San Francisco partner Brian Lutz and associate Michael Kahn are the authors of “2 New Defenses To Federal Shareholder Derivative Claims” [PDF] published by Law360 on June 15, 2022.

Decided June 15, 2022

Viking River Cruises, Inc. v. Moriana, No. 20-1573

Today, the Supreme Court held that individual claims arising under California’s Labor Code Private Attorneys General Act (“PAGA”) can be compelled to arbitration.

Background: PAGA permits an employee to sue her employer for Labor Code violations on behalf of the State of California and share in the recovery.  Moriana, an employee of Viking River Cruises, agreed to arbitrate all disputes and waived her ability to bring class-wide, representative, or PAGA claims.  She nevertheless brought a PAGA claim in California state court after her employment ended, alleging Labor Code violations affecting her and other employees and seeking aggregated penalties for all of the alleged violations.  The California Court of Appeal allowed the case to proceed, holding that under the California Supreme Court’s decision in Iskanian v. CLS Transport Los Angeles, LLC (2014), the waiver of representative PAGA claims in Moriana’s arbitration agreement was unenforceable.  Because under Iskanian, a PAGA claim cannot be divided into “individual” and “representative” claims brought in separate proceedings, the court permitted all of Moriana’s claims to proceed in court.

Issue: Does the Federal Arbitration Act require enforcement of a bilateral arbitration agreement with respect to an individual claim under PAGA?

Court’s Holding:

Yes.  The FAA preempts the California Supreme Court’s Iskanian decision insofar as it precludes the division of PAGA actions into individual and non-individual claims.  Viking may compel arbitration of Moriana’s individual PAGA claim, and the remaining non-individual PAGA claims must be dismissed because Moriana lacks statutory standing under PAGA without her having an individual claim in the action.  The FAA, however, does not preempt Iskanian’s prohibition on wholesale waivers of PAGA claims.

“We hold that the FAA preempts the rule of Iskanian insofar as it precludes division of PAGA actions into individual and non-individual claims through an agreement to arbitrate. This holding compels reversal in this case.”

Justice Alito, writing for the Court

What It Means:

• The Court’s decision is a victory for California employers that will likely lead to the enforcement of arbitration agreements in many PAGA actions—resulting in the compelling of individual PAGA claims to arbitration and the dismissal of non-individual PAGA claims in court—with some potential variation depending on the precise language of the arbitration agreements at issue.
• The Court’s reasoning turned on its conclusion that a PAGA claim can be divided into an individual PAGA claim (based on allegations of Labor Code violations specific to the named plaintiff) and a non-individual PAGA claim (based on allegations of Labor Code violations as to other employees not named in the action).  The Court held that the Iskanian decision, by mandating the joinder of non-individual PAGA claims with individual PAGA claims, led to a result “incompatible with the FAA.”
• In concluding that Moriana’s individual PAGA claim was subject to arbitration, the Court relied in part on a severability provision in the arbitration agreement to narrow an otherwise invalid wholesale waiver of PAGA claims.  This analysis suggests that whether courts will compel arbitration of individual PAGA claims may turn on the specific language of the arbitration agreement at issue.
• The Court held that the proper result, once Moriana’s individual PAGA claim is sent to arbitration, is dismissal of her non-individual PAGA claims, as she no longer would satisfy PAGA’s statutory standing requirement.  Justice Sotomayor in a concurring opinion suggested that the California courts could decide that the Court’s understanding of this aspect of California law is incorrect, or that the California legislature could modify PAGA’s standing requirement.

The Court’s opinion is available here.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding developments at the Supreme Court. Please feel free to contact the following practice leaders:

Appellate and Constitutional Law Practice

Related Practice: Labor and Employment

Related Practice: Class Actions

At long last, and just over a month before the drafts were originally scheduled to be finalized, the California Privacy Protection Agency (CPPA) released its draft regulations for the California Privacy Rights Act (CPRA) on May 27, 2022, in advance of the CPPA’s June 8, 2022 meeting.  The CPRA will go into effect January 1, 2023.  Finalization of the regulations before the July 1, 2022 deadline is unlikely, according to the CPPA itself, and whether this delay will impact the CPRA’s enforcement date (as some commentators suggest) remains to be seen.

In August 2020, the California Attorney General released the final regulations for the California Consumer Privacy Act or CCPA, which is the comprehensive state privacy law that will be replaced by the CPRA in January 2023.  The May 2022 draft CPRA regulations redline the August 2020 CCPA regulations and mostly focus on the CPRA’s changes to the preexisting CCPA concepts.[1]  The draft regulations offer businesses a long-awaited roadmap to compliance with the law, albeit a roadmap with clarifications and finalization that remain outstanding.  Key regulations addressed by this initial draft include those relating to dark patterns, expanded rules for service providers, third-party contracts, third-party notifications, requests to correct, opt-out preference signals, data minimization, privacy policy rules, revised definitions, and enforcement considerations.  But this roadmap is subject to debate and change, and is not comprehensive.  Indeed, a number of key issues and inconsistencies were—to the disappointment of many observers—left unaddressed.

Days after the CPPA’s release of the draft regulations, both businesses and consumers expressed desire for further clarity on key issues during the CPPA’s June 8, 2022 Board Meeting, during which the Board formally voted 4-0 to begin the rulemaking process.  Once the Board files the notice and it is published in the California Regulatory Notice Register, the formal rulemaking process will actually commence.  Filing the notice will then begin a public comment period of at least 45 days during which stakeholders and interested parties can submit written comments, and a public hearing will be scheduled.  The earliest date that the regulations theoretically could be finalized would be late July.  Finalization is more likely to extend into Q3 or Q4, as additions and revisions are highly likely.  At the meeting, businesses requested at least a six-month enforcement deadline extension, noting (as the Board has previously recognized) that it will necessarily miss the July 1 deadline to finalize regulations.

Below, we discuss the key changes to the regulations, then discuss two key concepts that were not addressed by the first draft.  These revised regulations create significant impacts for all businesses and fill in key gaps created by the first draft of regulations.  The CPPA’s effort here indicates that it plans to take a very active role in defining the law and its vision of enforcement.

___________________

Table of Contents

Key Updates In the Initial Regulations

(1)   Dark Patterns

(2)   Rules for Service Providers and Contractors, Including Expanded Agreements and Service Provider Potential Liability

(3)   Rules Expanding Contractual Requirements with Third Parties

(4)   Notifications by a Business regarding Third-Party Data Collection

(5)   Sensitive Personal Information

(6)   Consumer Requests to Correct Information

(7)   Opt-Out Preference Signals

(8)   Data Minimization and Retention

(9)   Privacy Policy

(10) Significant Definitions

(11) Enforcement

What is Not Addressed By the First Draft

___________________

Key Updates in the Initial Regulations

Although the regulations are subject to change, they still provide helpful guidance for businesses that can be implemented now.  Below, we’ve highlighted what we believe to be some of the most interesting and potentially impactful draft regulations.

(1)   Dark Patterns

Similar to recent discussions and writings from the FTC,[2] the CPRA sought to address issues relating to dark patterns, which the CPRA defines as “[a] user interface designed or manipulated with the substantial effect of subverting or impairing user autonomy, decision-making, or choice, as further defined by regulation.”[3]  The CPRA introduced a new concept that was not contemplated directly by the CCPA:  the concept that dark patterns cannot be used to obtain valid consent (e.g., consent to track and share personal information).[4]  Draft regulation Section 7004 bears a “consent” heading and makes clear that any dark patterns used to obtain consent would vitiate consent.[5]  This section also concerns dark patterns affecting “methods for submitting CCPA requests.”[6]  In other words, these dark pattern rules also apply to other design choices such as the form a website uses to collect correction right requests, which is potentially broader than the dark pattern concerns expressed in the CPRA.[7]

The regulations define a dark pattern as any user interface that “has the effect of substantially subverting or impairing user autonomy, decisionmaking, or choice, regardless of a business’s intent” or anything that would otherwise “not comply” with the consent rules in Section 7004(a).[8]  This section provides about three pages of new content (as compared to the CCPA regulations) explaining how consent may be obtained, and announces five guiding principles to avoid vitiating consent via dark patterns.[9]  Specifically, user interface architecture must (1) be “[e]asy to understand[,]” (2) provide “[s]ymmetry in choice[,]” (3) “[a]void language or interactive elements that are confusing to the consumer[,]” (4) “[a]void manipulative language or choice architecture[,]” and (5) be “[e]asy to execute.”[10]  The regulations also include a number of illustrations and examples.  The substantial subversion concept, however, still warrants further elaboration, and one commenter during the June 8, 2022 CPPA Board Meeting suggested that the Agency adopt a “design practice[] that amount[s] to consumer fraud” standard instead.

This guidance suggests that, at least in the eyes of the CPPA, many widely used business practices may violate the CCPA.  Of note, according to the CPPA, dark patterns may include simply making consumers feel bad about their choices.  As one example provides, “[w]hen offering a financial incentive, pairing choices such as, ‘Yes’ (to accept the financial incentive) with ‘No, I like paying full price’ or ‘No, I don’t want to save money,’ is manipulative and shaming.”[11]  The “symmetry in choice” concept would also require material changes for many businesses.  As one example provides, “[a] website banner that serves as a method for opting out of the sale of personal information that only provides the two choices, ‘Accept All’ and ‘More Information,’ or ‘Accept All’ and ‘Preferences,’” is explicitly not permissible for opting out of the sale or sharing in this draft.[12]  These draft regulations signal that many businesses need to start thinking now about how their consent flows may fall into these broad definitions of dark patterns, given how common such practices are.

(2)   Rules for Service Providers and Contractors, Including Expanded Agreements and Service Provider Potential Liability

The draft regulations include several new and modified provisions impacting service providers and vendors, i.e., entities that collect and process data in the context of providing a service (including software-as-a-service or SaaS businesses) to another entity.  The regulations impose different obligations on the service provider and on the person or entity to whom the relevant services are provided.  The changes provide additional helpful detail regarding the CPRA’s requirements, including:  (i) expanding the applicability of service provider provisions while excluding cross-contextual advertising services; (ii) adding product or service improvements to the list of reasonable uses of personal information; and (iii) instituting explicit and specific requirements for contracts with service providers and contractors.

First, whereas the CCPA regulations applied only when the service provider provided a service to a “business”—as defined by the CCPA—the draft regulations state that a business that “provides services to a person or organization that is not a business, and that would otherwise meet the requirements and obligations of a ‘service provider’ or ‘contractor’” should still be considered a service provider or contractor.[13]  Therefore, the provisions now also may be read to apply to a service provider whose customer is, for example, a non-profit organization and not a business.  This expanded service provider definition does not apply to cross-contextual advertising services, i.e., services for online advertising where a customer provides a list of its own customers’ email addresses to the vendor.[14]  In that case, the vendor would not be considered a service provider, even if it otherwise met all of the requirements, if the customer was not a “business.”  Advertising services that do not rely on any transfer of personal information provided by the business are not considered cross-contextual advertising services.

This suggests that the draft intends service providers to be covered by the CPRA, even if its customers are not; nonetheless, service providers also have significantly reduced obligations under the CCPA and CPRA, as compared to a business.  For example, because a service provider does not determine the means and processing of the personal information it receives, it does not have to ensure that the information is being retained and processed only in the manner and for the purposes for which consent was obtained or disclosures were properly made.  Those concerns remain the province of the entity providing the information and may flow through to the service provider, but are not as restricting.  Still, the CPRA is of interest to all parties, in applying varying levels of requirements on entities processing personal information.

Second, in what may be a significant relief to many service providers, the draft regulations would explicitly allow service providers to use data, including personal information, obtained from one customer to improve the product or service for all customers, provided the personal information is not “used to perform services on behalf of another,” such as by marketing to the business’ customers on behalf of another company.[15]  Without this allowance, service providers may have been forced to include provisions in their agreements with businesses that would explicitly permit such a use of the personal information, which would in turn possibly have required businesses to disclose such uses by their service providers to consumers or even obtain opt-in consent (or opt out of sale).  Given the many difficulties likely to be encountered in obtaining all such contractual agreements and consents, many service providers could see their business models hamstrung and their product-improvement objectives severely undermined.

Third, the draft regulations flesh out the CPRA’s requirements that seek to restrict the service provider’s control of the personal information it receives from a business such that the service provider grants the same level of privacy protection as the business that is directly regulated by California privacy laws.  For instance, the CPRA requires that a service provider be contractually limited to processing personal information for the business purposes for which it has received the personal information from the business.  The draft regulations additionally require that the business purposes be listed with specificity beyond a mere reference to the purpose of the contract.

These requirements, particularly in combination with requirements for service provider agreements under other state privacy laws taking effect in 2023, are likely to require businesses and service providers to renegotiate their agreements.  Businesses may also need to revise their workflows and methods of cooperation to account for implementing consumer requests.

(3)   Rules Expanding Contractual Requirements with Third Parties

In addition to the service provider requirements, the draft regulations impose obligations on third parties that receive personal information from an entity other than the individual to whom the personal information belongs.  The term “third party” is not explicitly defined in the draft regulations, but appears to refer to any person or entity that receives personal information from a business and is not considered service provider or contractor.  The third party must honor requests to delete or opt out of the sharing of personal information as well as requests forwarded to the third party from the business from which the third party obtained the personal information.[16]

A business that sells or shares personal information with a third party[17] must also enter into an agreement with that third party that includes requirements substantially similar to those in service provider contracts.[18]  Among other requirements, the agreements with third parties must:  (i) require the third party to only use and retain the personal information for the narrow purposes for which the personal information is being sold or disclosed; (ii) require the third party to comply with the CPRA and the draft regulations, including by providing the same level of privacy protection; and (iii) allow the business to require the third party to verify its compliance with its obligations under the agreement as well as the CPRA and the draft regulations.[19]  Finally, any third party that does not have such an agreement in place would not be permitted to retain or process the personal information it receives from a business in any way.

Similar to service providers and contractors, the draft regulations apply to third parties receiving personal information from any entity, whether the entity is itself a “business” subject to the CPRA and the draft regulations or not.  Specifically, whether or not the contracting entity is a business, third parties cannot store or process personal information absent a compliant contract with the entity, and the third party must adhere to the terms of the contract under which it received personal information and otherwise comply with the CPRA and the draft regulations.

Finally, failure on the part of a business to conduct due diligence of any third parties with which it shares personal information may prohibit the business from using ignorance of any misuse of the personal information as a defense in the face of a breach or violation of the CPRA or the draft regulations.  This encourages businesses to ensure their due diligence processes are sufficient, and third parties such as data brokers may face some additional inquiries and contractual requirements.

