Part 2: Children and Location: Ferguson’s FTC Privacy Enforcement Priorities
While Andrew Ferguson advocates for a restrained regulatory approach at the FTC, his statements and voting record reveal clear priority areas where businesses can expect continued vigorous enforcement. Two areas stand out in particular: children’s privacy and location data. This is the second post in our series on what to expect from the FTC under Ferguson as chair.
Our previous post examined Ferguson’s broad regulatory philosophy centered on “Staying in Our Lane.” This post focuses specifically on the two areas where Ferguson has shown the strongest commitment to vigorous enforcement, explaining how these areas are exceptions to his generally cautious approach to extending FTC authority.
Prioritizing Children’s Privacy
Ferguson has demonstrated strong support for protecting children’s online privacy. In his January 2025 concurrence on COPPA Rule amendments, he supported the amendments as “the culmination of a bipartisan effort initiated when President Trump was last in office.” However, he also identified specific problems with the final rule, including:
Provisions that might inadvertently lock companies into existing third-party vendors, potentially harming competition;
A new requirement prohibiting indefinite data retention that could have unintended consequences, such as deleting childhood digital records that adults might value; and
Missed opportunities to clarify that the rule doesn’t obstruct the use of children’s personal information solely for age verification.
Ferguson’s enforcement record as commissioner reveals his belief that children’s privacy represents a “settled consensus” area where the commission should exercise its full enforcement authority. In the Cognosphere (Genshin Impact) settlement from January 2025, Ferguson made clear that COPPA violations alone were sufficient to justify his support for the case, writing that “these alleged violations of COPPA are severe enough to justify my voting to file the complaint and settlement even though I dissent from three of the remaining four counts.”
In his statement on the Social Media and Video Streaming Services Report from September 2024, Ferguson argued for empowering parents:
“Congress should empower parents to assert direct control over their children’s online activities and the personal data those activities generate… Parents should have the right to see what their children are sending and receiving on a service, as well as to prohibit their children from using it altogether.”
The FTC’s long history of COPPA enforcement across multiple administrations means businesses should expect continued aggressive action in this area under Ferguson. His statements suggest he sees children’s privacy as uniquely important, perhaps because children cannot meaningfully consent to data collection and because Congress has provided explicit statutory authority through COPPA, aligning with his preference for clear legislative mandates.
Location Data: A Clear Focus Area
Ferguson has shown particular concern about precise location data, which he views as inherently revealing of private details about people’s lives. In his December 2024 concurrence on the Mobilewalla case, he supported holding companies accountable for:
“The sale of precise location data linked to individuals without adequate consent or anonymization,” noting that “this type of data—records of a person’s precise physical locations—is inherently intrusive and revealing of people’s most private affairs.”
The FTC’s actions against location data companies signal that this will remain a priority enforcement area. Although Ferguson concurred in the complaints in the Mobilewalla case, he took a nuanced position. He supported charges related to selling precise location data without sufficient anonymization and without verifying consumer consent. However, he dissented from counts alleging unfair practices in categorizing consumers based on sensitive characteristics, arguing that “the FTC Act imposes consent requirements in certain circumstances. It does not limit how someone who lawfully acquired those data might choose to analyze those data.”
What This Means for Businesses
Companies should pay special attention to these two priority areas in their compliance efforts:
For Children’s Privacy:
Revisit COPPA compliance if your service may attract children
Review age verification mechanisms and parental consent processes
Implement data minimization practices for child users
Consider broader parental control features
For Location Data:
Implement clear consent mechanisms specifically for location tracking
Consider anonymization techniques for location information
Document processes for verifying consumer consent for location data
Be cautious about tying location data to individual identifiers
Implement and document reasonable retention periods for location data
While Ferguson may be more cautious about expanding the FTC’s regulatory reach in new directions, these established priority areas will likely see continued robust enforcement under his leadership. Companies should ensure their practices in these sensitive domains align with existing legal requirements.
Listen to this post
CFPB Update: Policy and Leadership Changes Further Belief the Consumer Protection Agency Has Lost (Most of) Its Bite
Changes regarding the future of the Consumer Financial Protection Bureau (CFPB), including both the agency’s leadership and its policy priorities, have been rapidly announced by the Trump administration.1 While the consumer finance industry had not predicted the leadership issue, the policy announcement reflects a consistent approach to “downsizing” the agency to focus on a limited range of policy objectives.
McKernan Is Out as the President’s Nominee to Lead the CFPB
Jonathan McKernan previously served as a director on the Board of Directors of the Federal Deposit Insurance Corporation (FDIC) as a Republican participant nominated in 2023 by President Biden. Since his resignation from the FDIC Board on February 10, McKernan had been biding his time as the President’s pick to lead the CFPB. On Friday, May 9, however, US Treasury Secretary Scott Bessent announced that McKernan would shortly be nominated as President Trump’s nominee for undersecretary of domestic finance at the US Treasury. The announcement surprised the consumer finance industry, as confirmation hearings had been held in late February 2025 before the Senate Banking Committee, and Sen. Tim Scott (R-SC) had said as recently as April 8 that McKernan could be confirmed “sometime probably in May.”2
As of the date of this advisory’s publication, the Trump administration has not announced an official reason for the change in McKernan’s proposed administration position. Banking trade groups have reacted very positively to McKernan’s appointment to the US Treasury position.3 It appears likely that Acting Director Russell Vought, who concurrently serves as Trump’s Director of the Office of Management and Budget and acting director of the CFPB, will continue in his consumer protection agency role on an acting basis. Notably, having a “dual-hatted” employee who is responsible for ensuring compliance with the Dodd-Frank Wall Street Reform and Consumer Protection Act’s provisions related to consumer protection has a basis in the Trump 1.0 administration. Specifically, Mick Mulvaney served as Trump’s Director of the Office of Management and Budget while also serving as acting director of the CFPB from November 2017 to December 2018.
