UK Data (Use and Access) Act 2025 Receives Royal Assent and ICO Publishes Guidance
On June 19, 2025, the UK Data (Use and Access) Act 2025 (the “DUAA”) received Royal Assent. The same day, the UK Information Commissioner’s Office (the “ICO”) published a comprehensive suite of resources on the DUAA. The resources include, among other things, a factual summary of the DUAA and an outline of the ICO’s plans to roll out new or updated guidance as the DUAA’s provisions gradually come into effect. The implementation of these provisions will be staggered, with some likely taking up to 12 months.
In line with the amendments introduced by the DUAA, the UK government also announced a recruiting campaign for seven non-executive members to the board of the new Information Commission which will be established by the DUAA. This new body will succeed the ICO as the UK’s data protection regulator.
For further information on the provisions introduced by the DUAA, read our previous article.
Senate Passes GENIUS Act: Landmark Federal Stablecoin Bill Advances to House
The US Senate has passed the Guiding and Establishing National Innovation for U.S. Stablecoins Act (GENIUS Act) by a vote of 68-30, a significant development for cryptocurrency regulation in the United States. This passage follows the recent advancement of the Digital Asset Market Clarity (CLARITY) Act, a crypto market structure bill, through the House Financial Services and Agriculture committees and toward a full House vote, demonstrating growing bipartisan momentum for comprehensive crypto regulation.[1] The GENIUS Act represents the first comprehensive federal framework governing stablecoins, setting the stage for what could become the most significant digital asset regulatory development in years. The bill now advances to the House of Representatives, with President Trump expressing intent to sign stablecoin legislation before Congress’s August recess.
Key Provisions
The GENIUS Act would create three distinct categories of permitted issuers: subsidiaries of insured depository institutions, federal qualified payment stablecoin issuers regulated by the Office of the Comptroller of the Currency, and state qualified payment stablecoin issuers supervised by certified state regulators.
The proposed regulatory framework centers on a stringent reserve requirement that would mandate permitted issuers maintain identifiable reserves backing outstanding stablecoins on at least a 1:1 basis. These reserves would need to comprise highly liquid, low-risk assets, including US coins and currency, demand deposits at insured institutions, Treasury securities with 93 days or less maturity, and approved repurchase agreements. The GENIUS Act would explicitly prohibit rehypothecation of these reserves.
The Act would impose comprehensive operational requirements, including monthly reserve composition disclosures, public redemption policies with transparent fee structures, and robust anti-money laundering compliance programs. Large issuers with over $50 billion in outstanding tokens would be required to publish audited financial statements prepared in accordance with generally accepted accounting principles. All permitted issuers would face ongoing examination and supervision by their primary federal regulator, which would be granted enforcement authority, including civil monetary penalties and registration suspension powers.
The legislation would also prohibit stablecoin issuers from paying any form of interest or yield to holders solely in connection with holding stablecoins, effectively barring yield-bearing stablecoins. Additionally, the Act directs Treasury to study “non-payment stablecoins,” including algorithmic stablecoins that rely solely on other digital assets created by the same originator to maintain their fixed price, suggesting these types of stablecoins fall outside the current regulatory framework.
Importantly, the legislation would explicitly exclude payment stablecoins issued by permitted entities from the definition of “security” under federal securities laws, providing critical regulatory clarity that has been a major source of uncertainty in the digital asset space.[2] The legislation would also establish a three-year transition period after which digital asset service providers may only offer stablecoins issued by permitted entities.
Next Steps and Industry Impact
The GENIUS Act must now pass the House of Representatives before reaching President Trump’s desk. Trump has indicated he wants to sign stablecoin legislation before Congress’s August recess, creating potential momentum for House consideration. If enacted, the legislation would take effect 18 months after passage or 120 days after federal regulators issue implementing regulations, whichever comes first.
For the stablecoin sector, the GENIUS Act would provide the regulatory clarity that has long been sought by financial institutions looking to issue or use stablecoins.[3] The framework could accelerate stablecoin adoption by traditional financial institutions while potentially creating competitive advantages for compliant US-based stablecoin issuers over offshore competitors. The legislation’s reserve requirements and operational standards could help establish consumer confidence in stablecoins as a legitimate financial instrument. This may drive growth in the $240 billion market as major corporations explore stablecoin applications.
[1]See Katten’s Quick Reads post discussing the introduction of the Clarity Act here.
