Florida DABT Issues Declaratory Statement on Taxability of “Heat Stick” Products.
Phillip Morris International (PMI) requested a declaratory statement regarding the taxability of their IQOS “heat stick” tobacco products. During the pendency of the ABT response, the First District Court of Appeal released an opinion expanding the judicial interpretation of the term “loose tobacco suitable for smoking” as used in chapter 210, Florida Statutes, to include hookah products. This change pivoted from the traditional interpretation that “suitable for smoking” required some sort of ignition/combustion of the actual tobacco product, and also clarified that tobacco leaves/trimmings in conjunction with a binding agent can still be considered “loose tobacco.”
The opinion created tension with a prior ABT declaratory statement response in which the Division determined that Logic’s tobacco product, which included capsules of loose tobacco and a liquid mixture, were not taxable tobacco products.
To arrive at an outcome where PMI’s product is not taxable, ABT distinguished the product on factual differences – namely that the product did not produce hookah-like smoke infused with nicotine, the makeup of the tobacco product (ground tobacco reformulated into sheets/layers), and the absence of combustion.
Ultimately, while this declaratory statement may be based on distinctions that may not make a difference under the First DCA’s Global Hookah opinion, because ABT administers the tax on tobacco products itself and does not intend to tax the IQOS, any challenge to the taxability of the product or the declaratory statement itself is unlikely.
Note that there is currently pending legislation seeking to amend the definition of other tobacco products in the taxing contests. If the definition is amended, the language could potentially impact the precedential value of both this declaratory statement’s determination and the Global Hookah case.
A copy of the Declaratory Statement is available here.
Gender-Affirming Care Protections Eroded by Recent HHS Guidance and White House Executive Orders
On February 20, 2025, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced the recission of “HHS Notice and Guidance on Gender Affirming Care, Civil Rights, and Patient Privacy” (the “Rescinded 2022 Guidance”) pursuant to recent Executive Order (“EO”) 14187 (“Protecting Children from Chemical and Surgical Mutilation”) and EO 14168 (“Defending Women from Gender Ideology Extremism and Restoring Biological Truth to the Federal Government”), issued under the current Trump administration.
These executive orders directed HHS to revoke policies promoting gender-affirming care and reconsider its interpretation of civil rights protections and health information privacy laws as they relate to such care.
Background on the Rescinded 2022 Guidance
The Rescinded 2022 Guidance, originally issued on March 2, 2022 under the Biden administration, and which we previously discussed here, established a framework for applying federal civil rights protections and patient privacy laws to gender-affirming care in three key ways:
Section 1557 of the Affordable Care Act (ACA): The Rescinded 2022 Guidance asserted that federally funded entities restricting access to gender-affirming care could be in violation of Section 1557, which prohibits discrimination based on sex, including gender identity.
Section 504 of the Rehabilitation Act and the Americans with Disabilities Act (ADA): The Rescinded 2022 Guidance took the position that gender dysphoria could qualify as a disability, meaning that restricting access to care based on gender dysphoria could constitute unlawful discrimination.
Health Insurance Portability and Accountability Act of 1996 (HIPAA): The Rescinded 2022 Guidance interpreted HIPAA’s Privacy Rule to prohibit the disclosure of protected health information (PHI) related to gender-affirming care without the patient’s authorization, except in limited circumstances when explicitly required by law.
HHS Bases for the Rescission
OCR Acting Director, Anthony Archeval, stated that the “recission is a significant step to align civil rights and health information privacy enforcement with a core Administrative policy that recognizes that there are only two sexes: male and female.” The HHS Office on Women’s Health also issued guidance expanding on the sex-based definitions set forth in the EO 14168. This HHS guidance contained the following definitions:
Sex: A person’s immutable biological classification as either male or female.
Female: is a person of the sex characterized by a reproductive system with the biological function of producing eggs (ova). We note that EO 14168 defines female in a slightly different manner to mean “a person belonging, at conception, to the sex that produces the large reproductive cell.”
Male: is a person of the sex characterized by a reproductive system with the biological function of producing sperm. We note that EO 14168 defines female in a slightly different manner to mean “a person belonging, at conception, to the sex that produces the small reproductive cell.”
In its February 20, 2025 press release, HHS further stated that “[t]his rescission supports Administration policy in Executive Order 14187 that HHS will not promote, assist, or support “the so-called ‘transition’ of a child from one sex to another, and it will rigorously enforce all laws that prohibit or limit these destructive and life-altering procedures.”