CFPB Policy Priorities
In addition to the personnel announcement noted above, the CFPB announced on Friday via publication in the Federal Register4 that certain previously issued guidance, interpretive rules, policy statements, and advisory opinions would no longer be “enforced or otherwise relied upon” in connection with the agency’s supervisory and enforcement powers while the agency continues a review mandated by Vought to determine “whether [such guidance or interpretive material] should ultimately be retained.”5 As the May Announcement describes, the agency’s “current policy [is] to avoid guidance except where necessary and where compliance burdens would be reduced rather than increased.”6 Moreover, the rescission of such materials is claimed to support “President Trump’s directives to deregulate and streamline bureaucracy.”7
With over 60 prior policies or guidance documents rescinded, the breadth of the rescissions touches every aspect of consumer finance. Included in the May Announcement are policy statements related to consumer complaint data (including narrative data), interpretive rules related to the authority of states to enforce consumer financial protections, advisory opinions on the collection of time-barred debt, and guidance related to whistleblower protections under the Consumer Financial Protection Act.
Finally, we note that the CFPB previously announced its de-prioritization of guidance related to Buy Now Pay Later products on May 6 although it was also included in the May Announcement.8
What This Means
Clearly, the compliance burdens imposed upon providers of consumer financial products and services have been mitigated, if not nearly wholly abandoned, at the federal level. While the May Announcement makes clear that the CFPB’s review of the rescinded materials is ongoing, the reinstatement of any of the rescinded agency materials seems highly doubtful. While the CFPB may no longer have “teeth” in connection with compliance obligations previously applicable to these consumer finance practice areas, it is widely expected that private plaintiffs as well as “blue state” attorneys general and banking regulators will largely seek to fill any perceived void. To that end, banks and consumer finance companies should be vigilant in their efforts to mitigate compliance and litigation risks as violations of federal law premised in unfair and deceptive practices, fraud and/or statutory requirements often provide a basis for private and regulatory action.9
1 See Katten’s prior advisory on the CFPB’s priorities at https://katten.com/cfpb-suggests-shift-in-supervision-and-enforcement-priorities.
2 American Banker, “Senate eyes May for CFPB nomination vote, Scott says,” April 8, 2025, available at https://www.americanbanker.com/news/senate-eyes-may-for-cfpb-nomination-vote-scott-says.
3 See, for example, a statement by the American Bankers Association President and CEO Rob Nichols: https://bankingjournal.aba.com/2025/05/trump-nominates-mckernan-for-treasury-department-role/.
4 90 Fed. Reg. 20,084 (May 12, 2025) (FR Doc. 2025-08286), available at https://public-inspection.federalregister.gov/2025-08286.pdf (May Announcement).
5 Id.
6 Id.
7 Id.
8 CFPB Announcement Regarding Enforcement Actions Related to Buy Now, Pay Later Loans, CFPB (May 6, 2025), available at https://www.consumerfinance.gov/about-us/newsroom/cfpb-announcement-regarding-enforcement-actions-related-to-buy-now-pay-later-loans/.
9 See, for example, the Truth in Lending Act’s private right of action set forth at 15 U.S.C. § 1640.
Tenth Circuit Affirms Dismissal of Trade Secret Claims for Lack of Particularity and Secrecy
On April 22, 2025, the Tenth Circuit affirmed summary judgment in favor of a sales manager and his new employer on claims under the Defend Trade Secrets Act (“DTSA”), the Oklahoma Uniform Trade Secrets Act (“OUTSA”), and common law claims for misappropriation of confidential business information and civil conspiracy, which were brought by his former employer, Double Eagle Alloys, Inc. (“Plaintiff”). Double Eagle Alloys, Inc. v. Hooper, 24-5089 (10th Cir. Apr 22, 2025).
Plaintiff alleged that the former employee misappropriated files containing pump shaft quality (“PSQ”) specifications (internal standards for specialty metal products), along with pricing data and customer drawings. The district court granted summary judgment in favor of Defendants, dismissing Plaintiff’s DTSA and OUTSA claims for failing to identify the alleged trade secrets with sufficient particularity and for not differentiating protected trade secrets from unprotected information. The court also dismissed Plaintiff’s common law misappropriation claim due to insufficient evidence of secrecy and consequently dismissed the civil conspiracy claim for lack of an underlying tort.
On appeal, the Tenth Circuit agreed with the district court, finding there was insufficient evidence that the allegedly stolen information qualified as a trade secret under the DTSA. The Tenth Circuit held that Plaintiff had failed to establish these elements, noting that much of the information had been publicly disclosed or shared with third parties, and that Plaintiff had not demonstrated what efforts it took to maintain the secrecy of the information.
The Tenth Circuit rejected the OUTSA claim for the same reason. Plaintiff grouped the allegedly misappropriated files into broad categories—namely, PSQ, pricing information, and customer drawings—but offered little detail to distinguish what, if anything, qualified for protection. Some documents were sourced from customers, some were shared online, and others reflected information available from competitors. According to the court, Plaintiff relied on affidavits containing conclusory statements asserting confidentiality, but provided no evidence identifying specific trade secrets or explaining how the information was secured or economically valuable.
This ruling illustrates how courts approach trade secret claims built on broadly described information and minimal factual support.
Europe: Ireland Agrees Mutual Recognition of Funds Framework With Hong Kong
The Central Bank of Ireland (CBI) and the Securities and Futures Commission of Hong Kong (SFC) entered into a Memorandum of Understanding on 14 May 2025 establishing a framework for the mutual recognition of funds (MRF) between the two jurisdictions.
SFC developed the MRF programme to streamline the distribution of partner country funds to the public in Hong Kong and of Hong Kong funds in partner countries. Ireland is the sixth European partner country to participate in the framework following Switzerland, France, the UK, Luxembourg and the Netherlands. As part of the programme, the SFC has launched a new Fund Authorisation Simple Track scheme, known as FASTrack, which allows for authorisation in Hong Kong of MRF eligible funds within 15 business days.
As part of its agreement with the CBI, the SFC has announced that the following Irish UCITS funds will meet its MRF eligibility requirements:
(a) General equity funds, bond funds, mixed funds and funds that invest in other schemes;(b) Feeder funds where the underlying funds fall within (a), (c), (d) or (e).(c) Unlisted index funds;(d) Passively managed index tracking ETFs; and(e) Listed active ETFs.
In addition, the UCITS must have a CBI authorised management company meeting certain capital requirements, appoint a Hong Kong based representative and comply with applicable Irish domestic laws and regulations relating to the sale, distribution and ongoing compliance of funds.
The inclusion of ETFs is notable and will amplify focus on accessing the ETF Connect programme between Hong Kong and Mainland China and further discussions as to whether there may be a future entry point for Irish ETFs.
Overall, this is a very welcome development for Irish UCITS funds and should increase Hong Kong’s attractiveness as a target country for distribution.
