European Commission Publishes the AI Continent Action Plan
On April 9, 2025, the European Commission published the AI Continent Action Plan (the “Action Plan”). The objective of the Action Plan is to strengthen artificial intelligence (“AI”) development and uptake in the EU, making the EU a global leader in AI. The Action Plan builds upon the InvestAI initiative that aims to mobilize €200 billion for investment in AI in the EU.
The Action Plan is divided into five strategic areas where the EU intends to intervene to foster its AI ambitions:
Computing infrastructure. Measures envisioned include setting up 13 AI Factories across the EU, five AI Gigafactories (powered by over 100,000 advanced AI processors) for which it will mobilize €20 billion from the InvestAI initiative, and proposing a Cloud and AI Development Act to boost private investment in the EU in cloud and data centers.
Data. The European Commission aims to fully realize the single market for data through the upcoming Data Union Strategy. This strategy intends to respond to the scarcity of robust and high-quality data for the training and validation of AI models. The European Commission will also implement data labs within AI factories to gather and organize high-quality data from diverse sources and continue supporting the deployment of Common European Data Spaces.
Foster innovation and accelerate AI adoption in strategic EU sectors. Measures to be implemented include adapting scientific research programs to boost development and deployment of AI/generative AI, and through the Apply AI Strategy, integrating AI in strategic sectors and boosting the use of this technology by the European industry.
Strengthen AI skills and talent. Measures to be implemented include facilitating international recruitment, supporting the increase in provision of EU bachelor’s and master’s degrees as well as PhDs focusing on key technologies, including AI, and promoting AI literacy in the current workforce.
Fostering regulatory compliance and simplification. Measures to be implemented in this context include creating an AI Act Service Desk through which organizations may request clarifications and obtain practical advice regarding their AI Act compliance. The European Commission will also continue its efforts with regards to providing AI Act guidance and launch a process to identify stakeholders’ regulatory challenges and inform possible further measures to facilitate compliance and possible simplification of the AI Act.
Read the AI Continent Action Plan.
NO LINK, NO LIABILITY: Court Dismisses Vicarious Liability Allegations.
Hey TCPAWorld!
Vicarious liability demands more than a loose business association between entities.
In Gonzalez v. Savings Bank Mutual Life Ins. Co. of Mass., No. EP-24-CV-00289-DB, 2025 WL 1145266 (W.D. Tex. Apr. 15, 2025), Yazmin Gonzalez’s (“Plaintiff”) claims of vicarious liability under the TCPA were dismissed due to insufficient factual allegations linking Savings Bank Mutual Life Insurance Company of Massachusetts (“SBLI”) to Elsworth Rawlings or American Benefits, its alleged subagents.
Background
According to Plaintiff’s First Amended Complaint (“FAC”), in early 2024, Plaintiff began receiving a series of telemarketing calls to their phone number ending in 1859, which was listed on the National Do-Not-Call Registry (“DNCR”). Id. at 1. Plaintiff claims to have received eight calls, each featuring the following prerecorded message:
“Hi, this is Stephanie, I’m calling you from American Benefits… “
Id. Plaintiff alleged that she informed the agent that she was not interested and requested the calls to stop on the fourth call. The calls continued.
On the eighth call, Plaintiff impersonated her mother to identify the company behind the calls. Plaintiff received a call from a number ending in 2986, allegedly the same agent she connected with earlier. The agent then supposedly connected her to “Elsworth Rawlings,” who did not identify the company he worked for, asked qualifying questions, and then informed her that he would be transferring her to an SBLI agent. Plaintiff was transferred to another agent that allegedly introduced themselves as Bell and completed Plaintiff’s insurance application. After the application was approved, she was transferred back to Rawlings. Plaintiff later received an insurance policy bearing Rawlings’ signature. According to Plaintiff, the call line was one long chain which did not disconnect at any point.
Plaintiff’s Allegations
In her FAC, Plaintiff alleges that:
Rawlings is a licensed insurance agent who was appointed by SBLI to market, solicit, and sell insurance on [their] behalf… on February 20, 2024;
SBLI and Rawlings set up a phone system that allowed them to coordinate applications and transfer applicants back and forth between them; and
SBLI appointed Rawlings with the knowledge and expectation that Rawlings would make phone calls to solicit SBLI’s products and services.
Id. at 2.
The Agreement
Under the Agreement executed between SBLI and Rawlings, SBLI authorized Rawlings to solicit and transmit life insurance applications, but expressly prohibited him from presenting himself as an SBLI employee or agent beyond what was contractually permitted. Additionally, Rawlings was required to protect SBLI’s reputation and comply with applicable laws and regulations. Plaintiff further alleged that American Benefits was acting as Rawlings’ agent—and therefore as SBLI’s subagent.
Legal Standard
SBLI moved to dismiss under Rule 12(b)(6), arguing that the complaint failed to plead sufficient facts to state a plausible claim for relief.
The TCPA provides a private right of action under 47 U.S.C. § 227(b), which regulates autodialed or prerecorded calls to cell phones, and 47 U.S.C. § 227(c), which protects those on the DNCR. Plaintiff can establish vicarious liability through common law agency principles by showing the caller acted on behalf of Defendant.
Court’s Analysis
Plaintiff’s FAC raises two causes of action against SBLI:
Eight (8) violations under Section 227(b)(1)(A) by making non-emergency telemarketing robocalls to Plaintiff’s cellular telephone numbers without her prior express written consent, and
Violations under Section 227(c) and 47 C.F.R. § 64.1200(c) for making eight (8) unsolicited calls to Plaintiff’s line, which was registered on the DNCR, without Plaintiff’s consent.
Id. at 3. In its Motion to Dismiss, SBLI argued Plaintiff failed to plead any facts linking the calls to SBLI under Sections 227(b) or 227(c). Because the Agreement executed between SBLI and Rawlings was attached to SBLI’s Motion to Dismiss, the Court treated it as part of the pleadings when evaluating the plausibility of the allegations.
The Court found that Plaintiff failed to plead sufficient facts under 227(b) to establish direct liability against SBLI, as SBLI neither made the calls nor controlled the party that made the calls. Instead, each call was initiated by “American Benefits,” as indicated by the prerecorded message cited in Plaintiff’s Complaint. As a result, the Court held that SBLI cannot be held directly liable for any of the telemarketing calls.
The Court also rejected Plaintiff’s theory of vicarious liability under the TCPA, finding she failed to allege sufficient facts to establish an agency relationship between SBLI and Rawlings. To support vicarious liability, a plaintiff must show actual authority, apparent authority, or ratification. The court emphasized that merely identifying Rawlings as a “subagent” was not sufficient without factual support showing SBLI’s control or acceptance of the calls. Id. at 4.
No Actual Authority
According to the Court, actual authority exists when the principal expressly or implicitly grants the agent authority to perform a particular act. Here, there was no actual authority because Plaintiff did not allege facts showing SBLI controlled the manner and means of the telemarketing campaign or granted Rawlings the power to hire American Benefits. Plaintiff also failed to allege SBLI’s control over Rawlings’s day-to-day operations or any direct connection to the American Benefits telemarketer.
No Apparent Authority
“[A]n agent has apparent authority to bind a principal if a third party reasonably believes the agent has authority to act on behalf of the principal and that belief is traceable to the principal’s manifestations.” Id. at 5. (Citations omitted). Plaintiff failed to demonstrate apparent authority as there is no evidence that SBLI held out Rawlings or the telemarketer as having authority to act on its behalf. Although Plaintiff alleged SBLI gave Rawlings instructions and coordinated systems for processing applications, she did not plead facts showing SBLI’s conduct led her to reasonably believe the caller was acting for SBLI. As a result, the Court held that Plaintiff did not plausibly allege apparent authority.
No Ratification
Lastly, Plaintiff’s ratification theory fails because she did not allege that SBLI had knowledge of any unlawful calls made by Rawlings or American Benefits. To support ratification, the principal must be aware of the conduct and either accept the benefits or fail to repudiate it. The court found no factual basis showing SBLI affirmed or accepted any TCPA-violating conduct, and thus ratification could not establish vicarious liability.
The Court concluded that neither American Benefits nor Rawlings acted as SBLI’s agent under any agency theory, thus, SBLI could not be held liable under Section 227(b). The Court also dismissed Plaintiff’s Section 227(c) claim, since Plaintiff could not attribute a single call to SBLI. As a result, both TCPA claims were dismissed.
Vicarious liability under the TCPA demands more than just an ordinary business association. It requires well-pled facts that establish a clear agency relationship, showing that the defendant exercised control over the caller’s conduct, granted the caller to make the calls, or knowingly accepted the benefits of those calls while being thoroughly aware they violated the law.
