Category Archives: Consumer Protection

The GENIUS Act: A New Era of Stablecoin Regulation

by Jeffrey Steiner, Jason Cabral, Ro Spaziani, and Sara Weed

Left to Right: Jeffrey Steiner, Jason Cabral, Ro Spaziani, and Sara Weed (Photos courtesy of the authors)

The Act is the most significant United States law affecting the digital assets industry to date and reflects the Administration’s and Congress’ priorities of establishing a comprehensive framework for the United States’ approach to digital assets and related activities.

On July 18, 2025, the President signed the Guiding and Establishing National Innovation for U.S. Stablecoins Act (the GENIUS Act or the Act) into law.  The GENIUS Act is the most significant United States law affecting the digital assets industry to date and reflects the Administration’s and Congress’ priorities of establishing a comprehensive framework for the United States’ approach to digital assets and related activities.  The legislation, which benefited from strong bipartisan support, was adopted on June 17, 2025 in the U.S. Senate by a vote of 68 to 30, and in the U.S. House of Representatives by a vote of 308 to 122, on July 17, 2025.

Continue reading

CPPA Fines Honda $632,500 for CCPA Violations

by Jenna N. Rode

Photo courtesy of the author

On March 12, 2025, the California Privacy Protection Agency (“CPPA”) announced that it reached a settlement with American Honda Motor Co. (“Honda”) in which Honda will pay a $632,500 fine to resolve claims that the company violated the CCPA. The enforcement action comes as part of the CPPA’s ongoing investigation into connected vehicle manufacturers, which began in 2023.

Continue reading

Explaining Credit Scores – The ECJ Rules on Automated Credit Assessments

by Katja Langenbucher and Kevin Bauer

Photos of the authors

Left to right: Katja Langenbucher and Kevin Bauer (photos courtesy of authors)

A little over a year ago, the SCHUFA tightened the requirements for credit scoring under the EU GDPR. On February 27, the Court handed down further instructions on providing scored consumers with “meaningful information about the logic involved” as required by Art. 15(1)(h) of the GDPR.

Continue reading

A New FTC Labor Task Force

by Bruce McCulloch, Justin Stewart-Teitelbaum, Nina Frant, Angela Landry, and Emily Abbott

Photos of the authors

Left to right: Bruce McCulloch, Justin Stewart-Teitelbaum, Nina Frant, Angela Landry, and Emily Abbott (photos courtesy of Freshfields)

On February 24, 2025, Federal Trade Commission (“FTC”) Chairman Andrew Ferguson announced the creation of a new labor task force. The task force calls for the FTC’s Bureau of Competition, Bureau of Consumer Protection, Bureau of Economics, and Office of Policy Planning (“OPP”) to coordinate to investigate corporate labor practices that affect consumers. The task force was formally created via memorandum on February 26, 2025.

Continue reading

The EU AI Act Countdown Is Over: First Wave of Requirements Now in Force

by Avi Gesser, Matt Kelly, Martha Hirst, and Samuel Thomson

Photos of the authors

Left to right: Avi Gesser, Matt Kelly, Martha Hirst, and Samuel Thomson (Photos courtesy of authors)

The first wave of the EU AI Act’s requirements came into force on 2 February 2025, namely:

  • Prohibited AI: the ban on the use and distribution of prohibited AI systems, and
  • AI Literacy: the requirement to ensure staff using and operating AI possess sufficient AI literacy.

All businesses caught by the EU AI Act’s jurisdictional scope – which is potentially very broad and may even exceed the scope of the GDPR – are now required to comply with these obligations.

Continue reading

CFPB Report Signals Shift to State-Level Enforcement

by Paul Connell, Swain Wood, Frank Gorman, John Wells, Mathew Benedetto, and Zach Lass

Photo of authors.