Global Trade in 2025: Outbound Investment Restrictions
Motivated by a rapidly evolving geopolitical climate, governments around the globe have increasingly scrutinized and intervened in transactions under foreign direct investment (FDI) screening regimes in recent years. Rising protectionism, concerns over cybersecurity threats, Covid-19 and the desire to protect critical domestic industries have driven the expansion of FDI regimes beyond purely national security or defense specific industries.
More than 100 jurisdictions now apply FDI screening in some form. The notification triggers and review processes vary significantly between these regimes, and their proliferation has significantly increased complexity for investors planning cross-border investments.
The New Frontier: Outbound Investment Screening
Having spent the last few years building and/or refining inward investment screening, governments are now turning to outbound investment screening, amidst concerns about economic dependence and technology leakage. Governments are increasingly concerned about offshoring of critical capabilities, which can facilitate the development of sensitive technologies in potentially hostile states and lead to over reliance on third countries, creating economic dependencies that can be exploited for geopolitical purposes.
The People’s Republic of China (PRC), Japan, South Korea and Taiwan already have outbound investment screening for domestic entities, primarily in sectors considered critical to national security and technological competitiveness. The US and Europe are now catching up, with US screening for outbound investments into certain sectors in “Countries of Concern” applicable from January 2025, and the EU launching an outbound investment monitoring exercise in similar categories of critical technology. While the EU and UK have not implemented formal outbound investment screening, each has signaled its concerns.
US: Outbound Investment Program (Executive Order 14105)
Regulatory expansions to maintain US technological leadership have included rules to monitor and restrict outbound investment – so-called “reverse CFIUS.” On August 9, 2023, President Biden issued Executive Order 14105 – “Addressing United States Investments in Certain National Security Technologies and Products in Countries of Concern.” On October 28, 2024, the US Department of the Treasury issued final regulations implementing Executive Order 14105, which address investments by US persons in certain identified technologies in “Countries of Concern”, including PRC and the Special Administrative Regions of Hong Kong and Macau.
The regulations, which became effective January 2, 2025, prohibit certain transactions by US persons implicating highly strategic technologies, and create a post-closing notification requirement for certain other transactions. Under the regulations, the obligations on US persons will apply if such person has actual or constructive knowledge of relevant facts or circumstances relating to a transaction. A US person has such knowledge under the regulations if it possesses actual knowledge that a fact or circumstance exists or is substantially certain to occur; an awareness of a high probability of the existence or future occurrence of a fact or circumstance, or could have possessed such awareness through a reasonable and diligent inquiry.
The categories of covered transactions include the acquisition of an equity interest or a contingent equity interest, certain debt financing that grants certain rights to the lender, the conversion of a contingent equity interest, certain “greenfield” investments (building a new facility) or other corporate expansions, the entry into a joint venture, and certain investments as a limited partner or equivalent (LP) in a non-US person pooled investment fund. Excepted transactions include investments in publicly traded securities, certain LP investments with a threshold of $2,000,000, derivatives, buyouts of country of concern ownership, intracompany transactions, certain pre-final rule binding commitments, certain syndicated debt financings, and equity-based compensation.
The regulations apply to the conduct of US persons only and defines a US person as “any United States citizen, lawful permanent resident, entity organized under the laws of the United States or any jurisdiction within the United States, including any foreign branch of any such entity, or any person in the United States.” Under the America First Investment Policy issued in February 2025, the US administration is considering new or expanded restrictions on US outbound investment in the PRC in sectors such as semiconductors, artificial intelligence, quantum, biotechnology, hypersonics, aerospace, advanced manufacturing, directed energy, and other areas implicated by the PRC’s national Military-Civil Fusion strategy.
EU: Market Monitoring to Inform Future Policy on Outbound Investment Screening
On January 15, 2025, the European Commission published a Recommendation on reviewing outbound investments in technology areas critical for the economic security of the Union. The Recommendation asks EU Member States to review investments made between January 2021 and June 2026 by EU-based investors into third countries in three critical technologies for economic security: semiconductors, artificial intelligence and quantum technologies.
The EU Recommendation applies to acquisitions, mergers, “greenfield” investments, joint ventures, venture capital investments and the transfer of certain tangible and intangible assets, including IP or know-how. Non-controlling investments limited to seeking a return on invested capital are excluded. Member States are requested to gather information through mandatory or voluntary notification processes, and to perform a risk assessment of covered transactions with the European Commission.
The EU Recommendation covers the same three technologies as the US outbound regulations, although some of the definitions are narrower. The US outbound regulations also apply to non-controlling investments, although in other respects the EU Recommendation is wider because it covers all third countries as well as IP licensing.
This will be a significant information gathering exercise for transaction parties, Member States and the European Commission, with Member State progress reports due in July 2025 and final reports in July 2026. The review will inform a decision on whether further action is needed to regulate outbound investment at EU and/or national level.
In the meantime, Member States are continuing to expand FDI screening regimes for inward investment, with Ireland’s the latest to come into force in January, and Greece publishing its proposed screening framework in April. On May 8, 2025, the European Parliament endorsed revised rules for screening foreign investments into and within the EU. Under the proposed new rules, certain sectors such as critical raw materials and transport infrastructure will be subject to mandatory FDI screening by Member States. National procedures will be harmonized, and the Commission will have the power to intervene. Member States are now negotiating the text of the legislation, currently aiming to reach agreement in June.
UK: Position on Outbound Investment
In May 2024, the UK government published updated guidance on the National Security and Investment Act (NSIA), emphasizing that it can apply to “outward direct investment” from the UK. The NSIA may apply to the acquisition of an entity or asset outside the UK if the entity carries on activities in the UK or supplies goods or services to the UK, or the asset is used for these purposes.
This is not a change. It has been the position since the NSIA came into force in January 2022. However, it is noteworthy that the UK government chose to underline these powers and provide examples of when the NSIA would apply to acquisitions of a non-UK entity or asset.
The UK government has indicated that it is considering more substantive rules on outward investment screening, to complement the existing tools of export controls and inbound investment screening.
Strategies For Asset Managers to Mitigate Risks to Deal Certainty, Timelines and Costs
Conduct outbound investment reviews early in the deal process to assess exposure to “countries of concern” (e.g., China, Hong Kong, Macau).
Screen for sector sensitivity — artificial intelligence, quantum technology and semiconductors.