U.S. Federal Court Permanently Enjoins Ohio Social Media Age Verification Law From Taking Effect
On April 16, 2025, the U.S. District Court for the Southern District of Ohio Eastern Division issued a ruling permanently enjoining the Ohio Attorney General from enforcing the Parental Notification by Social Media Operators Act, Ohio Rev. Code § 1349.09(B)(1) (the “Act”). The decision follows a preliminary injunction issued in February 2024 by the same court.
The Act was signed into law in July 2023, and was set to take effect on January 15, 2024. The Act would have required social media platforms to verify whether users are at least 16 years old and obtain parental consent before allowing children under 16 to create an account on their platforms. The court held that the Act implicated the First Amendment because it restricted children’s ability to engage in and access speech, and that the Act’s application to certain websites but not others amounted to a content-based restriction because it favored certain forms of engagement with speech over others. In its ruling, the court stated that the Act “resides at the intersection of two unquestionable rights: the rights of children to ‘a significant measure of’ freedom of speech and expression under the First Amendment, and the rights of parents to direct the upbringing of their children free from unnecessary governmental intrusion.” The court held that the government did not satisfy the satisfy the First Amendment’s strict scrutiny standard, which is applied to content-based restrictions. “Generally, First Amendment protections ‘are no less applicable when government seeks to control the flow of information to minors,’” the court said.
The ruling is the latest in a string of lawsuits brought by NetChoice, a tech industry trade association, against similar state laws. It also represents the second permanent injunction NetChoice has secured, following a recent permanent injunction blocking a similar law in Arkansas.
AFFILIATE TRACKING CLASS ACTION: Texts with Links to HasOffers (Tune?) Website Lands Interest Media in Deep TCPA Trouble
Really interesting one for the affiliate world today.
So repeat TCPA litigator ZACHARY FRIDLINE just scored a big victory over Interest Media following text messages allegedly sent to his phone without consent.
As the Court tells it:
“The text messages led to internet properties either owned by Interest Media or an affiliate offer promoted on Interest Media’s platform.” 17 To reach this conclusion, Fridline “track[ed] the tracking links in the text messages” 18 and “capture[d]” a tracking link. 19 This link directed recipients to “imtrk.go2cloud.org,” which is owned by Interest Media. 20
“The Go2Cloud domain is owned by HasOffers, which is an affiliate tracking platform.” 21 “The website imtrk.hasoffers.com is … Interest Media’s account on the HasOffers platform.” 22 These messages “were sent to solicit the purchase of various property, goods, and services offered by advertisers who paid Interest Media to drive traffic to their websites.” 23 “By way of example, some of the advertisers included gift card ‘giveaway’ scams, lead generation websites for sweepstakes, offers for televisions, and offers for iPhones.” 2
The only part of this that doesn’t make sense to me is that I thought HasOffers changes its name to Tune like 10 years ago.
Regardless, in Fridline v. Interest Media, 2025 WL 1162492 (M.D. Pa April 21, 2025) the Court held these allegations were sufficient to state a claim against Interest Media.
Unlike the caselaw Interest Media has relied upon, Plaintiff does not merely “believe[ ] the identified phone number[s]” are “owned by defendant.”29 Instead, Plaintiff described how Defendant’s business model is predicated on solicitation and explained how the tracking links directed recipients to “internet properties either owned by Interest Media or an affiliate offer promoted on Interest Media’s platform.”30 He then identified an example tracking link that he traced to a website owned by Interest Media found on a known affiliate tracking platform domain that Defendant maintains an account with. 31 These allegations provide the requisite factual support “to justify that a call came from” Defendant. 32 Nor can it be said that these allegations are unclear or conclusory. Plaintiff has articulated a detailed narrative based on clear factual allegations.
So there you go.
Probably didn’t help Interest Media’s big law counsel argued the messages were sent without an ATDS but that isn’t even a requirement under the TCPA’ DNC provisions. Indeed the argument was so bad the Court simply said it would “set aside” that argument, which is code for “I am not even going to waste my time with this.”
Yikes.
Crazy that people pay big law lawyers to make arguments that are absolutely meritless. But what are you going to do? (I mean, other than hire better lawyers.)
Regardless another big win for a litigator and bad loss for a lead generator using big law to defend it.
NO INDEMNITY: ReNu Solar Loses Effort to Obtain Default Judgment Against TechMedia Group and It Highlights the Issue With Indemnity Agreements
So here’s one you haven’t heard before.
Company buys lead, makes calls, gets sued under the TCPA.
Ok ok you’ve heard THAT one before.
But then company sues lead seller for indemnity and lead seller doesn’t show up in court. Company seeks default judgment against lead seller.
What result?
Well in Jackson v. Renu, 2025 WL 1162491 (M.D. Pa. April 21, 2025) the Court held no judgment against the seller is possible until the underlying TCPA defendant actually tasted defeat in the TCPA case.
In Jackson the contractual agreement between ReNu and TechMedia called upon TechMedia to comply with the TCPA and indemnify ReNu for any judgment that was entered against it. But since no judgment has yet been entered against ReNu the Court found TechMedia did not yet owe ReNu indemnity.
Ouch.
Notably the judgment probably could have (should have) asked for recovery of attorneys fees but apparently ReNu’s lawyers didn’t advise the court of whether ReNu had chose its own lawyers to defend it or those chosen by TechMedia. So NO award was entered at all.
My goodness.
Setting aside the potential screw up here, Jackson underscores a huge problem with indemnity agreements in lead generation. Lead buyers often assume such agreements make them bullet proof against suit.
Ridiculous.
The lead buyer that made the call is always the first one to be sued and a mere indemnity agreement does not mean the buyer will be out of the case. AT BEST it means the lead buyer will recover money against the leas seller one day. But as Jackson points out that “one day” is usually after the lead buyer has already faced a potentially massive judgment.
Not good.
Relying on indemnity agreements in lead gen contracts is NOT a smart path folks. Yes, you still need to include those terms in your contracts but VETTING your vendors and working with QUALITY PARTNERS you can trust (preferably those that abide by the R.E.A.C.H. standards) is essential.
China’s Supreme People’s Court Releases Typical Intellectual Property Cases in People’s Courts of 2024
On April 21, 2025, China’s Supreme People’s Court (SPC) the Typical Intellectual Property Cases in People’s Courts of 2024 (2024年人民法院知识产权典型案例). This year’s annual release includes only 8 cases and includes trade secret theft, an IP ownership dispute, copyright infringement, trademark infringement, and unfair competition. No patent infringement cases made the list this year. Typical cases are used by the SPC to promote uniformity to help ensure similar cases are treated consistently across different courts.
As explained by the SPC:
[Patent ownership dispute between Shenzhen ZhenXX Medical Technology Co., Ltd. and Shenzhen RuiXX Biotechnology Co., Ltd. and Hu]
Second instance: 最高人民法院(2023)最高法知民终871号
【Basic Facts】
Shenzhen ZhenXX Medical Technology Co., Ltd. was established in January 2018. It is a high-tech company co-founded by three entrepreneurs returning from overseas, Yu, Wang, and Hu, aiming to promote the research and development and transformation of mRNA technology in the field of biomedicine. In September 2019, Hu founded Shenzhen RuiXX Biotechnology Co., Ltd. The invention patent entitled “A mRNA based Osteoarthritis Drug Preparation and Its Preparation Method and Application” was applied by Shenzhen RuiXX Biotechnology Co., Ltd. in June 2021 and was granted in October 2021. Shenzhen ZhenXX Medical Technology Co., Ltd. filed a lawsuit claiming that the patent in question was a service invention completed by Hu during his tenure at the company. Shenzhen RuiXX Biotechnology Co., Ltd.’s application for the patent in question damaged the legitimate rights and interests of Shenzhen ZhenXX Medical Technology Co., Ltd. and requested a judgment to confirm that the patent right in question belongs to Shenzhen ZhenXX Medical Technology Co., Ltd. The court of first instance ruled to dismiss the lawsuit filed by Shenzhen ZhenXX Medical Technology Co., Ltd. Shenzhen Zhen Medical Technology Co., Ltd. filed an appeal.
[Judgment Result]
The Supreme People’s Court held in the second instance that this case involved a number of researcher returnees, a number of enterprises and institutions, and cutting-edge technologies in the field of biomedicine. Combined with the important position of mRNA technology in the field of medicine, and the fact that the three researchers had worked closely together, returned to China to start a business together, and made important contributions to the research and development of innovative drugs involving mRNA technology, it determined the trial ideas of “mediation first” and “untie the knot of emotions first, then the knot of law”. Through field investigations, circuit trials, and active mediation work, the parties were encouraged to sign a package settlement agreement on this case and other related lawsuits, which resolved the contradictions and series of disputes between the two parties for more than two years, and promoted the two parties to work together to return to cooperation on the cutting-edge track in the field of biomedicine, achieving win-win, multi-win, and win-win results.