[2]See Katten’s Quick Reads post on recent guidance issued by the Division of Corporation Finance of the Securities and Exchange Commission, which clarified that covered stablecoins are not securities.
[3]See Katten’s client advisory on recent guidance from banking regulators easing restrictions against banks and insured depository institutions from participating in “crypto-related activities,” including maintaining stablecoin reserves and issuing cryptocurrencies such as stablecoins.
BREAKING: THEY DID IT!!: SCOTUS Guts the Hobbs Act! District Courts Free to Disregard FCC TCPA Rulings in Civil Enforcement Actions
Supreme Court just handed down the widely-watched decision in McLaughlin Chriopractric v. McKesson.
Held: The Hobbs Act does not bind district courts in civil enforcement proceedings to an agency’s interpretation of a statute. District courts must independently determine the law’s meaning under ordinary principles of statutory interpretation while affording appropriate respect to the agency’s interpretation.
6-3 vote along ideological grounds.
Essence of the holding is that the Hobbs Act does not actually say district courts cannot review TCPA actions taken by the FCC. Other statutes do. For instance the Clean Air Act states agency actions “shall not be subject to judicial review in any civil or criminal proceeding for enforcement.”
The Hobbs Act’s language is narrower and unclear. It states only a court cannot “determine the validity” of an agency’s action subject to Hobbs. However, it uses that phrase in connection with other words like “enjoin,” “set aside,” and “suspend” that suggest a narrow application of the phrase.
The Supremes ultimately determined the phrase “determine the validity” means only a ban on a district court striking down the agency action altogether– not applying a different rule of law where it feels the agency’s determination might be inapplicable.
Thus the Supreme Court had to apply a “default rule” on court review of the APPLICATION of agency rulings subject to Hobbs Act review.
In the Supreme Court’s view, that default rule is to allow courts to challenge agency action:
In short, the background presumption of judicial review, the text of §703 of the APA, and the tradition and precedents allowing parties in enforcement proceedings to contest an agency’s interpretation combine to establish a clear default rule: In enforcement proceedings, district courts independently determine whether an agency’s interpretation of a statute is correct.
The Court also recognized practical realities in terms of people participating in FCC dockets or challenging rulings via the Hobbs Act:
Requiring all those potentially affected parties to somehow predict the future and bring a pre-enforcement challenge within 60 days or otherwise lose their right to challenge an agency’s interpretation of a statute down the road in an enforcement proceeding would be highly unusual—and would rightly strike many affected parties as grossly unfair.
In my view, however, the Court gives short shrift to the important notion that Congress wanted to protect FCC actions from independent review to assure uniformity across the country. The majority states:
There is no reason to think that Congress wanted to short-circuit that ordinary system of judicial review for the multiplicity of agency rules and orders encompassed by the Hobbs Act.
Umm, sure there is. That’s sort of what the Hobbs Act says. And the Supremes do not evaluate why else district courts are banned from “determin[ing] the validity of agency action in this context.
Regardless, black and white final answer:
The District Court is not bound by the FCC’s interpretation of the TCPA. The District Court should interpret the statute as courts traditionally do under ordinary principles of statutory interpretation, affording appropriate respect to the agency’s interpretation.
Boom.
Everything changes.
Just absolutely HUGE change for TCPAWorld. Many bedrock principles of TCPA jurisprudence are now thrown out.
Ruling is McLaughlin v. McKesson 2025 WL 1716136 (2025)
More analysis shortly.
Cutting Red Tape and Supporting Growth: the EU’s Omnibus IV Simplification Package on Small Mid-Cap Companies
On 21 May 2025, the European Commission published a new Omnibus IV Simplification Package, a targeted legislative initiative designed to alleviate regulatory burdens and enhance proportionality for smaller businesses.
Central to this recalibrated framework is the introduction of a new category of undertakings, i.e., Small Mid-Cap companies (SMCs).
Defined in Commission Recommendation C(2025) 3500, SMCs are:
companies that do not qualify as SMEs under Recommendation 2003/361/EC;
employ fewer than 750 persons, and
have either an annual turnover not exceeding €150 million or an annual balance sheet total not exceeding €129 million.
Moreover, the proposal for a Directive amending MiFID II also introduces the concept of SMCs for the purposes of capital markets regulation. It defines SMCs in that specific context as listed companies with an average market capitalisation between €200,000 and €1 billion, based on end-of-year stock prices over the preceding three calendar years. The objective is to improve access to capital markets for companies that have historically been underserved by EU-level simplification efforts.