Include side-letter language addressing outbound investment screening compliance.
Diligence efforts should conform to the knowledge standard in the US outbound regulations and include:
inquiries to the relevant counterparty (e.g. the prospective portfolio company, fund manager or seller).
contractual representations or warranties that the target portfolio company does not engage in the in-scope technologies; or that the target fund is not a covered foreign person.
consideration of relevant public and non-public information, including the use of available public and commercial databases to verify information provided by the counterparty.
Monitor the evolving regulatory landscape and be prepared to adjust investment strategies and structures accordingly. Understanding the underlying policy drivers will enable investors to navigate regimes more effectively and reduce execution risk.
And finally…reconsider your government relations strategy: governments are trying to strike a balance between protecting national interests and encouraging investment, so they are continually seeking feedback and there are many opportunities to shape the policy debate.
Todd J. Ohlms, Robert Pommer, Seetha Ramachandran, Nathan Schuur, Jonathan M. Weiss, Mary Wilks, William D. Dalsen, Adam L. Deming, Adam Farbiarz, and Hena M. Vora contributed to this article
Health Care Fraud and Abuse 2024 Year in Review
Polsinelli proudly presents the Health Care Fraud and Abuse 2024 Year in Review, offering a comprehensive analysis of False Claims Act (FCA) enforcement and broader fraud and abuse developments over the past year.
Read the Full E-Book Here
Sabrina Marquez, Nicole K. Nielly, and Evan M. Schrode contributed to this article
Walking the Talk, Ofcom’s Online Safety Act Enforcement
Back in March 2025, we published an article highlighting that Ofcom will be turning up the heat to ramp up pressure on platforms in relation to their duties to the UK’s Online Safety Act (OSA). There has been a flurry of activity from Ofcom on OSA compliance and it appears that the heat has indeed been turned up.
The First Wave
On 9 May 2025, Ofcom published that it has opened investigation into two services regulated under Part 5 of the OSA, namely Itai Tech Ltd and Score Internet Group LLC. This investigation was initiated as part of Ofcom’s January 2025 Enforcement Programme into age assurance. It appears that some services failed to respond to Ofcom’s request in January 2025 and do not appear to have taken steps to implement measures in line with their duties under the OSA. The duty being Part 5 service providers under the OSA must have highly effective age assurance in place from January 2025.
Less than a week later, on 12 May 2025, Ofcom further published that it is launching additional investigations into Kick Online Entertainment S.A for failing to keep a suitable and sufficient illegal content risk assessment and for failing to respond to a statutory information request.
As outlined in our March 2025 article, platforms were expected to have completed their illegal harms risk assessment by 16 March 2025 and their children’s access assessment by 16 April 2025. The investigation into Kick Online Entertainment S.A is a clear indication that Ofcom will have a direct and serious approach in relation to its OSA enforcement.
It’s Not Over
Ofcom has additionally written to a number of services under Part 3 of the OSA (i.e. user-to-user services and search services) noting the deadline for mandatory age assurance on services that allows pornography or adult content and reminding platforms of their duties under the OSA.
This shows that the initial round of enforcement programmes and investigations are just the beginning for Ofcom and further requests are likely to come, especially as the protection of children requirements come into force, details of which are outlined in our previous article available here.
Ofcom has further opened an enforcement programme into child sexual abuse imagery on file-sharing services so it would be expected that a number of platforms are already in the process of communicating with Ofcom in relation to comply with their OSA duties.
What to do when Ofcom (or anyone else) is knocking at your door
It is clear that Ofcom will not be ignored, if Ofcom writes to you, it is important you respond within the given timeframe. A failure to respond to requests has triggered three published investigations, platforms should be careful and take Ofcom seriously when they write to you, otherwise you may risk being named publicly by Ofcom.
Engagement with Ofcom shows that a platform is taking Ofcom seriously and fosters a cooperative culture. Ofcom has suggested in recent communications that it is willing to work with platforms so as to achieve the wider goal of improving online safety.
Whilst Ofcom is likely to take a pragmatic approach with enforcement, the duties under the OSA and its deadlines are very clear. Ofcom’s approach towards enforcement of this demonstrates a direct and serious approach that platforms should not take lightly. Otherwise, platforms are at risk of paying fines of up to £18m or 10% of global turnover, whichever is higher.
This should also apply to other regulators, such as the Information Commissioner’s Office (ICO), the UK’s regulator for personal data. The ICO have written to a large number of sites seeking a response on cookie banner compliance. Platforms should not ignore these communications or risk similar penalties to the OSA.
Larry Wong also contributed to this article.
China’s National People’s Congress Passes Promoting the Private Economy With IP Provisions
China’s National People’s Congress recently passed the Law of the People’s Republic of China on Promoting the Private Economy (中华人民共和国民营经济促进法) with several intellectual property provisions. The Law goes into effect on May 20, 2025 and aims to “help create a stable, fair, transparent and predictable environment for the development of the private economy,” e.g., to restrict government overreach that hurts private companies such as the 2021 crackdown on the private tutoring industry.
A translation of the relevant IP provisions follow. The full text is available here (Chinese only).
Article 21 Banking financial institutions and others shall, in accordance with laws and regulations, accept guarantee methods that meet the requirements of loan business, and provide loans secured by accounts receivable, warehouse receipts, equity, intellectual property rights, and other rights pledges to private economic organizations.
People’s governments at all levels and their relevant departments shall provide support and convenience for the registration, valuation, trading circulation, and information sharing of movable property and rights pledges.
Article 30 The State shall ensure that private economic organizations participate in standard-setting work in accordance with the law, and strengthen information disclosure and social supervision in standard-setting.
The State shall provide private economic organizations with services and convenience in terms of scientific research infrastructure, technology verification, standards and norms, quality certification, inspection and testing, intellectual property rights, demonstration applications, and other aspects.
Article 33 The State shall strengthen the protection of original innovations by private economic organizations and their operators. The protection of intellectual property rights for innovation achievements shall be strengthened, a punitive damages system for intellectual property infringement shall be implemented, and illegal acts such as infringement of trademark rights, patent rights, copyrights, trade secrets, and counterfeit confusion shall be investigated and dealt with in accordance with the law.
Regional and departmental collaboration for intellectual property protection shall be strengthened to provide private economic organizations with rapid collaborative protection of intellectual property rights, diverse dispute resolution, rights protection assistance, guidance on responding to overseas intellectual property disputes, and risk early warning services.