(4)   Notifications by a Business regarding Third-Party Data Collection

The draft regulations add a new concept requiring the notification of third-party involvement in the collection of personal information.[20]  Specifically, if one business interacts with a consumer but another party is involved and “controls” the collection of personal information (e.g., a cookies analytics provider), then the first business needs to inform the consumer of the third-party collection and the identity of the third party.  The draft regulations indicate that this is also true for physical businesses that may allow a third party to collect personal information.  The CPPA provided the following example:  if a coffee shop allows a business providing Wi-Fi to collect personal information, then the coffee shop needs to inform customers of that third-party data collection through a sign or other signals of that collection.[21]

(5)   Sensitive Personal Information

The draft regulations operationalize the new right to limit the use of sensitive personal information under the CPRA.  The draft regulations add Section 7027, which concerns consumer requests to limit the use and disclosure of sensitive personal information.  The section primarily contemplates giving consumers the ability to limit use and disclosure “to that which is necessary to perform the services or provide the goods reasonably expected.”[22]  Businesses that process sensitive personal information for certain purposes must provide a notice of such processing.  Businesses using or disclosing personal information of this kind would be required to provide two or more designated methods for submitting requests to limit, and at least one of the methods must reflect the manner in which the business primarily interacts with the consumer (such as restrict processing to only permissible purposes through a “Limit the Use of My Sensitive Personal Information” link).[23]  However, businesses are permitted to use or disclose sensitive personal information without being required to offer consumers a right to limit when the information is necessary to perform the services or provide the goods reasonably expected by an average consumer who requests those goods or services; to detect security incidents to resist malicious or illegal attacks on the business; ensure the physical safety of natural persons; for short-term, transient use; perform services on behalf of the business; or verify or maintain the quality or safety of the business—a list that was not yet specified until the draft regulations.[24]

(6)   Consumer Requests to Correct Information

The draft regulations also operationalize the CPRA’s new right to correct inaccurate personal information.  The draft regulations add an entirely new section on consumer requests to correct information.[25]  At first glance, this regime is quite burdensome:  in evaluating whether personal information is accurate, businesses must first consider the totality of the circumstances, including the nature of the information, how it was obtained, and documentation relating to the accuracy of the information.[26]  While businesses may comply with a consumer’s request to correct by correcting the information and ensuring that the information it (and its service providers and contractors) holds remains correct, a business may also choose to delete the information if such deletion does not negatively impact the consumer or the consumer consents to the deletion.  Then, if the business were to deny the request for correction, they would be required to inform consumers of the basis for that denial, further outlining a procedure for consumers to respond in writing.[27]  This section also provides specific examples relating to data brokers:  if a business receives a request to correct information that it received from a data broker, it must both correct the information and ensure that it is not overridden by inaccurate information later re-received from the data broker.  Where a business is not the source of the inaccurate information, the business is required to disclose the name of the source (such as a data broker) supplying the inaccurate information to the consumer.[28]

(7)   Opt-Out Preference Signals

The draft regulations add a definition of an “opt-out preference signal,” which is a signal sent by a platform, technology, or mechanism on behalf of the consumer that communicates the consumer’s choice to opt out of the sale and sharing of personal information and that complies with the requirements set forth in the draft regulations.  Notably, the draft regulations require businesses to process all consumer opt-out preference signals that meet certain requirements.[29]  The details for these opt-out mechanisms are outlined in the new Section 7025.  This section dictates that when a business detects an opt-out signal, it must treat it as a bona fide opt-out request and cannot require additional information to be provided.  If the signal conflicts with a privacy setting or participation in some program, like a business’s financial incentive program that requires the consumer to consent to the sale or sharing of personal information, the business must provide notice to the consumer.  Businesses are instructed to process these opt-out signals in a frictionless manner.  Businesses are also required to display whether or not they have processed consumers’ opt-out preference signals, with the draft regulations suggesting the use of a banner, toggle, or radio button indicating to consumers that they have opted out of the sale of their personal information.

Revisions to Section 7026, meanwhile, indicate that requests to opt out of sales and/or sharing need not be verifiable and must be communicated to third parties.  Crucially, the draft regulations indicate that a self-serve cookie management control process alone would not be sufficient to effectuate requests to opt out of sales and/or sharing, because “cookies concern the collection of personal information and not the sale or sharing of personal information.”[30]

For those less familiar with the development of the CCPA and CPRA, opt-out signals (sometimes described as do-not-track signals) have been a source of ongoing confusion for businesses.  While the draft regulations provide additional clarification, technical questions remain as to how these signals may or may not be communicated to a business, and what choices business have to present opt outs, links, or otherwise to ensure they effectively respond to consumers’ opt-out signals.  Standardization of these signals may be necessary for businesses to meaningfully comply.

(8)   Data Minimization and Retention

The draft regulations include a section on the new data minimization requirement, which requires businesses to collect, use, retain and/or share consumers’ personal information in a way that is “reasonably necessary and proportionate” to the original purpose for collecting it.  The draft regulations define this standard tautologically as “what an average consumer would expect.”  Any collection, use, retention, or sharing that does not meet this standard requires additional notice and the consumer’s explicit consent.

Of particular note are the examples provided in this section.  Impermissible collection, use, retention, and sharing examples include:

• Collecting geolocation information through an app that does not primarily perform a geolocating function—e.g., a flashlight app.
• Using personal information provided to a SaaS company to research and develop “unrelated or unexpected new products”—e.g., where the service provided is cloud storage and the new product is a facial recognition service.
• Using personal information provided as part of a transaction for the marketing of other business’ products.
• Retaining customer files stored as a service after the customer deletes their account.
• Sharing geolocation information with data brokers without the consumer’s explicit consent, where the original collection was permissible as part of the suite of services the company provides—e.g., an internet service provider collecting geolocation information.

This new section drastically changes permissible practices with respect to consumer data, particularly around research for marketing purposes, and provides a hook for the enforcement agency to find impermissible processing of information, a concept that was largely missing from the CCPA.  We expect contentious debate around these new restrictions at the next stakeholder sessions.

Additionally, the draft regulations update the Privacy Policy and Notice sections to include a new requirement that businesses disclose how long they intend to retain personal information.[31]  To comply, businesses will need to develop data retention policies and a data purge protocol, and revise their privacy policies to note the relevant retention periods.

(9)   Privacy Policy

Section 7011 specifies the privacy policy requirements under the CCPA and CPRA.  The draft regulations in this section struck about three pages of text.  First, the regulations begin by largely reinstating disclosure requirements concerning the categories, purposes, and sources of personal information, as well as relevant third parties.[32]

Second, the amendments require that the privacy policy include a description of a consumer’s rights under the CCPA, including the new rights:

• the right to correct inaccurate personal information;
• the right to opt out of the sale or sharing of personal information; and
• the right to limit the disclosure of sensitive personal information.[33]

Third, the regulation amendments require privacy policies to include an explanation of how consumers exercise these rights, and notably add a requirement on how an opt-out request will be processed for the consumer (i.e., whether the opt-out preference signal applies to the device, browser, consumer account, and/or offline sales, and in what circumstances).[34]  Finally, the policy must also include the date it was last updated and, if applicable, a link to certain reporting requirements under Section 7102 for businesses that handle the personal information of more than 10,000,000 consumers in a calendar year.

(10)   Significant Definitions

The draft regulations propose numerous changes to the definitions section that inform entirely new provisions introduced as part of the CPRA and work to modify existing provisions by altering or refining the meanings of existing terms.[35]

Notable newly added terms include:

• “Disproportionate effort,” meaning instances where the effort on the part of the business to comply with a consumer’s legitimate request would be significantly out of proportion with the benefit to the consumer; and
• “Unstructured” as it relates to the nature of the data in which personal information is contained, including text, audio, or video files that contain personal information as part of their content but do not have a defined internal structure (as opposed to a database storing that same information).

“Disproportionate effort” and “unstructured” begin to grapple with the daunting realities faced by businesses attempting to comply with consumers’ requests.  Under the proposed regulations, businesses would be able to tailor their compliance to take into account overly burdensome or unreasonable requests based on the nature of the data at issue (e.g., large video files that are both cumbersome to access and difficult to search) and the burden that complying with such a request would place on the business.  These additions take a step toward balancing consumers’ legitimate rights and interests with the practical realities faced by businesses.

A notable change to the pre-existing terms:  the term “household” has been deleted, sunsetting a term that caused consternation for businesses seeking to comply with the regulations.

(11)   Enforcement

The draft regulations include a new section on enforcement actions.  Section 7300 provides guidance for filing a sworn complaint with the enforcement agency, including the requirements for identifying the alleged violation of the CCPA.  Sections 7302 outlines how the Agency shall conduct “probable cause hearings” which require notice to the alleged violator before conducting an “informal[]” hearing at which it makes a “probable cause determination,” later issued in writing.  Notably, notices of probable cause and probable cause determinations are not public, nor admissible in evidence in any action other than one enforcing the CCPA.  Section 7304, meanwhile, empowers the Agency to audit businesses to ensure compliance with the CCPA.

What Is Not Addressed by the First Draft

The CPPA has had little time to untangle a Gordian knot of competing consumer privacy interests, business compliance issues, and a hodgepodge of public demands.  The delay started early in the process and staffing and key developments came late (for example, the CPPA’s Executive Director was only selected in October 2021).  So it is not surprising that these regulations left many issues unaddressed, particularly those concerning measures added by the CPRA, including restrictions for automated decision-making, cybersecurity audits and data protection risk assessments.

One of the most conspicuous omissions concerns the lack of parameters for automated decision-making.  The CPRA defines “profiling” as “any form of automated processing of personal information, as further defined by regulations pursuant to paragraph (16) of subdivision (a) of Section 1798.185, to evaluate certain personal aspects relating to a natural person and in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements,” leaving the contours relatively amorphous in scope.[36]  Contrary to the scope defined by other comprehensive state privacy laws (let alone the EU’s GDPR), commenters have pointed out that the CPRA’s language casts an incredibly wide net that could be argued to cover everything from pernicious forms of facial recognition in public places to humdrum automated processes like calculators and spellcheckers that may process personal information.  As expressed in many CPPA public record comments, numerous stakeholders hoped the initial set of regulations would at least clarify this definition, for example, by limiting it to automated technologies that could create a material impact on a person, similar to the EU’s GDPR.[37]  That task was punted in the current draft regulations, with an unknown timeline, leaving many in limbo.

Another significant omission concerns the CPRA’s requirement for businesses to conduct annual cybersecurity audits and risk assessments for businesses “whose processing of consumers’ personal information presents significant risk to consumers’ privacy or security.”[38]  This risk assessment was not contemplated by the CCPA.  The CPRA noted two key factors “ to be considered in determining when processing may result in significant risk to the security of personal information[,]” “the size and complexity of the business and the nature and scope of processing activities.”[39]  The CPRA required this risk assessment to be submitted to the CPPA on a regular basis.  This task will require an assessment of “whether the processing involves sensitive personal information, and identifying and weighing the benefits resulting from the processing to the business, the consumer, other stakeholders, and the public, against the potential risks to the rights of the consumer associated with that processing, with the goal of restricting or prohibiting the processing if the risks to privacy of the consumer outweigh the benefits resulting from processing to the consumer, the business, other stakeholders, and the public.”[40]  Businesses will need to make careful decisions about how to describe their business processes.

In addition, the proposed draft regulations do not extend the current partial exemptions for employees, job applicants, and independent contractors.  Since the draft regulations do not address limitations on the rights of these data subjects, businesses may need to be prepared to fully comply with all CCPA and CPRA obligations for employees, job applicants, and independent contractors by January 1, 2023, unless the law is amended.

***

These draft regulations are a key milestone for the CPPA’s rulemaking responsibilities and fill in key gaps to help businesses comply with the law.  We will continue to monitor regulatory developments, and are available to discuss these issues as applied to your particular business.

_____________________

   [1]   The regulations only explicitly reference the CCPA, but should be understood to concern the CPRA as well.

   [2]   Last year, the FTC hosted a workshop to explore pernicious dark pattern trends and issued a thorough report to explain the phenomenon.  Bringing Dark Patterns to Light:  An FTC Workshop, Federal Trade Commission (April 29, 2021), available at https://www.ftc.gov/news-events/events-calendar/bringing-dark-patterns-light-ftc-workshop.  Invigorated by the workshop, the FTC issued a policy statement and announced that it would prioritize enforcement against dark patterns—specifically those relating to recurring subscription fees.  FTC to Ramp up Enforcement against Illegal Dark Patterns that Trick or Trap Consumers into Subscriptions (Oct. 28, 2021), available at https://www.ftc.gov/news-events/news/press-releases/2021/10/ftc-ramp-enforcement-against-illegal-dark-patterns-trick-or-trap-consumers-subscriptions.

   [3]   Cal. Civ. Code § 1798.140(l).

   [4]   Id. § 1798.140(h).

   [5]   Draft Regulations § 7004(b).

   [6]   Id. § 7004(a).

   [7]   This expansion of the CPRA’s concept of dark patterns operates under the California Civil Code, subsections 1798.185(a)(4)-(7), which give the CPPA authority to establish rules and procedures to facilitate and govern the submission of consumer requests under the CCPA.

   [8]   Draft Regulations § 7004(b)-(c).

   [9]   Id. § 7004.

  [10]   Id. § 7004(a).

  [11]   Id. § 7004(a)(4)(A).

  [12]   Id. § 7004(a)(2)(C).

  [13]   Id. § 7050(a).

  [14]   Id. § 7050(c).

  [15]   Id. § 7050(b)(4).

  [16]   Id. § 7052.

  [17]   Whereas the focus of “selling” under the CCPA was on whether there was monetary or other valuable consideration for the disclosure of personal information, the concept of “sharing” under the CPRA focuses on whether personal information is used by third parties for cross-context behavioral advertising (whether or not for monetary or other valuable consideration).  Under the draft regulations, businesses may be required to offer the opportunity to opt out of any sharing (through a “Do Not Sell or Share My Personal Information” link) and provide notice of the right in their privacy notices.

  [18]   See Draft Regulations § 7053.

  [19]   Id. § 7053(a).

  [20]   Id. § 7012(g).

  [21]   Id. § 7012(g)(4)(B).

  [22]   Id. § 7027(a).

  [23]   Id. § 7014.

  [24]   Id. § 7027(l)(1)-(7).

  [25]   Id. § 7023.

  [26]   Id. § 7023(b).

  [27]   Id. § 7023(f).

  [28]   Id. § 7023(i).

  [29]   Id. § 7025(b).

  [30]   Id. § 7026(4).

  [31]   Id. § 7012.

  [32]   Id. § 7011(e)(1).

  [33]   Id. § 7011(e)(2).

  [34]   Id. § 7011(e)(3).

  [35]   Id. § 7001.

  [36]   Cal. Civ. Code § 1798.140(z) (emphasis added).

  [37]   The GDPR uses an impact to risk-based approach—only governing processing “which produces legal effects concerning him or her or similarly significantly affects him or her.”  GDPR at Art. 22(1) (emphasis added).  For example, this may include loan or employment applications.

  [38]   Cal. Civ. Code § 1798.185(a)(15).

  [39]   Id.

  [40]   Id.

The following Gibson Dunn lawyers prepared this client alert: Alexander Southwell, Ryan Bergsieker, Cassandra Gaedt-Sheckter, Abbey Barrera, Snezhana Stadnik Tapia, Tony Bedel, Warren Loegering, Raquel Sghiatti, Courtney Wang, Samantha Abrams-Widdicombe, and Leon Freyermuth.

Gibson Dunn lawyers are available to assist in addressing any questions you may have about these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any member of the firm’s Privacy, Cybersecurity & Data Innovation practice group:

United States
Matthew Benjamin – New York (+1 212-351-4079, [email protected])
Ryan T. Bergsieker – Denver (+1 303-298-5774, [email protected])
S. Ashlie Beringer – Co-Chair, PCDI Practice, Palo Alto (+1 650-849-5327, [email protected])
David P. Burns – Washington, D.C. (+1 202-887-3786, [email protected])
Cassandra L. Gaedt-Sheckter – Palo Alto (+1 650-849-5203, [email protected])
Svetlana S. Gans – Washington, D.C. (+1 202-955-8657, [email protected])
Nicola T. Hanna – Los Angeles (+1 213-229-7269, [email protected])
Howard S. Hogan – Washington, D.C. (+1 202-887-3640, [email protected])
Robert K. Hur – Washington, D.C. (+1 202-887-3674, [email protected])
Kristin A. Linsley – San Francisco (+1 415-393-8395, [email protected])
H. Mark Lyon – Palo Alto (+1 650-849-5307, [email protected])
Karl G. Nelson – Dallas (+1 214-698-3203, [email protected])
Ashley Rogers – Dallas (+1 214-698-3316, [email protected])
Alexander H. Southwell – Co-Chair, PCDI Practice, New York (+1 212-351-3981, [email protected])
Deborah L. Stein – Los Angeles (+1 213-229-7164, [email protected])
Eric D. Vandevelde – Los Angeles (+1 213-229-7186, [email protected])
Benjamin B. Wagner – Palo Alto (+1 650-849-5395, [email protected])
Michael Li-Ming Wong – San Francisco/Palo Alto (+1 415-393-8333/+1 650-849-5393, [email protected])
Debra Wong Yang – Los Angeles (+1 213-229-7472, [email protected])

Europe
Ahmed Baladi – Co-Chair, PCDI Practice, Paris (+33 (0) 1 56 43 13 00, [email protected])
James A. Cox – London (+44 (0) 20 7071 4250, [email protected])
Patrick Doris – London (+44 (0) 20 7071 4276, [email protected])
Kai Gesing – Munich (+49 89 189 33-180, [email protected])
Bernard Grinspan – Paris (+33 (0) 1 56 43 13 00, [email protected])
Penny Madden – London (+44 (0) 20 7071 4226, [email protected])
Michael Walther – Munich (+49 89 189 33-180, [email protected])
Alejandro Guerrero – Brussels (+32 2 554 7218, [email protected])
Vera Lukic – Paris (+33 (0) 1 56 43 13 00, [email protected])
Sarah Wazen – London (+44 (0) 20 7071 4203, [email protected])

Asia
Kelly Austin – Hong Kong (+852 2214 3788, [email protected])
Connell O’Neill – Hong Kong (+852 2214 3812, [email protected])
Jai S. Pathak – Singapore (+65 6507 3683, [email protected])

© 2022 Gibson, Dunn & Crutcher LLP

Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Los Angeles partner Maurice Suh and associate Zathrina Perez are the authors of “Beyond reach: obstacles to third-party discovery in arbitrations” [PDF] published by Financier Worldwide in its July 2022 issue.