【Typical significance】
The case was heard in public on “National Constitution Day” by a five-member panel headed by Tao Kaiyuan, Vice President of the Supreme People’s Court and Second-Level Justice, and was reported by nearly 40 media outlets. The mRNA technology involved in this case is a key common technology and cutting-edge high-tech in the field of biomedicine, and is a typical representative of new quality productivity. The substantive resolution of this case and related litigation disputes further released the clear orientation of the people’s courts to encourage innovation, promote integrity, respect science, and respect talents, which is conducive to scientific researchers’ courage to innovate and start businesses with peace of mind, better stimulate the innovation and creativity of the whole society, and promote the integrated development of scientific and technological innovation and industrial innovation.
Case 2. Trademark infringement and unfair competition in the real estate sector
[Dispute over trademark infringement and unfair competition between RenXX Land (Chengdu) Co., Ltd., Shanghai RenXX Real Estate Co., Ltd., Nanjing RenXX Enterprise Management Co., Ltd., Singapore RenXX Holdings Co., Ltd. and Lanzhou RenXX Real Estate Co., Ltd.]
Second instance: 最高人民法院(2023)最高法民终418号
【Basic Facts】
In 1993, RenXXLand (Chengdu) Co., Ltd. and Shanghai RenXX Real Estate Co., Ltd. were established. In 1994, Nanjing RenXX Enterprise Management Co., Ltd. was established. Since 1995, the above companies have launched real estate projects in Shanghai, Nanjing, Chengdu and other places, and have been approved to register multiple “RenXX” trademarks in multiple categories such as construction services. In January 2002, Jin, the legal representative of Lanzhou RenXX Real Estate Co., Ltd., purchased real estate developed by Shanghai RenXX Real Estate Co., Ltd. in Shanghai. Lanzhou RenXX Real Estate Co., Ltd. was registered and established on November 26, 2002, and began to use the “RenXX” corporate name, and successively developed and constructed RenXX International, RenXX Meilin County, and RenXX Jingcheng real estate projects in Lanzhou. RenXX Land (Chengdu) Co., Ltd. and others believed that the above-mentioned actions of Lanzhou RenXX Real Estate Co., Ltd. constituted trademark infringement and unfair competition, and thus filed a lawsuit. The court of first instance ruled that Lanzhou RenXX Real Estate Co., Ltd. should stop infringing trademark rights and engaging in unfair competition, compensate RenXX Land (Chengdu) Co., Ltd. and other companies for economic losses and reasonable expenses totaling RMB 13,405,992.3, and publish a statement to eliminate the impact. Lanzhou RenXX Real Estate Co., Ltd. appealed.
[Judgment Result]
The Supreme People’s Court held in the second instance that although Lanzhou RenXX Real Estate Co., Ltd. only used the alleged infringing logo in Lanzhou, considering the similarity between the alleged infringing logo and the four trademarks involved, the degree of relevance between the services and goods used, the popularity of the “RenXX” trademark, the actual use of Lanzhou RenXX Real Estate Co., Ltd., and the actual confusion that has occurred, it can be determined that the alleged infringing behavior of Lanzhou RenXX Real Estate Co., Ltd. is likely to cause confusion among the relevant public and constitute an infringement of trademark rights. Based on the use of the “RenXX” trademark by Shanghai RenXX Real Estate Co., Ltd. and others, including the fact that the legal representative of Lanzhou RenXX Real Estate Co., Ltd. had purchased a property developed by Shanghai RenXX Real Estate Co., Ltd. and was aware that Shanghai RenXX Real Estate Co., Ltd. had used the “RenXX” trademark first, it can be determined that the “RenXX” trademark constitutes a prior trademark with a certain influence. As a peer operator, Lanzhou RenXX Real Estate Co., Ltd. should have given way to the competition, but it still registered and used the “RenXX” brand name to engage in the same business activities as Shanghai RenXX Real Estate Co., Ltd., which easily led the relevant public to believe that the real estate projects it developed and constructed had a specific connection with Shanghai RenXX Real Estate Co., Ltd., etc. The above-mentioned behavior of Lanzhou RenXX Real Estate Co., Ltd. constituted unfair competition. The second-instance judgment dismissed the appeal and upheld the original judgment.
【Typical significance】
This case involves the protection of corporate name rights and trademark rights in the field of commercial housing development and construction. There are currently a large number of such disputes. This case clarifies common issues such as trademark use, likelihood of confusion, and fair use in trademark infringement in the field of commercial housing, and clarifies the review criteria and proof standards for the protection of competitive interests of corporate names in Article 6, Item 2 of the Anti-Unfair Competition Law of the People’s Republic of China. The judgment in this case includes the circumstances where the infringer is aware of the prior use of the name by others in the determination of “names with a certain influence”, conveying the judgment concept of protecting honest business and maintaining fair competition order.
Case 3. Infringement of trade secrets of undisclosed characters in a “spoiler” game
[Dispute between Shanghai MiXX Technology Co., Ltd. and Chen on infringement of trade secrets]
First instance: 上海市浦东新区人民法院(2024)沪0115民初38294号
【Basic Facts】
Shanghai MiXX Technology Co., Ltd. is the operator of a certain game and has obtained the permission of the copyright owner of the game to use and protect the rights. Since its launch, the game has aroused enthusiastic response in the global game market. During its operation, Shanghai MiXX Technology Co., Ltd. updates the version every once in a while, adding new characters, scenes, plots, activities and other content to maintain game attention and the vitality of the product. These contents will undergo internal testing in advance. To this end, Shanghai MiXX Technology Co., Ltd. and its affiliated companies recruited a number of players including Chen to participate in the internal testing and signed a confidentiality agreement. During Chen’s participation in the internal test, he secretly photographed and recorded the actual images (i.e. the images of the game characters that can be controlled by players), skill effects, skill data and other test content and pictures of the seven game characters involved in the game “Zhi XX” without permission, and disclosed them to third parties many times. After discovering this, Shanghai MiXX Technology Co., Ltd. filed an application for pre-trial behavior preservation (injunction) with the People’s Court on the grounds that the relevant information was a trade secret and further disclosure would cause irreparable damage to it, and filed a lawsuit within the statutory period, requesting an order to stop infringement, eliminate the impact and compensate for losses. Chen argued that the above-mentioned game content did not constitute a trade secret.
[Judgment Result]
The Shanghai Pudong New Area People’s Court reviewed the application for pre-litigation behavior preservation and held that the request of Shanghai MiXX Technology Co., Ltd. had factual basis and legal basis, and that failure to take corresponding preservation measures might cause irreparable damage to the legitimate rights and interests of Shanghai MiXX Technology Co., Ltd., and that taking behavior preservation measures would not lead to a significant imbalance of interests between the parties. Therefore, within 48 hours after receiving the application, the People’s Court of Pudong New Area of Shanghai made a ruling in accordance with the law, ordering Chen not to disclose, use, or allow others to use the game content that he had recorded without authorization during the game test.
The Pudong New District People’s Court of Shanghai held at first instance that the continuous dynamic game screens composed of elements such as the actual image of the characters, the effects of the characters’ skills, and the skill data of the seven game characters involved in the game met the business information characteristics and business secret constituent elements stipulated in the Anti-Unfair Competition Law, and were business secrets protected by the law. Chen violated the confidentiality obligation and secretly filmed and disseminated these business secrets, and should bear the corresponding legal responsibility. The essence of business secret protection is the competitive advantage that business secrets bring to operators. Even if the game characters have been made public due to version updates, Chen is still not allowed to disclose the test game screens that he may have. Therefore, Chen was ordered to stop the infringement, eliminate the impact, and compensate for economic losses and reasonable expenses totaling 500,000 RMB. After the first-instance judgment, neither party appealed.
【Typical significance】
This case involves the criteria for determining and adjudicating trade secrets based on undisclosed character designs and other information in the game, which is of positive significance for promoting the healthy development of the gaming industry. The pre-litigation behavior preservation ruling, combined with the characteristics of the online gaming industry, provides timely legal relief to the applicant. The judgment targets the situation of game character leakage, not only protecting the content of the game character itself, but also protecting the business model that increases attention through game version updates, as well as the competitive advantage brought by this business model, thus providing strong regulation on the behavior of early “spoilers”.
Case 4. “AI face-swapping” copyright infringement case
[Dispute between Chen XX and Shanghai Yi XX Network Technology Co., Ltd. over infringement of the right to disseminate information on the Internet]
First instance: 上海市嘉定区人民法院(2024)沪0114民初1326号
【Basic Facts】
Chen XX used the real-name authentication account “Photographer XX” on the Douyin (TikTok) platform to post 13 short videos of women wearing ancient costumes, each about 10 seconds long. Shanghai YiXX Network Technology Co., Ltd. developed the Douyin mini program “XXyan”, which uses AI video synthesis algorithms to provide users with face-swapping technology. The 13 short videos displayed on “XXyan” and the 13 short videos posted by Chen only differ in the facial features of the characters, while the video scenes, lenses, character modeling, and movements are basically the same. “XXyan” users can replace the faces in the videos displayed on the mini program with their own faces and save them by watching advertisements or purchasing memberships. Chen filed a lawsuit, requesting that Shanghai YiXX Network Technology Co., Ltd. be ordered to stop the infringement, apologize, and compensate for the loss of 48,000 RMB and reasonable expenses of 2,000 RMB.
