UK ICO Launches Review of Children’s Privacy in Mobile Gaming
On December 1, 2025, the UK Information Commissioner’s Office (“ICO”) announced a new initiative to scrutinize privacy protections in mobile games frequently played by children in the UK. As digital gaming continues to grow in popularity among children, the review by the ICO signals renewed regulatory attention as to how mobile gaming platforms safeguard personal data of young users.
The ICO will conduct a monitoring program focusing on 10 mobile games widely used by children. The assessment will center on three critical areas:
Default Privacy Settings: Evaluating whether games are configured to protect children’s privacy from the outset.
Geolocation Controls: Scrutinizing how games handle location data and whether children’s whereabouts are adequately protected.
Targeted Advertising: Reviewing practices around serving targeted ads to children.
In addition to these core areas, the ICO’s review will consider any other privacy risks that emerge during the process.
This latest focus follows the ICO’s Children’s code strategy, which has previously led to significant improvements in children’s privacy standards on social media and video-sharing platforms.
Read the UK ICO press release here.
Connecticut, California and New York Reach Landmark Settlement for Student Data Breach
On November 6, 2025, Connecticut Attorney General William Tong, along with California Attorney General Rob Bonta and New York Attorney General Letitia James, announced a significant settlement stemming from the enforcement of Connecticut’s Student Data Privacy Law. This case marked the first enforcement action since the law’s enactment and involved Illuminate Education, Inc. (“Illuminate”), an educational technology provider whose 2022 data breach exposed sensitive information belonging to millions of students.
In December 2021, hackers gained access to Illuminate’s systems using credentials from a former employee. The hackers downloaded unencrypted database files containing sensitive information such as student names, birth dates, IDs, and demographic details. The number of students affected in each state was as follows:
Connecticut: 28,610 students
New York: 1.7 million students
California: 3 million students
Illuminate will pay a total of $5.1 million in penalties, distributed as follows:
$150,000 to Connecticut
$1.7 million to New York
$3.25 million to California
In addition to the monetary penalties above, the settlement requires Illuminate to implement comprehensive security measures, including:
employing specific safeguards, including maintaining data inventories, minimizing data and setting retention limits;
implementing proper access controls and authentication procedures;
conducting data security risk assessments and penetration testing;
monitoring vendors; and
providing a right to data deletion
What to Watch: Continued DTC Advertising Enforcement
Just before Thanksgiving, the Food and Drug Administration’s (“FDA’s”) Office of Prescription Drug Promotion (“OPDP”) silently published three untitled letters, furthering this administration’s promise to crack down on direct-to-consumer (“DTC”) prescription drug advertising.[1] The letters (which we’ll call “Letter 1,” “Letter 2,” and “Letter 3”) addressed familiar enforcement themes, such as omission or minimization of risk information, ad presentation and form, and promotion consistent with FDA-required labeling (“CFL”). The letters appeared to have been leftovers from the shutdown, dated from earlier in September when the crackdown was in full swing. This is why we refresh these pages daily.
Letter 1OPDP found a television ad for an oral cardiovascular medication misleading and, therefore, misbranded under the Food, Drug, and Cosmetics Act (“FDCA”), because it overstated the drug’s approved indication. Specifically, the ad represented that the drug was approved on the single endpoint of “reducing the risk of cardiovascular death” in adults with chronic kidney disease (“CDK”) or heart failure (“HF”); however, the drug’s FDA-approved Prescribing Information indicates that approval was based on more granular composite endpoints, including reduction of sustained estimated glomerular filtration rate decline, progression to end-stage kidney disease, cardiovascular or renal death in CDK patients, and reduction of cardiovascular death, hospital visits, or urgent visits in HF patients.
Letter 2OPDP found a webpage for a ketamine injection intended for surgical pain management misleading and, therefore, misbranded under the FDCA, because it promoted the benefits of the drug without communicating risk information and overstated the drug’s approved indication. Specifically, the webpage promoted the drug for pain management in all surgical and diagnostic procedures, but failed to communicate important use limitations from the drug’s FDA-approved Prescribing Information, including an exclusion for procedures requiring skeletal muscle relaxation and specifications that it be used before and/or as a supplement to other general anesthetic agents. OPDP found this especially concerning because this particular drug is a generic and the webpage misleadingly suggested that its intended use was broader than that of its reference listed drug. To wrap up its letter, OPDP also cited the company for failing to submit a copy of the webpage under a Form FDA-2253 prior to initial publication, as required by FDA regulations.