Article 36 Private economic organizations shall, in their production and business activities, comply with laws and regulations concerning labor employment, work safety, occupational health, social security, ecological environment, quality standards, intellectual property rights, network and data security, fiscal and taxation, finance, and other aspects; they shall not seek illegitimate interests through bribery, fraud, or other means, nor shall they disrupt market and financial order, damage the ecological environment, harm the legitimate rights and interests of workers, or compromise social public interests.
State organs shall supervise and manage the production and business activities of private economic organizations in accordance with the law.
The BR International Trade Report: May 2025
Recent Developments
Various trade deals in the air.
U.S.-China trade deal: Washington and Beijing take steps to ease trade war. On May 12, the United States and China announced a deal to deescalate the trade tensions between the two countries. The centerpiece of the deal is a 90-day pause to the 100+ percent tariffs each country had imposed on the other. As of May 14, the United States lowered its general tariff on Chinese goods to 30 percent, while China lowered its tariffs on American goods to 10 percent. During the 90-day pause, the countries will endeavor to negotiate a more lasting resolution to ongoing trade tensions.
Trump administration announces UK trade deal. On May 8, President Trump announced his administration’s first major trade deal since his “Liberation Day” unveiling of broad reciprocal tariffs on April 2. Leaders in Washington and London agreed to terms that would (i) establish a “new trading union” for aluminum and steel products, (ii) lower the tariff on UK-origin automobiles to 10 percent for the first 100,000 vehicles imported into the United States each year, and (iii) streamline customs procedures for products exported from the United States. Notably, under the terms of the deal, the United States’ 10 percent base reciprocal tariff on UK-origin goods remains in effect. Shortly after the agreement was announced, International Consolidated Airlines, the owner of British Airways, purchased $13 billion of Boeing planes.
White House announces trade deals with Saudi Arabia and Qatar. Over May 13-14, during President Trump’s visit to the Middle East, the White House announced a $600 billion investment commitment from Saudi Arabia and a $142 billion U.S.-Saudi arms deal, as well as “an economic exchange worth at least $1.2 trillion” with Qatar.
United States and Ukraine sign long-awaited critical minerals deal. On April 30, the United States and Ukraine signed a natural resources deal which establishes the U.S.-Ukraine Reconstruction Investment Fund (the “Investment Fund”). The Investment Fund grants the United States certain priority access to Ukrainian critical minerals, oil, and natural gas in exchange for military assistance. Unlike previous iterations of the deal, the April 30 agreement did not require Ukraine to reimburse the United States for past military aid. Treasury Secretary Scott Bessent emphasized that the deal embodies America’s efforts to encourage peace between Russia and Ukraine, stating “[t]his agreement signals clearly to Russia that the Trump Administration is committed to a peace process centered on a free, sovereign, and prosperous Ukraine over the long term.”
United Kingdom and India agree to trade deal. On May 6, after more than three years of negotiations, the United Kingdom and India announced a free trade deal, described by the UK government as “the biggest and most economically significant bilateral trade deal the UK has done since leaving the EU.” Meanwhile, the United States is seeking to enter into a significant trade agreement with India. In late April, Vice President JD Vance and Indian Prime Minister Narendra Modi met in India to “finalize[ ] the terms of reference for . . . trade negotiation[s].”
Semiconductor export controls. On May 13, Commerce announced a range of long-awaited actions regarding export controls (see our alert) applicable to advanced integrated circuits and computing items, including:
rescission of the Biden Administration’s “AI Diffusion Rule,” which was scheduled to significantly broaden preexisting controls over such items effective May 15;
informing the public that export licensing requirements may apply (a) to the export, re-export, and transfer of such items (such as to cloud providers) for use in training large AI models for persons in China and certain other restricted countries, where there is knowledge that such models are for use in WMD or military-intelligence applications, or (b) U.S. person “support” for such activity;
issuance of guidance regarding red flags that may present a risk of diversion of controlled items to prohibited end-users or end-uses; and
imposition of export licensing requirements applicable to most transactions worldwide involving certain Huawei “Ascend” chips, on the ground that such chips were produced in violation of U.S. export controls.
Section 232 investigations update.
Critical Minerals: On April 15, President Trump ordered the initiation of a Section 232 investigation into imports of processed critical minerals, which the U.S. Department of Commerce (“Commerce”) launched on April 22. Subsequently, he issued an April 24 executive order to spur the exploration and extraction of critical mineral deposits located on the seabed.
Trucks: On April 22, Commerce launched a Section 232 investigation into imports of certain medium- and heavy- duty trucks, their parts, and their derivatives. The probe aims to assess whether such imports compromise the country’s ability to meet domestic demand and pose risks to national security.
Aircraft, jet engines, and related parts: On May 1, Commerce Secretary Howard Lutnick initiated a national security investigation into imports of aircraft, jet engines, and related parts, which could lead to additional tariffs, among other measures. Among other factors, Commerce will investigate the concentration of U.S. imports of such items from a small number of suppliers, along with what Commerce described as “foreign government subsidies and predatory trade practices.”
President Trump orders rescission of Syria sanctions. During a speech in Saudi Arabia, the president announced his intent to remove all U.S. sanctions on Syria—in place for decades—explaining that his decision followed discussions with Saudi Crown Prince Mohammed bin Salman and Turkish President Recep Tayyip Erdoğan and aims to give Syria “a chance at greatness.” The next day, the president met with Syrian President Ahmad al-Sharaa, formerly associated with al-Qaeda, who led the rebel group that toppled the Assad regime in December 2024. This marked the first meeting between an American president and a Syrian leader since 2000.
U.S. Department of the Treasury (“Treasury”) announces intent to launch a “fast track” process for CFIUS review of foreign investments. Treasury’s May 8 announcement, issued under the auspices of President Trump’s February “America First Investment Policy” memorandum (see our prior alert), sets the stage for eventual implementation of streamlined review for preferred investors by the Committee on Foreign Investment in the United States (“CFIUS”). Treasury noted that it will design a pilot program featuring a “Known Investor Portal” through which CFIUS can collect information from foreign investors in advance of a CFIUS filing.