Decided June 13, 2022

ZF Automotive US, Inc. v. Luxshare, Ltd., No. 21-401; and AlixPartners, LLP v. The Fund for Protection of Investors’ Rights in Foreign States, No. 21-518

Today, the Supreme Court held 9-0 that parties to private arbitrations abroad may not seek the assistance of federal courts in gathering evidence for use in those arbitrations.

Background: Congress has authorized district courts to order certain discovery “for use in a proceeding in a foreign or international tribunal.” 28 U.S.C. § 1782(a). Luxshare, Ltd. applied under Section 1782 for discovery from ZF Automotive US, Inc. for use in a planned arbitration under the rules of a private German association. The district court granted the application, holding that a private commercial arbitral body abroad qualifies as a “foreign or international tribunal” under Section 1782. The Supreme Court granted certiorari before judgment.

In a separate case, a Russian entity brought an arbitration against Lithuania pursuant to a bilateral investment treaty between Russia and Lithuania. The Russian entity applied under Section 1782 for discovery from U.S.-based third parties. The district court granted the application. The Second Circuit affirmed, holding that the arbitral panel was a “foreign or international tribunal” in large part because it derived its adjudicatory authority from the treaty.

Issue: Whether a private arbitral body is a “foreign or international tribunal” under 28 U.S.C. § 1782(a).

Court’s Holding:

Only a governmental or intergovernmental adjudicative body constitutes a “foreign or international tribunal” under 28 U.S.C. § 1782(a). Such bodies are those that exercise governmental authority conferred by one nation or multiple nations. Thus, a private commercial arbitration abroad does not qualify, nor does an arbitral panel formed pursuant to an international treaty unless the parties to that treaty conferred governmental authority on the arbitral panel.

“The statute reaches only governmental or intergovernmental adjudicative bodies, and neither of the arbitral panels involved in these cases fits that bill.”

Justice Barrett, writing for the Court

What It Means:

• The Court’s decision limits the ability of parties to private foreign and international arbitration proceedings to seek discovery under the United States’ discovery rules, which are relatively liberal compared to other nations’ rules. This might hamstring parties’ ability to develop evidence in private arbitration proceedings abroad, but it also might streamline those proceedings. Parties to these arbitrations may still, however, be able to use state-law remedies to obtain discovery assistance.
• This decision ensures that private foreign arbitrations do not have broader access to federal-court discovery assistance than do private domestic arbitrations. Under the Federal Arbitration Act, parties to private domestic arbitrations may not apply directly to a federal court for discovery assistance, but instead must seek discovery through the arbitrator.
• The Court’s ruling precludes the use of Section 1782 in arbitrations conducted pursuant to bilateral investment treaties, where the treaty does not confer governmental authority on the arbitral body. It remains to be seen whether that holding will prevent the use of Section 1782 in bilateral investment treaty arbitrations conducted through the International Centre for Settlement of Investment Disputes.
• Foreign and international arbitration proceedings are often confidential. The Court’s ruling helps preserve that confidentiality by preventing parties from initiating public litigation in federal courts under Section 1782.

The Court’s opinion is available here.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding developments at the Supreme Court. Please feel free to contact the following practice leaders:

Appellate and Constitutional Law Practice

Related Practice: Judgment and Arbitral Award Enforcement

Related Practice: Transnational Litigation

Related Practice: International Arbitration

On June 10, 2022, the Securities and Futures Commission (“SFC”) published a consultation paper on proposed amendments to enforcement-related provisions of the Securities and Futures Ordinance[1] [2] (“SFO”) (the “Consultation Paper”). This is particularly noteworthy, as the Consultation Paper marks the first time that the SFC has consulted on changes to enforcement-related provisions since the introduction of the SFO 20 years ago. If all measures sought by the SFC are ultimately implemented, we consider it highly likely that we will see a more aggressive approach to enforcement by the SFC. In particular, the changes sought by the SFC to section 213 of the SFO would make it far easier for the SFC to obtain orders compelling licensed corporations / registered institutions that are found guilty of engaging in misconduct under the Code of Conduct for Persons Licensed by or Registered with the Securities and Futures Commission (“Code of Conduct”) to provide investor compensation in relation to that misconduct. At present, there are significant limitations on the SFC’s power to obtain such investor compensation, which have largely shielded licenced corporations and registered institutions from the sort of significant investor compensation claims that have been awarded in other jurisdictions. As such, if this change is implemented, it may well be a “game changer” for the Hong Kong enforcement landscape.

The Consultation Paper also suggests that the SFC has developed a greater appetite for seeking legislative change rather than relying (as it has done in recent years) on providing guidance to the market through the issue of codes, guidelines and circulars. That said, given that many of the changes sought by the SFC could not be achieved through the issue of guidance (as they are largely intended to address the consequences of certain Court of Final Appeal cases and limitations in the drafting of the SFO itself), care must be taken not to assume that this suggests an entirely new approach by the SFC.

I. Expansion of section 213 of the SFO

The most significant and potentially wide reaching amendment sought by the SFC concerns section 213 of the SFO, which provides the SFC with power to seek and obtain injunctive relief from the Court of First Instance (“CFI”). At present, section 213 provides the SFC with the power to seek the following forms of relief:

• an order restraining or prohibiting a breach of the relevant provisions;
• an order requiring a person to take steps to restore the parties to any transaction to the position in which they were before the transaction was entered into;
• an order restraining or prohibiting a person from dealing in a specified property;
• an order appointing an administrator;
• an order declaring that a contract is void or voidable; and
• an order directing a person to do or refrain from doing any act to ensure compliance with any other court order made.

However, under the current drafting of section 213, the SFC may only seek this relief in order to provide remedies for persons affected by contraventions of another person of certain “relevant provisions” and any notice, requirement, conditions, and terms of any license or registration. “Relevant provisions” is defined comparatively broadly in Schedule 1 of the SFO as including the SFO, its subsidiary legislation and certain provisions of the AMLO, Companies (Winding Up and Miscellaneous Provisions) Ordinance (Cap. 32) and Companies Ordinance (Cap. 622). However, this definition does not include the SFC’s codes and guidelines, including most notably the Code of Conduct.

What this means in practice is that at present, as noted by the SFC in its Consultation Paper, the SFC cannot apply for the above orders under s 213 of the SFO when a regulated person has been found by the SFC through its disciplinary processes to be guilty of misconduct or to not be a fit and proper person to remain a regulated person under section 194 or 196 of the SFO, unless the conduct which gave rise to the SFC’s finding also constituted a contravention of the “relevant provisions” and any notice, requirement, conditions, and terms of any license or registration. However, in practice, the extent to which the SFC has relied upon the issue of codes, guidelines and circulars to communicate its regulatory expectations to the market in recent years means that it is comparatively rare for the conduct at the centre of the SFC’s disciplinary processes to give rise to a contravention of “relevant provisions”, as opposed to a breach of said codes, guidelines and circulars.

The SFC has therefore proposed in the Consultation Paper that section 213 be amended to, amongst other matters:

• introduce an additional ground in s 213(1) which would allow the SFC to apply for orders under section 213 where it has exercised any of its powers under sections 194(1), 194(2), 196(1) or 196(2) against a regulated person;
• introduce an additional order in section 213(2) that would allow an order to be made by the CFI to restore the parties to any transaction to the position in which they were before the transaction was entered into, where the SFC has exercised any of its powers under sections 194 or 196 in respect of the regulated person; and
• enable the CFI to make an order under section 213(8) against a regulated person to pay damages where the SFC has exercised any of its disciplinary powers against a regulated person.

The SFC has argued in the Consultation Paper that these changes are necessary to ‘give the SFC more effective means to protect investors and the interests of clients of regulated persons’. We consider that if these changes are implemented, these amendments will likely have a significant impact on the enforcement landscape in Hong Kong for several reasons:

• First, as noted above, the SFC’s current disciplinary powers in respect of breaches of its codes, guidelines and circulars are comparatively limited, particularly in relation to the implementation of financial penalties. At present, fines are capped at a maximum of HK$10 million or three times of the profit gained or loss avoided, whichever is the higher. While this methodology has still resulted in the imposition of a range of significant fines in recent years, these fines could pale in significance to the size of potential investor compensation claims that could be made in relation to future cases. We anticipate future investor compensation claims under an amended section 213 will be particularly significant in the context of IPO sponsor misconduct cases, where IPO sponsors have historically often be the last parties left standing after the collapse of a fraudulent listco – or will simply be the party left standing with the deepest pockets. Similarly, misselling / suitability cases would also expose regulated firms to both SFC disciplinary action as well as significant investor compensation orders, compelling the regulated firm to restore the investors in question to the position they would have been in if not for the regulated firm’s misconduct.
• Second, the SFC has suggested in the Consultation Paper that the CFI should be able to make an order under section 213(8) against a regulated person to pay damages where the SFC has exercised any of its disciplinary powers against a regulated person. As noted above, the SFC’s fining power is currently capped at a maximum of $10 million or three times of the profit gained or loss avoided, whichever is the higher. Any order to pay damages under the amended section 213(8) would presumably not be subject to the current cap on the SFC’s fining powers, meaning that we may also see a significant increase in the penalties imposed on regulated persons by way of damages orders (in addition to investor compensation claims).
• Third, the non-financial disciplinary measures currently available to the SFC are primarily focused on impacting a licensed firm and/or individual’s ability to continue to be licensed (e.g. licence revocation and suspension). However, these measures are limited in effectiveness where dealing with individuals or firms that have no desire to continue to be licensed or who are no longer employed in the industry. Allowing the SFC to more easily seek one or more of the wide range of orders available under section 213 in relation to these individuals and firms is likely to increase the effectiveness of sanctions against such persons.

II. Amendment to PI exemption to the s 103 prohibition on the issue of advertisements

The second change proposed by the SFC concerns section 103 of the SFO. Section 103(1) makes it a criminal offence to issue or be in possession for the purposes of issue an advertisement, invitation or document which, to the person’s knowledge, contains an invitation to the public to enter into an agreement to deal in securities or any other structured products, to enter into regulated investment agreements, or to participate in a collective investment scheme, unless authorized by the SFC to do so. Section 103(3)  further contains a list of exemptions to the marketing restrictions under s 103, including s 103(3)(k), which provides an exemption from the authorization requirement for advertisements of offers of investments that are disposed of, or intended to be disposed of, only to professional investors (the “PI Exemption”).

In its Consultation Paper, the SFC aims to right what it considers to be a “wrong” in the CFA’s interpretation of the PI Exemption in the 2015 case of Pacific Sun Advisors Ltd & Anor v Securities and Futures Commission.[3] In that case:

• The SFC had commenced proceedings against a licensed corporation and its chief executive officer for contravention of section 103(1) in relation to emails sent to all potential investors and publications on the licensed corporation’s website marketing the launch of a fund. The advertisements contained disclaimers stating that the materials ‘should not be construed as an offer to sell nor a solicitation of any offer to buy shares in any fund’. The SFC argued that for the PI Exemption to apply to advertising materials, the advertising material itself must make clear that the advertised investment product is or is intended only for PIs, which these emails did not do.
• However, Pacific Sun argued that while the advertisements were issued to the general public, it was sufficient that the fund itself was intended to be sold and had in fact only been sold to PIs, even though this intention was not clearly stated in the advertisements.

The CFA agreed with Pacific Sun in its decision, and found that the PI Exemption did apply in this case.

In the Consultation Paper, the SFC proposes the amendment of s 103(3)(k) to focus on the point in time when the advertising materials are issued, by exempting from the authorisation requirement those advertisements which are issued only to PIs. This would mean that following this amendment,  unauthorised advertisements of investment products which are or are intended to be sold only to PIs may only be issued to PIs who have been identified as such in advance by an intermediary through its know-your-client and related procedures, regardless of whether or not such an intention has been stated on the advertisements.

The SFC argues that this amendment is necessary on the basis that the Pacific Sun decision has created a situation in which:

• unauthorized advertisements of products unsuitable for retail investors may be issued to the general public even if only intended for sale to PIs, exposing retail investors to offers to invest in risky and unsuitable products; and
• enforcement action may not take place until the sale of a product has taken place in order to determine to whom it has been sold and whether the section 103(3)(k) exemption applies to the advertisement prior to that sale, notwithstanding the fact that section 103(1) clearly only regulates the issue of advertisements rather than the sale of such products. The SFC has noted that this, combined with the fact that a mere intention to sell investment products only to PIs would suffice for an exemption from the authorization regime under section 103(1), ‘makes the regime extremely difficult, if not impossible to enforce’, and contradicts the intention and purpose of section 103.

III. Amendment to territorial scope of insider dealing provisions

The final change proposed by the SFC concerns the civil and criminal regimes under sections 270 and 291 of the SFO in respect of insider dealing, both of which currently apply to insider dealing concerning Hong Kong-listed securities or their derivatives, and securities that are dual-listed in Hong Kong and another jurisdiction or their derivatives. However, as noted by the SFC, the current regime leaves a regulatory lacuna with regard to market misconduct or insider dealing:

• committed in Hong Kong with respect to overseas listed securities or their derivatives; and
• committed outside of Hong Kong in respect of Hong Kong listed securities or their derivatives.

The SFC proposes to close this gap in the legislation by extending the scope of the insider dealing provisions in Hong Kong to address insider dealing in Hong Kong with regard to overseas-listed securities or their derivatives, and to address conduct outside of Hong Kong in respect of Hong Kong listed securities or their derivatives. To support this proposal, the SFC has argued in the Consultation Paper that these amendments are necessary in order to ensure that they have the power to tackle cross-border insider dealing and market misconduct in order to preserve the integrity and reputation of Hong Kong’s financial industry and market. To support this position, the SFC has cited the case of Securities and Futures Commission v Young Bik Fung & Ors as justification.[4] In that case, the Hong Kong based defendants dealt in shares of a bank listed on the Taiwan Stock Exchange with insider knowledge. However, the fact that the shares were not listed in Hong Kong meant that the SFC had to rely on section 300 of the SFO to prosecute the defendants. Section 300 criminalizes fraudulent or deceptive acts, practices, schemes, or devices. The difficulty of using section 300 in an insider trading case, however, is that section 300 is designed to cover transactions involving specific persons rather than conduct that impacts the integrity of the financial market as a whole.

The SFC has further cited an example of a matter in which it was unable to take enforcement action against a Hong Kong licensed intermediary who dealt in the securities of an overseas-listed entity ahead of the announcement of a placing exercise, when in possession of inside information released to them by another licensed intermediary based in Hong Kong. This was on the basis that although the acts relating to the offence, except for the mechanics of trading, were committed in Hong Kong and the suspect’s conduct appeared to fall within section 300, the SFC did not have sufficient evidence to establish that the suspect had engaged in any fraudulent or deceptive acts in the relevant transactions, and therefore no action could be taken under section 300.