[Judgment Result]
The Jiading District People’s Court of Shanghai held at first instance that the original video shot by Chen XX reflected original selection and arrangement in terms of content arrangement, scene selection, shooting angle, etc., and was an audiovisual work protected by copyright law. The video involved in the case displayed by the “XXyan” mini program was synthesized by partially replacing the original video through AI algorithms, and the two are substantially similar. Shanghai YiXX Network Technology Co., Ltd. used “AI face-swapping” as a selling point, provided platforms, materials and technologies, and enabled users to use the original video in a “face-swapping” manner at any selected time and place to seek commercial interests, infringing on Chen’s right to disseminate information on the Internet. This behavior is neither an original adaptation nor a fair use, nor does it apply to the technical neutrality defense. Shanghai YiXX Network Technology Co., Ltd. actively cooperated in the litigation to delete videos, perform algorithm filing procedures and other rectification behaviors, and accepted judicial suggestions on the use of algorithm technology to provide network services, and made a commitment to standardize operations. Chen XX expressed understanding and withdrew his request to stop infringement and apologize. Based on this, Shanghai YiXX Network Technology Co., Ltd. was ordered to compensate Chen XXfor economic losses and reasonable expenses totaling 7,500 RMB. After the first-instance judgment, neither party appealed.
【Typical significance】
This case is a typical dispute in the application scenario of generative synthesis algorithms, involving the nature of the use of artificial intelligence technology to partially synthesize other people’s works. The judgment in this case clarified that “AI face-swapping” does not constitute an original adaptation and fair use of the original work; those who use artificial intelligence technology to provide network services have a reasonable duty of care and may not use algorithmic technology to infringe on the copyright of others. This case balances technological innovation and rights protection, and clarifies the legal boundaries of the application of artificial intelligence technology. The people’s courts focus on the innovative application of emerging technologies and the needs of algorithm governance, urging companies to strengthen the legality review of material sources and generated content and algorithm security assessments, strengthen the protection of intellectual property rights and personal rights, and guide companies to standardize digital transformation.
Case 5. Game “skin-changing” infringement case
[Copyright infringement and unfair competition dispute between Chengdu LeXX Technology Co., Ltd., Shanghai LiXX Network Technology Co., Ltd. and Shenzhen JiuXX Interactive Technology Co., Ltd. and Hainan FanXX Technology Co., Ltd.]
Second instance: 广东省高级人民法院(2023)粤民终4326号
【Basic Facts】
“Awakening XX” is a war strategy simulation game (SLG), developed and operated by Chengdu LeXX Technology Co., Ltd. and Shanghai LiXX Network Technology Co., Ltd. “XX Official” is a WeChat platform mini-program game, developed and operated by Shenzhen JiuXX Interactive Technology Co., Ltd. and Hainan FanXX Technology Co., Ltd. From December 2020 to March 2022, the revenue of the game “XX Official” was approximately 18.9 million RMB, and after deducting the corresponding channel fees, it was approximately 12.5 million RMB. Chengdu LeXX Technology Co., Ltd. and Shanghai LiXX Network Technology Co., Ltd. filed a lawsuit, believing that the “skin-changing” behavior of the game “XX Official” constituted copyright infringement and unfair competition, and requested an order to stop the infringement, publish a statement to eliminate the impact, compensate for economic losses of 10 million RMB and reasonable rights protection costs of 500,000 RMB. After comparison, the overall structure and gameplay system of the two games are basically the same, and the parameter types, specific values, and interactive relationships of the game elements all have one-to-one correspondence, and even a large number of text expressions are completely consistent. The only difference is the art and audio-visual materials. The court of first instance determined that the alleged acts constituted copyright infringement and ordered Shenzhen JiuXX Interactive Technology Co., Ltd. and Hainan FanXX Technology Co., Ltd. to immediately stop developing, operating and promoting the “XXX” game, publish a statement to eliminate the impact, and compensate for economic losses of 10 million RMB and reasonable rights protection costs of 500,000 RMB. Shenzhen JiuXX Interactive Technology Co., Ltd. and Hainan FanXXTechnology Co., Ltd. appealed.
[Judgment Result]
The Guangdong Provincial High People’s Court held in the second instance that copyright law protects the original expression of game play rules. The game structure, system, numerical planning and corresponding relationship requested for protection in this case belong to the game play mechanism design, reflecting all the ideas of the game developers for the virtual game world from details to the whole, and are not expressions in the sense of copyright law. Game play rules do not constitute “other intellectual achievements that meet the characteristics of works”, so the accused behavior does not constitute copyright infringement. However, the accused behavior violates the principle of good faith and business ethics, and exceeds reasonable limits to imitate and copy the overall classification framework of game play design to the details of numerical settings. It only simply replaces the art resources, diverts and seizes the market share of related games through this “skin-changing” method, disrupts the market competition order, and seriously damages the core competitive interests of Chengdu LeXX Technology Co., Ltd. and Shanghai LiXX Network Technology Co., Ltd., constituting unfair competition. The first-instance judgment found that the facts were clear, and although the application of the law was improper, the judgment was correct. The second-instance judgment dismissed the appeal and upheld the original judgment.
【Typical significance】
This case clearly states that game play rules do not belong to expressions in the sense of copyright law and should not be considered as “other intellectual achievements that meet the characteristics of works.” The judgment clarifies the legal boundaries, analytical framework, and adjudication rules for copyright law and anti-unfair competition law to protect game play, which will help promote innovation, creation, and healthy competition in the digital entertainment industry.
Case 6. Unfair competition case of online evaluation with “some criticizing and some praising”
[Unfair competition dispute between Wuxi ShiXX Clothing Co., Ltd., Wuxi JiuXX Trading Co., Ltd. and Suzhou BuXX E-commerce Co., Ltd., Suzhou XiXX E-commerce Co., Ltd., Suzhou XiXX Network Technology Co., Ltd., and Suzhou KuXX Network Technology Co., Ltd.]
Second instance: 江苏省苏州市中级人民法院(2023)苏05民终5492号
[Omitted as it relates to false advertising and not IP]
Case 7. Unfair competition case involving ticket grabbing software
[Dispute over unfair competition on the Internet between Beijing DaXX Culture Media Development Co., Ltd. and Zheng XXzhong]
First instance: 北京市东城区人民法院(2024)京0101民初4607号
【Basic Facts】
Beijing DaXX Culture Media Development Co., Ltd. is a large domestic comprehensive ticketing platform enterprise, operating DaXX.com and DaXX APP with ticketing functions. Zheng XXzhong sells ticket grabbing software for Damou APP through online stores. Beijing Damou Culture Media Development Co., Ltd. filed a lawsuit, claiming that Zheng XXzhong specially developed and sold plug-in software for its ticketing APP to grab tickets on sale on the APP, which constituted unfair competition, and requested that Zheng XXzhong be ordered to stop the infringement and compensate for economic losses and reasonable expenses. Zheng XXzhong argued that he did not have a competitive relationship with Beijing DaXX Culture Media Development Co., Ltd., and he was only the seller of the ticket grabbing software involved in the case, not the developer. His behavior of selling ticket grabbing software did not cause a reduction in the ticketing revenue of Beijing DaXX Culture Media Development Co., Ltd., nor would it affect the public ticket purchasing order, and did not constitute unfair competition.
[Judgment Result]
The Beijing Dongcheng District People’s Court held at first instance that Zheng XXzhong provided ticket grabbing services to users of Beijing DaXX Culture and Media Development Co., Ltd., and used the business activities and user base of Beijing DaXX Culture and Media Development Co., Ltd. as the basic resources for its own business. Therefore, the alleged behavior was a market competition behavior and fell within the scope of regulation of the Anti-Unfair Competition Law. The essence of the alleged behavior was that software replaced manual methods to help users grab tickets for performances on the DaXX platform. This behavior not only directly increased the operating costs of the platform and interfered with the operator’s correct business decisions, but also increased the difficulty for users to use the DaXX platform to buy tickets, and reduced users’ evaluation of the services provided by the DaXX platform. Although the alleged behavior did not directly reduce the ticket sales revenue of a single performance on the DaXX platform, it caused damage to the operating interests and goodwill of the DaXX platform and damaged the competitive interests of Beijing DaXX Culture and Media Development Co., Ltd. At the same time, the alleged behavior did not belong to fair competition in technological innovation, and also damaged the legitimate rights and interests and long-term interests of consumers, which was not conducive to the fair and orderly market competition order and the improvement of overall social welfare. In summary, the alleged behavior constituted unfair competition. Since the alleged behavior has been stopped, no separate judgment is made to stop the infringement, and Zheng XXzhong is ordered to compensate Beijing DaXX Culture Media Development Co., Ltd. for economic losses and reasonable expenses totaling 20,000 RMB. After the first-instance judgment, neither party appealed.