The proposed amendment to Directive (EU) 2022/2557, also parts of the package, concerns the resilience of critical entities and incorporates the SMC definition to qualify some entities that may benefit from certain exemptions or adjusted obligations.
Another legislative proposal within the package introduces targeted amendments to the following six Regulations to introduce adjustments for SMCs:
Regulation (EU) 2016/679 (General Data Protection Regulation, GDPR)
Regulation (EU) 2016/1036 on protection against dumped imports
Regulation (EU) 2016/1037 on protection against subsidised imports
Regulation (EU) 2017/1129 (Prospectus Regulation)
Regulation (EU) 2023/1542 (Batteries Regulation)
Regulation (EU) 2024/573 (F-gas Regulation)
These amendments seek to introduce simplification and proportionality measures, previously reserved for SMEs, to the newly recognised SMC category. For instance, under the GDPR, SMCs will be exempt from maintaining data processing records where the risk to individuals’ rights is considered low. In the field of trade defence, the revised Regulations offer simplified procedural access for SMCs to anti-dumping and anti-subsidy investigations, supported by a dedicated helpdesk and alignment of procedural timelines with the financial year of the undertaking concerned.
The Batteries Regulation is also affected. In addition to a reduction in reporting obligations for SMCs, from an annual to a triennial cycle, introduced as part of the legislative proposal mentioned above, the Commission has also put forward a separate, ad hoc proposal to postpone the application of due diligence obligations under the Regulation by two years. This extension pushes the compliance deadline to August 2027.
The package also advances the EU’s objective of digitalising regulatory processes. This is pursued through a Proposal for a Directive and a corresponding Proposal for a Regulation, both aimed at eliminating outdated paper-based requirements in product compliance legislation. Among other measures, the proposals provide for the digitalisation of Declarations of Conformity, the option to supply instructions for use in electronic format (subject to certain safeguards), mandatory online contact points for manufacturers, and the integration of compliance data into Digital Product Passports where applicable. Compliance documentation will also be submitted electronically to national authorities, streamlining procedures while maintaining consumer protection and product safety.
Another significant innovation concerns the introduction of Common Specifications (CS) as an alternative means of demonstrating compliance in situations where harmonised standards are unavailable, delayed, or insufficient. While CS are already used in the medical device sector, they are now expected to play a broader role, including under forthcoming legislation such as the AI Act and the Cyber Resilience Act. To support this development, the Commission has launched a public consultation on CS, which is open until 28 July 2025.
What This Means for Business
The Omnibus IV Package sends a clear signal that the EU recognises the disproportionate regulatory burden faced by mid-sized businesses. By embedding proportionality more systematically across key legislative acts, the Commission enables companies, particularly those classified as SMCs, to benefit from greater legal certainty, administrative relief, and digital efficiencies.
For businesses active at the intersection of sustainability, product regulation, and digital innovation, the Omnibus IV reforms offer both relief and strategic opportunity.
Senator Cantwell Demands Proof from Verizon and AT&T on Salt Typhoon Eradication
Senator Maria Cantwell (D-WA), Ranking Member of the Senate Commerce, Science, and Transportation Committee, has formally requested that Verizon Communications Inc. and AT&T Inc. provide concrete evidence that they have fully eradicated the cyber espionage group known as Salt Typhoon from their networks. This follows both companies’ public assurances in late 2024 that the Salt Typhoon threat had been contained.
Notably, the other nationwide wireless carrier, T-Mobile, headquartered in Seattle, Washington, did not receive a formal request from Senator Cantwell. But this is likely due to the fact that in November 2024, T-Mobile stated that it was not impacted by the Salt Typhoon intrusion.
In letters sent to Verizon CEO Hans Vestberg and AT&T CEO John Stankey, Senator Cantwell expressed concern over ongoing doubts from cybersecurity experts regarding the completeness of the carriers’ remediation efforts. She cited reports indicating that Salt Typhoon may still be active within U.S. telecommunications infrastructure, exploiting complex network vulnerabilities to maintain or regain access and questioned whether the companies have implemented the guidance issued by federal agencies, including the FBI, NSA, CISA, and FCC, relating to the Salt Typhoon incursion. Senator Cantwell emphasized that the scale and complexity of telecom networks require extensive forensic analysis of tens of thousands of endpoints to identify all potential compromises.