U.S. Trade Representative issues final rule on Chinese ships. On April 17, the Office of the United States Trade Representative (“USTR”) issued a final rule concerning the imposition of port fees on Chinese vessel operators, owners, and Chinese-built vessels. The rule seeks to implement steep tonnage-based port fees for both Chinese-built ships and Chinese-owned ships, with the intent of resurrecting the U.S. commercial shipbuilding industry. Following a 180-day implementation period, annually increasing tonnage-based fees will be levied at U.S. ports on Chinese-owned and operated ships, while Chinese-built ships face increasing fees based on net tonnage or containers. In addition, fees of $150 per car will be levied on all foreign-built car carriers, not just those with ties to China. After three years, incrementally increasing restrictions will be placed on the transportation of liquified natural gas (“LNG”) via foreign-built vessels. Check out our coverage of the final rule here.
Amidst U.S. trade tensions, incumbent governments retain power in Canadian and Australian elections.
Down in the polls by double digits only a few months ago, Canada’s Liberals surged in response to trade tensions with the United States and the resignation of longtime Prime Minister Justin Trudeau, who was replaced as party leader by Mark Carney. Conservative leader Pierre Poilievre, once considered the strongest contender to become prime minister, lost his parliamentary seat in the elections. The new government will look to reshape relations with the United States, which Prime Minister Carney initiated with a White House visit on May 6.
A similar story played out in Australia, where incumbent Labour Party Prime Minister Anthony Albanese fended off a challenge by Peter Dutton’s Liberal-National coalition. Similar to Canada, U.S. trade tensions loomed large in the election.
European Union announces retaliatory tariff plan against the United States. The retaliatory measures would target a list of almost 5,000 goods which total approximately $107 billion in European imports. Reports suggest that U.S.-origin aircraft and automobiles would be hit hardest by the tariff package.
UK Government takes control of last remaining “virgin steel” plant in country from Chinese company. Following the announcement by British Steel’s Chinese parent company, Jingye, that it would stop purchasing materials to keep the blast furnace running at the Scunthorpe plant, the UK government took action to prevent the closure of the plant. Although neither the plant nor British Steel have been nationalized for the time being, emergency legislation passed by the UK Parliament allows Business Secretary Jonathan Reynolds the ability to direct the British Steel board and staff, allowing for the purchase of necessary materials.
Departments Press Pause on Final Mental Health Parity Regulations
Yesterday, the Departments of Labor, Treasury, and Health and Human Services announced a non-enforcement policy with respect to final regulations issued under the Mental Health Parity and Addiction Equity Act of 2008 (“MHPAEA”) in September 2024. The Departments recently indicated that this policy was imminent when they requested that litigation challenging the final regulations be paused while they considered rescission or modification of the regulations.
The 2024 final regulations, which we blogged about here, included sweeping changes that would have impacted virtually all group health plans that cover mental health and substance use disorder (MH/SUD) benefits.
What the non-enforcement policy does and does not do
The non-enforcement policy states that the Departments will not enforce the final regulations issued in 2024. However, this applies only to the portions of the 2024 final regulations that were “new” in relation to the 2013 final regulations.
What remains in effect: Thus, plan sponsors should keep in mind that MHPAEA and the final regulations issued in 2013 (including subsequent sub-regulatory guidance, such as agency FAQs) remain in place and should continue to be relied upon for guidance. Additionally, the statutory obligation for a plan to maintain non-quantitative treatment limitation (NQTL) comparative analyses for MH/SUD benefits and provide them to the Departments upon request remains in effect. (This statutory obligation was added as part of the Consolidated Appropriations Act, 2021.)
What is paused: The significant changes in the 2024 final rule that were new compared to the 2013 final rule—including the fiduciary certification requirement, the “meaningful benefits” standard, and revised standards for evaluating NQTLs—are all paused for the time being while the Departments reconsider their mental health parity compliance and rulemaking approach.
It bears noting that the Departments stated not only that they intend to reconsider the final rule, but also that they are conducting a “broader reexamination of each department’s respective enforcement approach.” This, and other language in the non-enforcement policy, suggests that the Departments will be looking at whether changes are necessary to balance the important goals of MHPAEA and the burdens that the current enforcement has imposed on plan sponsors.
How long does the non-enforcement policy last?
The Departments will not enforce the 2024 final rule or pursue enforcement actions based on a failure to comply that occurs prior to the final decision in the litigation, plus an additional 18 months. Plan sponsors should monitor subsequent updates from the Departments to confirm compliance.
* * *
Takeaways for group health plan sponsors: Given the challenges plan sponsors have faced in connection with the implementation of the current regulatory and enforcement scheme, the non-enforcement policy is likely welcome news. However, plan sponsors should remain mindful that the 2013 final rule and MHPAEA statutory obligations are still in place and not impacted by the non-enforcement policy. For now, while plan sponsors can pause compliance efforts related to the 2024 final rule, plans may want to consider pressing ahead with any current compliance projects related to the 2013 final rules and statutory obligations related to NQTL comparative analyses.
The Biggest Misconceptions About Digital Estate Planning
The rise of digital platforms, online accounts, and cryptocurrency has reshaped the role of digital assets in modern estate planning. Digital assets, once an afterthought or a minor footnote in the planning process, now warrant their own conversation entirely. Most estate practitioners have likely become more aware of the need to plan for digital assets.
However, many clients still harbor misconceptions about these assets, which can muddle the planning process, leaving their digital legacies unprotected and their heirs unprepared — and as you know nearly all your clients have digital assets.
Here’s a look at six of the biggest misconceptions your clients may have about the digital side of estate planning, and why addressing them is crucial.
1. “My Will Covers My Digital Assets.”
Many clients believe that simply adding a generic clause about “digital assets” to their will is enough. While this is a good start, a clause alone is inadequate for comprehensive planning. Not to mention, wills are public documents, including sensitive digital information in a will such as account logins, private keys, or other sensitive information can create serious security risks.
Notably, without the proper digital asset authorization language included in a will (and other estate planning documents such as Powers of Attorney and Trust Agreements), fiduciaries acting under these documents, including agents, executors, and trustees, may lack legal access to important accounts and information. In addition, clauses in estate planning documents that permit fiduciary access, also must specifically authorize disclosure of the contents of electronic communications (such as email messages), which are subject to heightened privacy standards. Of course, even if estate planning documents provide fiduciaries with the requisite legal access, this does not equate to actual access without preplanning measures.