【Typical significance】
This case clearly points out that the ticket grabbing software involved in the case uses technical means to provide users with unfair advantages in ticket grabbing, undermines the platform’s ticket purchasing rules, interferes with and hinders the normal operation of the platform’s ticket sales business, and damages the competitive interests of specific operators. On this basis, the consumer’s fair ticket purchasing rights and the normal order of the ticket market are taken into consideration, and it is determined that the alleged behavior constitutes unfair competition. This case warns ticket grabbing service practitioners and technology developers to abide by legal rules, which has positive significance for combating online black and gray industries, safeguarding the legitimate rights and interests of operators and consumers, and building a fair and orderly ticket purchasing order and market competition environment.
Case 8. Criminal and civil lawsuit involving copyright infringement of popular film and television works
First instance: 浙江省东阳市人民法院(2024)浙0783刑初585号
【Basic Facts】
Since May 2020, the defendant Lu XXqian has built multiple illegal film and television websites by purchasing domain names, renting servers, purchasing system programs and film and television website templates. During this period, the defendants Ji XXshi and Fang XX knew that the defendant Lu XXqian was operating an illegal film and television website and still sold him the film and television navigation Content Management System program and multiple film and television website templates, and provided program technical maintenance services, charging more than 6,990 RMB. Without the permission of the copyright owner Beijing Guang XX Film Co., Ltd. and other rights holders, Lu XXqian added more than 120,000 film and television works such as “YOLO” and “Pegasus 2” on the website by adding video links, etc., for visitors to watch online, and cooperated with illegal advertisers to place advertisements on the website. From April 30, 2022 to February 15, 2024, the defendant Lu XXqian collected more than 1.48 million RMB in advertising fees. The People’s Procuratorate of Dongyang City, Zhejiang Province accused the defendants Lu XXqian, Fang XX, and Ji XXshi of copyright infringement and filed criminal charges. During the criminal proceedings, five companies including Beijing GuangXX Film Co., Ltd. filed a supplementary civil lawsuit, requesting that Lu XXqian be ordered to bear corresponding civil liability.
[Judgment Result]
The Dongyang People’s Court of Zhejiang Province held at first instance that the defendant Lu XXqian, for the purpose of profit, disseminated other people’s audiovisual works to the public through the information network without the permission of the copyright owner, and the illegal income was huge; the defendants Fang XX and Ji XXshi knew that others infringed the copyright and still provided assistance, and their actions also constituted the crime of copyright infringement. In response to the incidental civil lawsuits filed by the plaintiffs of the incidental civil lawsuits, the defendant Lu XXqian was determined to compensate the plaintiffs of the incidental civil lawsuits for economic losses by taking into account the nature, time, and profit of the defendant’s infringement. The defendant Lu XXqian was sentenced to four years in prison and a fine of 1.5 million RMB; the defendant Fang XX was sentenced to one year in prison, suspended for one year and six months, and fined 16,000 RMB; the defendant Ji XXshi was sentenced to ten months in prison, suspended for one year and four months, and fined 10,000 RMB; the defendant Lu XXqian compensated the plaintiffs of the incidental civil lawsuits for economic losses totaling 880,000 RMB; the illegal income was returned and seized crime tools were confiscated. After the verdict, none of the defendants or plaintiffs in the ancillary civil lawsuit filed an appeal, and the procuratorate did not file a protest.
【Typical significance】
This case is an example of severely punishing the illegal and criminal acts of broadcasting key protected cinema films during the Spring Festival. Pirated broadcasts of popular TV series and movies, the establishment of illegal and irregular film and television websites, and the dissemination of related film and television works to the public through information networks involve infringement of the copyright of film and television works. The trial of this case fully reflects the advantages of the “three-in-one” trial mechanism of civil, criminal, and administrative intellectual property rights, which not only solves the problems of conviction and sentencing of the defendants, but also solves the problem of civil compensation for the victims, and provides timely and comprehensive protection for intellectual property rights holders, achieving the organic unity of combating crime and efficiently safeguarding rights.
Litigating Trade Secret Cases: A Strategic Guide for In-House Counsel
When faced with trade secret misappropriation, swift and strategic action is crucial.
For in-house counsel, understanding the litigation process and available remedies can mean the difference between protecting valuable intellectual property and watching it lose its protected status.
This guide focuses on key litigation strategies and the critical role of injunctive relief in trade secret cases.
The Race to the Courthouse
Trade secret cases often begin with a race to secure immediate court intervention.
Unlike other intellectual property disputes that might benefit from lengthy pre-litigation investigation, trade secret cases frequently require immediate action to prevent irreparable harm. The first 48 to 72 hours after discovering potential misappropriation are critical.
Immediate Action Items
Before or contemporaneous with filing suit, in-house counsel should immediately:
Implement a litigation hold and preserve all relevant evidence
Engage digital forensics experts (internal or external) to document unauthorized access or downloads
Review all relevant agreements (NDAs, employment contracts, etc.)
Document the specific trade secrets at issue and their value
Gather evidence of protection measures in place
Consider whether to engage criminal authorities
Identify key witnesses to provide affidavits supporting injunction filings
Draft preservation letters to all potential parties and witnesses
Remember, courts will scrutinize your company’s response time. Delays in seeking protection can undermine claims of irreparable harm and make obtaining injunctive relief more difficult.
Choosing Your Forum
Trade secret cases generally can be filed in either federal or state court, as the federal Defend Trade Secrets Act (DTSA) does not preempt state law claims. This choice requires careful strategic consideration.
Federal courts may offer advantages in cases involving interstate commerce or international parties, while state courts might provide faster injunctive relief or more favorable precedent.
For cases in North Carolina, the North Carolina Business Court has developed substantial trade secret jurisprudence and can be an attractive venue. It provides some of the features of a federal court, such as a single judge assigned to hear all aspects of the case, expedited discovery, dispute resolution, formal briefing for most substantive motions, along with an overall case management order.
Trade secret cases in state court with amounts in controversy over $5 million must be designated to the Business Court, while those under $5 million may be designated there by either party.
Securing Injunctive Relief
Temporary restraining orders (TROs) and preliminary injunctions are crucial tools in trade secret litigation. However, obtaining them requires careful preparation and specific evidence. Courts typically won’t grant injunctive relief based on mere suspicion or generalized allegations of misappropriation.
Elements of a Strong Injunction Motion
Your motion should clearly establish:
The specific trade secrets at issue
How the trade secret derives value from being secret
The reasonable measures taken to maintain secrecy
Clear evidence of misappropriation
Threat of immediate and irreparable harm
Why monetary damages are inadequate
Balance of hardships favoring an injunction
Public interest considerations
Most importantly, be specific about what relief you’re seeking.
Courts are increasingly rejecting vague injunction requests that simply reference “confidential information” or “trade secrets” without more detail.
Crafting Effective Injunctive Relief
Consider requesting specific provisions such as:
Orders to isolate and sequester devices containing trade secret information
Prohibition on accessing or deleting potentially misappropriated information
Required submission of devices for forensic examination
Certification of compliance with injunctions by counsel
Restrictions on specific work activities by former employees that could lead to disclosure
Prohibition on product distribution incorporating trade secrets
Requirements for return or destruction of trade secret information
Remember that courts generally do not prohibit a former employee from working for a competitor solely based on a non-disclosure agreement.
Instead, focus on preventing the use of specific trade secrets while allowing the employee to use their general skills and knowledge.
Discovery Strategies
Trade secret litigation demands a sophisticated approach to discovery, particularly given the complex electronic evidence often involved. A critical threshold issue is the pre-discovery identification of trade secrets.
Many courts require plaintiffs to identify their trade secrets with particularity before obtaining discovery of defendants’ confidential information. This requirement serves to balance the protection of legitimate trade secrets against the risk of plaintiffs using discovery as a fishing expedition to learn competitors’ secrets.
The identification process requires careful consideration of competing interests. You must be specific enough to support your claims and meet court requirements while avoiding public disclosures that could jeopardize trade secret status. Working with outside counsel to obtain entry of an appropriate protective order that allows you to file sensitive information under seal often provides the best solution to this challenge.
The time-sensitive nature of trade secret cases frequently necessitates expedited discovery, particularly in conjunction with temporary restraining orders or preliminary injunction proceedings.
To secure expedited discovery, you must demonstrate why standard discovery timelines would prove inadequate, specifically identify crucial early-stage discovery needs, and explain how the requested discovery relates to preventing irreparable harm. Courts will weigh these factors against the burden expedited discovery would impose on defendants.
When electronic evidence plays a central role, as it often does in trade secret cases, establishing a proper forensic examination protocol becomes essential.