Senator Cantwell requested that the companies respond to a series of inquiries with supporting documentation and information by June 26, 2025, based on the timeframe from September 1, 2024, to the present. Specifically, the companies were asked to provide:
A copy of their remediation plan in response to the Salt Typhoon attack;
All threat assessments related to the security risk of nation-state actors hacking their systems, which in AT&T’s case includes its FirstNet network;
A list of all vulnerabilities they have identified that allowed nation-state actors to gain broad, full access to their networks, and the extent those vulnerabilities have been mitigated or remediated;
All documents relating to their determination that the Salt Typhoon threat, or threat of other nation-state actors, had been contained;
All records related to the costs they have incurred to secure their network, including any third-party audits; and
All policies and best practices relating to encryption of customer data.
This formal request from Senator Cantwell highlights the increased scrutiny that telecom providers are under to demonstrate cybersecurity resilience and transparency in light of the ongoing Salt Typhoon attacks. As the Ranking Member of Senate Commerce, she cannot compel the companies to produce these documents. However, they will likely face public and political pressure to comply, at least in part. But it remains to be seen whether documents and information submitted by Verizon and AT&T will be made available to the public.
Payment Proccessor to Pay Millions to Settle FTC Allegations of Unfair Payment-Processing Practices and Facilitation of Deceptive Tech-Support Schemes
On June 16, 2025 the Federal Trade Commission announced that U.K.-based payment processor, Paddle.com Market Limited, and its subsidiary, Paddle.com, Inc., will pay $5 million and be permanently banned from processing payments for tech-support telemarketers. The foregoing is in settlemetn of a Federal Trade Commission action alleging that Paddle abused the U.S. credit-card system and enabled deceptive foreign operators to access it, costing consumers millions of dollars.
According to the complaint, the FTC alleged that Paddle and its subsidiary processed payments for deceptive tech-support schemes that targeted U.S. consumers including older adults.
“Paddle provided foreign-based tech-support schemes with access to the U.S. payment system, allowing these companies to harm consumers,” said FTC lawyer Christopher Mufarrige, Director of the FTC’s Bureau of Consumer Protection. “The FTC will hold accountable payment companies that knowingly facilitate payments for scammers or look the other way when faced with red flags about their clients’ conduct.”
The complaint charges that: (i) Paddle allegedly opened merchant accounts claiming to be a “merchant of record” or software “reseller,” then allegedly used these accounts to process card payments on behalf of numerous, unrelated third-party merchants; (ii) Paddle allegedly enabled overseas schemes to access the credit card system and collect payments from U.S. consumers, and to allegedly evade detection by merchant banks and card networks; (iii) Paddle allegedly facilitated schemes, like Restoro-Reimage, that allegedly used fake virus alerts and pop-up messages to impersonate familiar brands, such as Microsoft or McAfee (in March 2024, Paddle’s client, Restoro-Reimage, paid $26 million to settle the FTC’s charges of violating the FTC Act and the Telemarketing Sales Rule); and (iv) as the “merchant of record,” Paddle alleedly charged consumers for automatically renewing subscriptions without clearly disclosing that consumers would incur recurring charges.
According to the FTC, Paddle allegedly violated the FTC Act, the Telemarketing Sales Rule, and the Restore Online Shoppers’ Confidence Act.
Under the proposed settlement order Paddle will be:
Permanently prohibited from processing payments for tech-support merchants that engage in telemarketing or use pop-up messages about computer security or performance;
Prohibited from assisting deceptive merchants or engaging in any tactic to avoid fraud or risk-monitoring programs established by banks or the card networks;
Required to implement effective client screening and monitoring, and provide periodic reporting about merchant-clients’ transactions to Paddle’s payment-service providers; and
Required to clearly and conspicuously disclose the terms of any subscription it processes, get consumers’ express informed consent to the subscription, and provide consumers with a simple way to cancel and prevent recurring charges.
According to the FTC, the $5 million payment Paddle is required to make under the settlement will be used to supplement the redress for consumers purportedly harmed by the alleged Restoro-Reimage tech support scheme.
Contact an experienced FTC CID lawyer if you or your company have received an FTC civil investigative demand or if you are are interested in discussing the implementaion of protactive compliance protocols.
Chairman Andrew N. Ferguson issued a statement joined by Commissioners Melissa Holyoak and Mark R. Meador.