Letter 3OPDP found a television ad for an oral seizure medication misleading and, therefore, misbranded under the FDCA, because it promoted the benefits of the drug with minimized presentation of risk information. Specifically, the ad (i) excluded a warning concerning the risk of liver injury from the drug’s Prescribing Information; (ii) failed to disclose the risk of problems with the heart’s electrical system, as included in the drug’s FDA-approved labeling, despite the fact that the ad stated “[s]erious, life threatening allergic reactions or rash can occur, which may affect the liver, other organs, body parts, or blood cells, as can problems with the heart.” Additionally, certain material information from the drug’s major statement (i.e. the presentation of major risks required for all pharmaceutical television ads) was included in SUPERS but not in the corresponding audio, even though benefits were presented via SUPERS and audio.
FOOTNOTES
[1] See our post on OPDP’s previous enforcement under this administration.
TCPA AVALANCHE- TCPA Class Action Numbers Continue to Spike
It makes me chuckle when other sources suggest TCPA filings were “down” in October.
Yes, there were fewer filings in October than in September, but what is being missed is there were 45% MORE filings in October, 2024 than October, 2025– and that’s what matters when comparing trends.
What is also being missed– the 171 TCPA class actions filed in October, 2025 is 48% increase over the 115 TCPA class action filings in October, 2024.
Overall there have been 1,807 TCPA class actions filed in 2025 compared to 915 in 2024-meaning filings are up 97% year over year.
Here’s the breakdown:
2025
October, 2025: 235 TCPA, 171 Class Action (72.8%)
September, 2025: 287 TCPA, 224 Class Action (78.0%)
August, 2025: 232 TCPA, 162 Class Action (69.8%)
July, 2025: 273 TCPA, 198 Class Action (72.5%)
June, 2025: 257 TCPA, 202 Class Action (78.6%)
May, 2025: 199 TCPA, 159 Class Action (79.9%)
April, 2025: 235 TCPA, 184 Class Action (78.3%)
March, 2025: 242 TCPA, 187 Class Action (77.3%)
February, 2025: 196 TCPA, 148 Class Action (75.5%)
January, 2025: 207 TCPA, 172 Class Action (83.1%)
2024
October, 2024: 161 TCPA, 115 Class Action (71.4%)
September, 2024: 137 TCPA, 79 Class Action (57.7%)
August, 2024: 156 TCPA, 103 Class Action
July, 2024: 129 TCPA, 79 Class Action (61.2%)
June, 2024: 151 TCPA, 99 Class Action (65.6%)
May, 2024: 163 TCPA, 109 Class Action (66.9%)
April, 2024: 135 TCPA, 92 Class Action (68.1%)
March, 2024: 139 TCPA, 84 Class Action (60.4%)
February, 2024: 136 TCPA, 91 Class Action (66.9%)
January, 2024: 200 TCPA, 64 Class Action (32.0%)
Just crazy numbers.
FinReg Monthly Update November 2025
Welcome to the FinReg Monthly Update, a regular bulletin highlighting the latest developments in UK, EU and U.S. financial services regulation.
Key developments in November 2025:
Asset Management / Wealth Management
17 November – Liquidity Management RTS: The European Commission has adopted Delegated Regulations containing regulatory technical standards (RTS) on liquidity management tools under the Alternative Investment Fund Managers Directive (2011/61/EU) (AIFMD) and the UCITS Directive (2009/65/EC).
17 November – Fund Valuation Standards: The International Organization of Securities Commissions (IOSCO) published a consultation report on updated recommendations on valuing collective investment schemes.
17 November – Depositary Supervision Review: ESMA published a report on the outcome of a peer review of the supervision of depositary obligations.
Sustainable Finance / ESG
20 November – SFDR 2.0 Legislative Proposal Launched: On 20 November 2025, the European Commission officially launched their legislative proposal for the updates to the Sustainable Finance Disclosure Regulation (“SFDR”). In a significant departure from the current SFDR disclosure regime, the European Commission proposes a categorisation regime for funds in its place. Please refer to our dedicated article on this topic here.
13 November – CSRD / CSDDD Simplification Mandate: On 13 November 2025, the European Parliament adopted its negotiating mandate on the European Commission’s Omnibus proposal to reduce the scope of the Corporate Sustainability Due Diligence Directive (EU) 2024/1760) and the Corporate Sustainability Reporting Directive ((EU) 2022/2464). Please refer to our dedicated article on this topic here.
13 November – NGFS Climate Scenario Guide: The Network for Greening the Financial System (NGFS) published an updated version of its guide to climate scenario analysis for central banks and supervisors.
11 November – Taxonomy Delegated Acts Review: The European Commission has published calls for evidence (CfEs) on two proposed Delegated Regulations amending the Taxonomy Climate Delegated Act ((EU) 2021/2139) and the Taxonomy Environmental Delegated Act ((EU) 2023/2486). Please refer to our dedicated article on this topic here.
10 November – ESRS ‘Quick Fix’ Regulation: Commission Delegated Regulation (EU) 2025/1416 amending Delegated Regulation (EU) 2023/2772 as regards the postponement of the date of application of the disclosure requirements for certain undertakings (referred to as the Quick Fix Regulation) was published in the Official Journal of the European Union, on 10 November 2025.
