of Europe reported on the data protection challenges linked to neurotechnology and neural data from the perspective of the Convention 108+.

The report highlights the challenges posed by neural data and neurotechnology, including the impact it may have on human rights and fundamental freedoms, in particular the right to privacy and to the protection of personal data. It provides a legal and technical description of neurotechnology and neural data and suggests solutions to address privacy concerns related to neural data processing.

For further information: Council of Europe Website

08/01/2024

European Commission | EU AI Act

The European Artificial Intelligence Act (“AI Act”) came into force.

The European Commission announced that the AI Act came into force on August 1, 2024. The majority of rules of the AI Act will start applying on August 2, 2026.

For more information: European Commission Website

Belgium

08/23/2024

Belgian Supervisory Authority | Sanction | Access Request

The Belgian Supervisory Authority (“APD”) imposed a fine of €100,000 on a telecom operator for late reply to a right to access request.

The APD determined that the telecom operator failed to appropriately process and reply to the individual’s access request by providing a response 14 months after the access request was submitted.

For more information: EDPB Website

Denmark

08/26/2024

Danish Supervisory Authority | Decision | AI

On August 26, 2024, the Danish Supervisory Authority (“Datatilsynet”) published its decision allowing an insurance company to record and use artificial intelligence for analyzing incoming telephone calls.

Following its investigation in March 2023 on the insurance company and its use of artificial intelligence to analyze customer service calls, the Datatilsynet found that the insurance company complies with GDPR rules. Finally, the Datatilsynet’s decision recalls that the processing must comply with data protection rules, particularly with regard to obtaining consent and the information given to data subjects.

For more information: Datatilsynet Website [DA]

France

08/27/2024

French Supervisory Authority | Monitoring Tool | Binding Corporate Rules

The French Supervisory Authority (“CNIL”) published a monitoring tool for Binding Corporate Rules (“BCR”).

The CNIL makes available to BCR holders a self-assessment tool to verify their level of compliance with BCR requirements and specifies the steps for its deployment.

For more information: CNIL Website

Germany

08/30/2024

Saxony Supervisory Authority | Recommendation | Technical and Organizational Measures

On August 30, 2024, the Saxon Supervisory Authority (“SDTB”) published its recommendation on the redaction of documents.

The SDTB pointed out that it is often necessary to delete or anonymize personal data (for example when publishing documents containing sensitive data) and that, in such cases, technical and organizational measures, including document redaction, must be implemented for data protection. In particular, the recommendation describes the possible sources of error and solutions relating to redaction.

For more information: SDTB Website [DE]

08/28/2024

Rhineland-Palatinate Supervisory Authority | Press Release | Customer Account

The Rhineland-Palatinate Supervisory Authority (“LfDI Rheinland-Pfalz”) announced in a press release that it has sent an information letter to 13 e-shops on the necessity of providing guest access when placing an order.

While recognizing the advantages of creating a customer account (e.g., ordering without having to enter the same data again or reviewing orders), the LfDI Rheinland-Pfalz points out that individuals should always have an equal alternative when shopping online. It further considers that online shops have an obligation to implement a guest ordering process which results from the provisions of Articles 5 and 6 of the GDPR.

For more information: LfDI Rheinland-Pfalz Website [DE]

08/15/2024

BfDI | Press Release | Messenger Services Standard Test Catalogue

The Federal Commissioner for Data Protection and Freedom of Information (“BfDI”) has launched a public consultation process on the creation of a uniform test for messenger services regarding their compliance with the GDPR.

The BfDI has initiated the development of a uniform standard test regarding the GDPR compliance of messenger services. This is especially important due to their widespread use both in private life and for work related purposes. So as to create a useful uniform standard test, the BfDI now invites specialist users or deployers and the civil society to comment on and participate in the development of criteria for the published draft test.

For more information: BfDI Website [DE]

08/01/2024

Saxony Supervisory Authority | Guidelines | Data Subject Access Requests

On August 1, 2024, the Saxon Supervisory Authority (“SDTB”) published guidelines for local authorities and administrative bodies on how to handle data subject access requests under Article 15 of the GDPR.

The SDTB’s guidelines are intended to provide guidance on how to comply with requests regarding the right of access of data subjects. It incorporates the latest higher court’s and especially the Court of Justice of the European Union’s case law.

For more information: SDTB Website [DE]

Italy

08/09/2024

Italian Supervisory Authority | Sanction | Unlawful access to a database

The Italian Supervisory Authority (“Garante”) published its decision of June 6, 2024, imposing a fine of €1 million on a financial institution for unlawful processing.

