Author Archives: Judy Jiang

SEC Chairman Announces Reforms to Wells Process and Settlement Procedures

by Courtney Andrews, Darryl Lew, Tami Stark, and Olivia Hussey

Photos of authors.

Courtney Andrews, Darryl Lew, Tami Stark, and Olivia Hussey (Photos courtesy of White & Case)

On October 7, 2025, U.S. Securities and Exchange Commission (“SEC” or “Commission”) Chairman Paul S. Atkins announced procedural reforms aimed at enhancing fairness and transparency in the agency’s enforcement program.[1] Chairman Atkins emphasized that the reforms focus on the SEC’s three-part mission: to protect investors; to maintain fair, orderly, and efficient markets; and to facilitate capital formation. These changes will have implications for companies and individuals facing potential enforcement actions.

Continue reading

California Restricts Use of Common Pricing Algorithms, Reforms the Pleading Standard for Certain Antitrust Claims, and Increases Penalties

by Eyitayo “Tee” St. Matthew-Daniel, Joshua Hill Jr., Christopher M. Wilson, and Yoosun Koh

Photos of authors.

Eyitayo “Tee” St. Matthew-Daniel, Joshua Hill Jr., Christopher M. Wilson, and Yoosun Koh (Photos courtesy of Paul, Weiss)

On October 6, 2025, California enacted AB 325 and SB 763. These two laws amend the state’s primary antitrust statute, the Cartwright Act, which generally prohibits combinations or agreements between two or more entities in restraint of trade, such as agreements to fix prices or to limit production. These amendments are effective as of January 1, 2026.

Together, AB 325 and SB 763:

  • Add two new Cartwright Act violations related to the use or distribution of “common pricing algorithms.”
  • Lower the pleading standard for Cartwright Act claims.
  • Establish civil penalties for violations of the Cartwright Act and increase maximum criminal penalties.
  • Make remedies and penalties for Cartwright Act violations cumulative.

Below, we provide a high-level overview of the new laws and offer some observations.

Continue reading

Lessons Learned: One Year of Form 8-K Material Cybersecurity Incident Reporting

by Charu A. ChandrasekharErez LiebermannBenjamin R. Pedersen, Paul M. RodelMatt Kelly, Anna Moody, John Jacob, and Talia Lorch 

Photos of authors.

Top (left to right): Charu A. Chandrasekhar, Erez Liebermann, Benjamin R. Pedersen, and Paul M. Rodel. Bottom (left to right): Matt Kelly, Anna Moody, John Jacob, and Talia Lorch. (Photos of courtesy of Debevoise & Plimpton LLP)

On December 18, 2023, the Securities and Exchange Commission’s (the “SEC”) rule requiring disclosure of material cybersecurity incidents became effective. To date, 26 companies have reported a cybersecurity incident under the new Item 1.05 of Form 8-K (“Item 1.05”). After over a year of mandatory cybersecurity incident reporting, we examine the key trends and takeaways.

Key Takeaways from a Year of Cybersecurity Incident Reporting on Form 8-K

In early 2024, companies filed a flurry of Forms 8-K under Item 1.05, which stated that the relevant cybersecurity incidents did not have material impacts on the companies’ financial conditions or results of operations. These disclosures were in response to the SEC’s rules requiring that cybersecurity incident disclosures include a description of “the material aspects of the nature, scope, and timing of the incident, and the material impact or reasonably likely material impact on the issuer, including its financial condition and results of operations.” Following these disclosures, the SEC clarified its expectations for cybersecurity incident reporting in a statement issued by the Director of the SEC’s Division of Corporation Finance (the “Statement”), as well as through several comment letters issued by the Staff of the SEC (the “Staff”) to companies which filed Item 1.05 Forms 8-K.

Continue reading

SEC Staff Clarifies That Meme Coins Are Not Securities

by Jenny Cieplak, Zachary Fallon, Ghaith Mahmood, Yvette D. Valdez, Stephen P. Wink, and Deric Behar

Photos of authors.

Top left to right: Jenny Cieplak, Zachary Fallon, and Ghaith Mahmood. Bottom left to right: Yvette D. Valdez, Stephen P. Wink, and Deric Behar. (Photos courtesy of Latham & Watkins LLP)

The Staff stated that most meme coins are not subject to federal securities laws or SEC fraud enforcement; who will oversee meme coins remains an open question.

On February 27, 2025, the Securities and Exchange Commission’s (SEC’s) Division of Corporation Finance published a Staff Statement on Meme Coins (the Statement). The Statement is the first tangible clarification of how the federal securities laws apply to a specific category of crypto since President Trump issued an executive order on digital assets (for more information, see this Latham blog post) and the SEC established a Crypto Task Force (for more information, see this Latham blog post). The Statement is responsive to the Crypto Task Force’s first priority (as highlighted by SEC Commissioner Hester Peirce, who leads the task force): determining the status of digital assets under the securities laws.

Continue reading

For AI Innovators Seeking to Mitigate the Risks of Regulatory Uncertainty, It Pays to Remember the Fundamentals

by Charles V. Senatore

Photo of the author.

Photo courtesy of the author

For many years, regulatory uncertainty in the United States has been part of the landscape for innovators, particularly with the rise of emerging technologies such as cryptocurrencies, blockchain, and artificial intelligence.  It can, unfortunately, thwart the progress of responsible innovation and place our innovators at a competitive disadvantage. 

We recently have seen a dramatic example of regulatory uncertainty in the artificial intelligence space. 