7 November – NGFS Climate Scenario Notes: The Network for Greening the Financial System (NGFS) published a series of explanatory notes to clarify and improve the usability of its long-term climate scenarios.
5 November – EBA Environmental Scenario Analysis: The EBA published a final report (EBA/GL/2025/04) on guidelines on environmental scenario analysis under the CRD IV Directive (2013/36/EU).
4 November – Updated SFDR Q&A: The Joint Committee of the European Supervisory Authorities (ESAs) published an updated version of its questions and answers (Q&A) (JC 2023 18) on the SFDR (EU) 2019/2088) and on Commission Delegated Regulation (EU) 2022/1288, which supplements the SFDR with regard to RTS on content and presentation of information (SFDR Delegated Regulation).
Securities / Capital Markets
28 November – Bond and Derivatives SI Regime: The FCA published a policy statement (PS25/17) on removing the systematic internaliser (SI) regime for bonds, derivatives, structured finance products and emission allowances.
27 November – Credit Builders and Data Collection: The FCA has published its regulation round-up for November 2025. Among other things, the FCA outlines its findings from a review of credit builder products, explains how it is standardising the way it collects financial data at the authorisation gateway and summarises its work on improved digital forms.
27 November – UK EMIR Margin Amendments: The PRA and the FCA published a joint policy statement on changes to the UK bilateral margin requirements for non-centrally cleared derivatives under UK EMIR (648/2012) (PRA PS23/25 / FCA PS25/16), which take the form of amendments to the binding technical standards (BTS) in the UK onshored version of Commission Delegated Regulation (EU) 2016/2251, supplementing UK EMIR.
21 November – FCA Fees and Levies Consultation: The FCA published a consultation paper on policy proposals for its regulatory fees and levies for 2026/27 (CP25/33).
21 November – UK Transaction Reporting Reforms: The FCA published a consultation paper (CP25/32) on proposed improvements to the UK transaction reporting regime.
20 November – Regulated Activities Amendment Order: The Financial Services and Markets Act 2000 (Regulated Activities) (Amendment) Order 2025 (SI 2025/1205) has been published on legislation.gov.uk.
19 November – Market Conduct Codes Recognition: The FCA published an updated version of its webpage on recognised industry codes to reflect the fact it has extended its recognition of the FX Global Code, the UK Money Markets Code and version 2 of the Global Precious Metals Code.
19 November – Equity Consolidated Tape Consultation: The FCA published a consultation paper on the proposed framework for introducing an equity consolidated tape (CT) in the UK run by a consolidated tape provider (CTP) (CP25/31).
12 November – Neo-Brokers Final Report: The IOSCO published its final report on neo-brokers.
5 November – FCA Intragroup EMIR Changes: The FCA published a consultation paper (CP25/30) proposing changes to its BTS on the intragroup exemption regime under UK EMIR (648/2012). The relevant BTS are the UK version of Commission Delegated Regulation (EU) 2016/2251 (BTS 2016/2251) and the UK version of Commission Delegated Regulation (EU) 149/2013 (BTS 2013/149).
5 November – UK EMIR Intragroup Amendments: HM Treasury published a draft version of the Over the Counter Derivatives (Intragroup Transactions) Regulations 2026, together with a policy note.
3 November – Overseas Recognition Regime Regulations: The Financial Services (Overseas Recognition Regime Designations) Regulations 2025 (SI 2025/1147) published on legislation.gov.uk.
3 November – Berne Agreement FCA Guidance: The FCA published guidelines for firms on the Berne Financial Services Agreement.
Financial Crime / Conduct / Sanctions
27 November – FOS 2026/27 Plans Consultation: The Financial Ombudsman Service (FOS) published a consultation paper on its proposed plans and budget for 2026/27.
26 November – SFO Compliance Programme Guidance: The Serious Fraud Office (SFO) published updated guidance on evaluating corporate compliance programmes in England, Wales and Northern Ireland. The guidance outlines six scenarios where the SFO assesses an organisation’s compliance programme, including decisions on prosecution, deferred prosecution agreements (DPAs), compliance terms or monitorships in DPAs, defences under the Bribery Act 2010 and the Economic Crime and Corporate Transparency Act 2023, and sentencing considerations.
21 November – Updated SARs Best Practice: The National Crime Agency published UKFIU SARs best practice guidance on how to use the SAR portal to submit a SAR to the UKFIU, how to help reporters submit a high-quality SAR and how to help reporters seek a defence under Proceeds of Crime Act 2002 (POCA) and the Terrorism Act 2000.
17 November – JMLSG AML/CTF Consultation: The Joint Money Laundering Steering Group (JMLSG) published, for consultation, proposed revisions to Part I of its anti-money laundering (AML) and counter-terrorist financing (CTF) guidance for the financial services sector.