An effective protocol should address the selection and compensation of neutral forensic experts, define the scope of examination, establish procedures for handling privileged and confidential information, and set clear timelines and reporting requirements.
The protocol should anticipate potential disputes and provide mechanisms for their resolution.
Criminal Implications and Parallel Proceedings
The criminal implications of trade secret misappropriation add another layer of complexity to civil litigation strategy.
While potential criminal liability under federal and state law can provide significant leverage, it requires thoughtful handling to avoid ethical pitfalls. Timing of criminal referrals can impact civil discovery and may lead to stays of civil proceedings. Individual defendants may invoke Fifth Amendment protections, complicating both discovery and settlement discussions.
In-house counsel must work closely with outside counsel to navigate these parallel proceedings effectively.
Protective Orders in Trade Secret Cases
Trade secret litigation requires particularly robust protective orders that go beyond standard confidentiality provisions.
Effective orders typically establish multiple tiers of confidentiality, including “attorney’s eyes only” designations for the most sensitive information. They should carefully define access restrictions for individual defendants and establish concrete requirements for information storage and transmission.
The order should anticipate the entire lifecycle of confidential information, from initial disclosure through post-litigation destruction or return.
The Role of Expert Witnesses
Expert testimony plays a pivotal role in trade secret litigation, with three types of experts proving particularly valuable.
Digital forensics experts provide analysis of electronic evidence and documentation of misappropriation patterns. Their work often proves decisive in preliminary injunction proceedings and shapes the overall trajectory of the case.
Damages experts help quantify losses and establish both trade secret value and the improper benefit gained by a defendant.
Industry experts provide essential context about technical aspects, the value of information, and help courts value and distinguish between protected trade secrets and general industry knowledge.
The timing of expert engagement can significantly impact case outcomes. Early involvement of experts, particularly forensic specialists, often proves crucial in preliminary injunction proceedings and shapes the development of the overall case strategy.
These experts can help identify key evidence, develop preservation protocols, and guide discovery requests.
Looking Ahead
The complexity of trade secret litigation demands a balanced approach that combines urgency with strategic planning. While immediate action remains critical, hasty or poorly planned litigation can prove counterproductive.
Success requires gathering key evidence and developing a coherent strategy while moving quickly enough to prevent irreparable harm and preserve available remedies.
The New Alien Registration Requirement: Considerations for Foreign Nationals
The Department of Homeland Security (DHS)’s Alien Registration Requirement, effective April 11, 2025, requires most noncitizens aged 14 and older who remain in the United States for over 30 days, to register and complete biometrics. Parents or guardians are responsible for registering minors under 14, and individuals turning 14 must re-register within 30 days of their birthday. The registration can be completed by filing Form G-325R through an individual USCIS online account. This registration does not grant any immigrant or nonimmigrant status. Once an individual has registered and completes fingerprinting, DHS will issue the proof of registration, which anyone over the age of 18 will be required to carry and keep in their personal possession at all times.
However, many individuals are already considered registered and not required to register, including:
lawful permanent residents;
individuals paroled into the United States under INA 212(d)(5) for urgent humanitarian reasons or significant public benefits, even if the period of parole has expired;
individuals admitted to the United States as nonimmigrants who were issued Form I-94 or I-94W (paper or electronic), even if the period of admission has expired;
all individuals present in the United States who were issued immigrant or nonimmigrant visas in their passports at the U.S. consular posts abroad before their last date of arrival;
individuals placed into removal proceedings;
individuals issued an employment authorization document;
individuals who have applied for lawful permanent residence using Forms I-485, I-687, I-691, I-698, I-700, and provided fingerprints (unless waived), even if the applications were denied; and
individuals issued border crossing cards.
For additional information about the Alien Registration Requirement, please refer to the Q&A section below. According to USCIS:
Q: What is “alien registration”?
A: Alien registration is a federal legal requirement under Section 262 of the Immigration and Nationality Act (INA). It requires most noncitizens who remain in the United States for more than 30 days to register with DHS, provide biometric information (like fingerprints), and carry evidence of registration at all times if age 18 or older.
Q: Why is this being enforced now?
A: On Jan. 20, 2025, President Trump issued Executive Order 14159, directing DHS to ensure that noncitizens comply with the registration requirement and to treat failure to register as a civil and criminal enforcement priority. As of April 11, 2025, DHS began enforcing this process and introduced the online registration process.
Q: Who must register?
A: Anyone who falls into “not registered” category, if:
you are aged 14 or older and have not registered and fingerprinted when applying for a visa to enter the United States and remain in the United States for 30 days or longer;
you entered the United States without inspection or parole;
you were not fingerprinted during your visa application or entry;
you are the parent or guardian of a child under 14 who has not been registered; or
you are a child who just turned 14 and were previously registered by a parent
Q: Who is considered “Not Registered”?
A:
Individuals present in the United States without inspection and admission OR inspection and parole and who have not otherwise registered.
Canadian visitors who entered the United States at land ports of entry and were not issued evidence of registration.
Individuals who were not fingerprinted during a visa application or entry.
Individuals who submitted applications for deferred action or TPS who were not issued evidence of registration.
Q: Who is exempt from registration?
A: You are exempt if you are:
a holder of an A or G visa (diplomatic or international representatives); or
a nonimmigrant who DHS waived from fingerprinting (e.g., diplomats, certain short-term visitors under reciprocal arrangements).
Q: How do I know if I’ve already registered?
A: Anyone who has been issued one of the documents designated as evidence of registration is considered “already registered,” including:
lawful permanent residents;
you filed a qualifying form such as:
Form I-485 (adjustment of status),
you were fingerprinted (biometrics) by USCIS; or
you were issued any of the following:
I-94/I-94W
Green card (I-551)
Employment authorization document (I-766)
Notice to appear (I-862) or other DHS-issued removal notices
Border crossing card (I-185/I-186)
Q: What does not count as registration?
A: The following documents are not considered evidence of registration:
a state driver’s license or ID;
an application for TPS, DACA, or asylum without an approved registration form or DHS fingerprinting; and
entering via land border as a Canadian or Mexican national without receiving DHS documentation.
Q: How do I register if I haven’t already?
A: To register properly, follow these steps:
Create a USCIS online account at https://my.uscis.gov, if not already created. If you are registering a minor child, create an account on their behalf.
Complete Form G-325R (Biographic Information – Registration) online through your USCIS account.
Biometrics Appointment: After submitting the form, you will receive a biometrics appointment notice.
Attend your biometrics appointment at an USCIS Application Support Center.
Download Proof of Registration: Once processed, download your proof of alien registration PDF from your USCIS account.
Note: If you are 18 or older, you must carry this registration at all times.
Q: Is there a fee to register?
A: Currently, there is no fee. The registration is free, including the biometric appointment. DHS is considering a $30 biometric services fee in the future.
Q. What happens if I don’t register?
A: Failure to comply with the register requirement or carry proof of registration may result in:
a misdemeanor charge;
fines up to $5,000;
imprisonment for up to 30 days; and
deportation proceedings under INA § 237 unless an individual can prove that a failure was reasonable, excusable, or was not willful.
Note: False statements during registration may also lead to criminal prosecution and deportation.
Q: What happens if I change my address?
A: You must report a change if address to USCIS within 10 days of moving. This can be completed through your USCIS account by completing Form AR-11 online.
Q: After registering, what else do I need to do?
A: You must:
carry your registration document at all times if you are 18 or older;
file AR-11 with USCIS within 10 days of any address change; and
re-register if you were registered as a child and just turned 14.
Q: Can I use the registration document for work or immigration benefits?
A: No. Alien registration is not an immigration status, does not create an immigration status, establish employment authorization, or provide any other rights, public benefits, or protection from removal.
State Privacy Enforcement Updates: CPPA Extracts Civil Penalties in Landmark Case; State Regulators Form Consortium for Privacy Enforcement Collaboration
Companies in all industries take note: regulators are scrutinizing how companies offer and manage privacy rights requests and looking into the nature of vendor processing in connection with application of those requests. This includes applying the proper verification standards and how cookies are managed. Last month, the California Privacy Protection Agency (“CPPA” or “Agency”) provided yet another example of this regulatory focus in a March 2025 Stipulated Final Order (“Order”) against a global vehicle manufacturer (referred to throughout this blog as “the Company”). We discuss this case in further detail, and provide practical takeaways from the case, further below.
On the heels of the CPPA’s landmark case against the Company, various state AGs and the CPPA announced a formal agreement to promote collaboration and information sharing in the bipartisan effort to safeguard the privacy rights of consumers. The announcement Attorney General Bonta of California can be found here. The consortium includes the CPPA and State Attorneys General from California, Colorado, Connecticut, Delaware, Indiana, New Jersey and Oregon. According to an announcement by the CPPA, the participating regulators established the consortium to share expertise and resources and coordinate in investigating potential violations of their respective privacy laws. With the establishment of a formal enforcement consortium, we can expect cross-jurisdictional collaboration on privacy enforcement by the participating states’ regulators. On the plus side, perhaps we will see the promotion of consistent interpretation of these seven states’ various laws that make up almost a third of the current patchwork of U.S. privacy legislation.