Finally, the SFC has also noted that the insider dealing laws of comparable common law jurisdictions such as Australia, Singapore and the UK govern both overseas conduct relating to securities of local issuers as well as local conduct relating to securities of overseas issuers, and that as such it is important to ensure that the SFO is aligned with those of other major common law jurisdictions and the other market misconduct provisions of the SFO. In particular, the SFC has noted that following the launch of Stock Connect, the proposed amendments would strengthen the SFC’s regulatory powers in tackling insider dealing conducted in Hong Kong involving A-shares listed in mainland China. While not expressly noted by the SFC, the reverse is presumably also true and that this would strengthen the SFC’s powers to tackle insider dealing in mainland China in relation to Hong Kong listed securities.

IV. Conclusion

The Consultation Paper proposes important changes to the SFC’s enforcement regimes. If such changes are passed into legislation, they may have a significant impact on the enforcement landscape in Hong Kong. Interested parties are encouraged to submit written comments in response to the proposed amendments prior to the close of the consultation period on August 12, 2022.

_________________________

   [1]   Consultation Paper on Proposed Amendments to Enforcement-related Provisions of the Securities and Futures Ordinance (June 10, 2022), published by the Securities and Futures Commission, available at: https://apps.sfc.hk/edistributionWeb/gateway/EN/consultation/doc?refNo=21CP3

   [2]   Securities and Futures Ordinance (Cap. 571), available at https://www.elegislation.gov.hk/hk/cap571?xpid=ID_1438403472945_001

   [3]   Pacific Sun Advisors Ltd & Anor v Securities and Futures Commission [2015] 2 HKC, available at: https://legalref.judiciary.hk/lrs/common/search/search_result_detail_frame.jsp?DIS=97598&QS=%2B&TP=JU

   [4]   Securities and Futures Commission v Young Bik Fung & Ors [2019] HKC 254, available at https://legalref.judiciary.hk/lrs/common/search/search_result_detail_frame.jsp?DIS=112192&QS=%2B&TP=JU

The following Gibson Dunn lawyers prepared this client alert: William Hallatt, Emily Rumble, and Jane Lu.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. If you wish to discuss any of the matters set out above, please contact any member of Gibson Dunn’s Global Financial Regulatory team, including the following members in Hong Kong:

William R. Hallatt (+852 2214 3836, [email protected])
Emily Rumble (+852 2214 3839, [email protected])
Arnold Pun (+852 2214 3838, [email protected])
Becky Chung (+852 2214 3837, [email protected])

© 2022 Gibson, Dunn & Crutcher LLP

Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

On 5 May 2021, the European Commission (EC) proposed a new Regulation on the grant of subsidies from foreign Governments outside the European Union (foreign subsidy) to companies active within the European Union (EU) which are considered to distort competition in the EU (the Proposed Regulation).

The Proposed Regulation is extremely far reaching.

First, it gives the EC the power to, on its own motion, require companies operating in the EU, which have received a foreign subsidy that is considered to distort EU competition, to take measures in order to eliminate the distortive effect of the subsidy. To this end the EC may demand the recipient company to reduce its EU activities, refrain from investments, divest assets or grant access to infrastructure. Given that it is up to the EC to determine in which circumstances a foreign subsidy may be considered to distort EU competition, the EC may apply its powers irrespectively of the amount of the subsidy granted and irrespectively of the level of the company’s turnover within the EU. In other words, the EC may, on its own motion, require foreign companies that sell goods or services into the EU to undertake various rather invasive measures in order to mitigate alleged distortive effect of a foreign subsidy irrespectively of whether the amount of the foreign subsidy is minimal and whether the recipient has a relatively small turnover in the EU.  Given the fact the Regulation provides that the statute of limitation for ex officio cases is 10 years, the Regulation is extremely far reaching.

Second, the Proposed Regulation also gives the EC the power to prohibit a concentration (i.e., an acquisition, a merger or a joint venture) that has been notified to the EC pursuant to the Regulation. In particular, the Regulation requires companies to notify concentrations to the EC (a) where one of the parties to the concentration active in the EU has received a foreign subsidy of at least EUR 50 million within the last three calendar years; and (b) where at least one of the merging undertakings, or in the case of an acquisition, the acquiring party, or in the case of a joint venture, the joint venture or one of its parents, is established in the EU and has an aggregate turnover exceeding EUR 500 million. The statute of limitation for concentrations is three years.

Third, the Proposed Regulation requires a bidder participating in a public tender conducted by the national authorities in an EU Member State to notify the receipt of a foreign subsidy of  EUR 50 million (or more) to the national authorities if the value of the contract to be awarded exceeds EUR 250 million. If the national authorities receive such a notification it must notify the EC and, if the EC considers that the subsidy distorts competition within the EU, it may decide that the national authorities may not award the contract to the bidder. The statute of limitation for public procurement awards is three years.

While it is possible for companies targeted by the EC in any of the above scenarios to offer remedies in order to remedy the distortive effect of foreign subsidy, the Proposed Regulation makes it clear that if the EC does not consider such remedies to satisfactorily eliminate the distortive effect of the foreign subsidy, the EC may impose remedies on the company.

Amendments to the Proposed Regulation in the Trialogue Procedure

The EC’s adoption of a proposal on the new Regulation kick-started the trialogue procedure between the EC, the Council of the European Union (the Council) and the European Parliament (EP), during which the Council and EP propose and discuss their amendments with the EC as an observer. Recently, on 4 May 2022 both the EP and the Council adopted their proposed amendments to the Regulation and started discussions in order to agree on the final text of the Regulation. Once an agreement has been reached, the Regulation will be formally adopted at a plenary session of the EP. It is expected that the Regulation will be adopted by the end of this year or early next year and enter into force in 2023.

1. The definition of a foreign subsidy

The EC proposed that a foreign subsidy includes (a) the transfer of funds or liabilities by a foreign State (such as capital injections, grants, loans, loan guarantees); (b) the foregoing of revenue otherwise due to a foreign State; and (c) the provision of goods or services or the purchase of goods and services by a foreign State. Both the Council and the EP have proposed to widen the definition of a foreign subsidy to include the grant of exclusive or special rights (for example the right to exploit State owned resources such as gas reserves, forests or mines) without the payment of adequate (market based) remuneration.

Comment

This proposed widening of the definition of a foreign subsidy is entirely in line with the EU State aid rules, which also provide that the grant of exclusive rights without adequate remuneration constitutes State aid.

2. New notification thresholds

With their proposed amendments, the Council and the EP have proposed new thresholds for the notification of both concentrations and public procurement contracts. While the Council desires more transaction to be notifiable to the EC by proposing to increase the notification thresholds for concentrations (from a turnover of EUR 500 million to EUR 600 million) and for public procurement contracts (from a contract value of EUR 250 million to EUR 300 million), the EP seeks to limit the amount of notifications by proposing to reduce the notification thresholds for concentrations (from a turnover of EUR 500 million to EUR 400 million) and for public procurement contracts (from contract value of EUR 250 million to EUR 200 million).

Comment

While the notifiable transactions will undoubtedly play an important role for the EC’s attempt to curb the grant of foreign subsidies to companies active in the EU, it overlooks that the real power given to the EC for that purpose lies in the EC’s powers to investigate, on its motion, and outside the scope of any merger or public procurement procedure, foreign subsidies granted for any amount to companies with small EU turnovers. Indeed, there is no doubt that if in the context of a notified merger or public procurement contract, the parties are not willing to offer the remedy required by the EC, the EC may, besides prohibiting the concentration in question, be able to pursue the company outside the scope of the notified procedure based on its ex officio powers. However, neither the Council nor the EP appear to have picked up on the significant effects that the EC’s ex officio powers may have.

3. Member States’ ability to inform the EC of suspected foreign subsidies

While the EC proposal envisaged that the EC will be informed of the subsidy through notifications or market information, the Council and the EP propose that Member States should also be able to report foreign subsidies to the EC. The EP even proposes that companies should be able to consult informally with the EC in order to determine whether a subsidy must be notified and that the EC may initiate a dialogue with foreign governments to discuss the grant of systemic distortive foreign subsidies.

Comment

These proposed amendments will strengthen the role that national authorities of EU Member States play viz a viz foreign Governments. Clearly when negotiating contracts with foreign Governments it is helpful for EU Governments to have the ability to rely on the possibility to inform the EC of any intentions of foreign Governments to assist their national companies.

4. Limitations in the EC’s powers to investigate

While the Proposed Regulation entitles the EC to investigate any subsidy for any economic activity in the EU (irrespectively of its economic value), it also provides that subsidies with a value below EUR 5 million should be considered unlikely to distort competition. The EP now proposes that this threshold should be reduced to EUR 4 million.

Also, while both the Council and the EP consider that the 10-year period during which the EC may retrospectively investigate subsidies granted before the entry into force of the Proposed Regulation should be reduced, the Council wants to reduce this period to 5 years, while the EP wants to reduce it to 7 years.

Both the Council and the EP propose to cut red tape by reducing the period during which the EC may conduct its preliminary investigation after the notification of the subsidy from 60 days to 20 working days (the Council) or to 40 days (the EP) and that the period for in-depth investigations should be reduced from 200 days to 110 working days (the Council) or 120 days (the EP).

5. Assessment of the distortive effects of the foreign subsidy – the balancing exercise

The Proposed Regulation provides that the EC must assess how distortive a foreign subsidy is by balancing the negative effects of the foreign subsidy against its positive effects. If the negative effects outweigh its positive effects, the EC may impose remedies or accept remedies proposed by the parties. If the EC considers that the negative effects cannot be repaired through remedies it may prohibit (i) the concentration (i.e., the merger, acquisition or joint venture); or (ii) prevent the recipient company from being awarded a public procurement contract.

The Council and the EP have proposed that the EC must issue guidance on how it will determine whether the subsidy distorts competition. Further the Council considers that if a company submits that the subsidy has positive effects relating to EU policies (such as the protection of the environment, R&D&I or social standards), the EC must be obliged to take them into account. The Council also considers that information submitted by Member States must be given considerable weight. The EP proposes various amendments that will guide the assessment of the distortive effect. To this end the EP considers that the EC must be obliged to consider that the subsidy is more likely to distort competition the larger the company is, the higher the value of the subsidy is and the more control a foreign Government has.

In cases of public procurement, the Council proposes that the EC must consider that if alternative sources of supply for the goods and services concerned are limited, the subsidy is less likely to be distortive.

Comments

The proposed Regulation fails to address the main flaw of the balancing exercise. For the purposes of subsidies granted by EU governments subject to the EU State aid rules, the starting point of the balancing exercise is that the aid has positive effects (e.g. environmental protection, R&D, infrastructure construction etc.). However, under the Regulation the starting point is that the subsidy has negative effects (namely that it will distort competition). In addition, while under the EU State aid Guidelines the identification of the positive effects depends on the objective of the specific Guideline (e.g. R&D, environmental protection, employment, regional cohesion etc.), under the Regulation the potential positive effects are limited to a vague reference to the “effect on the development of the relevant economic activity”.

This reverse presumption will make it more difficult to have a foreign subsidy authorised under the Regulation. This is all the more so given that in the context of the EU State aid Guidelines the EC’s counterpart is the Member State that granted the subsidy (which has more political leverage) while under the Regulation the EC’s counterpart is the company receiving the subsidy (which has less or no political influence). Thus, the EC should be required to consider whether the foreign subsidy has any of those positive effects that have been established in the numerous intra-EU State aid Guidelines and only if the negative effects are able to outweigh these positive effects should the EC be able to impose commitments or adopt a negative decision.

While the fact that both the Council and the EP intend to amend the EC’s proposal by requiring the EC to adopt guidance on how it will conduct the balancing exercise is a step on the way to align the foreign subsidy assessment with that under the EU State aid rules, the adoption of this guidance will not remedy the fact that the EC’s assessment starts with the presumption that the grant of the subsidy entails negative effects.

The following Gibson Dunn lawyers prepared this client update: Lena Sandberg, Attila Borsos, Yannis Ioannidis, and Pilar Pérez-D’Ocon.

Gibson Dunn lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Antitrust and Competition practice group, or the following authors:

Attila Borsos – Brussels (+32 2 554 72 10, [email protected])
Lena Sandberg – Brussels (+32 2 554 72 60, [email protected])

Please also feel free to contact the following practice leaders:

Christian Riis-Madsen – Co-Chair, Brussels (+32 2 554 72 05, [email protected])
Ali Nikpay – Co-Chair, London (+44 (0) 20 7071 4273, [email protected])
Rachel S. Brass – Co-Chair, San Francisco (+1 415-393-8293, [email protected])
Stephen Weissman – Co-Chair, Washington, D.C. (+1 202-955-8678, [email protected])

© 2022 Gibson, Dunn & Crutcher LLP

Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Decided June 6, 2022

Southwest Airlines Co. v. Saxon, No. 21-309

Today, the Supreme Court held that a ramp agent supervisor whose work frequently requires her to move baggage and other cargo on and off airplanes is a transportation worker exempt from the Federal Arbitration Act’s provisions requiring enforcement of arbitration agreements.

Background: The Federal Arbitration Act, or FAA, generally requires courts to enforce agreements to arbitrate. Section 1 of the FAA exempts from that requirement “contracts of employment of seamen, railroad employees, or any other class of workers engaged in foreign or interstate commerce.” 9 U.S.C. § 1. The Supreme Court previously held that § 1’s residual clause covering workers engaged in foreign or interstate commerce applies only to “transportation workers.” Circuit City Stores v. Adams, 532 U.S. 105, 119 (2001).

Latrice Saxon, a ramp-agent supervisor who frequently loads and unloads cargo on and off airplanes, agreed to arbitrate wage disputes against Southwest on an individual basis. After Saxon brought a federal class action against Southwest seeking overtime wages, the airline moved to compel arbitration. Saxon opposed arbitration, arguing that she was a “worker[] engaged in foreign or interstate commerce” and thus was exempt from the FAA. The U.S. Court of Appeals for the Seventh Circuit agreed, holding that ramp agents and their supervisors are transportation workers exempt from the FAA.

Issue: Whether supervisors of airline ramp agents are “workers engaged in foreign or interstate commerce” exempt from the Federal Arbitration Act’s provisions requiring enforcement of agreements to arbitrate.

Court’s Holding:

A ramp agent supervisor who frequently moves cargo on and off airplanes plays a direct role in the cross-border transportation of goods and therefore is exempt from the Federal Arbitration Act under § 1’s residual clause.

“We think it . . . plain that airline employees who physically load and unload cargo on and off planes traveling in interstate commerce are, as a practical matter, part of the interstate transportation of goods.”

Justice Thomas, writing for the Court

What It Means:

• In defining the relevant class of workers, courts must focus on the day-to-day duties of the workers themselves. The Court rejected Saxon’s argument that what matters is the customary work of businesses in the broader industry in which the employer operates, explaining that § 1 does not exempt “virtually all employees of major transportation providers.”
• The Court reiterated that, to determine whether § 1’s exemption applies, the relevant class of workers must be compared to the “seamen” and “railroad employees” whom Congress specifically exempted from the FAA in 1925. The closer a class of workers comes to those groups, the more likely the workers will be deemed exempt from the FAA under § 1’s residual clause.
• The Court expressly declined to decide how the FAA’s transportation-worker exemption applies to other industries and classes of workers whose duties are “further removed from the channels of interstate commerce or the actual crossing of borders.”
• Employees who may be exempt from the FAA might still be required to arbitrate their claims under state arbitration statutes, many of which require enforcement of arbitration agreements without an exemption for transportation workers.

The Court’s opinion is available here.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding developments at the Supreme Court. Please feel free to contact the following practice leaders:

Appellate and Constitutional Law Practice

Related Practice: Labor and Employment

Related Practice: Class Actions

The webcast provides analysis of the significant and high-profile cases before the Supreme Court this Term, including those affecting the business community.