14 November – FCA Regulatory Failure Investigations Policy: The FCA published a statement of policy on statutory investigations into regulatory failure and producing reports.
11 November – FCA Financial Crime Review Findings: The FCA published the findings from a multi-firm review focused on firms’ business-wide risk assessment (BWRA) and customer risk assessment (CRA) processes. The firms involved in the review included building societies, platforms, e-money firms and wealth management firms.
5 November – Financial Inclusion Strategy: HM Treasury published its new financial inclusion strategy, which sets out a national plan aimed at removing barriers to financial participation and building financial resilience.
5 November – BNPL Credit Broking Exemption: The Financial Services and Markets Act 2000 (Regulated Activities, etc.) (Amendment) (No 2) Order 2025 (SI 2025/1154) has been laid before Parliament and published on legislation.gov.uk with an explanatory memorandum. The Order will exempt domestic premises suppliers from credit broking regulation when they offer certain buy-now-pay-later (BNPL) credit products to customers.
3 November – Central Sanctions Enforcement Hub: A new sanctions enforcement action collections page launched by the Foreign, Commonwealth and Development Office (FCDO), the Office of Financial Sanctions Implementation (OFSI), and the Office of Trade Sanctions Implementation (OTSI).
Cryptoassets / Payments
27 November 2025 – IRSG Response on Crypto Consultation: The International Regulatory Strategy Group (IRSG) published its response to the FCA’s September 2025 consultation paper on the application of its Handbook to regulated cryptoasset activities (CP25/25).
26 November – Stablecoin Sandbox Cohort: The FCA publisheda new webpage announcing the launch of a special cohort within its Regulatory Sandbox for firms issuing stablecoins.
25 November – EP Resolution on AI in Finance: The European Parliament adopted a resolution on the impact of AI on the financial sector.
20 November – Property (Digital Assets) Bill: On 19 November 2025, the Property (Digital Assets etc) Bill passedits third reading in the House of Commons with no amendments. It is now awaiting Royal Assent.
18 November – Confirmation of Payee Compliance Report: The Payment Systems Regulator (PSR) published a compliance report on Specific Direction 17, which relates to the confirmation of payee system.
12 November – Tokenised Asset Markets Report: The Investment Association, together with the Investment Management Association of Singapore, published a report examining the challenges and opportunities in tokenised asset markets across the UK and Singapore.
11 November – Tokenisation of Financial Assets Report: The IOSCO published a final report (FR/17/25) discussing observations from a monitoring exercise conducted by its Fintech Task Force to determine how tokenisation and distributed ledger technology (DLT) is being developed and adopted in capital markets products and services.
10 November – BoE Systemic Stablecoins Consultation: The Bank of England (BoE) published a consultation paper on regulating sterling-denominated systemic stablecoins for UK payments issued by non-banks.
7 November – Retail Payments Infrastructure Strategy: HM Treasury published an update on the work of the Payments Vision Delivery Committee.
Artificial Intelligence / Digital Regulation
18 November – DORA Critical ICT Providers List: The ESAs published a list of designated critical ICT third-party service providers under the Regulation on digital operational resilience for the financial sector ((EU) 2022/2554) (DORA).
12 November – ECON Report on AI in Finance: The European Parliament’s Committee on Economic and Monetary Affairs (ECON) published a report on the impact of AI on the financial sector.
5 November – HM Treasury AI Skills Commission: HM Treasury published a letter to the Financial Services Skills Commission (FSSC) from Lucy Rigby MP, Economic Secretary to the Treasury, commissioning the FSSC to research and produce a report on AI skills needs, training and innovation in financial services.
Prudential / Remuneration
28 November – PRA Credit Union Assessment: The PRA published a letter it has sent to directors of credit unions, setting out the key findings from its 2025 assessment of these firms and the actions it expects firms to take.
26 November – MIFIDPRU Reporting Quality Review: FCA published its finding following a review of MIFIDPRU Reporting Quality.
26 November – FCA Reviews Data Quality in MIFIDPRU Prudential Reporting: The FCA published its findings on the quality of prudential regulatory reporting by MIFIDPRU investment firms, identifying good practice as well as areas for improvement including inconsistent data, incorrect firm classification and errors in reporting units.
25 November – IAIS Global Monitoring Exercise: The International Association of Insurance Supervisors (IAIS) published an updated version of its global monitoring exercise (GME) document for the period 2026-28, as well as a new set of ancillary risk indicators for the individual insurer monitoring (IIM) assessment methodology within the GME.
21 November – ComFrame and ICS Consultation: The IAIS published a consultation on developing its common framework for the supervision of internationally-active insurance groups (IAIGs) (ComFrame) to reflect the international capital standard (ICS). The related materials are available on the IAIS consultation webpage.