“One way the Commission combats foreign scams, however, is enforcing the law against American companies who unlawfully facilitate foreign schemes. By vigorously requiring domestic actors to obey the law, the Commission can cut off foreign scammers’ use of American companies to prey on American families. Today’s settlement is an example of such a case. Paddle, though primarily based in the United Kingdom, has a continuing presence in the United States, with an American component through which it channels American payments.”
The FTC filed the complaint and proposed settlement order in the U.S. District Court for the District of Columbia.
A RECIPE FOR A LAWSUIT?: Crumbl Hit With TCPA Lawsuit
Hi again TCPAWorld! Another quick one for you.
In a new class action complaint, popular cookie company Crumbl LLC is being sued for allegedly sending telephone solicitation text messages to numbers on the National DNC Registry in violation of the TCPA. The suit was filed in the Eastern District of Michigan by plaintiff Victoria Soboleski—the very same plaintiff currently suing Michael Kors over similar allegations. Sobolenski v. Crumbl LLC, Case No. 2:25-cv-11839-JEL-DRG.
NOT SO STYLISH?: Michael Kors Faces TCPA Class Action – TCPAWorld
In fact, this will be (including the Michael Kors lawsuit) her seventh TCPA lawsuit (2 filed in 2024, 5 filed in June of 2025):
Soboleski v. Party Pizza Roseville, Inc., 2:24-cv-13138
Soboleski v. Luminess Direct LLC, 2:24-cv-13397
Soboleski v. Clutch, Inc., 2:25-cv-11698
Soboleski v. MCM Products USA Inc., 2:25-cv-11699
Soboleski v. TerrAscend Corp., 4:25-cv-11763
And in each of these cases, she is/was represented by the Wolf, Anthony Paronich.
Here, the plaintiff is alleging that Crumbl sent telephone solicitations to her number that she registered on the National DNC Registry without her consent (and that those messages were intended for someone else).
The plaintiff seeks to represent the following class:
All persons throughout the United States (1) who did not provide their telephone number to Crumble LLC, (2) to whom Crumble LLC delivered, or caused to be delivered, more than one voice message or text message within a 12-month period, promoting Crumble LLC goods or services, (3) where the person’s residential or cellular telephone number had been registered with the National Do Not Call Registry for at least thirty days before Crumble LLC delivered, or caused to be delivered, at least two of the voice messages or text messages within the 12-month period, (4) within four years preceding the date of this complaint and through the date of class certification.
Again, the TCPA restricts telephone solicitations to individuals who have registered their numbers on the National DNC Registry. Once a number is on the registry for 30 days, companies are generally prohibited from making “telephone solicitation” calls to it. A person who receives more than one call or text in a 12-month period in violation of this rule can sue.
“The term telephone solicitation means the initiation of a telephone call or message for the purpose of encouraging the purchase or rental of, or investment in, property, goods, or services, which is transmitted to any person, but such term does not include a call or message:
(i) To any person with that person’s prior express invitation or permission;
(ii) To any person with whom the caller has an established business relationship; or
(iii) By or on behalf of a tax-exempt nonprofit organization.”
Thus, by definition, a “telephone solicitation” under the TCPA does not include calls or messages made by or on behalf of a tax-exempt nonprofit organization, calls to a person with whom the caller has an established business relationship, or calls to a person who has given the caller their express prior permission to call.
Crumbl’s lawyers will undoubtedly be looking for any purchase history. If Soboleski bought a cookie from Crumbl in the last 18 months, Crumbl can raise the “Established Business Relationship” defense, which could crumble the plaintiff’s ability to represent the class.
We’ll be watching to see how it pans out.
Here is the full complaint: CLICK HERE
NOT SO STYLISH?: Michael Kors Faces TCPA Class Action
Hi TCPAWorld!
It looks like luxury fashion brand Michael Kors may be in some hot water.
A class action complaint has been filed against Michael Kors (USA), Inc. by plaintiff Victoria Soboleski in the Eastern District of Michigan. The suit alleges the company sent unsolicited marketing text messages to people whose numbers are on the National Do-Not-Call Registry. Soboleski v. Michael Kors (USA), Inc., 2:25-cv-11838-DPH-CI.