Further, OCR’s formal recission letter dated February 20, 2025, outlining several reasons leading to the Rescinded 2022 Guidance:
ACA (Section 1557): HHS cited recent federal cases, Texas v. EEOC and Bostock v. Clayton County, as calling into question the legal basis for extending Section 1557 protections to gender identity. But see Kadel v. Folwell, 2024 WL 1846802 (4th Cir. 2024) (On May 8, 2024, the Fourth Circuit affirmed the trial court rulings that the exclusion of coverage for gender affirming care by state health plans in West Virginia and North Carolina violated the nondiscrimination protections of the Affordable Care Act (ACA) Section 1557).
Rehabilitation Act and ADA: HHS argued that gender dysphoria does not meet the statutory definition of a disability, as the law explicitly excludes gender identity-related conditions unless resulting from a physical impairment. However, the Fourth Circuit, in Williams v. Kincaid, 45 F. 4th 759, 770 (4th Cir. 2022), concluded that gender dysphoria is a disability protected under the ADA and does not fall within the ADA’s exclusion for “gender identity disorders not resulting from physical impairments.” See also Blatt v. Cabela’s Retail, Inc., 2017 WL 2178123 (E.D. Pa. May. 18, 2017) (Plaintiff’s gender dysphoria, which substantially limits her major life activities of interacting with others, reproducing, and social and occupational functioning, is not excluded from ADA protection.)
HIPAA: HHS stated that the Rescinded 2022 Guidance lacked a legal foundation for restricting PHI disclosures beyond HIPAA’s established exceptions. However, we note that current established exceptions already allow disclosures without patient authorization in certain circumstances, including when required by law. Interestingly, the new reproductive health amendments to HIPAA, which became effective on December 23, 2024, may, if interpreted broadly, provide additional privacy protections to information related to gender affirming care.
In addition to the recission, HHS also announced its launch of HHS’ Office on Women’s Health website, which we reference above, to promote these policies.
Impact on HIPAA and Patient Privacy
In the wake of the Rescinded 2022 Guidance and associated OCR statements, it remains unclear how OCR will now handle complaints related to the use and disclosure of PHI concerning gender-affirming care. Accordingly, entities that handle such data should carefully review their internal policies to ensure compliance with evolving interpretations of HIPAA’s Privacy Rule.
However, entities should also consider the HIPAA Privacy Rule to Support Reproductive Health Care Privacy, finalized in April 2024, which broadly defines “reproductive health care.” Gender-affirming care often falls within this definition, meaning that certain privacy protections may still apply under this rule despite the Rescinded 2022 Guidance. While HHS’s recent actions suggest a lack of intent to defend this interpretation, the 2024 reproductive health rule remains in effect despite ongoing litigation in Texas challenging these amendments. On September 8, 2024, the Texas Attorney General, in litigation pending in the Northern District of Texas, claimed that the new rule harms the AG’s ability to investigate medical care, lacks statutory authority, and is arbitrary and capricious. This litigation is still pending.
Compliance and Legal Considerations
Federal vs. State Law Conflicts: Entities must navigate the potential conflicts between state laws and the rescission of the Rescinded 2022 Guidance. For instance, Colorado and California have laws explicitly protecting access to gender-affirming care, which could create legal complexities for providers and insurers operating under multiple jurisdictions.
Litigation and Injunctions: On March 4, 2025, a federal judge in Maryland issued a preliminary injunction enjoining federal agencies from issuing regulations or guidance or otherwise implementing mandates of EO 14187. This injunction applies nationwide. In a more limited fashion, a judge in Washington issued a preliminary injunction which applies only to Washington, Colorado, Minnesota, and Oregon. As the Maryland court is still deciding on the merits of the case before it, entities should monitor these legal developments to understand go forward compliance obligations under both federal and state regulations.
Potential Whistleblower Protections. EO 14187 also directs HHS, in consultation with the Attorney General, to “issue new guidance protecting whistleblowers who take action related to ensuring compliance with this order.” Accordingly, it is possible that under such contemplated guidance, an increase in whistleblower-initiated compliance investigation may ensue. Yet, such increase in whistleblowing as an avenue to evaluate compliance would not address the potential friction between the requirements under the HIPAA Privacy Rule to Support Reproductive Health Care Privacy.
Threats to Funding. On March 5, 2025, numerous health care providers enrolled in the Medicare and Medicaid programs received a letter from CMS stating that “CMS may begin taking steps in the future to align policy, including CMS-regulated provider requirements and agreements, with the highest-quality medical evidence in the treatment of the nation’s children” as it relates to gender affirming care. The following day, on March 6, 2025, SAMHSA and HRSA sent similar letters to Hospital Administrators and Grant Recipients referencing the March 5, 2025 CMS letter and threatening examination of current grants and the “re-scoping, delaying or potentially cancelling new grants in the future” depending upon the nature of the work being performed by the providers and/or grant recipients as it relates to gender affirming care for minors.