21 November – Joint Internal Model Authorisations ITS: Commission Implementing Regulation (EU) 2025/2338, amending Commission Implementing Regulation (EU) 2016/100 which contains implementing technical standards (ITS) on the joint decision process for internal models authorisation under the Capital Requirements Regulation (575/2013) (CRR), has publishedin the Official Journal of the European Union.
20 November – FSB Global Stability Priorities: The Financial Stability Board (FSB)published a letter from Andrew Bailey, FSB Chair, to G20 finance ministers and central bank governors ahead of their meeting on 22 and 23 November 2025.
18 November – EIOPA Macroprudential RTS: EIOPA published two final reports (report 1and report 2) containing draft RTS on new macroprudential tools that have been introduced under the Solvency II Directive (2009/138/EC), as amended by the Solvency II Amending Directive ((EU) 2025/2).
12 November – PRA Leverage Ratio Threshold: The PRA published a policy statement (PS22/25) on changes to the retail deposits threshold for application of the leverage ratio requirement.
7 November – CVA Risk Supervision Peer Review: The EBA published a peer review follow-up report analysing the effectiveness of the supervisory practices of competent authorities regarding their assessment of credit valuation adjustment (CVA) risk of the institutions under their supervision.
6 November – Market Risk Framework Consultation: The European Commission published a targeted consultation on the application of the market risk prudential framework.
3 November – Third-Country Branches Authorisation Guidelines: The EBA published a consultation paper on draft guidelines relating to the authorisation of third-country branches (TCBs) under the CRD IV Directive (2013/36/EU), as amended by the CRD VI Directive ((EU) 2024/1619).
Commission Payments / Motor Finance
5 November – Motor Finance Redress Scheme Update: The FCA published a statement providing an update on the progress and timing of its consultation (CP25/27) on a possible motor finance consumer redress scheme. The consultation deadline has been extended to 12 December 2025.
EU Financial Markets
28 November – MiCA Data Standards Statement: ESMA published a statement (ESMA75-1303207761-6284) on technical specifications for implementing a number of data standards and format requirements under the Regulation on markets in cryptoassets ((EU) 2023/1114) (MiCA).
24 November – AI Act Implications Factsheet: The EBA published a factsheet on the implications of the Artificial Intelligence Act ((EU) 2024/1689) (AI Act) for the EU banking and payments sector.
20 November – SFDR and PRIIPs Amendments Proposal: The European Commission adopted a proposed Regulation amending Regulation (EU) 2019/2088 on sustainability-related disclosures in the financial services sector and Regulation (EU) 1286/2014 on key information documents for packaged retail and insurance-based investment products (PRIIPs Regulation), and repealing Commission Delegated Regulation (EU) 2022/1288 (SFDR RTS) (COM(2025) 841 final) (2025/0361 (COD)).
19 November – CRR Market Risk Call for Evidence: The European Commission published a call for evidence on a delegated act on the own funds requirements for market risk under the Capital Requirements Regulation (575/2013) (CRR).
14 November – Gibraltar Market Access Extension: The Financial Services (Gibraltar) (Amendment) (EU Exit) Regulations 2025 (SI 2025/1182) have been published on legislation.gov.uk, together with an explanatory memorandum.
U.S. Matters – Private Funds
20 November – CFTC: The US Senate Committee on Agriculture, Nutrition and Forestry advanced President Trump’s nominee for CFTC Chairman, Michael Selig, in his confirmation process. The nomination will now move to the full US Senate for consideration.
17 November – SEC Exams: The SEC’s Division of Examinations released its 2026 exam priorities. The SEC’s Division of Examinations’ priorities included adherence to fiduciary standards of conduct, particularly in business lines serving retail investors and focused on issues involving emerging technologies like artificial intelligence.
17 November – Rule 14a-8:The SEC’s Division of Corporation Finance published a statement that, during the 2025-2026 proxy season, it will generally not respond substantively to no-action requests from companies intending to rely on any basis for exclusion of shareholder proposals under Rule 14a-8, other than requests to exclude a proposal under Rule 14a-8(i)(1), which is typically used by companies seeking to exclude “ESG” related proposals.
12 November – U.S. Government Shutdown Ends:President Trump signed a bill to fund the government, ending the longest U.S. government shutdown in history and reopening the U.S. federal government. The SEC has resumed its operations, but SEC staff are currently working through a backlog of items received during the shutdown (e.g., reviewing new filings, resuming ongoing exams, etc.). The bill only funded the government until January 30, 2026, meaning the parties will need to reach agreement on an additional extension soon in order to avoid another shutdown.
Nathan Schuur, Robert Sutton, Rachel Lowe, Sasha Burger, Sulaiman Malik, and Michael Singh contributed to this article
NUMBERS DON’T LIE- Statistics Show Why TCPA Risk is 10x Higher Than Risk Posed By Other Consumer Protection Statutes
Just did a post on the avalanche of TCPA class actions that have been filed this year.