Class actions have gradually taken root outside the US in recent years. We highlight common pitfalls and early advocacy problems that defendants typically face in these new regimes and provide an overview in which direction international class actions will develop in the years to come.

View Slides (PDF)

PANELISTS:

Eric Bouffard is a French qualified partner in the Paris office of Gibson Dunn & Crutcher, where he serves as a member of the firm’s International Arbitration, Litigation and Business Restructuring Practice Groups. Mr. Bouffard is particularly active in cross-border litigation, commercial arbitration, commercial law (including insolvency and recovery of debt), industrial risk (latent defects, interruption of production, delay and disruption claims, consequential losses), international trade and insurance before both judicial courts and arbitral tribunals. He is regularly involved in M&A disputes, shareholders and more generally project partners disputes.

Jean-Pierre Farges is a partner in the Paris office of Gibson, Dunn & Crutcher LLP, Global Co-Chair of the firm’s Business Restructuring & Reorganization Practice Group and member of the firm’s Litigation Practice Group. Mr. Farges specializes in complex M&A litigation, arbitration, industrial risk, construction, international trade, insurance, reinsurance, equity capital insolvency dispute matters and public and administrative law disputes and regulatory issues. He has been involved in a number of major disputes before state courts and arbitral tribunals, acting for banks, funds companies and listed industrial companies.

Osma Hudda is an English qualified partner in Gibson, Dunn & Crutcher’s London office and is a member of the Firm’s Dispute Resolution Group. Ms. Hudda has broad-based dispute resolution experience including litigation, international arbitration and regulatory investigations. Ms. Hudda’s litigation experience has involved representing clients in Employment Tribunals, the High Court and Court of Appeal. In arbitration she has represented clients from a wide variety of industries, particularly oil & gas, before arbitral tribunals including the ICC and LCIA. She has also defended companies involved in regulatory investigations in the UK and internationally as well as assisting clients in large scale internal investigations and related compliance issues.

Markus Rieder is a partner in the Munich office of Gibson, Dunn & Crutcher. He is a member of the firm’s Class Actions, Transnational Litigation, Securities Litigation and International Arbitration Groups. Mr. Rieder focuses his practice on complex commercial litigation, both domestic and cross-border, and national and international arbitration, as well as on compliance and white collar defense. He has substantial experience in the automotive, industrial and manufacturing sectors. Mr. Rieder is regularly recommended by the leading legal publications.

Cassie Aprile is a dual-qualified Associate in the London office of Gibson, Dunn & Crutcher, practising in the firm’s Dispute Resolution Group. Ms. Aprile qualified as a solicitor in Australia in 2010, and as a solicitor in England & Wales in 2018. Ms. Aprile specialises in commercial litigation and has experience advising clients on a broad range of complex disputes across various industry sectors, including mining and energy, property, development, banking and general commercial. Most recently, Ms. Aprile has assisted in the defence of a UK retailer in the largest private sector equal pay claim to be heard in the English courts.

Alexander Horn is an associate in the Munich office of Gibson, Dunn & Crutcher. He is a member of the firm’s Litigation, Class Actions, Securities Litigation, Transnational Litigation and International Arbitration Practice Groups. Mr. Horn has experience in a wide variety of complex litigation and international arbitration matters. This includes several contract, post-M&A, and corporate disputes before German Regional Courts as well as representing a financial services company in Germany’s largest arbitration to date. Handelsblatt / The Best Lawyers™ in Germany 2021/2022 have recognized Mr. Horn in the inaugural list “Ones to Watch” for International Arbitration.

Lauren Blas is a partner in the Los Angeles office of Gibson, Dunn & Crutcher where her practice focuses on class actions, labor and employment litigation, and complex commercial litigation in the trial courts and on appeal.

MCLE CREDIT INFORMATION:

This program has been approved for credit in accordance with the requirements of the New York State Continuing Legal Education Board for a maximum of 1.0 credit hour, of which 1.0 credit hour may be applied toward the areas of professional practice requirement. This course is approved for transitional/non-transitional credit.

Attorneys seeking New York credit must obtain an Affirmation Form prior to watching the archived version of this webcast. Please contact [email protected] to request the MCLE form.

Gibson, Dunn & Crutcher LLP certifies that this activity has been approved for MCLE credit by the State Bar of California in the amount of 1.0 hour.

California attorneys may claim “self-study” credit for viewing the archived version of this webcast. No certificate of attendance is required for California “self-study” credit.

Congress continues to debate enactment of the Build Back Better Act, which is expected to include major changes to the federal tax law. Meanwhile, other recently enacted tax legislation, including the sweeping tax reform enacted in 2017, continues to generate significant regulatory activity at the Treasury Department and IRS. And recent increases in IRS funding are leading to an uptick in audit activity for the first time in many years, focused in part on partnerships and multi-national businesses.

This panel provides an overview of these legislative, regulatory and enforcement developments.

View Slides (PDF)

The recent expansion of New York’s law regarding so-called strategic lawsuits against public participation (“SLAPP”) has created some uncertainty regarding what standards apply to currently pending matters arising under New York law involving public petition and participation.  The New York legislature and courts are actively engaged in considering these questions, and a new proposed piece of legislation, if adopted, may clarify what standards apply in pending actions.

On July 22, 2020, the New York State Senate and Assembly passed legislation that expanded First Amendment protections under New York’s anti-SLAPP law by providing new tools for defendants to challenge frivolous lawsuits.  The bill was signed into law by former Governor Andrew M. Cuomo on November 10, 2020.  The law amended and extended New York’s existing statute (sections 70-a and 76-a of the New York Civil Rights Law) addressing so-called SLAPP suits:[1] suits that seek to punish and chill the exercise of the rights of petition and free speech by subjecting defendants to expensive and burdensome litigation.[2]  New York’s previous anti-SLAPP law, enacted in 2008, was limited to litigation arising from a public application or permit, often in a real estate development context.[3]

The amendments, which took effect immediately upon enactment, introduced the following key changes to New York law:

• Expanded the statute beyond actions “brought by a public applicant or permittee,” to apply to any action based on a “communication in a . . . public forum in connection with an issue of public interest” or “any other lawful conduct in furtherance of the exercise of the constitutional right of free speech in connection with an issue of public interest, or in furtherance of the exercise of the constitutional right of petition.”[4]
• Confirmed that “public interest” should be construed broadly, including anything other than a “purely private matter.”[5]
• Required courts to consider anti-SLAPP motions to dismiss based on the pleadings and “supporting and opposing affidavits stating the facts upon which the action or defense is based.”[6]
• Provided for a stay of all proceedings—including discovery, hearings, and motions—pending determination of a motion to dismiss an action under the anti-SLAPP law, except that the court may order limited discovery where necessary to allow a plaintiff to respond to an anti-SLAPP motion.[7]
• Provided that the court must award attorneys’ fees, and does not have discretion over whether to do so, when it grants such a motion.[8]

New York’s existing anti-SLAPP law already provided that a plaintiff in an “action involving public petition and participation” was required, as a matter of state law separate and apart from federal constitutional law, to satisfy the “actual malice” standard first promulgated by the United States Supreme Court in the seminal First Amendment decision New York Times v. Sullivan.[9]  By expanding the definition of an “action involving public petition and participation,” the 2020 amendments require plaintiffs in a wider range of actions to satisfy that standard.[10]

When passed, commentators observed that courts would be asked to determine whether the revised statute was “retroactive” in effect, i.e., whether it would apply to actions already pending at the time it became effective, or if it would only have effect in subsequently filed actions.  Under New York law, whether a statute is “retroactive” is “a matter of judgment made upon review of the legislative goal,” based on “whether the Legislature has made a specific pronouncement about retroactive effect or conveyed a sense of urgency; whether the statute was designed to rewrite an unintended judicial interpretation; and whether the enactment itself reaffirms a legislative judgment about what the law in question should be.”[11]

The first courts to consider the issue uniformly held that the amended anti-SLAPP law did apply retroactively to actions pending as of the date the amendments were passed.  For example, on December 29, 2020, United States District Judge Rakoff of the Southern District of New York held in Palin v. New York Times Company that the law was retroactive.”[12]  Judge Rakoff explained that “It is clear that the [amended law] is a remediate statute” that “should be given retroactive effect in order to effectuate its beneficial purpose” and that “[o]ther factors in the retroactivity analysis include whether the Legislature has made a specific pronouncement about retroactive effect or conveyed a sense of urgency; whether the statute was designed to rewrite an unintended judicial interpretation; and whether the enactment itself reaffirms a legislative judgment about what the law in question should be.”[13]  In Judge Rakoff’s view, “the legislative history demonstrates that the amendments to [the anti-SLAPP law] were intended to correct the narrow scope of New York’s prior anti-SLAPP law” such that “the remedial purpose of the amendment should be effectuated through retroactive application.”[14]  In the Palin case, this determination meant that under the amended anti-SLAPP law, New York state law as well as federal constitutional law both separately required the plaintiff to meet the “actual malice” standard to establish her defamation claims.  Over the following 14 months, almost 20 other state and federal courts—every court to consider the same question—came to the same conclusion.[15]

But on March 10, 2022, the First Department departed from that building consensus and held that the 2020 amendments to New York’s anti-SLAPP law do not apply retroactively.[16]  In Gottwald v. Sebert,* involving defamation claims brought by music producer Lukas Gottwald, known as Dr. Luke, against the pop star Kesha Rose Sebert, known as Kesha, the First Department held that the anti-SLAPP law does not apply to claims commenced before the November 2020 amendments were passed.[17]  In that litigation, the New York trial and appellate courts had previously held that Dr. Luke did not qualify as a public figure and so was not required to meet the actual malice standard as a matter of federal constitutional law.[18]  Kesha sought a ruling that the amended New York anti-SLAPP law applied retroactively to Dr. Luke’s claims, which had been filed before the amendments to the anti-SLAPP law were enacted, and so required Dr. Luke to meet the actual malice standard under New York state law.[19]  Kesha also sought to bring new anti-SLAPP counterclaims against Dr. Luke under the amended New York anti-SLAPP law which would have allowed her, if she prevailed, to recover attorneys’ fees.[20]  However, because the claims at issue were brought prior to November 2020, the First Department held that the “actual malice” standard did not apply and that Kesha could not bring anti-SLAPP counterclaims.[21]

The First Department explained that there was “insufficient evidence supporting the conclusion that the legislature intended” the recent amendments to the anti-SLAPP law “to apply retroactively to pending claims,” like those asserted by Dr. Luke against Kesha.[22]  The First Department held that to defeat the strong presumption against applying laws retroactively, there would need to be clear evidence that the law was intended to apply retroactively.  It reasoned that, despite evidence that the amendments were intended to remediate the prior anti-SLAPP provision by broadening its scope, retroactive application of new statutes is so disfavored that it must be made explicit in the statutory text.[23]

Kesha has moved for reargument of that decision or for leave to appeal to the New York Court of Appeals, New York’s highest court.[24]  Her motion is supported by a number of amici, including New York State Senator Brad Hoylman, who co-authored the 2020 amendments to New York’s anti-SLAPP law.[25]  Senator Hoylman asserted in his proposed amicus brief in support of Kesha’s motion that the legislature did intend for the law to have retroactive effect, explaining that the drafting history of the amendments and his personal understanding of the amendments support applying them retroactively.[26]  Dr. Luke responded by arguing, among other things, that Senator Hoylman’s brief improperly seeks to “influence the judicial interpretation of a statute” post-enactment, which “threaten[s] to undermine fundamental separation of powers principles,” and disputed his interpretation of the drafting history.[27]

Most recently, on May 12, 2022, Senator Hoylman introduced a new bill to further amend the New York anti-SLAPP law, seeking among other things to “clarify” that the amended statute applies retroactively by appending language unambiguously providing retroactive effect.[28]  The bill also clarifies the “substantial basis” standard applicable to motions to dismiss actions under the anti-SLAPP statute.[29]

The new proposed amendments are at the beginning of the legislative process.  It remains to be seen whether the new amendments will receive support in the legislature and be enacted into law by the Governor’s signature, and if so, on what timeline.  The current amended anti-SLAPP law was initially introduced on January 9, 2019, was passed on July 22, 2020, and was signed into effect on November 10, 2020.[30]  A similar time frame for the new proposed amendments would see them take effect in the middle of 2024.  And separately, it remains to be seen how the courts, including the First Department and perhaps the Court of Appeals in Gottwald v. Sebert and other pending actions, will construe the new proposed amendments in determining whether the existing anti-SLAPP law already applies retroactively.  Further developments in this complicated and important area of New York law are sure to follow in the near future.

* Gibson, Dunn & Crutcher LLP represented Sony Music Entertainment in Gottwald v. Sebert,
No. 653118/2014 (Sup. Ct. N.Y. Cty.).

________________________

   [1]   2020 N.Y. Senate Bill No. 52-A/Assembly Bill No. 5991A (July 22, 2020), https://www.nysenate.gov/legislation/bills/2019/s52/amendment/a.

   [2]   Understanding Anti-SLAPP Laws, Reporters Committee for Freedom of the Press, https://www.rcfp.org/resources/anti-slapp-laws/ (last visited May 17, 2022).

   [3]   2020 N.Y. Senate Bill No. 52-A/Assembly Bill No. 5991A (July 22, 2020), https://www.nysenate.gov/legislation/bills/2019/s52/amendment/a.

   [4]   Id. (emphasis added).

   [5]   Id.

   [6]   Id.

   [7]   Id.

   [8]   Id. (emphasis added).

   [9]   Palin v. New York Times Co., 510 F. Supp. 3d 21, 28–29 (citing New York Times v. Sullivan, 376 U.S. 254 (1964) and N.Y. Civil Rights Law § 76-a(2)).

  [10]   Id.

  [11]   Nelson v. HSBC Bank USA, 87 A.D.3d 995, 997–98 (N.Y. App. Div. 2d Dep’t 2011).

  [12]   510 F. Supp. 3d 21, at 27 (S.D.N.Y. 2020); see also Novagold Resources, Inc. v. J Capital Research USA LLC, 2022 WL 900604, *9 (E.D.N.Y. Mar. 28, 2022) (applying New York’s anti-SLAPP amendment retroactively); Coleman v. Grand, 2021 WL 768167, at *8 (E.D.N.Y. Feb. 26, 2021) (same); Sackler v. American Broadcasting Companies, Inc., 144 N.Y.S.3d 529, 532 (Sup. Ct. 2021) (same).

  [13]   Id. at 26–27 (quoting Matter of Gleason, 96 N.Y.2d 117, 122 (2001)) (internal quotation marks omitted)..

  [14]   Id. at 27 (citation omitted).

  [15]   Memorandum of Law in Support of Motion of Defendant-Respondent for Reargument or, in the Alternative, Leave to Appeal, Gottwald v. Sebert, No. 2021-03036, Dkt. 20 at 15 n.1 (N.Y. App. Div. 1st Dep’t Apr. 11, 2022).

  [16]   Gottwald v. Sebert, 203 A.D.3d 488 (N.Y. App. Div. 1st Dep’t 2022).

  [17]   Id. at 489.

  [18]   See Gottwald v. Sebert, 193 A.D.3d 573, 576–78 (N.Y. App. Div. 1st Dep’t 2021).  That decision has been appealed to the New York Court of Appeals, New York’s highest court, which has not resolved the question of Dr. Luke’s public figure status.  See Gottwald v. Sebert, No. 2020-01908, Dkt. 69 (N.Y. App. Div. 1st Dep’t Jul. 22, 2020).

  [19]   Defendant Kesha Rose Sebert’s Memorandum of Law in Support of her Motion for a Ruling that Civil Rights Law Section 76-a Applies to Plaintiffs’ Defamation Claims and for Leave to Assert a Counterclaim, Gottwald v. Sebert, No. 653118/2014, Dkt. 2303 at 1 (Sup. Ct. N.Y. Cnty. Apr. 6, 2021).

