AI in the 2024 Proxy Season: Managing Investor and Regulatory Scrutiny

by William SavittMark F. VeblenKevin S. SchwartzNoah B. YavitzCarmen X. W. Lu, and Courtney D. Hauck

Photos of the authors

Top from left to right: William Savitt, Mark F. Veblen, and Kevin S. Schwartz.
Bottom left to right: Noah B. Yavitz, Carmen X. W. Lu, and Courtney D. Hauck. (Photos courtesy of Wachtell, Lipton, Rosen & Katz)

Corporate disclosures concerning artificial intelligence have increased dramatically in the past year, with Bloomberg reporting that nearly half of S&P 500 companies referenced AI in their most recent annual reports. And some investors are clamoring for even more, using shareholder proposals to press public companies for detailed disclosures concerning AI initiatives, policies, and practices — including, most recently, an Apple shareholder proposal that attracted significant support at a meeting last week. Regulators, meanwhile, have signaled increasing scrutiny of AI-related corporate disclosures, including in a February speech by SEC Chair Gensler cautioning against “AI washing” — the practice of overstating or misstating corporate AI activity. For the 2024 proxy season and beyond, public companies will need to balance the competing demands of regulators and investors, in order to craft effective, responsive strategies for engaging with their stockholders on AI topics. 

Continue reading

Department of Commerce, Department of the Treasury, and Department of Justice Tri-Seal Compliance Note: Obligations of foreign-based persons to comply with U.S. sanctions and export control laws

by the Department of Commerce, Department of the Treasury, and Department of Justice

Photos of authors

OVERVIEW

Today’s increasingly interconnected global marketplace offers unprecedented opportunities for companies around the world to trade with the United States and one another, contributing to economic growth. At the same time, malign regimes and other bad actors may attempt to misuse the commercial and financial channels that facilitate foreign trade to acquire goods, technology, and services that risk undermining U.S. national security and foreign policy and that challenge global peace and prosperity. In response to such risks, the United States has put in place robust sanctions and export controls to restrict the ability of sanctioned actors to misuse the U.S. financial and commercial system in advance of malign activities.

These measures can create legal exposure not only for U.S. persons, but also for non-U.S. companies who continue to engage with sanctioned jurisdictions or persons in violation of applicable laws. To mitigate the risks of non-compliance, companies outside of the United States should be aware of how their activities may implicate U.S. sanctions and export control laws. This Note highlights the applicability of U.S. sanctions and export control laws to persons and entities located abroad, as well as the enforcement mechanisms that are available for the U.S. government to hold non-U.S. persons accountable for violations of such laws, including criminal prosecution. It further provides an overview of compliance considerations for non-U.S. companies and compliance measures to help mitigate their risk.

Continue reading

FTC Cracks Down on Mass Data Collectors: A Closer Look at Avast, X-Mode, and InMarket

by Staff at the Federal Trade Commission

Federal Trade Commission

Three recent FTC enforcement actions reflect a heightened focus on pervasive extraction and mishandling of consumers’ sensitive personal data.

Proposed Settlements with Avast[1], X-Mode[2], and InMarket[3]

In mid February, the FTC announced a proposed settlement to resolve allegations that Avast, a security software company, unfairly sold consumers’ granular and re-identifiable browsing information—information that Avast amassed through its antivirus software and browser extensions after telling consumers that Avast’s software would protect their privacy, and that any disclosure of their browsing information would only be in aggregate and anonymous form.

In January of this year, the FTC announced proposed settlements with two data aggregators, X-Mode Social and InMarket, to resolve a host of allegations stemming from how those companies handled consumers’ location data. Both companies, the FTC alleged, collected precise location data from consumers’ phones through the data aggregators’ own mobile apps and those of third parties (via software development kits, or “SDKs,” provided by the data aggregators). X-Mode, the FTC alleged, sold consumers’ location data to private government contractors without first telling consumers or obtaining consumers’ consent to do so. And InMarket, the agency alleged, used consumers’ location data to sort them into particularized audience segments—like “parents of preschoolers,” “Christian church goers,” “wealthy and not healthy,” etc.—that InMarket then provided to advertisers.