But I want to put a finer point on these statistics.
First, the TCPA is FAR more dangerous than other consumer protection statutes and carries far higher penalties– with billions of dollars in exposure in most TCPA class cases. These cases are potentially business-enders for virtually every defendant.
Second, the volume of TCPA class actions compared to other consumer protection statutes is just staggering. Because the TCPA does not have an attorney fee provision the only way for consumer lawyers to collect large fees in most cases is to drive defendants to settle on a classwide basis– so class actions are the norm in TCPAWorld compared to other statutes.
Just how big of a difference is it?
Well in 2025 there have been 1,807 TCPA class actions filed compared to 174 FDCPA class actions and 91 FCRA class action filings.
That means there have been over 10x more TCPA class actions than FDCPA class actions filed this year– and 20x more TCPA class actions than FCRA class actions!
And look at the percentages here:
Only 4.7% of FDCPA cases were filed as class actions in 2025.
Only 1.3% of FCRA cases were filed as class actions in 2025.
Yet a full 76.4% of TCPA cases were filed as class actions in 2025!
3 out of 4 TCPA cases are filed as potential business-ending class actions– that’s insane.
Without question the TCPA is absolutely the biggest risk to YOUR business. If you are engaging in any kind of outbound calling or texting you MUST get great lawyers on your side. You can’t chatgpt your way out of this folks.
Key Takeaways from the Life Sciences Investment Forum 2025
On November 13, 2025, the Life Sciences Investment Forum brought together more than 180 leaders in the life sciences investment community for a day of dynamic conversations and strategic insights. Top decision-makers shared emerging trends and opportunities, how they’re navigating market headwinds, and what they expect for the industry in 2026 and beyond. Below are four takeaways from the discussions.
Growth is the dominant narrative and the key valuation driver
Across biopharma, private equity (PE), and public markets, growth was repeatedly emphasized as the most important factor for valuation, fundraising, and multiple expansion.
Large-cap pharma has driven most recent market value expansion, fueled by demand for large-population therapies (e.g., GLP-1s).
Investors expect outsized returns for companies with predictable, rapid top-line growth.
“Keep your eye on the top line” emerged as the #1 message to investors heading into 2026.
Structural headwinds are mounting: Policy, pricing pressure, and healthcare costs
Regulation – not science – will be the primary gating factor in investment decisions over the next 12 to 24 months:
Healthcare spending outpacing gross domestic product (GDP) is pushing pressure for cost controls.
Most Favored Nation (MFN) pricing, drug price negotiations, and reimbursement shifts are creating real concern for biotech P&Ls, driving the need for tight forecasting and clean data.
As transitions at the US Food and Drug Administration (FDA) are affecting predictability, companies must plan for worst-case regulatory scenarios and establish multiple backup plans.
Early-stage is taking center stage – and rising costs are accelerating the shift
A scarcity of late-stage, commercial-ready assets—combined with escalating clinical and manufacturing costs—is pushing investors and strategics further upstream. This environment is driving:
Intense competition and high valuations for Phase 1 and 2 “best-in-class” assets.
Pipeline “herding,” especially in oncology, as buyers converge on similar early plays.
More programmatic mergers and acquisitions (M&A) and “shots on goal” earlier in the pipeline, particularly as Big Pharma seeks to fill looming patent-cliff gaps.
Greater reliance on structured and synthetic royalty financing as equity remains expensive and uncertain pricing environments make long-duration capital harder to commit.
AI is no longer optional, it’s becoming foundational across the value chain
Artificial intelligence (AI) brings transformational promise, but investors are demanding proof of utility and robust data infrastructure, not just “AI-enabled” labels:
AI tools have the potential to transform domains across the life sciences value chain.
For AI to succeed, the data training and retraining models needs to be highly curated and fit for purpose and investors need to carefully interrogate the adequacy of the data
Regulatory friction and clinical validation remain among the biggest development, deployment and adoption barriers.
FCC Alerts Broadcasters of Cybersecurity Threat
The Federal Communications Commission’s Public Safety and Homeland Security Bureau (PSHSB) has issued a Public Notice alerting broadcasters of a recent string of cybersecurity intrusions against radio broadcasters that resulted in the broadcasting of obscene materials and actual or simulated Emergency Alert System (EAS) tones. According to the FCC, these cybersecurity intrusions were caused by compromised studio-transmitter links where the threat actor(s) often accessed improperly secured Barix equipment and reconfigured it to broadcast attacker-controlled audio in lieu of station programming.
As a result, the PSHSB has requested that broadcasters, especially those using Barix equipment, ensure that they have adequate cybersecurity measures in place. Specifically, the FCC has recommended broadcasters to:
Apply all software security patches and firmware updates promptly.