  [20]   Id.

  [21]   Gottwald, 203 A.D.3d at 489.

  [22]   Id. at 488.

  [23]   Id.

  [24]   Memorandum of Law in Support of Motion of Defendant-Respondent for Reargument or, in the Alternative, Leave to Appeal, Gottwald v. Sebert, No. 2021-03036, Dkt. 20 (N.Y. App. Div. 1st Dep’t Apr. 11, 2022).

  [25]   See Notice of Motion for Leave of Senator Brad Hoylman to Participate as Amicus Curiae, Gottwald et al. v. Sebert, No. 2021-03036, Dkt. 25 (1st Dep’t) (filed April 15, 2022).

  [26]   Id., Proposed Amicus Brief at 4–5.

  [27]   Omnibus Opposition to Motions For Leave to File Amicus Curiae Briefs In Support of Respondent’s Motion for Reargument or Leave to Appeal, No. 2021-03036, Dkt. 26 at 10–11 (1st Dep’t) (filed April 22, 2022).

  [28]   2022 N.Y. Senate Bill No. S9239 (May 12, 2022), https://www.nysenate.gov/legislation/bills/2021/s9239.

  [29]   Id.

  [30]   2020 N.Y. Senate Bill No. 52-A/Assembly Bill No. 5991A (July 22, 2020), https://www.nysenate.gov/legislation/bills/2019/s52/amendment/a.

The following Gibson Dunn lawyers assisted in the preparation of this client update: Anne Champion, Connor Sullivan, Dillon Westfall, and Randi Brown.

Gibson Dunn lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the author, or the following leaders and members of the firm’s Media, Entertainment & Technology Practice Group:

Scott A. Edelman – Co-Chair, Los Angeles (+1 310-557-8061, [email protected])
Kevin Masuda – Co-Chair, Los Angeles (+1 213-229-7872, [email protected])
Benyamin S. Ross – Co-Chair, Los Angeles (+1 213-229-7048, [email protected])
Theodore J. Boutrous, Jr. – Los Angeles (+1 213-229-7000, [email protected])
Orin Snyder – New York (+1 212-351-2400, [email protected])
Brian C. Ascher – New York (+1 212-351-3989, [email protected])
Anne M. Champion – New York (+1 212-351-5361, [email protected])
Michael H. Dore – Los Angeles (+1 213-229-7652, [email protected])
Ilissa Samplin – Los Angeles (+1 213-229-7354, [email protected])
Connor Sullivan – New York (+1 212-351-2459, [email protected])

© 2022 Gibson, Dunn & Crutcher LLP

Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Click for PDF

The Federal Trade Commission recently doubled down on its efforts to combat perceived deception and privacy violations in the education sector, and in particular, perceived violations by education technology providers and for-profit educational institutions.

On May 19, 2022, the FTC commissioners unanimously[1] voted to adopt a new Policy Statement on educational technology and the Children’s Online Privacy Protection Act (COPPA). In the Policy Statement, the agency promised to “scrutinize compliance with the full breadth of the substantive provisions of the COPPA rule and statutory language,” with a particular focus on protecting children who are required to use certain technology to complete schoolwork.[2] The Policy Statement is one in a series of signals that the FTC will aggressively enforce COPPA, specifically in the context of technology used for school—a scenario in which “children are a captive audience,” according to the FTC.[3]

FTC Chair Lina Khan reinforced these sentiments at the FTC’s May 19 open meeting, stating that COPPA is not merely a notice and consent framework, but places clear restrictions on the data that companies may collect from children. She expressed particular concerns over children “surrender[ing their data] to commercial surveillance practices,” in order to access educational resources online. She also expressed concerns over “targeting” and “profiling” of children, across various platforms.[4]

With the Policy Statement, the FTC sends a reminder that covered businesses bear “the responsibility for COPPA compliance . . . not schools or parents.” Specifically, the agency will prioritize enforcement against:

(1) mandatory collection of information as a condition of participation, or collection of data beyond what is reasonably necessary;

(2) use of children’s data outside of the authorized limited purpose;

(3) the retention of information for longer than is reasonably necessary; and,

(4) the failure to maintain the confidentiality, security, and integrity of children’s personal information.

The FTC further made clear that it will take the position that a company is in violation of COPPA’s security provisions if the company fails to take reasonable security precautions, regardless of whether an actual breach occurs.[5]

President Joe Biden commended the FTC “for unanimously taking a big step” toward answering his call to strengthen privacy protections for children with the Policy Statement, and reiterated his stated intention to strengthen privacy protections and ban targeted advertising to children delivered in his State of the Union address.[6]

The FTC has been grappling with the perceived “proliferation of technologies that monetize the collection of personal information,” especially as it relates to children for over a decade. The FTC has been charged with enforcing COPPA since it took effect in 2000, and the agency amended COPPA in 2013 to broaden its scope to include previously unregulated information, such as “persistent identifiers,” as well as photographs and voice recordings, and to encompass third parties that have actual knowledge that they’re collecting personal information from children.[7] With the proliferation of online learning, the FTC wants to ensure that “ed tech doesn’t become a pretext for companies to collect personal information in the classroom and in the home.”[8] Indeed, the FTC opened a review of the COPPA Rule in 2019, ahead of the regulatory review schedule, to explore whether amendments are needed in light of rapid technological advancements, and asking specific questions concerning the EdTech industry, including whether to change requirements concerning the deletion of children’s information and parental consent. The FTC received 170,000 public comments in this review, setting the record for any proceeding.[9]

The FTC issued the May 19 Policy Statement even though the agency’s COPPA review is still pending. FTC Commissioner Christine Wilson asked the agency to prioritize the conclusion of this review, given that it has been pending for three years.

The May 19 Policy Statement is not the only recent development related to COPPA. In March 2022, the FTC settled a matter over allegations that a company collected data from children without proper parental consent.[10] As part of the settlement, the company paid a $1.5 million penalty, was required to delete all personal information that was collected in a manner that violated COPPA, and had to destroy all models or algorithms developed in whole or in part using improperly collected personal information. More than a mere interest in enforcing COPPA generally, this case signals the Commission’s focus on the use of children’s data to create advanced algorithms, and therefore, the destruction of such algorithms as a remedy for COPPA violations.

The FTC also signaled its interest in how children interpret advertising, both in the context of COPPA and its Guides on Endorsements and Testimonials. The same day the FTC issued the Policy Statement, the agency announced an October workshop focusing on “stealth advertising” to children—a phenomenon where the line between paid advertisements and unsponsored influencer content has become blurred—particularly with respect to the rise of the child influencer.[11] The workshop will feature legal experts as well as scientists to discuss the development of children’s brains and the impact of stealth advertising on impressionable children, in order to develop strategies to best protect kids. The FTC is currently seeking research papers and written comments on topics including children’s capacity at different ages and developmental stages to recognize and distinguish advertising content, the “harms to children” caused by a failure to recognize advertising, and what measures should be taken to protect children.[12]

EdTech is not the FTC’s only educational sector interest area.  The agency recently issued Warning Letters in the for-profit education space, as well. Specifically, the FTC put 70 for-profit educational institutions on notice that the agency will seek to impose civil penalties on any institution that commits acts that have been previously found to be unfair or deceptive under Section 5,[13] using its Penalty Offense Authority.[14] The Commission cautioned these companies against deceptive advertising, making false promises of jobs or other favorable employment outcomes, and driving students into debt. Educational institutions found to be in violation of these rules could face “steep penalties”—including fines of more than $46,000 per violation.

Companies and other entities engaged in the education sector should be particularly mindful of the FTC’s activities in this space, especially if they collect any information from children, and ensure their practices do not run afoul of COPPA, the FTC Act, or related requirements.

We are closely monitoring FTC developments, and are available to discuss these issues as applied to your particular situation.

______________________________

   [1]   While every Commissioner ultimately voted to adopt the Policy Statement, 4 Commissioners (out of 5) issued their own, individual statements on the issue, noting a spectrum of opinions. In fact, Commissioner Wilson only “reluctantly vot[ed] yes” on the Policy Statement; and even so, only because the Statement “neither expands the universe of entities covered by the COPPA Rule nor the circumstances under which the Commission will initiate enforcement.”  Oral Remarks of Commissioner Wilson at the Open Commission Meeting (May 19, 2022), https://www.ftc.gov/system/files/ftc_gov/pdf/P155401WilsonRemarks_0.pdf.  Notably, the May 19 open meeting was the first for newly installed Commissioner Alvaro Bedoya.  He stated that the Policy Statement reinforced original intent of Congress to go beyond the notice and consent framework. Oral Remarks of Commissioner Bedoya at the Open Commission Meeting, 13 (May 19, 2022), https://www.ftc.gov/system/files/ftc_gov/pdf/Transcript-Open-Commission-Meeting-May-19-2022.pdf. He also expressed the view that children have different online experiences based on family circumstances.  “Kids from working-class families … [are] more likely to use free apps, which track much more data than paid apps, and for a variety of reasons, they end up giving up much more sensitive information about themselves.”  Id. at 14. Hence, Commissioner Bedoya was encouraged by Chair Khan’s call for “systemic responses to problems.” While some tracking is benign, “I want to push back on the idea that we need all this tracking . . . to make better apps for kids.” Id.

   [2]   Federal Trade Commission, Policy Statement of the Federal Trade Commission on Education Technology and the Children’s Online Privacy Protection Act (2022).

   [3]   Id.

   [4]   Oral Remarks of Commission Chair Lina Khan at the Open Commission Meeting (May 19, 2022), https://www.ftc.gov/system/files/ftc_gov/pdf/Transcript-Open-Commission-Meeting-May-19-2022.pdf.

   [5]   Id.

   [6]   The White House, Statement from President Biden on FTC Vote to Protect Children’s Privacy (May 19, 2022), https://www.whitehouse.gov/briefing-room/statements-releases/2022/05/19/statement-from-president-biden-on-ftc-vote-to-protect-childrens-privacy.

   [7]   See, https://www.ftc.gov/business-guidance/blog/2022/05/ftc-ed-tech-protecting-kids-privacy-your-responsibility.

   [8]   Id.

   [9]   See, FTC, Student Privacy and Ed Tech (December 2017), https://www.ftc.gov/news-events/events/2017/12/student-privacy-ed-tech.

  [10]   FTC, FTC Takes Action Against Company Formerly Known as Weight Watchers for Illegally Collecting Kids’ Sensitive Health Data, https://www.ftc.gov/news-events/news/press-releases/2022/03/ftc-takes-action-against-company-formerly-known-weight-watchers-illegally-collecting-kids-sensitive.

  [11]   https://www.ftc.gov/news-events/news/press-releases/2022/05/ftc-hold-virtual-event-protecting-kids-stealth-advertising-digital-media.

  [12]   Id. The FTC will continue to accept comments and papers until July 18, 2022.

  [13]   https://www.ftc.gov/news-events/news/press-releases/2021/10/ftc-targets-false-claims-profit-colleges.

  [14]   FTC, Notices of Penalty Offenses, https://www.ftc.gov/enforcement/penalty-offenses. See also, Gibson Dunn, The FTC at Full Strength: What to Expect Next (May 16, 2022), https://www.gibsondunn.com/the-ftc-at-full-strength-what-to-expect-next/.

The following Gibson Dunn lawyers prepared this client alert: Svetlana S. Gans and Brendan Krimsky.

Gibson Dunn lawyers are available to assist in addressing any questions you may have about these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any member of the firm’s Privacy, Cybersecurity & Data Innovation practice group:

United States
Matthew Benjamin – New York (+1 212-351-4079, [email protected])
Ryan T. Bergsieker – Denver (+1 303-298-5774, [email protected])
S. Ashlie Beringer – Co-Chair, PCDI Practice, Palo Alto (+1 650-849-5327, [email protected])
David P. Burns – Washington, D.C. (+1 202-887-3786, [email protected])
Cassandra L. Gaedt-Sheckter – Palo Alto (+1 650-849-5203, [email protected])
Svetlana S. Gans – Washington, D.C. (+1 202-955-8657, [email protected])
Nicola T. Hanna – Los Angeles (+1 213-229-7269, [email protected])
Howard S. Hogan – Washington, D.C. (+1 202-887-3640, [email protected])
Robert K. Hur – Washington, D.C. (+1 202-887-3674, [email protected])
Kristin A. Linsley – San Francisco (+1 415-393-8395, [email protected])
H. Mark Lyon – Palo Alto (+1 650-849-5307, [email protected])
Karl G. Nelson – Dallas (+1 214-698-3203, [email protected])
Ashley Rogers – Dallas (+1 214-698-3316, [email protected])
Alexander H. Southwell – Co-Chair, PCDI Practice, New York (+1 212-351-3981, [email protected])
Deborah L. Stein – Los Angeles (+1 213-229-7164, [email protected])
Eric D. Vandevelde – Los Angeles (+1 213-229-7186, [email protected])
Benjamin B. Wagner – Palo Alto (+1 650-849-5395, [email protected])
Michael Li-Ming Wong – San Francisco/Palo Alto (+1 415-393-8333/+1 650-849-5393, [email protected])
Debra Wong Yang – Los Angeles (+1 213-229-7472, [email protected])

Europe
Ahmed Baladi – Co-Chair, PCDI Practice, Paris (+33 (0) 1 56 43 13 00, [email protected])
James A. Cox – London (+44 (0) 20 7071 4250, [email protected])
Patrick Doris – London (+44 (0) 20 7071 4276, [email protected])
Kai Gesing – Munich (+49 89 189 33-180, [email protected])
Bernard Grinspan – Paris (+33 (0) 1 56 43 13 00, [email protected])
Penny Madden – London (+44 (0) 20 7071 4226, [email protected])
Michael Walther – Munich (+49 89 189 33-180, [email protected])
Alejandro Guerrero – Brussels (+32 2 554 7218, [email protected])
Vera Lukic – Paris (+33 (0) 1 56 43 13 00, [email protected])
Sarah Wazen – London (+44 (0) 20 7071 4203, [email protected])

Asia
Kelly Austin – Hong Kong (+852 2214 3788, [email protected])
Connell O’Neill – Hong Kong (+852 2214 3812, [email protected])
Jai S. Pathak – Singapore (+65 6507 3683, [email protected])

© 2022 Gibson, Dunn & Crutcher LLP

Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

New York partner Reed Brodsky and associate Michael L. Nadler are the authors of “Jarkesy Wins Relief From ALJ Control After Years of Fighting for His Right to a Jury Trial” [PDF] published by The National Law Journal on May 25, 2022.

Click for PDF

Decided May 23, 2022

Morgan v. Sundance, Inc., No. 21-328

Today, the Supreme Court held 9-0 that prejudice is not required to show that a party waived the right to arbitrate.

Background: A plaintiff filed a putative class action against her employer over the employer’s pay practices. Eight months later—and after moving to dismiss, answering the complaint, asserting affirmative defenses, and participating in mediation—the defendant-employer moved pursuant to the Federal Arbitration Act (FAA) to stay the litigation and compel arbitration. The district court held that the defendant waived its right to arbitrate. The Eighth Circuit reversed, concluding that the plaintiff had failed to show it was prejudiced by the defendant-employer’s delay in compelling arbitration.

Issue: Is it necessary to show prejudice to establish the opposing party waived the right to arbitrate?

Court’s Holding: No. Because federal procedural rules typically do not require prejudice to invoke waiver, a party need not demonstrate prejudice to prove that the opposing party waived its right to arbitrate.

“[T]he FAA’s ‘policy favoring arbitration’ does not authorize federal courts to invent special, arbitration-preferring procedural rules.”

Justice Kagan, writing for the Court

What It Means:

• Today’s decision underscores the need for parties wishing to compel arbitration to do so early in the case to avoid the risk of waiving their right to arbitrate.
• The Court grounded its decision in the FAA, which directs courts to treat arbitration contracts in the same manner as other contracts. Given that equal-treatment principle, the Court reasoned that courts “may not devise novel rules to favor arbitration over litigation.”
• The Court expressly declined to decide the role state law may play in determining whether a party has relinquished its right to arbitrate through its litigation conduct. The Court also declined to decide whether losing the right to arbitrate based on a party’s own conduct is best understood as involving “waiver, forfeiture, estoppel, laches, or procedural timeliness.”