Continue reading

SEC Issues Long-Awaited Climate-Related Disclosure Rule

by Eric T. Juergens, Benjamin R. Pedersen, Paul M. Rodel, Kristin A. Snyder, Caroline N. Swett, Ulysses Smith, Michael Keene, Mie Morikubo, Michael Pan, Amy Pereira, and Maayan G. Stein

photos of authors

Top left to right: Eric T. Juergens, Benjamin R. Pedersen, Paul M. Rodel, Kristin A. Snyder, Caroline N. Swett, and Ulysses Smith. Bottom left to right: Michael Keene, Mie Morikubo, Michael Pan, Amy Pereira, and Maayan G. Stein. (Photos courtesy of Debevoise & Plimpton LLP).

On March 6, 2024, the U.S. Securities and Exchange Commission (“SEC”) adopted a long-awaited final rule, The Enhancement and Standardization of Climate-Related Disclosures for Investors, which will require registrants, including foreign private issuers (“FPIs”),[1] to disclose extensive climate-related information in their registration statements and periodic reports (the “Final Rule”). The Final Rule is intended to facilitate the disclosure of “complete and decision-useful information about the impacts of climate-related risks on registrants” and to improve “the consistency, comparability, and reliability of climate-related information for investors.” The Final Rule constitutes one of the most significant changes ever to SEC disclosure requirements, and is expected to face legal challenges. The Final Rule is available here and the accompanying fact sheet is available here.

Continue reading

WilmerHale Global Anti-Bribery Year-in-Review: 2023 Developments and Predictions for 2024

by Kimberly Parker, Jay Holtmeier, Erin Sloane, Christopher Cestaro, Sandra Redivo, Matthew Girgenti, Elliot Shackelford, and Keun Young Bae

Top left to right: Kimberly Parker, Jay Holtmeier, Erin Sloane, and Christopher Cestaro.
Bottom left to right: Sandra Redivo, Matthew Girgenti, Elliot Shackelford, and Keun Young Bae. (Photos courtesy of Wilmer Cutler Pickering Hale and Dorr LLP).

Although publicly announced Foreign Corrupt Practices Act (FCPA) enforcement activity remains lower than the levels reached a few years ago, 2023 saw a modest increase in the overall number of FCPA enforcement actions (26 in 2022 vs. 27 in 2023).  This was seen especially in the number of corporate resolutions (12 in 2022 vs. 15 in 2023).  The combined total of monetary penalties decreased, from $1.56 billion in 2022 to $776 million in 2023.  Nonetheless, senior officials at the Department of Justice (DOJ) and the Securities and Exchange Commission (SEC) again signaled, through policy changes and public announcements, that anti-corruption enforcement is a priority and that there will be significant and growing enforcement efforts going forward.  Below are the key takeaways regarding FCPA enforcement in 2023 and trends to keep in mind as we look ahead to 2024.

Continue reading

“Expect Some Illumination”: A Fresh Look at U.S. Congressional Hearings in the Era of Sanctions and Export Controls as the New FCPA

by Brent Carlson and Michael Huneke

Photos of the authors.

From left to right: Brent Carlson and Michael Huneke (Photos courtesy of authors)

The 118th U.S. Congress has taken an active and bipartisan interest in U.S. sanctions and export controls. With reports that U.S. executives have been asked to testify before the U.S. House Select Committee on the Chinese Communist Party[1] and recent hearings before a U.S. Senate subcommittee previewing further questions for both companies and regulators,[2] U.S. companies whose products might require a license for export to China or that might be found in Russian or Iranian weapons should prepare for congressional scrutiny—and congressional pressure on the U.S. Executive Branch departments to deliver enforcement results. Continue reading

DOJ Continues to Modernize its Criminal Antitrust Enforcement Strategy

by Richard A. Powers

(Photo courtesy of the author)

Over the past few years, the Justice Department has been hard at work on a comprehensive update to the way it detects, investigates, and prosecutes price-fixing cartels. Several recent announcements, including at last week’s ABA White Collar Conference, preview the DOJ Antitrust Division’s next steps in this generational shift—the goals of which are to refine disclosure incentives, promote individual accountability, and obtain trial convictions.