CPPA Case – Detailed Summary
In the case against the Company, the CPPA alleged that it violated the California Consumer Privacy Act (“CCPA”) by:
requiring Californians to verify themselves where verification is not required or permitted (the right to opt-out of sale/sharing and the right to limit) and provide excessive personal information to exercise privacy rights subject to verification (know, delete, correct);
using an online cookie management tool (often known as a CMP) that failed to offer Californians their privacy choices in a symmetrical or equal way and was confusing;
requiring Californians to verify that they gave their agents authority to make opt-out of sale/sharing and right to limit requests on their behalf; and
sharing consumers’ personal information with vendors, including ad tech companies, without having in place contracts that contain the necessary terms to protect privacy in connection with their role as either a service provider, contractor or third party.
This Order illustrates the potential fines and financial risks associated with non-compliance with the state privacy laws. Of the $632,500 administrative fine lodged against the company, the Agency clearly spelled out that $382,500 of the fine accounts for 153 violations – $2,500 per violation – that are alleged to have occurred with respect to the Company’s consumer privacy rights processing between July 1 and September 23, 2023. It is worth emphasizing that the Agency lodged the maximum administrative fine – “up to two thousand five hundred ($2,500)” – that is available to it for non-intentional violations for each of the incidents where consumer opt-out/limit rights were wrongly applying verification standards. It Is unclear to what the remaining $250,000 in fines were attributed, but they are presumably for the other violations alleged in the order, such as disclosing PI to third parties without having contracts with the necessary terms, confusing cookie and other consumer privacy requests methods and requiring excessive personal data to make a request. It is unclear the number of incidents that involved those infractions but based on likely web traffic and vendor data processing, the fines reflect only a fraction of the personal information processed in a manner alleged to be non-compliant.
The Agency and Office of the Attorney General of California (which enforces the CCPA alongside the Agency) have yet to seek truly jaw-dropping fines in amounts that have become common under the UK/EU General Data Protection Regulation (“GDPR”). However, this Order demonstrates California regulators’ willingness to demand more than remediation. It is also significant that the Agency requires the maximum administrative penalty on a per-consumer basis for the clearest violations that resulted in denial of specific consumers’ rights. This was a relatively modest number of consumers:
“119 Consumers who were required to provide more information than necessary to submit their Requests to Opt-out of Sale/Sharing and Requests to Limit;
20 Consumers who had their Requests to Opt-out of Sale/Sharing and Requests to Limit denied because the Company required the Consumer to Verify themselves before processing the request and;
14 Consumers who were required to confirm with the Company directly that they had given their Authorized Agents permission to submit the Request to Opt-out of Sale/Sharing and Request to Limit on their behalf.”
The fines would have likely been greater if applied to all Consumers who accessed the cookie CMP, or that made requests to know, delete or correct. Further, it is worth noting that many companies receive thousands of consumer requests per year (or even per month), and the statute of limitations for the Agency is five years; applying the per-consumer maximum fine could therefore result in astronomical fines for some companies.
Let us also not forget that regulators also have injunctive relief at their disposal. Although, the injunctive relief in this Order was effectively limited to fixing alleged deficiencies, it included “fencing in” requirements such as use of a UX designer to evaluate consumer request “methods – including identifying target user groups and performing testing activities, such as A/B testing, to access user behavior” – and reporting of consumer request metrics for five years. More drastic relief, such as disgorgement or prohibiting certain data or business practices, are also available. For instance, in a recent data broker case brought by the Agency, the business was barred from engaging in business as a data broker in California for three years.
We dive into each of the allegations in the present case further below and provide practical takeaways for in-house legal and privacy teams to consider.
Requiring consumers to provide more info than necessary to exercise verifiable requests and requiring verification of CCPA sale/share opt-out and sensitive PI limitation requests
The Order alleges two main issues with the Company’s rights request webform:
The Company’s webform required too many data points from consumers (e.g., first name, last name, address, city, state, zip code, email, phone number). The Agency contends that requiring all of this information necessitates that consumers provide more information than necessarily needed to exercise their verifiable rights considering that the Agency alleged that the Company “generally needs only two data points from the Consumer to identify the Consumer within its database.” The CPPA and its regulations allow a business to seek additional personal information if necessary to verify to the requisite degree of certainty required under the law (which varies depending on the nature of the request and the sensitivity of the data and potential harm of disclosure, deletion or change), or to reject the request and provide alternative rights responses that require lesser verification (e.g., treat a request of a copy of personal information as a right to know categories of person information). However, the regulations prohibit requiring more personal data than is necessary under the particular circumstances of a specific request. Proposed amendments the Section 7060 of the CCPA regulations also demonstrate the Agency’s concern about requiring more information than is necessary to verify the consumer.
The Company required consumers to verify their Requests to Opt-Out of Sale/Sharing and Requests to Limit, which the CCPA prohibits.
In addition to these two main issues, the Agency also alluded to (but did not directly state) that the consumer rights processes amounted to dark patterns. The CPPA cited the policy reasons behind differential requirements as to Opt-Out of Sale/Sharing and Right to Limit; i.e., so that consumers can exercise Opt-Out of Sale/Sharing and Right to Limit requests without undue burden, in particular because there is minimal or nonexistent potential harm to consumers if such requests are not verified.
In the Order, the CPPA goes on to require the Company to ensure that its personnel handling CCPA requests are trained on the CCPA’s requirements for rights requests, which is an express obligation under the law, and confirming to the Agency that it has provided such training within 90 days of the Order’s effective date.
Practical Takeaways
Configure consumer rights processes, such as rights request webforms, to only require a consumer to provide the minimum information needed to initiate and verify (if permitted) the specific type of request. This may be difficult for companies that have developed their own webforms, but most privacy tech vendors that offer webforms and other consumer rights-specific products allow for customizability. If customizability is not possible, companies may have to implement processes to collect minimum information to initiate the request and follow up to seek additional personal information if necessary to meet CCPA verification standards as may be applicable to the specific consumer and the nature of the request.
Do not require verification of do not sell/share and sensitive PI limitation requests (note, there are narrow fraud prevention exceptions here, though, that companies can and should consider in respect of processing Opt-Out of Sale/Sharing and Right to Limit requests).
Train personnel handling CCPA requests (including those responsible for configuring rights request “channels”) to properly intake and respond to them.
Include instructions on how to make the various types of requests that are clear and understandable, and that track the what the law permits and requires.
Requiring consumers to directly confirm with the Company that they had given permission to their authorized agent to submit opt-out of sale/sharing sensitive PI limitation requests
The CPPA’s Order also outlines that the Company allegedly required consumers to directly confirm with the Company that they gave permission to an authorized agent to submit Opt-Out of Sale/Sharing and Right to Limit requests on their behalf. The Agency took issue with this because under the CCPA, such direct confirmation with the consumer regarding authority of an agent is only permitted as to requests to delete, correct and know.
Practical Takeaways
When processing authorized agent requests to Opt-Out of Sale/Sharing or Right to Limit, avoid directly confirming with the consumer or verifying the identity of the authorized agent (the latter is also permitted in respect of requests to delete, correct and know). Keep in mind that what agents may request, and agent authorization and verification standards, differ from state-to-state.
Failure to provide “symmetry in choice” in its cookie management tool
The Order alleges that, for a consumer to turn off advertising cookies on the Company’s website (cookies which track consumer activity across different websites for cross-context behavioral advertising and therefore require an Opt-out of Sale/Sharing), consumers must complete two steps: (1) click the toggle button to the right of Advertising Cookies and (2) click the “Confirm My Choices” button.
The Order compares this opt-out process to that for opting back into advertising cookies following a prior opt-out. There, the Agency alleged that if consumers return to the cookie management tool (also known as a consent management platform or “CMP”) after turning “off” advertising cookies, an “Allow All” choice appears. This is likely a standard configuration of the CMP that can be modified to match the toggle and confirm approach used for opt-out. Thus, the CPPA alleged, consumers need only take one step to opt back into advertising cookies when two steps are needed to opt-out, in violation of and express requirement of the CCPA to have no more steps to opt-in than was required to opt-out.
The Agency took issue with this because the CCPA requires businesses to implement request methods that provide symmetry in choice, meaning the more privacy-protective option (e.g., opting-out) cannot be longer, more difficult or more time consuming than the less privacy protective option (e.g., opting-in).