The Court’s opinion is available here.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding developments at the Supreme Court. Please feel free to contact the following practice leaders:

Appellate and Constitutional Law Practice

Related Practice: Class Actions

Related Practice: Labor and Employment

Related Practice: Judgment and Arbitral Award Enforcement

Related Practice: International Arbitration

Click for PDF

On May 12, 2022, more than six months after the Equal Employment Opportunity Commission (“EEOC”) announced its Initiative on Artificial Intelligence and Algorithmic Fairness,[1] the agency issued its first guidance regarding employers’ use of Artificial Intelligence (“AI”).[2]

The EEOC’s guidance outlines best practices and key considerations that, in the EEOC’s view, help ensure that employment tools do not disadvantage applicants or employees with disabilities in violation of the Americans with Disabilities Act (“ADA”).  Notably, the guidance came just one week after the EEOC filed a complaint against a software company alleging intentional discrimination through applicant software under the Age Discrimination in Employment Act (“ADEA”), potentially signaling more AI and algorithmic-based enforcement actions to come.

The EEOC’s AI Guidance

The EEOC’s non-binding, technical guidance provides suggested guardrails for employers on the use of AI technologies in their hiring and workforce management systems.

Broad Scope.  The EEOC’s guidance encompasses a broad-range of technology that incorporates algorithmic decision-making, including “automatic resume-screening software, hiring software, chatbot software for hiring and workflow, video interviewing software, analytics software, employee monitoring software, and worker management software.”[3]  As an example of such software that has been frequently used by employers, the EEOC identifies testing software that provides algorithmically-generated personality-based “job fit” or “cultural fit” scores for applicants or employees.

Responsibility for Vendor Technology.  Even if an outside vendor designs or administers the AI technology, the EEOC’s guidance suggests that employers will be held responsible under the ADA if the use of the tool results in discrimination against individuals with disabilities.  Specifically, the guidance states that “employers may be held responsible for the actions of their agents, which may include entities such as software vendors, if the employer has given them authority to act on the employer’s behalf.”[4]  The guidance further states that an employer may also be liable if a vendor administering the tool on the employer’s behalf fails to provide a required accommodation.

Common Ways AI Might Violate the ADA.  The EEOC’s guidance outlines the following three ways in which an employer’s tools may, in the EEOC’s view, be found to violate the ADA, although the list is non-exhaustive and intended to be illustrative:

1. By relying on the tool, the employer fails to provide a reasonable accommodation. Individuals with disabilities may need “specialized equipment” or “alternative tests or formats” to ensure that they are accurately assessed.  For example, the EEOC notes that an applicant with limited manual dexterity may have a difficult time taking a knowledge test which utilizes a manual input device such as a keyboard or trackpad.  The EEOC’s guidance states that, absent an undue hardship, the applicant should be provided with an alternative version of the test (e.g., a test allowing oral responses).
2. The tool screens out an individual with a disability that is able to perform the essential functions of the job with or without an accommodation. Whether intentional or inadvertent, “screening out” may arise from a variety of factors, such as special circumstances not being taken into account in designing the algorithmic decision-making tool.  For example, if a video interviewing tool analyzes speech patterns to determine an applicant’s problem solving abilities, it may screen out an individual with a speech impediment because their speech deviates from expected patterns and may therefore receive a low or disqualifying score.  The EEOC’s guidance offers a separate example of how a personality test seeking to measure workplace focus may negatively score an individual with Posttraumatic Stress Disorder who is not able to ignore distractions.  While this test would generally be predictive and valid, the guidance states that “it might not accurately predict whether the individual still would experience those same difficulties under modified working conditions such as a quiet workstation or permission to use noise-cancelling headphones.”[5]
3. The tool makes a disability-related inquiry or otherwise constitutes a medical examination. An AI tool that asks questions about an individual’s medical conditions or physical restrictions, or overtly asks if the individual has a disability, may violate the ADA’s prohibition on making disability-related inquiries.  Similarly, a tool’s assessment of an employee or applicant may constitute an impermissible medical examination if it “seeks information about an individual’s physical or mental impairments or health.”  The EEOC’s guidance attempts to clarify its recommendations with examples—stating that AI screening tools may lawfully pose questions to applicants and employees that “might somehow be related to some kinds of mental health diagnoses,” such as whether the individuals are optimistic about the future.  However, if the AI tool’s use of this question screens out an individual because of a disability (e.g., Major Depressive Disorder), it may nevertheless be found to violate the ADA since the tool would ultimately disqualify an applicant that may otherwise be able to perform the essential functions of the job with or without an accommodation.[6] While this example is fairly nuanced, it provides insight into how the EEOC may scrutinize the use of AI in the workplace.

Tips for Avoiding Pitfalls.  In addition to illustrating the agency’s view of how employers may run afoul of the ADA through their use of AI and algorithmic decision-making technology, the EEOC’s guidance provides several practical tips for how employers may reduce the risk of liability.  For example:

1. Make the Accommodations Process Transparent. The EEOC recommends that employers make clear in writing that applicants and employees can request reasonable accommodations and provide clear instructions on how they can do so.
2. Give Notice Before Performing AI Assessments. The EEOC suggests that employers provide all applicants and employees undergoing an assessment by an algorithmic decision-making tool information “in plain language and in accessible formats” regarding “the traits that the algorithm is designed to assess, the method by which those traits are assessed, and the variables or factors that may affect the rating.”[7] Illinois already requires employers using AI analysis in video interviewing to notify applicants of how the AI tool works and what characteristics will be used to evaluate them.  Likewise, effective January 1, 2023, employers in New York City will be required to provide applicants and employees with notices that explain how the tool works and what job qualifications and characteristics are being considered.[8]
3. Focus on Essential Functions. The EEOC recommends ensuring that the AI and algorithmic tools “only measure abilities or qualifications that are truly necessary for the job—even for people who are entitled to an on-the-job reasonable accommodation” and measure those necessary qualifications “directly, rather than by way of characteristics or scores that are correlated with those abilities or qualifications.”[9]
4. Confirm Vendor Compliance. For employers purchasing tools from vendors, the EEOC suggests that an employer “confirm that the tool does not ask job applicants or employees questions that are likely to elicit information about a disability or seek information about an individual’s physical or mental impairments or health, unless such inquiries are related to a request for reasonable accommodation.”[10] Employers in New York City should take note that the new NYC law will require employers to conduct an independent bias audit to ensure there is no adverse impact on the basis of race, ethnicity, and sex.  Recently proposed federal and D.C. laws, if enacted, would require a yearly bias audit covering the full spectrum of protected classes.

Enforcement Action

As previewed above, on May 5, 2022—just one week before releasing its guidance—the EEOC filed a complaint in the Eastern District of New York alleging that iTutorGroup, Inc., a software company providing online English-language tutoring to adults and children in China, violated the ADEA.[11]

The complaint alleges that a class of plaintiffs were denied employment as tutors because of their age.  Specifically, the EEOC asserts that the company’s application software automatically denied hundreds of older, qualified applicants by soliciting applicant birthdates and automatically rejecting female applicants age 55 or older and male applicants age 60 or older.  The complaint alleges that the charging party was rejected when she used her real birthdate because she was over the age of 55 but was offered an interview when she used a more recent date of birth with an otherwise identical application.  The EEOC seeks a range of damages including back wages, liquidated damages, a permanent injunction enjoining the challenged hiring practice, and the implementation of policies, practices, and programs providing equal employment opportunities for individuals 40 years of age and older.  iTutorGroup has not yet filed a response to the complaint.

Takeaways

Given the EEOC’s enforcement action and recent guidance, employers should evaluate their current and contemplated AI tools for potential risk.  In addition to consulting with vendors who design or administer these tools to understand the traits being measured and types of information gathered, employers might also consider reviewing their accommodations processes for both applicants and employees.

___________________________

[1] EEOC, EEOC Launches Initiative on Artificial Intelligence and Algorithmic Fairness (Oct. 28, 2021), available at https://www.eeoc.gov/newsroom/eeoc-launches-initiative-artificial-intelligence-and-algorithmic-fairness.

[2] EEOC, The Americans with Disabilities Act and the Use of Software, Algorithms, and Artificial Intelligence to Assess Job Applicants and Employees (May 12, 2022), available at https://www.eeoc.gov/laws/guidance/americans-disabilities-act-and-use-software-algorithms-and-artificial-intelligence?utm_content=&utm_medium=email&utm_name=&utm_source=govdelivery&utm_term [hereinafter EEOC AI Guidance].

[3] Id.

[4] Id. at 3, 7.

[5] Id. at 11.

[6] Id. at 13.

[7] Id. at 14.

[8] For more information, please see Gibson Dunn’s Client Alert, New York City Enacts Law Restricting Use of Artificial Intelligence in Employment Decisions.

[9] EEOC AI Guidance at 14.

[10] Id.

[11] EEOC v. iTutorGroup, Inc., No. 1:22-cv-02565 (E.D.N.Y. May 5, 2022).

The following Gibson Dunn attorneys assisted in preparing this client update: Harris Mufson, Danielle Moss, Megan Cooney, and Emily Maxim Lamm.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. To learn more about these issues, please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Labor and Employment practice group, or the following:

Harris M. Mufson – New York (+1 212-351-3805, [email protected])

Danielle J. Moss – New York (+1 212-351-6338, [email protected])

Megan Cooney – Orange County (+1 949-451-4087, [email protected])

Jason C. Schwartz – Co-Chair, Labor & Employment Group, Washington, D.C.
(+1 202-955-8242, [email protected])

Katherine V.A. Smith – Co-Chair, Labor & Employment Group, Los Angeles
(+1 213-229-7107, [email protected])

© 2022 Gibson, Dunn & Crutcher LLP

Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Click for PDF

Last year we reported on a federal district court decision dismissing a federal securities law claim brought derivatively on behalf of The Gap, Inc. pursuant to a forum selection bylaw designating the Delaware Court of Chancery as the exclusive forum for derivative suits (the “Forum Bylaw”).  See Lee v. Fisher, Case No. 20-cv-06163-SK, ECF No. 59 (N.D. Cal. Apr. 27, 2021).  The plaintiff appealed that decision to the Ninth Circuit Court of Appeals, and, on May 13, 2022, the Ninth Circuit affirmed.  See Lee v. Fisher, Case No. 21-15923.  This decision is significant because it effectively bars plaintiffs from asserting federal securities law claims derivatively when a company has designated a state court venue as the exclusive forum for derivative actions.

The plaintiff in Fisher brought derivative claims purportedly on behalf of Gap against certain directors and officers based on their alleged failure to promote diversity at Gap and for allegedly making misleading statements about Gap’s commitment to diversity.  The plaintiff asserted that the officers and directors had violated both state law by allegedly breaching their fiduciary duties and federal securities law by violating the proxy rules under Section 14(a) of the Securities Exchange Act.  In the district court, defendants moved to dismiss on forum non conveniens grounds pursuant to the Forum Bylaw.  Plaintiff argued that the court could not enforce the Forum Bylaw as to the federal Section 14(a) claim because (1) that claim was subject to exclusive federal jurisdiction and could not be asserted in the Delaware Court of Chancery, and (2) enforcing the Forum Bylaw would violate the Exchange Act provision that prohibits waiving compliance with the Exchange Act (the “anti-waiver” provision).  The district court disagreed and dismissed the lawsuit.

The Ninth Circuit affirmed the district court’s ruling in full.  The Court noted that under Supreme Court precedent forum selection clauses should be enforced absent “extraordinary circumstances.”  The Ninth Circuit previously articulated three such circumstances, one of which plaintiff argued was implicated in this case:  enforcing the Forum Bylaw “would contravene a strong public policy of the forum in which suit is brought.”  As in the district court, the plaintiff pointed to the Exchange Act’s anti-waiver provision and the exclusive federal jurisdiction over Exchange Act claims as evidence that enforcing the Forum Bylaw would violate public policy.  The Court rejected these arguments because neither of these statutory provisions expressly states that refusing to give effect to these provisions would violate public policy.  Additionally, the Court noted it was relevant to its analysis that plaintiff failed to “identif[y] Delaware law clearly stating that she could not get any relief in the Delaware Court of Chancery.”  The Ninth Circuit therefore affirmed because plaintiff failed to carry her “heavy burden” to overcome the forum provision.

By holding that all derivative claims must be brought in the Delaware Court of Chancery, this decision fulfills the purpose of exclusive forum provisions: to prevent duplicative litigation in multiple forums and thereby increase efficiencies and decrease costs for companies.  However, it is important to note that not all courts agree, and this decision sets up a potential Circuit split.  Earlier this year, the Seventh Circuit refused to enforce a substantially similar forum provision against a derivative Section 14(a) claim.  See Seafarers Pension Plan on behalf of Boeing Co. v. Bradway, 23 F.4th 714 (7th Cir. 2022).  We will continue to monitor developments in this space.

Gibson Dunn lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the Securities Litigation or Securities Regulation and Corporate Governance practice groups, or the following authors:

Brian M. Lutz – San Francisco/New York (+1 415-393-8379/+1 212-351-3881, [email protected])
Jason J. Mendro – Washington, D.C. (+1 202-887-3726, [email protected])
Ronald O. Mueller – Washington, D.C. (+1 202-955-8671, [email protected])
Michael J. Kahn – San Francisco (+1 415-393-8316, [email protected])

Please also feel free to contact any of the following practice leaders and members:

Securities Litigation Group:
Monica K. Loseman – Co-Chair, Denver (+1 303-298-5784, [email protected])
Brian M. Lutz – Co-Chair, San Francisco/New York (+1 415-393-8379/+1 212-351-3881, [email protected])
Craig Varnen – Co-Chair, Los Angeles (+1 213-229-7922, [email protected])
Shireen A. Barday – New York (+1 212-351-2621, [email protected])
Christopher D. Belelieu – New York (+1 212-351-3801, [email protected])
Jefferson Bell – New York (+1 212-351-2395, [email protected])
Matthew L. Biben – New York (+1 212-351-6300, [email protected])
Michael D. Celio – Palo Alto (+1 650-849-5326, [email protected])
Paul J. Collins – Palo Alto (+1 650-849-5309, [email protected])
Jennifer L. Conn – New York (+1 212-351-4086, [email protected])
Thad A. Davis – San Francisco (+1 415-393-8251, [email protected])
Ethan Dettmer – San Francisco (+1 415-393-8292, [email protected])
Mark A. Kirsch – New York (+1 212-351-2662, [email protected])
Jason J. Mendro – Washington, D.C. (+1 202-887-3726, [email protected])
Alex Mircheff – Los Angeles (+1 213-229-7307, [email protected])
Robert F. Serio – New York (+1 212-351-3917, [email protected])
Jessica Valenzuela – Palo Alto (+1 650-849-5282, [email protected])
Robert C. Walters – Dallas (+1 214-698-3114, [email protected])
Avi Weitzman – New York (+1 212-351-2465, [email protected])

Securities Regulation and Corporate Governance Group:
Elizabeth Ising – Co-Chair, Washington, D.C. (+1 202-955-8287, [email protected])
James J. Moloney – Co-Chair, Orange County, CA (+ 949-451-4343, [email protected])
Lori Zyskowski – Co-Chair, New York (+1 212-351-2309, [email protected])
Brian J. Lane – Washington, D.C. (+1 202-887-3646, [email protected])
Ronald O. Mueller – Washington, D.C. (+1 202-955-8671, [email protected])
Thomas J. Kim – Washington, D.C. (+1 202-887-3550, [email protected])
Michael A. Titera – Orange County, CA (+1 949-451-4365, [email protected])

© 2022 Gibson, Dunn & Crutcher LLP

Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Click for PDF

On May 18, 2022, U.S. District Judge Jed S. Rakoff of the Southern District of New York issued a decision in an ongoing dispute between the international luxury fashion house Hermès and the self-described artist operating under the name Mason Rothschild involving the artist’s line of non-fungible tokens (NFTs) termed “MetaBirkins.”  This litigation is one of the first significant trademark actions involving NFT offerings.  Importantly, Judge Rakoff denied the artist’s motion to dismiss the trademark claims.  While Judge Rakoff’s decision denying the artist’s motion to dismiss does not resolve the merits of Hermès’s claims, it offers some of the first available insight into how courts will consider trademark claims regarding NFTs.