Proper planning also requires complementary tools, such as digital asset schedules and inventories, secure password vaults, and language that complies with the Revised Uniform Fiduciary Access to Digital Assets Act (RUFADAA), a version of which has been passed in the majority of U.S. states.
2. “Digital Assets Will Automatically Be Handled by the Service Providers After I Die.”
Many clients assume that their digital accounts will simply be managed or closed by service providers after they pass away. However, that assumption is likewise wrong. Most online services, including social media platforms and email providers, do not automatically transfer control of accounts to heirs or legal representatives.
While some providers offer account “legacy” services or offer online tools such as Facebook’s Legacy Contact feature—which allows someone to manage a deceased person’s account—many do not. As mentioned above, access to online accounts and certain digital assets by a fiduciary is governed under RUFADAA. Most clients are not aware of RUFADAA or the need to have specific legal instructions and directives in estate planning documents to access digital assets and accounts, if a service provider doesn’t have an online tool. Otherwise, heirs and legal representatives may be completely locked out or require a court order for access. This can lead to legal disputes, delays, and frustration for families already grieving a loss.
3. “I Can Just Give My Passwords to My Spouse or Kids.”
Some clients think a handwritten list of passwords (or even a shared note on their phone) is a sufficient means of transfer. This approach is problematic for many reasons:
Information is easily outdated (passwords change frequently).
How information is stored can create security risks (especially if lost, stolen, or seen by the wrong person, or not transmitted and stored with encryption).
Sharing passwords and login information violates many laws and terms of service agreements.
Estate planners need to guide clients toward secure and legal methods for granting access to their digital accounts and devices — such as using encrypted password managers, for starters. Clients who own cryptocurrency, NFTs and other more sophisticated or sensitive digital information or IP, need to use even more advanced methods to secure these types of digital interests, such as cold storage vaults, which are a form of digital storage not connected to the internet.
4. “Digital Assets Are Not Subject to Probate.”
Some clients incorrectly assume digital assets automatically bypass the probate process the same way some jointly owned assets or payable-on-death accounts do. But unless those digital assets are titled in a trust or handled via an online tool, which is similar to a beneficiary designation on an insurance policy or retirement account, they often do go through probate — and the process for gaining proper access can be expensive and time-consuming. Moreover, if the requisite legal authorizations were not included in estate planning documents, the information that eventually becomes accessible is more limited and does not include the content of electronic communications.
For digital assets, and for a growing number of traditional assets, it is more common for no paper trail to exist due to the rise in online statements and management. And it is becoming harder to even identify what assets exist unless the client has proactively documented them. Finding utility and subscription information, for instance, can be a daunting process that can cause unnecessary delays if preplanning measures are not in place. As digital assets become more ubiquitous, it’s crucial to ensure that even the most basic online accounts are considered as part of an overall estate plan.
5. “My Digital Assets Are Too Small To Worry About.”
It is common for clients to dismiss the importance of digital assets with the belief that their digital accounts and footprint hold no value after they’re gone. The reality is, even non-monetary digital assets can create significant challenges for heirs and legal representatives at death.
Your clients’ digital legacy can hold sentimental value that their heirs may want to preserve — photos, emails, and social media profiles all contribute to a person’s digital story. Ensuring these assets are properly managed is just as important as safeguarding tangible personal relics.
Some of your clients may ask, “What’s the big deal if I forget to close my Instagram account? There’s nothing in it.” But this is a dangerous misconception. While an online account may not have inherent monetary or sentimental value, it can become an entry point for cyberattacks and identity theft and present significant issues and additional time and expenses for heirs and legal representatives.
In the last few years, identity theft of the deceased has been on the rise, resulting in protracted estate administrations and thousands of dollars in additional fees.
Non-financial digital assets can have hidden costs, and the failure to plan for them can lead to administrative headaches and financial burdens for loved ones that can easily be avoided through preplanning measures.
6. “Digital Estate Planning Is Just for Crypto Investors.”
I hear this one all the time. People think “digital assets” and “crypto” are interchangeable. Therefore, digital asset planning must only be relevant to those with significant cryptocurrency holdings or at least a deep understanding of technology. Estate planning professionals should be addressing digital assets for all clients—not just those who are involved in the tech or cryptocurrency spaces. After all, the average person today has around 168 online accounts, including email, social media, online banking, and cloud storage. That list grows daily, for both tech wizzes and luddites alike.
Remember: even if a client dies with no crypto and a negative net worth, their families can still inherit a complex digital scavenger hunt. That’s why virtually everyone needs digital estate planning.
The Bottom Line
If you’re not discussing digital estate planning with your clients in 2025, you’re leaving them — and your practice, potentially — exposed. Digital assets are an integral part of every estate, and planning for them is the only way to ensure a seamless transition of assets, minimize loss, and decrease the likelihood of cybercrimes.
By integrating digital estate planning into your practice, you can provide your clients with the peace of mind in knowing their digital assets are properly protected and will be managed according to their wishes.
This is too important to put off. Don’t let your clients fall victim to these and other common misconceptions — help them plan for their digital future today.
April 2025 ESG Policy Update—Australia
Australian Update
ASIC Publishes Regulatory Guidance for New Sustainability Reporting Requirements
On 31 March 2025, the Australian Securities and Investments Commission (ASIC) published its Regulatory Guide 280 Sustainability Reporting (RG280) following the introduction of Australia’s first climate-related financial disclosure regime and comprehensive public consultation with various stakeholders.
The new disclosure regime requires the preparation of a sustainability report containing climate-related financial information under Chapter 2M of the Corporations Act 2001 (Cth) (Corporations Act). RG280 provides practical guidance for companies, registered schemes, registrable superannuation entities, and retail corporate collective investment vehicles who are required to prepare these new sustainability reports.
RG280 includes guidance in relation to:
Determining who must prepare a sustainability report under the Corporations Act;
The content required in a sustainability report;
Disclosing sustainability-related financial information outside the sustainability report (e.g. product disclosure statements); and
ASIC’s administration of the sustainability reporting requirements.
In addition, ASIC has also been given additional powers to grant sustainability reporting and audit relief, and to issue directions to reporting entities where it considers a statement in a sustainability report is incorrect, incomplete or misleading.
ASIC Commissioner Kate O’Rourke has said “the publication of RG280 is a critical piece that supports the implementation of these sustainability reporting requirements passed by the Australian Parliament. We will continue to expand our broader suite of publications related to sustainability reporting over time as market practices evolve”.