Key Takeaways
The rescission of the 2022 “HHS Notice and Guidance on Gender Affirming Care, Civil Rights, and Patient Privacy” seeks to align HHS’s policies with the Trump administration’s stance on gender-affirming care. The recission introduces financial and compliance challenges for entities regulated by the HHS. However, the recission of the Rescinded 2022 Guidance does not eliminate all HIPAA provisions related to reproductive health and other state-level protections may still provide certain privacy and anti-discrimination safeguards relative to individuals seeking gender affirming care. Given this uncertainty, organizations should revisit their policies and procedures, closely monitor the evolving regulatory landscape, and keep a close eye on litigation outcomes to ensure continued compliance.
The Latest Attack on Consumer Arbitration Agreements
The war against arbitration agreements continues apace. The latest volley comes from the U.S. Court of Appeals for the Fourth Circuit, Johnson v. Continental Finance Company, LLC, No. 23-2047 (4th Cir. Mar. 11, 2025). In Johnson, the court considered whether a change-in-terms provision in a cardholder agreement rendered arbitration and delegation clauses illusory under Maryland law. In a 2-1 decision featuring opinions by all three panel members, the court said “yes,” and found the arbitration and delegation clauses unenforceable.
Plaintiffs filed putative class-action complaints against Continental Finance Company, LLC and Continental Purchasing, LLC. Continental moved to compel arbitration pursuant to the arbitration provision contained in the cardholder agreement Plaintiffs received upon account opening. Plaintiffs opposed, arguing the cardholder agreement lacked consideration because the agreement’s change in terms provision permitted Continental to unilaterally amend the agreement at its “sole discretion”:
We can change any term of this Agreement, including the rate at which or manner in which INTEREST CHARGES, Fees, and Other Charges are calculated, in our sole discretion, upon such notice to you as is required by law. At our option, any change will apply both to your new activity and to your outstanding balance when the change is effective as permitted by law.
Affirming the district court, a majority of the panel agreed that the arbitration clause was illusory because the change-in-terms provision allowed Continental to “change any term of [the] Agreement in [its] sole discretion, upon such notice to [Plaintiffs] as is required by law.” Citing a decision by the Supreme Court of Maryland (Cheek v. United Healthcare), the majority said such provisions “are so one-sided and vague” under Maryland law that they “allow[] a party to escape all of its contractual obligations at will,” including the obligation to arbitrate. Based on this, the majority held that the arbitration and delegation clauses were unenforceable.
Judge Wilkinson’s lead opinion raises a difficult question: If the change-in-terms provision renders the arbitration clause illusory, then why doesn’t it render the entire cardholder agreement illusory? To be sure, the plaintiffs limited their argument to the arbitration and delegation clauses, and the majority affirmed that these were the only provisions that its judgment disturbed. The lead opinion doesn’t answer this question. To our eyes, we see no limiting principle that would prevent the same argument from taking down the entire cardholder agreement. What’s good for the goose is good for the gander: Arbitration agreements are to be treated just like every other contract under state law. If the change-in-terms provision nullifies the formation of the arbitration agreement, the same should be true for every other term in the contract. Such a drastic outcome would jeopardize the formation of countless consumer contracts. As the dissent (authored by Judge Niemeyer) points out, the change-in-terms language here is “legal and widespread.” All that is required is sufficient notice of the change. If consumers don’t like the change, they negotiate with their wallets and take their business elsewhere.
Perhaps sensing this gap in the lead opinion, Judge Wynn addresses it in his decisive concurrence. But in doing so, he frankly raises more troubling questions. He points to another Maryland Supreme Court case (Holmes v. Coverall N.A., Inc.) stating that “an arbitration provision contained within a broader contract is a separate agreement that requires separated consideration in order to be legally formed.” This strand of Maryland law strikes us as potentially unlawful as preempted under the Federal Arbitration Act. Again, arbitration agreements must be treated on the same footing as every other contract under state law. No one disagrees that every other provision in Continental’s contract can be negotiated collectively and supported by the same pot of consideration. So why do arbitration agreements require something different and more rigorous under Maryland law? Though we’re obviously Monday morning quarterbacking this case, our answer is: They shouldn’t.
As noted at the top, Johnson is part of a larger judicial war by plaintiffs’ lawyers and consumer advocacy groups against consumer arbitration—one that we expect to grow in ferocity given the Trump administration’s recent defanging (and defunding) of the CFPB. Several courts have limited the enforcement of arbitration provisions in consumer contracts where plaintiffs have argued that the unilateral modification of such contracts to include arbitration provisions was illusory or did not comply with the implied covenant of good faith and fair dealing. See Canteen v. Charlotte Metro Credit Union, 900 S.E.2d 890 (N.C. 2024); Decker v. Star Fin. Grp., Inc., 204 N.E.3d 918 (Ind. 2023); Badie v. Bank of Am., 67 Cal. App. 4th 779 (1998). And prior to the recent changes in Washington, the CFPB had proposed a rule making one-sided “change-in-terms” provisions illegal and unenforceable.