In Hermès International, et al. v Mason Rothschild, Hermès sued the artist operating under the name Mason Rothschild in federal court in the Southern District of New York for producing and selling NFTs that he called MetaBirkins, each of which was a digital image of the Hermès Birkin handbag depicted as if made of fur; the artist also sold MetaBirkins and other NFTs through social media channels and digital storefronts under the MetaBirkin name.  No. 22-cv-384 (JSR), Dkt. 24 (S.D.N.Y. Jan 14, 2022).  Hermès argued that selling these MetaBirkin NFTs infringed and diluted Hermès’s Birkin trademark, falsely designated the origin of the NFTs as if they were Hermès-authorized digital products, injured and diluted Hermès’s business reputation.  Hermès also asserted a claim for cybersquatting based on Rothschild’s use of the domain name metabirkins.com for the website used to offer the NFTs.  Id. 

The artist moved to dismiss.  Id. Dkt. 26, 27.  The artist principally argued that the use of the term “MetaBirkin” was protected expression under the Second Circuit’s seminal case Rogers v. Grimaldi, 875 F.2d 994 (2d Cir. 1989), which held that use of a famous trademark (in that case, a trademark composed of a celebrity name) in connection with a work of art does not infringe trademark rights so long as (1) the name is “minimally artistically relevant” to the product, and (2) the use does not “explicitly mislead” as to content, authorship, sponsorship, or endorsement.  Id.  The artist argued that calling his products “MetaBirkins” was at least minimally relevant to his claimed project of interrogating the fashion industry’s animal cruelty and the nature of luxury and value, and that the term was not explicitly misleading, regardless of whether some observers may have been actually confused.  Hermès opposed the motion to dismiss, emphasizing the extensive commercial use the artist had made of the MetaBirkin label, including selling other products under that label and operating digital storefronts and marketing campaigns using the name.  Id. Dkt. 31.  Hermès also emphasized evidence of actual confusion among consumers and industry observers about the origin and authorization of the MetaBirkin NFTs.  Id.  And Hermès pointed to the artist’s own statements, including in an interview with Yahoo! Finance, in which he referred to the MetaBirkin as a “digital commodity” and said that there was not “much difference” between having the “crazy handbag” in real life or, “now,” being “able to bring that into the metaverse with these iconic NFTs,” and complained about people selling counterfeit MetaBirkins NFTs competitively with his NFTs.  Id.  Hermès argued that the Second Circuit’s Rogers case should not apply to “commodities” sold in commerce like the MetaBirkin NFTs.  Id.  Hermès also argued that, even if the Rogers case applied, the court should still evaluate whether the MetaBirkin label misled the public by applying the “venerable Polaroid factors,” a set of criteria from a 1961 Second Circuit decision that courts use to evaluate whether a defendant’s mark will confuse the public.  Id.  The artist’s reply brief insisted that the Rogers case should apply because the MetaBirkin NFTs were artworks, and should apply equally to the works themselves and to speech marketing those works.  Id. Dkt. 38.  The artist also argued that if the Rogers test applied, the court should ignore the Second Circuit’s Polaroid multi-factor test, because the only question should be whether the MetaBirkin label explicitly misled the public, not whether it could actually mislead the public.  Id.

Judge Rakoff heard oral argument on May 4, 2022 and issued a short-form order on May 5, 2022 denying the motion to dismiss.  Id. Dkt. 49.  On May 18, 2022, Judge Rakoff issued a memorandum order providing the reasoning for his decision.  Id. Dkt. 50.  Judge Rakoff held that the Second Circuit’s Rogers test applied because the MetaBirkin NFTs, “digital images of handbags,” “could constitute a form of artistic expression,” regardless of the fact that the artist also used the label to market and advertise those artworks.  Id.  Notably, Judge Rakoff held that “Rothschild’s use of NFTs to authenticate the images” does not “change the application of Rogers:  because NFTs are simply code pointing to where a digital image is located and authenticating the image, using NFTs to authenticate an image and allow for traceable subsequent resale and transfer does not make the image a commodity without First Amendment protection any more than selling numbered copies of physical paintings would make the paintings commodities for purposes of Rogers.”  Id.

Judge Rakoff declined to rule at the motion to dismiss stage whether the MetaBirkin label qualified as minimally artistically relevant, as the Rogers case requires to protect a defendant.  The court acknowledged that the threshold for artistic relevance under the Rogers case is “low,” but also observed that Hermès had alleged the artist “entirely intended to associate the ‘MetaBirkins’ mark with the popularity and goodwill of Hermès’s Birkin mark, rather than intending an artistic association.”  Id.  Judge Rakoff cited the artist’s own statements to the press about his efforts to “create that same kind of illusion that [the Birkin bag] has in real life as a digital commodity.”  Id.  

Regardless of whether the MetaBirkin label qualified as artistically relevant, Judge Rakoff held that Hermès had adequately alleged that the MetaBirkin label was explicitly misleading, which was sufficient to state a claim that the Rogers test does not protect Rothschild’s conduct.  Accordingly, the court denied the motion to dismiss.  Id.  Judge Rakoff explicitly rejected the artist’s argument that courts in the Second Circuit should ignore the longstanding Polaroid likelihood-of-confusion factors in determining whether a mark is explicitly misleading under the Rogers test.  Moreover, the court concluded that Hermès had adequately alleged specific facts under the Polaroid factors to support a conclusion that the MetaBirkin label was misleading.  Judge Rakoff further concluded that, even if the artist was correct that the Polaroid factors should not apply, the motion to dismiss would still fail under the Rogers test because Hermès had adequately alleged sufficient actual confusion and sufficient efforts by the artist to mislead the public, including the artist’s own statements to the press.  Id.

Judge Rakoff’s decision was clearly influenced by the commercial nature of Rothschild’s activities, with an eye to potential future sales of virtual goods in a metaverse or enhanced reality context.  The court noted that the NFTs might not qualify as artworks “if the NFTs were attached to a digital file of a virtually wearable Birkin handbag, in which case the ‘MetaBirkin’ mark would refer to a non-speech commercial product (albeit not one that is, as yet, considered ordinary or quotidian).”  Id. 12 n.3.  But because Hermès only suggested that the artist might in the future sell “virtually wearable ‘MetaBirkins,’” Judge Rakoff declined to consider that issue for purposes of the motion to dismiss.  Id.  As Judge Rakoff recognized, the increasing prevalence of virtual objects and their potential applications and uses in connection with “metaverse” technologies will require further analysis.

This decision marks one of the earliest decisions by any court in a trademark dispute arising from non-fungible tokens and provides a first set of indications regarding how courts will evaluate NFT-related trademark claims.  Additional lawsuits involving NFTs are already working their way through the courts.  Judge Rakoff’s decision will likely be considered as those other disputes reach the point of judicial decisions.

The following Gibson Dunn lawyers prepared this client alert: Howard Hogan and Connor Sullivan.

Gibson Dunn lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following leaders of the firm’s Intellectual Property, Fashion, Retail & Consumer Products, Media, Entertainment & Technology, Global Financial Regulatory, or Privacy, Cybersecurity & Data Innovation practice groups:

Intellectual Property Group:
Kate Dominguez – New York (+1 212-351-2338, [email protected])
Y. Ernest Hsin – San Francisco (+1 415-393-8224, [email protected])
Josh Krevitt – New York (+1 212-351-4000, [email protected])
Jane M. Love, Ph.D. – New York (+1 212-351-3922, [email protected])

Fashion, Retail & Consumer Products Group:
Howard S. Hogan – Washington, D.C. (+1 202-887-3640, [email protected])

Media, Entertainment & Technology Group:
Scott A. Edelman – Los Angeles (+1 310-557-8061, [email protected])
Kevin Masuda – Los Angeles (+1 213-229-7872, [email protected])
Benyamin S. Ross – Los Angeles (+1 213-229-7048, [email protected])

Global Financial Regulatory Group:
William R. Hallatt – Hong Kong (+852 2214 3836, [email protected])
Michelle M. Kirschner – London (+44 (0) 20 7071 4212, [email protected])
Jeffrey L. Steiner – Washington, D.C. (+1 202-887-3632, [email protected])

Privacy, Cybersecurity & Data Innovation Group:
Ahmed Baladi – Paris (+33 (0) 1 56 43 13 00, [email protected])
S. Ashlie Beringer – Palo Alto (+1 650-849-5327, [email protected])
Alexander H. Southwell – New York (+1 212-351-3981, [email protected])

© 2022 Gibson, Dunn & Crutcher LLP

Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Issuers are facing increasing calls from stakeholders and regulators, as well as within their own organizations, to proactively address ESG across their business footprint. The heightened focus on ESG impacts the way issuers, underwriters and lenders participate in capital raising. Join us in a recorded presentation for a discussion on the new opportunities, products, challenges and requirements.

Click for PDF

Gibson, Dunn & Crutcher LLP is pleased to announce with Global Legal Group the release of the International Comparative Legal Guide to: Anti-Money Laundering 2022. Gibson Dunn partners Stephanie L. Brooker and Joel M. Cohen were again contributing editors to the publication which covers issues including criminal enforcement, regulatory and administrative enforcement and requirements for financial institutions and other designated businesses. The Guide, comprised of 9 expert analysis chapters and 26 jurisdictions, is live and FREE to access HERE.

Ms. Brooker and Gibson Dunn partner M. Kendall Day co-authored “Modernizing the United States Anti-Money Laundering Regime: The Anti-Money Laundering Act of 2020 and Actions Taken to Implement it to Date.”  Linda Noonan, Ella Alves Capone, Tory Roberts, and Monica Murphy provided invaluable assistance with the article.

In addition, Mr. Cohen co-authored with Gibson Dunn Of Counsel Linda Noonan the jurisdiction chapter on “USA: Anti-Money Laundering 2022.”

You can view these informative and comprehensive chapters via the links below:

CLICK HERE to view Modernizing the United States Anti-Money Laundering Regime: The Anti-Money Laundering Act of 2020 and Actions Taken to Implement it to Date

CLICK HERE to view USA: Anti-Money Laundering 2022

About Gibson Dunn’s Anti-Money Laundering Practice: Gibson Dunn’s Anti-Money Laundering practice provides legal and regulatory advice to all types of financial institutions and nonfinancial businesses with respect to compliance with federal and state anti-money laundering laws and regulations, including the U.S. Bank Secrecy Act. We represent clients in criminal and regulatory government investigations and enforcement actions. We also conduct internal investigations involving money laundering and Bank Secrecy Act violations for a wide range of clients in the financial services industry and companies with multinational operations. For further information, please visit our practice page and feel free to contact Stephanie L. Brooker in Washington, D.C. (+1 202.887.3502, [email protected]), Joel M. Cohen in New York (+1 212.351.2664, [email protected]) or M. Kendall Day in Washington, D.C. (+1 202.955.8220, [email protected]).

About the Authors:

Stephanie Brooker is Co-Chair of Gibson Dunn’s White Collar Defense and Investigations and Financial Institutions Practice Groups. She also co-leads the firm’s Anti-Money Laundering practice.  She is the former Director of the Enforcement Division at FinCEN, and previously served as the Chief of the Asset Forfeiture and Money Laundering Section in the U.S. Attorney’s Office for the District of Columbia and as a DOJ trial attorney for several years. Ms. Brooker’s practice focuses on internal investigations, regulatory enforcement defense, white-collar criminal defense, and compliance counseling. She handles a wide range of white collar matters, including representing financial institutions, multi-national companies, and individuals in connection with criminal, regulatory, and civil enforcement actions involving sanctions; anti-corruption; anti-money laundering (AML)/Bank Secrecy Act (BSA); securities, tax, and wire fraud; foreign influence; “me-too;” cryptocurrency; and other legal issues. Ms. Brooker’s practice also includes BSA/AML and FCPA compliance counseling and deal due diligence and asset forfeiture matters.  Ms. Brooker has been named a Global Investigations Review “Top 100 Women in Investigations” and National Law Journal White Collar Trailblazer.

Joel M. Cohen, a trial lawyer and former New York federal prosecutor, is Co-Chair of Gibson Dunn’s White Collar Defense and Investigations Practice Group, and a member of its Securities Litigation, Class Actions and Antitrust & Competition Practice Groups. He has been lead or co-lead counsel in 24 civil and criminal trials in federal and state courts, and he is equally comfortable in leading confidential investigations, managing crises or advocating in court proceedings. Mr. Cohen is a top-ranked litigator by Chambers and other leading legal services reviewers.  His experience includes all aspects of AML, FCPA/anticorruption issues, securities fraud, insider trading, sanctions, and tax fraud, in addition to financial institution litigation and other international disputes and discovery.

Kendall Day is Co-Chair of Gibson Dunn’s Financial Institutions Practice Group, co-leads the firm’s Anti-Money Laundering practice, and is a member of the White Collar Defense and Investigations Practice Group. Prior to joining Gibson Dunn, Mr. Day was a white collar prosecutor for 15 years, eventually rising to become an Acting Deputy Assistant Attorney General, the highest level of career official in the Criminal Division at DOJ. He represents financial institutions; fintech, crypto-currency, and multi-national companies; and individuals in connection with criminal, regulatory, and civil enforcement actions involving anti-money laundering (AML)/Bank Secrecy Act (BSA), sanctions, FCPA and other anti-corruption, securities, tax, wire and mail fraud, unlicensed money transmitter, false claims act, and sensitive employee matters. Mr. Day’s practice also includes BSA/AML compliance counseling and due diligence, and the defense of forfeiture matters.

Linda Noonan is Of Counsel in the Washington, D.C. office and a member of the firm’s Financial Institutions and White Collar Defense and Investigations Practice Groups. She joined the firm from the U.S. Department of the Treasury, Office of General Counsel, where she had been Senior Counsel for Financial Enforcement.  In that capacity, she was the principal legal advisor to Treasury officials on domestic and international money laundering and related financial enforcement issues.  She specializes in BSA/AML enforcement and compliance issues for financial institutions and non-financial businesses.

Ella Alves Capone is a senior associate in the Washington, D.C. office, where she is a member of the White Collar Defense and Investigations and Anti-Money Laundering practice groups.  Her practice focuses in the areas of white collar investigations and advising clients on regulatory compliance and the effectiveness of their internal controls and compliance programs.  Ms. Capone routinely advises multinational companies and financial institutions, including cryptocurrency and other digital asset businesses, gaming businesses, fintechs, and payment processors, on BSA/AML and sanctions compliance matters.  She also has extensive experience representing clients before DOJ, SEC, OFAC, FinCEN, and federal banking regulators on a variety of white collar matters, including those involving BSA/AML, sanctions, anti-corruption, securities, and fraud matters.

Tory Roberts is an associate in the Washington, D.C. office.  She practices in the firm’s Litigation Department with a particular focus on white collar defense and investigations.  Ms. Roberts has experience representing financial institutions and multinational companies in investigations conducted by the SEC, DOJ, and FinCEN on matters involving alleged securities fraud, violations of the Foreign Corrupt Practices Act, and violations of anti-money laundering laws.  She also has experience advising clients on their compliance programs.

Monica Murphy is an associate in the Washington, D.C. office.  She practices in the firm’s Litigation Department, and her practice focuses on white collar investigations and environmental litigation.  Ms. Murphy has experience representing companies in investigations conducted by DOJ, SEC, and FinCEN on matters involving alleged violations of the Bank Secrecy Act and anti-money laundering laws.

© 2022 Gibson, Dunn & Crutcher LLP

Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.