The Agency also addressed the need for symmetrical choice in the context of “website banners,” also known as cookie banners, pointing to an example cited as insufficient symmetry in choice from the CCPA regulations – i.e., using “’Accept All’ and ‘More Information,’ or ‘Accept All’ and ‘Preferences’ – is not equal or symmetrical” because it suggests that the company is seeking and relying on consent (rather than opt-out) to cookies, and where consent is sought acceptance and acceptance must be equally as easy to choose. The CCPA further explained that “[a]n equal or symmetrical choice” in the context of a website banner seeking consent for cookies “could be between “Accept All” and “Decline All.”” Of course, under CCPA consent to even cookies that involve a Share/Sale is not required, but the Agency is making clear that where consent is sought there must be symmetry in acceptance and denial of consent.
The CPPA’s Order also details other methods by which the company should modify its CCPA requests procedures including:
separating the methods for submitting sale/share opt-out requests and sensitive PI limitation requests from verifiable consumer requests (e.g., requests to know, delete, and correct);
including the link to manage cookie preferences within the Company’s Privacy Policy, Privacy Center and website footer; and
applying global privacy control (“GPC”) preference signals for opt-outs to known consumers consistent with CCPA requirements.
Practical Takeaways
It is unclear whether the company configured the cookie management tool in this manner deliberately or if the choice of the “Allow All” button in the preference center was simply a matter of using a default configuration of the CMP, a common issue with CMPs that are built off of a (UK/EU) GDPR consent model. Companies should pay close attention to the configuration of their cookie management tools, including in both the cookie banner (or first layer), if used, and the preference center, and avoid using default settings and configurations provided by providers that are inconsistent with state privacy laws. Doing so will help mitigate the risk of choice asymmetry presented in this case, and the risks discussed in the following three bullets.
State privacy laws like the CCPA are not the only reason to pay close attention and engage in meticulous legal review of cookie banner and preference center language, and proper functionality and configuration of cookie management tools.
Given the onslaught of demands and lawsuits from plaintiffs’ firms under the California Invasion of Privacy Act and similar laws – based on cookies, pixels and other tracking technologies – many companies turn to cookie banner and preference center language to establish an argument for a consent defense and therefore mitigate litigation risk. In doing so it is important to bear in mind the symmetry of choice requirements of state consumer privacy laws. One approach is to make it clear that acceptance is of the site terms and privacy practices, which include use of tracking by the operator and third parties, subject to the ability to opt-out of some types of cookies. This can help establish consent to use of cookies by using the site after notice of cookie practices, while not suggesting that cookies are opt-in, and having lack of symmetry in choice.
In addition, improper wording and configuration of cookie tools – such as providing an indication of an opt-in approach (“Accept Cookies”) when cookies in fact already fired upon the user’s site visit, or that “Reject All” opts the user out of all, including functional and necessary cookies that remain “on” after rejection – present risks under state unfair and deceptive acts and practices (UDAAP) and unfair competition laws, and make the cookie banner notice defense to CIPA claims potentially vulnerable since the cookies fire before the notice is given.
Address CCPA requirements for GPC, linking to the business’s cookie preference center, and separating methods for exercising verifiable vs. non-verifiable requests. Where the business can tie a GPC signal to other consumer data (e.g., the account of a logged in user), it must also apply the opt-out to all linkable personal information.
Strive for clear and understandable language that explains what options are available and the limitations of those options, including cross-linking between the CMP for cookie opt-outs and the main privacy rights request intake for non-cookie privacy rights, and explain and link to both in the privacy policy or notice.
Make sure that the “Your Privacy Choices” or “Do Not Sell or Share My Personal Information” link gets the consumer to both methods. Also make sure the opt-out process is designed so that the required number of steps to make those opt-outs is not more than to opt-back in. For example, linking first to the CMP, which then links the consumer rights form or portal, rather than the other way around, is more likely to avoid the issue with additional steps just discussed.
Failure to produce contracts with advertising technology companies
The Agency’s Order goes on to allege that the Company did not produce contracts with advertising technology companies despite collecting and selling/sharing PI via cookies on its website to/with these third parties. The CPPA took issue with this because the CCPA requires a written contract meeting certain requirements to be in place between a business and PI recipients that are a CCPA service provider, contractor or third party in relation to the business. We have seen regulators request copies of contracts with all data recipients in other enforcement inquiries.
Practical Takeaways
Vendor and contract management are a growing priority of privacy regulators, in California and beyond, and should be a priority for all companies. Be prepared to show that you have properly categorized all personal data recipients and have implemented and maintain processes to ensure proper contracting practices with vendors, partners and other data recipients, which should include a diligence and assessment process to ensure that the proper contractual language is in place with the data recipient based on the recipient’s data processing role. To state it another way, it may not be proper as to certain vendors to simply put in place a data processing agreement or addendum with service provider/processor language. For instance, vendors that process for cross-context behavioral advertising cannot qualify as a service provider/contractor. In order to correctly categorize cookie and other vendors as subject to opt-out or not, this determination is necessary.
Attention to contracting is important under the CCPA in particular because different language is required depending on whether the data recipient constitutes a “third party,” “service provider” or a “contractor,” the CCPA requires different contracting terms be included in the agreements with each of those three types of personal information recipients. Further, in California, the failure to have all of the required service provider/contractor contract terms will convert the recipient to a third party and the disclosure into a sale.
Conclusion
This case demonstrates the need for businesses to review their privacy policies and notices, and audit their privacy rights methods and procedures to ensure that they are in compliance with applicable state privacy laws, which have some material differences from state-to-state. We are aware of enforcement actions in progress not only in California, but other states including Oregon, Texas and Connecticut, and these states are looking for clarity as to what specific rights their residents have and how to exercise them. Further, it can be expected that regulators will start, potentially in multi-state actions that have become common in other consumer protection matters, looking beyond obvious notice and rights request program errors to data knowledge and management, risk assessment, minimization and purpose and retention limitation obligations. Compliance with those requirements requires going beyond “check the box” compliance as to public facing privacy program elements and to the need to have a mature, comprehensive and meaningful information governance program.
CPPA to Hold Board Meeting on Proposed CCPA Regulations
The California Privacy Protection Agency (“CPPA”) Board will hold a Board meeting on May 1, 2025, at 9:00 am PT. The public is invited to attend the meeting in person or virtually. The agenda for the meeting includes a legislative update on the CPPA’s positions on pending legislation and a discussion on the adoption of proposed CCPA regulations addressing automated decisionmaking, risk assessments, insurance and cybersecurity audits. The meeting also will cover proposed revisions to existing CCPA regulations.
EEOC Submits Request to Eliminate Optional Disclosure of Non-Binary Data for EEO-1 Reporting
On April 15, 2025, in response to Executive Order 14168, Defending Women From Gender Ideology Extremism and Restoring Biological Truth to the Federal Government, the EEOC filed an Information Collection Request (ICR) with OMB requesting what it classified as a non-substantive change to remove the option for employers to voluntarily report non-binary data for those in their workforce.
In past years, the EEO-1 reporting instructions allowed respondents to provide non-binary data in a narrative form in the comment box of the report. EEOC believes this voluntary option must be removed to comply with Executive Order 14168.
The data collection for 2024 has not yet opened but this may be an indication the Agency is preparing to do so at some point in the near future. Additionally, the ICR is not seeking any changes beyond the current data collection approval period which runs through 2026.
RUSSIA DISCOVERS THE TCPA?: Russian Appellate Court Allows Consumer to Sue Bank for $61.00 Over Unwanted Calls
While the idea of suing over unwanted phone calls is nothing new for litigious Americans its quite novel elsewhere in the world–and a man in Russia might be the first to have invented the claim across the pond.
Apparently a Russian appellate court has recognized a constitutional right to privacy that can be invaded when a bank sends unwanted marketing messages after being asked to stop.
In the case a Russian guy asked the bank to stop calling but it ignored him. He sued for “moral damage” of 5,000 rubles– about $61.00. The lower court through out the case but the appellate court found the claim to have merit and ordered a trial on the issue of the calls.
Here in America, of course, consumers can–and often do– sue for unwanted phone calls under the Telephone Consumer Protection Act (TCPA). And unlike the limited damages recognized in Russia, the TCPA allows consumers to collect $500-$1,500.00 per unwanted call or text.
But there are limits in America as there are in Russia.
As one Russian authority stated in response to the ruling:
“Unfortunately, people themselves often forget that they gave consent to the processing of their data and to receive advertising information. In such cases, advertising is distributed legally. And consent has no statute of limitations if the contract did not specify its term, even if you signed it 20 years ago.”
True in Russia as it is in America.
Many websites collect consent for advertising and contact and then sell those consents far and wide as permitted in the fine print. As a result many companies will buy these “leads” and make totally legal phone calls that the consumer had forgotten–or perhaps never really understood– they requested.
While this is fascinating we will have to wait and see whether the idea of suing over unwanted calls catches on anywhere else.
Source : https://m.realnoevremya.com/articles/8741-russians-allowed-to-punish-banks-for-spam?_url=%2Farticles%2F8741-russians-allowed-to-punish-banks-for-spam#from_desktop