The TCPA restricts telephone solicitations to individuals who have registered their numbers on the National Do-Not-Call (“DNC”) Registry. Once a number is on the registry for 30 days, companies are generally prohibited from making “telephone solicitation” calls to it. A person who receives more than one call or text in a 12-month period in violation of this rule can sue.
“The term telephone solicitation means the initiation of a telephone call or message for the purpose of encouraging the purchase or rental of, or investment in, property, goods, or services, which is transmitted to any person, but such term does not include a call or message:
(i) To any person with that person’s prior express invitation or permission;
(ii) To any person with whom the caller has an established business relationship; or
(iii) By or on behalf of a tax-exempt nonprofit organization.”
Thus, by definition, a “telephone solicitation” under the TCPA does not include calls or messages made by or on behalf of a tax-exempt nonprofit organization, calls to a person with whom the caller has an established business relationship, or calls to a person who has given the caller their express prior permission to call.
Here, the plaintiff alleges that Michael Kors sent multiple marketing text messages to her personal cell phone number, even though the number had been registered on the National DNC Registry for over a month. She further alleges that she had no prior relationship with the company, never gave them permission to text her, and that the messages were to advertise/market Michael Kors business/services.
Based on those allegations, she is seeking to represent the following class:
All persons throughout the United States (1) who did not provide their telephone number to Michael Kors (USA), Inc., (2) to whom Michael Kors (USA), Inc. delivered, or caused to be delivered, more than one voice message or text message within a 12-month period, promoting Michael Kors (USA), Inc. goods or services, (3) where the person’s residential or cellular telephone number had been registered with the National Do Not Call Registry for at least thirty days before Michael Kors (USA), Inc. delivered, or caused to be delivered, at least two of the voice messages or text messages within the 12-month period, (4) within four years preceding the date of this complaint and through the date of class certification.
We will keep an eye on this one.
BURGER BUST: Wendy’s Sued in TCPA Class Action in Louisiana Over Promotional Texts to Consumer on DNC List
Quick one for you.
A consumer named Joseph Brennan just retained the Wolf to sue Wendy’s in a TCPA class action arising out of text messages he claims he did not consent to.
The texts promoted Wendy’s food and a promotional program.
Plaintiff hopes to represent a class of:
National Do Not Call Registry Class: All persons in the United States whose (1)telephone numbers were on the National Do Not Call Registry for at least 31days, (2) but who received more than one telemarketing text message or call fromor on behalf of Defendant, (3) within a 12-month period, (4) at any time in theperiod that begins four years before the date of filing this Complaint to trial.
Will be interesting to see if the case arises out texts to a wrong number or if the Plaintiff signed up to receive the texts.
Notably, retail chains have historically done a poor job of documenting SMS club opt ins via shortcode so there may be some meat on this one.
Then again, if the guy has visited a Wendy’s in the last 18 months it will have an EBR defense. Should also definitely disrupt the class. So will be very interesting.
We’ll see where this goes.
Full complaint here: predocketComplaintFile (1)
HUGE FCC MOVE: “Protecting our Communications Networks by Promoting Transparency Regarding Foreign Adversary Control” Likely to Be Published Tomorrow
The FCC looks to be moving fast following the incredible approval of Olivia Trusty as the third FCC Commissioner this week.
Tomorrow the Commission plans to publish a 70 page filing seeking comment on a rule change that would require a thicket of disclosures from a huge number of regulated entities across the telecommunications spectrum (pun?).
The proposed rule would require disclosure of ownership interests by “foreign adversaries”–particularly China and Iran– by entities involved with wireless infrastructure, satellite, broadcast, submarine cable and (of course) Telephone and Common Carriers (including VOIP providers).
Oddly NOT on the list is registration services like TCR– but we will seek to change that.
The core of the rule is here:
While the Commission currently collects foreign ownership information for some of these Covered Authorizations, the Commission has never done a comprehensive survey across all Covered Authorizations, nor collected control information beyond ownership. Recognizing the importance of protecting our nation’s communications networks against foreign adversaries, we tentatively conclude it is reasonable to apply the proposed requirements broadly across various licenses, authorizations, permits, and other approvals regulated by the Commission, given the Commission’s interests in maximum transparency as to foreign adversary threats across every regulated segment of communications networks. We seek comment on our proposal.
Make sense.
R.E.A.C.H. will be commenting on the rule and asking the Commission to consider BROADENING the disclosure requirements to include TCR and to also include additional foreign ownership, not just adversaries.