Replace default passwords with strong alternatives and update them regularly.
Secure equipment that is interconnected to the broadcast signal processing system behind firewalls and use VPNs for remote access.
Monitor EAS equipment and software and audit logs for unauthorized activity.
Report incidents of unauthorized access to the FCC’s Operations Center at [email protected] and report cyberattacks to the Federal Bureau of Investigation’s Internet Crime Compliant Center (IC3) at https://www.ic3.gov/.
Review the FCC’s Communications Security, Reliability, and Interoperability Council’s best practices for EAS security.
The PSHSB has also recommended that broadcasters contact their EAS equipment manufacturers with any questions regarding the security of their equipment.
Europe- UK FCA Looks to Accelerate Fund Tokenisation and Direct Dealing
The FCA has published Consultation Paper CP25/28 with a view to accelerating the adoption of tokenisation by UK authorised funds. The consultation also proposes changes to allow direct dealing models, which would facilitate tokenisation as well as improve the operating environment for UK authorised funds generally.
The consultation sets out a broader vision for the tokenisation of portfolio management. It describes not just the tokenisation of fund interests, but also the tokenisation of assets in a way that would make it viable for investors to hold assets directly without the complexity and expenses of an intermediate fund.
The more immediately relevant aspects of CP25/28 are the confirmation that UK authorised fund tokenisation is permissible under the current law, and the FCA’s proposed guidance on how distributed ledger technology (DLT) might be used, which includes:
Confirmation that the firm responsible for maintaining a DLT register must be able to make unilateral changes to the register, and suggesting different approaches to achieve this;
Clarifying that firms must be able to aggregate information on the DLT register in order to identify the total units held by an investor; and
Emphasizing the need to ensure compliance with anti-money laundering requirements even when investors may transfer tokenized units to third parties, and proposing approaches.
The proposed changes to introduce direct dealing for UK authorised funds are equally welcome. The current arrangement in the United Kingdom, where investors buy shares from and sell shares to the AFM, is not consistent with other major fund jurisdictions and creates operational complexity. Whilst direct to fund dealing is currently permissible, the FCA sees benefit in prescribing requirements around how this should work in practice, including requiring the maintenance of an Issues and Cancellations (IAC) Account.
Final rules and guidance are expected in the first half of 2026.
B2B TCPA NIGHTMARE- Court Refuses to Credit Deposition Testimony at Motion to Dismiss Phase– Allows DNC Claim to Proceed Despite Apparent Business Use of Phone
B2B callers are constantly facing TCPA DNC risk despite the fact the DNC supposedly only applies to residential lines.
The issue, of course, is that cell phones are often used for both business and personal use–especially after COVID. And courts have been very clear about holding a mix use cell phone can still be residential.
Well in Koeller v. Cyflare, 2025 WL 3280316 (E.D. Mo. Nov. 25, 2025) we have an interesting test case because not only was the phone used for business purposes in addition to residential, the business actually paid a stipend for the phone!
Now that’s interesting.
However the court did not dive into the tricky issues raised by the fact scenario because the use of the phone was not pleaded on the face of the complaint– but only in deposition testimony. And since defendant only moved to dismiss the court could not credit the testimony and had to allow the complaint to live on.
The Court also found allegations of willful harm were sufficient to survive the pleadings stage as well– so even though the defendant tried to call a business number (and may have) it is still facing a TCPA class action and enhanced treble damages.
That’s the TCPAworld for you.
B2B callers need to keep the real-world risk of TCPA class actions in the back of their minds. You can’t just buy a list off of Zoom and fire away. Smart money is on scrubbing out cell phones that are on the DNC list– just too much risk not to.
SILENT SWITCH? New Lawsuit Alleges Google Uses Gemini AI to “Secretly” Read Gmail, Chat, and Meet Conversations
The latest in a spate of lawsuits targeting AI tools, a new putative class action filed in the Northern District of California alleges that tech giant Google activated its Gemini AI features across its portfolio of services without obtaining user consent, in violation of the California Invasion of Privacy Act (“CIPA”).
According to the complaint, Google previously offered Gemini “Smart features” as an opt-in tool, but allegedly switched this setting on for all Gmail, Chat, and Meet accounts on or around October 10, 2025, enabling its AI to track users’ private communications in those platforms without knowledge or consent in violation of CIPA Section 632, which prohibits the recording of confidential communications without consent. The filing states that Google tracks these private communications with Gemini by default, requiring users to affirmatively find this data privacy setting and shut it off, despite never “agreeing” to such AI tracking in the first place. The complaint alleges that despite this setting being in default “opt out” status since October 10, the setting is still worded as an “opt in” feature: “When you turn this setting on, you agree . . .” According to the complaint, this renders the privacy settings offered by Google effectively meaningless.