First, on March 7, 2024, Deputy Attorney General Lisa Monaco announced the DOJ is kicking off a 90-day whistleblower “policy sprint”; the finish line is a new program to complement existing regulators’ programs, rewarding qualifying whistleblowers for bringing non-public, previously unknown misconduct to the DOJ’s attention. The Antitrust Division has long sought to encourage individual self-reporting as a complement to its corporate VSD policy, so expect that this initiative will aim to improve that incentive structure. Next, the DOJ updated the Justice Manual to incorporate the M&A safe harbor policy that it announced last fall. Notably for antitrust practitioners, the JM updates included changes to the Antitrust Division’s leniency policy that provide much-needed clarification on how companies that detect potential collusion at an M&A target can avoid inheriting those liabilities by promptly reporting to DOJ. Third, senior Antitrust Division officials continue to emphasize that they are focused on developing investigations through affirmative investigative techniques, such as wiretaps and whistleblowers.

Continue reading

Paying Criminal Whistleblowers: DOJ Announces A Program to Pay For Tips, and the SFO Is Considering Doing So Too

by Joshua A. Naftalis, Matt Getz, and Tracey Dovaston

From left to right: Joshua A. Naftalis, Matt Getz, and Tracey Dovaston. (Photos courtesy of Pallas Partners LLP).

In the past two weeks, the U.S. Department of Justice (DOJ) and the U.K. Serious Fraud Office (SFO) each made announcements about paying financial bounties to whistleblowers.  On March 7, 2024, U.S. Deputy Attorney General Lisa Monaco announced a new DOJ whistleblower program that will compensate individual whistleblowers for reporting corporate or financial misconduct previously unknown to DOJ.  This announcement followed a February 13, 2024 speech by SFO Director Nick Ephgrave, who said that he supported the idea of paying whistleblowers.    

Continue reading

State Governments Move to Regulate AI in 2024

by Louis W. Tompros, Arianna Evers, Eric P. Lesser, Allie Talus, and Lauren V. Valledor

Photos of authors

(Left to right) Louis W. Tompros, Arianna Evers, Eric P. Lesser, Allie Talus, and Lauren V. Valledor (Photos courtesy of Wilmer Cutler Pickering Hale and Dorr LLP)

Recently, New York Governor Kathy Hochul proposed sweeping artificial intelligence (AI) regulatory measures intended to protect against untrustworthy and fraudulent uses of AI. Presented as part of her FY 2025 Executive Budget, the bill would amend existing penal, civil rights and election laws—establishing a private right of action for voters and candidates impacted by deceptive AI-generated election materials and criminalizing certain AI uses, among other measures. Governor Hochul’s proposals are part of a wider trend of governors and state lawmakers taking more expansive measures to regulate AI that deserve attention from businesses developing and using AI.

Continue reading

FCC Ruling on AI-Facilitated Fraud Illustrates the Need for Forward-Looking Enterprise Risk Management

by William Savitt, Mark F. Veblen, Noah B. Yavitz, and Courtney D. Hauck

From left to right: William Savitt, Mark F. Veblen, Noah B. Yavitz, and Courtney D. Hauck (Photos courtesy of Wachtell, Lipton, Rosen & Katz)

In response to a recent boom in AI-powered robocall scams, the U.S. Federal Communications Commission announced yesterday a Declaratory Ruling confirming that the Telephone Consumer Protection Act, which regulates telemarketing and robocalls, also applies to calls using AI-generated voices. Other federal agencies and state legislatures have similarly moved to police the use and abuse of audio “deepfakes” — in which widely available tools can be used to generate realistic voice simulations from brief recordings. As technology continues to outpace regulation, boards must embrace a proactive approach to risk management, accounting for AI’s capacity to compromise long-standing practices in cybersecurity and internal controls.

Continue reading