S&P Platts to Launch Daily Benchmark for Australian Safeguard Mechanism Credits
S&P Platts is set to launch a daily market assessment for Australian Safeguard Mechanism Credits (SMCs) on 5 May 2025.
The Safeguard Mechanism reforms commenced on 1 July 2023 under the Safeguard Mechanism (Crediting) Amendment Act 2023 (Cth), allowing the Clean Energy Regulator (CER) to issue SMCs from January 2025 to certain designated large facilities (Safeguard Facilities) whose net emissions are below their legislated baseline targets. The regime has been designed to incentivise Safeguard Facilities to reduce their emissions beyond these baseline targets.
Safeguard Facilities that earn SMCs can sell them to other Safeguard Facilities, surrender them to stay within their baseline or retain them for future use until 2030. One SMC represents one tonne of carbon dioxide-equivalent emissions below a facility’s baseline. For more information on SMCs and Australia’s carbon credit regulatory framework, see our previous alert here.
S&P Platts’ new benchmark will reflect SMCs in the spot market following issuances from the CER. Its introduction is intended to improve price transparency and boost the confidence of carbon market participants in trading, compliance and investment decision-making. The launch comes as a welcome step in the evolution of Australia’s emissions reduction framework, allowing participants in the carbon credit market to better navigate compliance and employ investment strategies towards the country’s net-zero targets.
ASFI Launches Sustainable Finance Action Plan for 2025-2027
The Australian Sustainable Finance Institute (ASFI) has launched its Sustainable Finance Action Plan for 2025-2027 (Action Plan), aiming to align Australia’s financial system with sustainable and inclusive growth. The plan builds on the Australian Sustainable Finance Roadmap, which was introduced in 2020 to provide recommendations for improving Australia’s financial system to support sustainable development.
ASFI’s members, comprising 41 leading financial institutions with over AU$37 trillion in assets, are committed to integrating sustainability into their practices. The Action Plan emphasises embedding sustainability into leadership, integrating sustainability into practice, enabling resilience and building sustainable finance markets including by financing emissions reductions, increasing capital flows for climate adaptation, expanding financial innovation and promoting international collaboration to support sustainable finance objectives.
Some examples of the priorities that ASFI recommend include:
The expansion of Australia’s mandatory climate disclosure regime;
A clearer articulation of the requirements for sustainable financial product labelling;
Changes to competition law to provide a more permissive scheme for sustainability collaborations and to streamline exemption processes for sustainability activities; and
The explicit inclusion of sustainability-related considerations within directors’ duties under the Corporations Act to act with reasonable care, skill and diligence, and in good faith in the best interests of the company.
State of Net Zero Investment 2025 Report Highlights Australian Commitment to Climate Progress
On 2 April 2025, the State of Net Zero Investment 2025 Report (Report) was published by the Investor Group on Climate Change (IGCC). The Report revealed a strong commitment from Australian institutional investors towards climate progress, despite some current global anti-ESG sentiment. This comprehensive Report, covering data from 65 major superannuation and retail funds, represents AU$4.2 trillion in assets managed for 15 million Australian beneficiaries.
The Report highlights advancements in five of six key climate indicators, though notes there has been a decline in the number of investors with climate action plans, likely due to new minimum regulatory standards for transition plans. Interest in climate solutions, particularly renewable energy and green infrastructure, is on the rise. However, challenges such as policy uncertainty and a lack of suitable investment opportunities have emerged, reversing previous positive trends.
The CEO of IGCC emphasised the fiduciary duty of investors to protect financial interests by setting emissions targets and exploring climate solutions. Despite a mixed short-term outlook, increased policy certainty could enhance investor confidence in Australian growth industries.
The Report underscores the critical role of investors in transitioning to a low-carbon economy. The survey data, collected in late 2024, reflects ongoing industry discussions and trends expected to continue into the new year.
VIEW FROM ABROAD
Net Zero Banking Alliance Eases Climate Commitment Target
On 15 April 2025, the Net Zero Banking Alliance (NZBA), a coalition of over 120 global banks, announced a shift in its climate commitment from the 1.5°C target to a broader “well-below 2°C” goal, in alignment with the Paris Agreement. This decision reflects the challenges banks face in coordinating efforts and the slow progress in decarbonising key sectors like housing and aviation.
The NZBA’s adjustment is influenced by the slower-than-expected advancements in technology and policymaking. The NZBA Chair highlighted that the expectations from 2021 have not aligned with current realities. Economic and political headwinds, particularly from markets like the United States and United Kingdom, have also contributed to this shift, with major banks delaying or scaling back net zero targets.
Critics argue that this pivot undermines the credibility of voluntary climate commitments, especially since only 30% of major emitters have 1.5°C-aligned transition plans. Despite the controversy, NZBA leadership emphasises a shift from “target-setting to implementation”, offering practical tools and exploring alternate methods like carbon markets and avoided emissions accounting.
This decision marks a significant moment in the credibility and durability of private sector climate leadership, with potential implications for green finance and the pace of decarbonisation efforts.
EU Commission Eases Corporate Obligations Under New Deforestation Law
On 16 April 2025, the European Commission introduced revisions to the EU Deforestation Regulation (EUDR) to simplify compliance while maintaining environmental goals. The EUDR prohibits products linked to deforestation from entering the EU market, requiring companies to conduct due diligence on commodities such as palm oil, beef, timber, coffee, cocoa, rubber and soy, including derived goods like leather and chocolate. Companies must trace products to their origin and ensure no deforestation occurred post-2020.
The regulation, effective since June 2023, initially required large companies to comply by the end of 2024 and small businesses by June 2025.
In response to readiness concerns, the European Union delayed the compliance deadline by one year in October 2024, aligning with the EU’s Competitiveness Compass strategy to enhance productivity and reduce red tape. Key revisions include allowing annual submission of due diligence statements, reusing existing documentation and group-level reporting. These changes aim to reduce administrative costs by 30% and ease the compliance burden on companies.
The Commissioner for Environment emphasised the commitment to reducing administrative burdens while achieving the regulation’s goals of reducing global deforestation. The revisions reflect a collaborative approach with stakeholders to ensure effective implementation.
Nathan Bodlovich, Cathy Ma, Daniel Nastasi, Bernard Sia, Natalia Tan, Aibelle Espino, and Isaac Gilmore contributed to this article