The Garante received a complaint where an individual claimed having been blacklisted and denied financing for a long-term car rental, following verifications in a database. The complainant requested to the car rental company and its parent company, a financial institution, information on the reasons behind the backlisting in the context of a request to exercise his rights under the GDPR but received no response. Upon investigation, the Garante found that the financial institution, which proceeded to verifications on behalf of the car rental company, did not have the authorization from the Ministry of Economy and Finance to access the centralized fraud prevention system (“SCIPAFI”) and concluded that the complainant’s personal data had been unlawfully processed.

For more information: Garante Website [IT]

08/09/2024

Italian Supervisory Authority | FAQ | Right to be forgotten

The Italian Supervisory Authority (“Garante”) announced having released frequently asked questions (“FAQs”) on the “right to be forgotten in oncology”.

The FAQs aim to clarify the provisions of the Law No. 193 of 7 December 2023 on “right to be forgotten in oncology”, which allows individuals who have recovered from an oncological disease not to provide information or be investigated regarding their previous condition to access to banking, financial, investment and insurance services, to insolvency procedures, as well as to employment and professional training. The Garante will be in charge of the enforcement of these provisions.

For more information: Garante Website [IT]

Switzerland

08/14/2024

Swiss Federal Council | Adequacy Decision | Swiss-US Data Privacy Framework

The Swiss Federal Council adopted its decision of adequacy regarding the USA under the Swiss-US Data Privacy Framework (“DPF”).

Over a year after the European Commission, the Swiss Federal Council has now also adopted its adequacy decision for US-companies certified under the DPF and thus facilitates the transfer of personal data to the USA in compliance with data protection regulations. This will enter into force on 15 September 2024.

For more information: Federal Council Website

United Kingdom

08/21/2024

Department for Science, Innovation and Technology | Blog | Privacy-Preserving Federated Learning

The Department for Science, Innovation and Technology (“DSIT”) published a blog post on implementation challenges in Privacy-Preserving Federated Learning (“PPFL”).

The blog highlights challenges to developing deployable PPFL, which are due to several factors such as real-world conditions for deployment (e.g., insufficient computational power) or flaws in the system design which can lead to privacy breaches.

For more information: UK Government Website

08/13/2024

UK Supervisory Authority | Report | Privacy Enhancing Technologies

The UK Supervisory Authority (“ICO”) published a report entitled “Tackling Barriers to Privacy-Enhancing Technologies Adoption”.

Privacy-Enhancing Technologies (“PETs”) are defined by the ICO as technologies supporting data privacy by minimizing the use of personal data and increasing their security. The report explains, in particular, the barriers to adopting such technologies and provides recommendations on how to support and promote their use across organizations.

For more information: ICO Website

08/07/2024

UK Supervisory Authority | Sanction | Ransomware Attack

The UK Supervisory Authority (“ICO”) issued a provisional decision to impose a fine of £6.09 million (approximately €7,14 million) on a software provider following a ransomware attack which occurred in 2022.

The ICO explained that hackers accessed the company’s health and care systems through a customer account which was not protected via multi-factor authentication. The attack led to the exfiltration of personal data from 82,946 individuals, including phone numbers, medical records, and information on how to gain entry to the homes of 890 people receiving home care. Critical services had also been disrupted. The ICO’s findings are provisional, and a final decision has not yet been made. If issued, this will notably be the first time that the ICO issues a fine to a processor for a breach of its obligations under data protection laws.

For more information: ICO Website

08/02/2024

UK Supervisory Authority | Statement | Children protection

The UK Supervisory Authority (“ICO”) issued a statement calling on social media platforms (“SMPs”) and video-sharing platforms (“VSPs”) to improve their children’s data privacy practices.

The ICO stated that it has reviewed 34 SMPs and VSPs focusing on the process children go through to sign-up for accounts. The ICO found different levels of compliance with the Children’s Code, and sent some of the platforms questions on issues relating to default privacy settings, geolocation, age assurance and targeted advertising.

For more information: ICO Website

This newsletter has been prepared by the European Privacy team of Gibson Dunn. For further information, you may contact us by email:

Ahmed Baladi – Partner, Co-Chair, PCCP Practice, Paris ([email protected])

Joel Harrison – Partner, Co-Chair, PCDI Practice, London ([email protected])

Vera Lukic – Partner, Paris ([email protected])

Lore Leitner – Partner, London ([email protected])

Kai Gesing – Partner, Munich ([email protected])

Clémence Pugnet – Associate, Paris ([email protected])

Thomas Baculard – Associate, Paris ([email protected])

Hermine Hubert – Associate, Paris ([email protected])

Billur Cinar – Associate, Paris ([email protected])

Christoph Jacob – Associate, Munich ([email protected])

Yannick Oberacker – Associate, Munich ([email protected])

Sarah Villani – Associate, London ([email protected])

Miles Lynn – Associate, London ([email protected])