The plaintiff, Thomas Thele, alleges he did not turn on this setting, was not notified of the change, and did not consent to the collection or analysis of information contained in his communications. While Thele does not identify the precise Gmail, Chat, and/or Meet communications that he sent or received with the “Smart features” setting turned on, the complaint identifies the categories of information that could allegedly be derived from these communications, including financial records, employment information, medical information, political and religious affiliations, the identities of family members and contacts, and social habits and activities,.
Plaintiff purports to represent the following potentially massive class: “All natural persons residing in the United States with Google accounts whose private communications in Gmail, Chat, and/or Meet were tracked by Google’s Gemini AI after Google turned on “Smart features” in those persons’ data privacy account settings.”
In response to viral social media posts accusing Google of automatically opting Gmail users into AI model training through its “smart features,” Google has issued a statement refuting claims that it uses Gmail content to train the Gemini AI model. However, the sufficiency and truth of Plaintiff Thele’s allegations are yet to be tested. We’ll keep a close eye on this one.
The case is Thele v. Google, LLC, No. 5:25-CV-09704 (N.D. Cal. Nov. 11, 2025).
New Inventorship Guidance on AI-Assisted Inventions- AI Can’t Be an Inventor, But AI Can Be a Tool in the Inventive Process (For Now…)
As readers may recall, in February 2024, the USPTO issued guidance on inventorship in AI-assisted inventions, which we wrote about here. On November 26, 2025, the USPTO rescinded that guidance and replaced it with new guidance.
By way of background, the February 2024 Guidance analyzed the naming of inventors for AI-assisted inventions using the Pannu factors, which state that an inventor must (1) contribute in some significant manner to the conception or reduction to practice of an invention, (2) make a contribution to the claimed invention that is not insignificant in quality when measured against the full invention, and (3) do more than merely explain well-known concepts and/or the current state of the art. In the February 2024 Guidance, the USPTO noted that in the context of AI-assisted inventions, the Pannu factors were informed by the following considerations:
Use of an AI system in creating an AI-assisted invention does not categorically negate the natural person’s contributions as an inventor, if the natural person “contributes significantly” to the invention
Providing a recognized problem or a general goal or research plan to an AI system does not rise to the level of conception
Reduction of the output of an AI system to practice alone is not a significant contribution that rises to the level of inventorship
A natural person who designs, builds, or trains an AI system in view of a specific problem to generate a particular solution could be an inventor
Owning or overseeing an AI system used in the creation of an invention does not constitute a significant contribution to conception
The November 2025 Guidance withdraws the analysis of the Pannu factors, indicating that the Pannu factors only apply when determining when multiple natural persons qualify as inventors. The November 2025 Guidance further emphasizes that the same legal standard for determining inventorship applies, whether or not AI systems were used in the inventive process. AI systems are described as tools, analogous to laboratory equipment, computer software, research databases, and the like. And under well-established practice, inventors can use the services of others – including AI systems – without those sources becoming co-inventors.
This Guidance significantly simplifies the analysis of how AI systems can be used in the inventive process. In removing the Pannu factors from the analysis of whether an AI system is an inventor, the November 2025 Guidance allows inventors to extensively use AI systems in developing an invention without needing to consider the extent to which an inventor used an AI system – such as tracking the prompts used by an inventor to prompt an AI system to generate an invention, characterizing the nature of the prompts as describing a general problem, directing an AI system towards a particular solution, or the like.
This change may also reduce the likelihood of AI creators being deemed co-inventors, because they are only considered as tool-builders. For example, in an AI-assisted drug discovery collaboration between AI experts and drug discovery scientists, under the new Guidance, the drug discovery scientists may use the services, ideas, and aid of the AI system without any concern that the AI system or its creators could become co-inventors. However, whether the AI experts are inventors should be assessed.
In short, the November 2025 Guidance reiterates that AI systems themselves cannot be named as an inventor on a patent application or issued patent. This is in line with the Federal Circuit’s decision in Thaler v. Vidal, 43 F.4th 1207 (Fed. Cir. 2022), in which the Federal Circuit held that only natural persons could be listed as inventors on a patent application or issued patent. Thus, past policy involving the rejection of claims under 35 U.S.C. § 101 and 115 for claims in any application in which an AI system is listed as an inventor or joint inventor remains in place. Relatedly, because only natural persons can be listed as inventors on a patent application or an issued patent, priority claims to foreign applications that name an AI tool as a sole inventor will not be accepted, and the ADS for US patent applications should only name natural persons even when claiming priority to a foreign application including natural persons and AI tools as joint inventors.
We would observe that this is an administrative change, subject to recission by subsequent notice and comment. Because this may not be a permanent change, it may still be worth preserving evidence of how inventors use AI systems in the inventive process to defend against future challenges to patent validity.