Top left to right: Paul Connell, Swain Wood, and Frank Gorman.
Bottom left to right: John Wells, Matthew Benedetto, and Zach Lass. (Photos courtesy of Wilmer Cutler Pickering Hale and Dorr LLP)

On January 14, 2025, the Consumer Financial Protection Bureau (CFPB) issued a report titled Strengthening State-Level Consumer Protections (the Report) as the agency prepares for the change in presidential administrations. The CFPB offers recommendations to states to strengthen their consumer protection laws and increase enforcement activity against certain companies, including banks and other financial services companies. The Report was accompanied by a lengthy Compendium of Recent CFPB Guidance, which includes a significant amount of the agency’s Biden-era guidance, stating that it is the CFPB’s hope that these “guidance documents implementing the federal consumer financial laws prove useful to the courts in their interpretation of those laws, as well as to the various enforcers of them.”

Continue reading

Use of Artificial Intelligence in CFTC-Regulated Markets

by Marc Gilman

Photo of the author

Photo courtesy of the author

On December 5, 2024, the U.S. Commodity Futures Trading Commission (the “CFTC,” or the “Commission”) staff issued an advisory related to the use of artificial intelligence (“AI”) by CFTC-registered entities and registrants (the “Advisory”). In tandem, two CFTC representatives – Chairman Rostin Behnam and Commissioner Kristin N. Johnson – released statements supporting the Advisory and offering thoughts about the current and future implications of AI on CFTC registrants. This blog post will summarize the contents of the Advisory as well as the related statements of the CFTC representatives to collect a set of practical considerations for designing CFTC compliance programs to meet evolving regulatory expectations for the use of AI. 

Continue reading

Sweeping AI Legislation Under Consideration in Virginia

by Beth Waller and Patrick Austin

Photos of authors

Beth Burgin Waller and Patrick J. Austin (photos courtesy of Woods Rogers Vandeventer Black PLC)

Virginia, a leader in technology and privacy related regulations, is methodically examining artificial intelligence legislation.  In particular, significant legislation establishing a regulatory framework for high-risk Artificial Intelligence (AI) systems is currently being considered by the Virginia General Assembly’s Joint Commission on Technology and Science (JCOTS). JCOTs – a permanent legislative agency that studies and develops technology and science related policies in Virginia – has held several hearings on the topic in an effort to hear expertise related to AI issues and has formed an AI specific Subcommittee.  The JCOTS AI Subcommittee is considering two pieces of legislation that would govern the use of high-risk AI systems by public entities and private sector entities.

Continue reading

Digital Services Act Decoded #1: DSA Enforcement – Key Points

by Laura Knoke, Lutz Riede, Tobias Timmann, Janet Kim, Tristan Lockwood, Luca Mischensky, and Juliana Heer

Top Left to Right: Laura Knoke, Lutz Riede, Tobias Timmann, and Janet H. Kim. Bottom Left to Right: Tristan Lockwood, Luca Mischensky, and Juliana Heer (photos courtesy of Freshfields Bruckhaus Deringer LLP)

The Digital Services Act (DSA) empowers both the European Commission (Commission) and Member State Digital Services Coordinators (DSCs) to take tough enforcement action against non-compliance. Since DSA obligations became fully applicable for most very large online platforms (VLOPs) and very large online search engines (VLOSEs) in August 2023, compliance has been at the top of the Commission’s regulatory agenda. With enforcement action continuing to ramp up over the past year, and obligations for all other intermediary services coming into force in February 2024, it is vital for service providers subject to the DSA to be familiar with the DSA’s different enforcement mechanisms and areas of focus. The enforcement landscape is one that is further complicated by the ability of private parties, such as service users and consumer protection organisations, to bring private actions to facilitate DSA compliance.

Continue reading

Protecting Consumers’ Location Data: Key Takeaways from Four Recent Cases

by Bhavna Changrani

Photo courtesy of the author

Photo courtesy of the author

Since the start of this year, the FTC has announced four groundbreaking cases addressing issues with how businesses collect and, in some cases misuse, people’s location data. If your business collects, buys, sells, or uses location data, take a minute to read about the FTC’s most recent enforcement actions against data brokers and aggregators — MobilewallaGravy/Venntel, InMarket, and X-Mode/Outlogic — and consider these takeaways:

Continue reading