Photo courtesy of the author
On March 12, 2025, the California Privacy Protection Agency (“CPPA”) announced that it reached a settlement with American Honda Motor Co. (“Honda”) in which Honda will pay a $632,500 fine to resolve claims that the company violated the CCPA. The enforcement action comes as part of the CPPA’s ongoing investigation into connected vehicle manufacturers, which began in 2023.
by Lloyd Firth, Dr. Jan-S. Wendler, Claire M. Guehenno, Kimberly A. Parker, Jay Holtmeier, Erin G.H. Sloane, Christopher Cestaro, and Lindsey Cullen
Top left to right: Lloyd Firth, Dr. Jan-S. Wendler, Claire M. Guehenno and Kimberly A. Parker. Bottom left to right: Jay Holtmeier, Erin G.H. Sloane, Christopher Cestaro and Lindsey Cullen (Photos courtesy of WilmerHale).
Anti-bribery and corruption agencies in the UK, France and Switzerland recently announced a shared commitment to tackling international bribery and corruption, by way of a new taskforce intended to strengthen collaboration.
This taskforce was announced by the UK’s Serious Fraud Office (SFO), France’s Parquet National Financier (PNF) and the Office of the Attorney General of Switzerland (OAG) at a meeting in London. Its founding statement notes “the significant threat of bribery and corruption” and states that its members recognise that “success relies on us working closely and effectively together”. It intends to deliver a working group for case cooperation and increased best practice sharing.
by Adam Siegel, Eric Bruce, Daniel Cendan, and Emmeline Chen
Left to right: Adam Siegel, Eric Bruce, Daniel Cendan, and Emmeline Chen (photos courtesy of authors)
Nearly two months into his second presidential term, President Trump and his Administration have engaged in a flurry of activity, issuing over 80 executive orders (EOs), 20 memoranda, and a dozen proclamations, as well as making personnel adjustments and redeploying various federal resources. Together with his Cabinet members, President Trump has sought to swiftly roll out policy initiatives, many of which reflect a significant change in course from the United States’ prior approaches and create uncertainty and new risks across multiple sectors.
by David Craig, Michael Koenig, and Mark Rosman
Left to right: David Craig, Michael Koenig, and Mark Rosman (photos courtesy of Secretariat and Proskauer Rose)
In the not-too-distant past, professionals used email as their primary, if not their only, means of electronic communication. Texting was a futuristic novelty but also clumsy endeavor requiring between one and four button pushes on a small keypad to produce a single letter on an even smaller screen. It goes without saying, text messaging was ill-suited for rapid and substantive business communications. While a company’s employees occasionally sent work-related text messages for scheduling purposes, clear dividing lines generally existed between personal and professional communication. This made litigation holds and discovery relatively straight forward: discoverable business-related communications were in one bucket and non-discoverable personal communications were in another.
Photo courtesy of the author
Directors’ liability for corporate trauma stemming from their failure to carry out their duties to oversee and terminate corporate misconduct is a vital tool in the effort to deter corporate crime. Delaware’s Caremark doctrine imposes such duties and liability on directors but this liability is only effective when two conditions are met: First, the corporate trauma must result from a legal violation, as opposed to a business risk. Second, the legal violation must constitute a “mission critical legal risk” (MCLR), as only then are directors subject to sufficiently specific and binding oversight duties to induce them to exert greater oversight over both compliance and suspected MCLR misconduct.[1]
Photo courtesy of Davis Wright Tremaine LLP
The 2025 ABA White Collar Crime Conference in Miami drew a large audience of more than 1,300 lawyers and another several hundred attending the evening’s events — and yet there was not a single DOJ representative. This reflects the amorphous and challenged state of DOJ leadership. I have not enough fingers to count the close generational friends and senior DOJ leaders who have been terminated, transferred, or forced out. Natural questions about who is leading and where, and how they propose to get there were unanswered. The White-Collar Bar have become advocates for those who have been our foils. The “Regulators Speak” presentation reflected the fraught state of affairs. The new CFTC Director of Enforcement and the Acting SEC Associate Director of Enforcement spoke and certainly professed that while certain priorities may shift the fundamental effort to protect market integrity would continue, though the SEC representative confirmed that they will be abiding by the FCPA stand-down. This presentation was met by an individual audience member who took the microphone to cast a broadside against the new Administration.
Photo courtesy of the author
For many years, regulatory uncertainty in the United States has been part of the landscape for innovators, particularly with the rise of emerging technologies such as cryptocurrencies, blockchain, and artificial intelligence. It can, unfortunately, thwart the progress of responsible innovation and place our innovators at a competitive disadvantage.
We recently have seen a dramatic example of regulatory uncertainty in the artificial intelligence space.
by Amber C. Thomson, Howard W. Waltzman, Kathryn Allen, and Megan P. Von Borstel
Amber C. Thomson, Howard W. Waltzman, Kathryn Allen, and Megan P. Von Borstel (Photos courtesy of Mayer Brown)
As the digital world becomes an integral part of children’s lives, state legislatures are placing greater emphasis on regulating how companies handle children’s personal information. This article explores the recent developments in state and federal children’s privacy legislation, examining how states are shaping the future of online safety for minors and shedding light on amendments to the federal Children’s Online Privacy Protection Act.
As social media companies and digital services providers increasingly cater to younger audiences, state legislatures are placing greater emphasis on regulating how companies handle children’s personal information. This Legal Update explores the recent developments in state and federal children’s privacy legislation, examining how states are shaping the future of online safety for minors and shedding light on amendments to the federal Children’s Online Privacy Protection Act (“COPPA”).
by Avi Gesser, Matt Kelly, Martha Hirst, and Samuel Thomson
Left to right: Avi Gesser, Matt Kelly, Martha Hirst, and Samuel Thomson (Photos courtesy of authors)
The first wave of the EU AI Act’s requirements came into force on 2 February 2025, namely:
All businesses caught by the EU AI Act’s jurisdictional scope – which is potentially very broad and may even exceed the scope of the GDPR – are now required to comply with these obligations.
by Ericka Aiken, Kevin Lamb, and Audrey Sapirstein
From Left to Right: Ericka Aiken, Kevin Lamb, and Audrey Sapirstein. (Photos courtesy of Wilmer Cutler Pickering Hale and Dorr LLP)
On January 8, 2025, the U.S. Department of Justice (DOJ) announced that a federal grand jury indicted the Chesapeake Regional Medical Center (CRMC) in Virginia for conspiracy to defraud the United States and health care fraud. In this rare move, DOJ seeks to hold a hospital criminally responsible for alleged fraudulent conduct committed by a physician at the hospital. The indictment alleges that from 2010 to 2019, CRMC and a former obstetrician-gynecologist with surgical privileges at CRMC conspired to defraud the government by performing medically unnecessary operations, submitting inaccurate and false bills, and failing to comply with applicable rules and regulations. According to the indictment, CRMC received approximately $18.5 million in reimbursements from health care benefit programs over that time for procedures performed by the former physician at the hospital.