Full proposal here: FCC Foreign Adversaries
HIGH STAKES: Attorney May Face Discipline–Even Disbarment– For Shoddy Work Defending TCPA Suit
In Barton v. Delfgauw, 2025 WL 1707568 (W.D. Wash June 18, 2025) a defense lawyer in a TCPA suit made a bunch of mistakes while litigating in federal court, culminating in apparently filing a very damaging document contrary to her client’s instructions.
As the Court put it, had this been her first mistake in the case the Court might have let her off with a warning. Instead the numerous errors demonstrated in the action lead the court to conclude disciplinary action– i.e. potential disbarment or suspension–should be considered.
Here’s the meet of the analysis:
Under Local Civil Rule 83.3(a), lawyers practicing in this Court are obligated to comply with the Rules of Professional Conduct. Discipline for violations of the RPCs can include suspension from the practice of law in this Court, reprimand or admonition, financial penalties, or referral to other disciplinary authorities, and can include supervision conditions including continuing legal education. LCR 83.3(c)(4). Under Local Civil Rule 83.3(c)(5), a judge of this Court may initiate discipline on its own motion, which is referred to the Chief Judge. When the Chief Judge is the initiating judge, “he or she must refer it to another judge.” Id. The reviewing judge may determine that the matter is best handled by the WSBA and make a referral to that or another authority. Id. The respondent attorney must be given notice and the opportunity to respond. LCR 83.3(c (5)(C). Because of the history of sanctions in this case, counsel’s WSBA disciplinary history for similar failures of diligence, and the evidence adduced of an RPC violation(s), this Court will make a referral to the next most senior active judge in this District, Judge Tana Lin, to determine if discipline should be imposed under Local Civil Rule 83.3 and/or whether this matter should be referred to the WSBA for their consideration.
Pretty wide range of options here. She could get off with a sternly worded order and perhaps some CLE. Or she could end up referred to WSBA for enhanced penalties. Tough to say for now. But we will keep an eye on it.
She was litigating against a guy without a lawyer– albeit a sophisticated guy without a lawyer, Nathan Barton. And the case was not even a class action.
Just goes to show the level of caution, accuracy, and intelligence needed to constantly litigate in federal court is simply above the capabilities of many attorneys. Layer in the complexities of class litigation and the incredible depth and speed of developments in TCPA substantive law–not to mention the insanely high penalties for failing to comply with the statute– and TCPA class action defense really is the perfect storm for attorneys.
There’s no more dangerous area of law out there folks, and no higher stakes litigation. Choose your counsel wisely!
New York AG Secures $250,000 Settlement with Money Transmitter Over Remittance Rule Violations
On June 13, Judge Katherine Polk Failla of the U.S. District Court for the Southern District of New York entered a stipulated final judgement resolving claims brought by the New York Attorney General against a global money transmitter. The lawsuit, initially filed in partnership with the CFPB (previously discussed here), alleged violations of the Electronic Fund Transfer Act (EFTA), including the Remittance Rule under Regulation E, as well as the Consumer Financial Protection Act (CFPA).
The court’s order follows the CFPB’s recent withdrawal from the case in April (previously discussed here), after which the New York AG continued pursuing claims under New York state law. The original complaint filed jointly by the Bureau and the New York Attorney General alleged the following:
Inaccurate availability disclosures. The company allegedly failed to accurately disclose the date on which funds would be available to recipients, contrary to the requirements of the Remittance Rule.
Deficient error resolution. The company purportedly failed to promptly investigate consumer complaints, issue required fee refunds, or provide mandated explanations and documentation within the regulatory timeframes.
Noncompliant internal procedures. Regulators alleged the company lacked adequate written policies to identify covered errors, ensure timely investigations, and retain necessary compliance documentation.
Unfair acts and practices. The company was accused of unnecessarily delaying remittance transfers and refunds after completing internal screenings, depriving consumers of timely access to funds.
The stipulated final judgement requires the company to improve its compliance-management systems, enhance employee training, and ensure that its disclosures and error-resolution procedures align with federal law. The company must also provide compliance documentation to the New York Attorney General upon request for a three-year period.
Putting It Into Practice: The final judgement reflects how state regulators are taking the lead in consumer protection as the CFPB scales back its involvement in legacy enforcement actions (previously discussed here and here). While federal enforcement activity may be narrowing, state regulators like the New York AG continue to be active and aggressive.
Listen to this article