Continue reading

Children’s Online Privacy: Recent Actions by the States and the FTC

by Amber C. Thomson, Howard W. Waltzman, Kathryn Allen, and Megan P. Von Borstel

Photos of authors.

Amber C. Thomson, Howard W. Waltzman, Kathryn Allen, and Megan P. Von Borstel (Photos courtesy of Mayer Brown)

As the digital world becomes an integral part of children’s lives, state legislatures are placing greater emphasis on regulating how companies handle children’s personal information. This article explores the recent developments in state and federal children’s privacy legislation, examining how states are shaping the future of online safety for minors and shedding light on amendments to the federal Children’s Online Privacy Protection Act.

As social media companies and digital services providers increasingly cater to younger audiences, state legislatures are placing greater emphasis on regulating how companies handle children’s personal information. This Legal Update explores the recent developments in state and federal children’s privacy legislation, examining how states are shaping the future of online safety for minors and shedding light on amendments to the federal Children’s Online Privacy Protection Act (“COPPA”).

Continue reading

President Trump and Attorney General Bondi Announce Significant Shift in FCPA and Other Corporate Enforcement Priorities

by Kimberly A. Parker, Matt Jones, Jay Holtmeier, Erin G.H. Sloane, Christopher Cestaro, Brenda E. LeeAaron M. Zebley and Emily L. Stark

Photos of authors.

Top left to right: Kimberly Parker, Matt Jones, Jay Holtmeier, and Erin Sloane. Bottom left to right: Christopher Cestaro, Brenda Lee, Aaron Zebley, and Emily Stark. (Photos courtesy of Wilmer Cutler Pickering Hale and Dorr LLP).

Soon after being sworn in, President Trump issued Executive Orders identifying top administration priorities: combating illegal immigration, drug cartels, and unlawful DEI practices. Taking a similar tack, on her first day in office, February 5, 2025, Attorney General Pamela Bondi instructed the US Department of Justice (“DOJ” or “Department”) to redirect its enforcement efforts from certain corporate crimes so that it could devote greater attention to the priorities outlined by the President. Across fourteen memoranda that promised more guidance to follow, Attorney General Bondi detailed changes that could transform the corporate enforcement landscape. This included a direction to the Foreign Corrupt Practices Act (“FCPA”) Unit of the DOJ to “prioritize investigations related to foreign bribery that facilitates the criminal operations of Cartels and TCOs,” or transnational criminal organizations, and to “shift focus away from investigations and cases that do not involve such a connection.”[1]

Continue reading

CFPB Report Signals Shift to State-Level Enforcement

by Paul Connell, Swain Wood, Frank Gorman, John Wells, Mathew Benedetto, and Zach Lass

Photo of authors.

Top left to right: Paul Connell, Swain Wood, and Frank Gorman.
Bottom left to right: John Wells, Matthew Benedetto, and Zach Lass. (Photos courtesy of Wilmer Cutler Pickering Hale and Dorr LLP)

On January 14, 2025, the Consumer Financial Protection Bureau (CFPB) issued a report titled Strengthening State-Level Consumer Protections (the Report) as the agency prepares for the change in presidential administrations. The CFPB offers recommendations to states to strengthen their consumer protection laws and increase enforcement activity against certain companies, including banks and other financial services companies. The Report was accompanied by a lengthy Compendium of Recent CFPB Guidance, which includes a significant amount of the agency’s Biden-era guidance, stating that it is the CFPB’s hope that these “guidance documents implementing the federal consumer financial laws prove useful to the courts in their interpretation of those laws, as well as to the various enforcers of them.”

Continue reading

Cybersecurity Disclosure and Enforcement Developments and Predictions

by Francesca L. OdellRahul Mukhi, Tom Bednar, Nina E. Bell, and Greg Stephens

Photos of the authors

Left to right: Francesca L. Odell, Rahul Mukhi, Tom Bednar, and Nina E. Bell (Photos courtesy of Cleary Gottlieb Steen & Hamilton LLP) (Not Pictured: Greg Stephens)

The SEC pursued multiple high-profile enforcement actions in 2024, alongside issuing additional guidance around compliance with the new cybersecurity disclosure rules.

Together these developments demonstrate a continued focus by the SEC on robust disclosure frameworks for cybersecurity incidents. Public companies will need to bear these developments in mind as they continue to grapple with cybersecurity disclosure requirements going into 2025.

Continue reading

FTC Announces New Enforcement Initiative Targeting Deceptive AI Practices

by Robert A. Cohen, James W. Haldin, Daniel S. Kahn, Maude Paquin, and Michael Scheinkman

Photos of the authors

Left to right: Robert A. Cohen, James W. Haldin, Daniel S. Kahn, Maude Paquin, and Michael Scheinkman (Photos courtesy of Davis Polk & Wardwell LLP)

The Federal Trade Commission launched Operation AI Comply, announcing enforcement actions against five companies for alleged deception regarding artificial intelligence.  The FTC’s actions mark the latest U.S. scrutiny of AI-related misconduct. 

Background

On September 25, 2024, as part of a new enforcement “sweep” called Operation AI Comply, the FTC announced enforcement actions against five companies that allegedly used artificial intelligence (AI) to “supercharge deceptive or unfair conduct that harms consumers.”  According to the FTC, these cases showcase how “hype surrounding AI” is used to “lure consumers into bogus schemes” and to provide AI-based tools that themselves can be used to deceive consumers.  In announcing the actions, FTC Chair Lina Khan stated that “[t]he FTC’s enforcement actions make clear that there is no AI exemption from the laws on the books.”

Continue reading