We note however that several courts have gone the other way, see, e.g., SouthTrust Bank v. Williams, 775 So. 2d 184 (Ala. 2000), and the cases that have refused to enforce arbitration provisions have indicated that such provisions may be enforceable where the change in terms clause expressly requires a detailed description of changes before they become effective (Johnson) or the contract previously had a governing law provision that specified the forum for the resolution of disputes (Canteen).
Companies that have arbitration provisions or are considering adding them to their consumer contracts should stay apprised of the developing law in this area, particularly in the states in which they are located. Please talk to a lawyer before you draft or promulgate an arbitration clause—an ounce of prevention is worth a pound of cure.
The Next Wave of ADA Website Accessibility Lawsuits Against Alcohol Suppliers
The increasing popularity of online shopping has made e-commerce businesses – specifically those in the alcohol beverage industry – a frequent target for costly litigation. In lockstep with the continued prevalence of website accessibility cases, plaintiff firms are sending pre-suit demand letters to alcohol suppliers and, in some cases, filing a state or federal court lawsuit. These lawsuits, which are typically filed in California, Florida, or New York, involve claims that a supplier’s website is not accessible to individuals who are blind in violation of Title III of the Americans with Disabilities Act (ADA) and related state laws. In these cases, plaintiffs seek attorneys’ fees, damages (only under state law), and injunctive relief that would require the website to conform with the Web Content Accessibility Guidelines (WCAG) standards, which have been broadly adopted by courts and regulators.
While many e-commerce companies, including alcohol suppliers, have turned to “accessibility widgets” to improve WCAG compliance, these quick-fix solutions are not always what they seem. More than 25% of all website accessibility lawsuits in 2024 (more than 1,000) were brought against businesses that used widgets, with many plaintiffs explicitly citing widget features as alleged obstacles to accessibility. Widget developers have also faced scrutiny. The Federal Trade Commission recently leveled a $1 million fine against one such company for falsely claiming that its widgets “make any website complaint.” Therefore, relying solely on widgets to comply with WCAG standards has proven ineffective and could render e-commerce businesses vulnerable to website accessibility lawsuits.
To prevail on a website accessibility claim, plaintiffs must first show that a defendant is a private entity that owns, leases, or operates a “place of public accommodation.” Courts, however, are split on what it means for a website to be considered a place of public accommodation under Title III of the ADA. While some jurisdictions require a “physical nexus” between the website and a brick-and-mortar store, other jurisdictions have permitted these cases to go forward against a website-only company that does not own or operate any physical retail location. Even so, the “physical nexus” test is applied by a majority of federal courts and was recently adopted by the most active court for ADA website litigation in the country: the US District Court for the Southern District of New York. This development will likely add to an emerging trend of website accessibility plaintiffs resorting to state courts in search of more favorable laws.
In addition to establishing that the supplier’s website is a place of public accommodation, the plaintiff must satisfy certain jurisdictional requirements that will depend on whether products can be purchased directly from the website and whether the supplier ships to the state in which the suit was filed. Leveraging these defenses (among others) will be critical when it comes to either convincing the plaintiff to withdraw the claim, filing a motion to dismiss, or achieving an early resolution on favorable terms.
Due to the rise in these website accessibility lawsuits, we encourage industry members to take a proactive approach by:
Training personnel on accessibility requirements and WCAG standards.
Testing their website against WCAG standards (through independent consultants or user testing) and retaining testing documentation to demonstrate that users with disabilities can fully use the website.
Assessing potential areas of nonconformance with WCAG standards.
Working with internal and external technical teams to implement accessibility features into the website.
Developing an accessibility policy that informs users about the company’s accessibility practices.
Considering including a link to their website accessibility policy on every webpage, including a reporting option that is appropriately routed to address accessibility issues.
Regularly auditing their website to assess its level of accessibility (particularly after website updates).
Prioritizing manual audits over “quick fixes,” like accessibility widgets.
Engaging legal counsel to minimize litigation risk associated with website accessibility issues, including whether the ADA is applicable to the company’s website in light of the current state of the law.
My Health, My Dollar: Amazon’s Health Data Troubles in Washington
Amazon faces allegations of unauthorized data collection in violation of federal and state privacy laws, including a first-of-its-kind claim under Washington’s My Health My Data Act (“MHMDA”).
The MHMDA restricts businesses from collecting, sharing, or selling any-health related information about a consumer without their consent of “valid authorization”, going beyond the typical protections provided by the Health Insurance Portability Accountability Act (“HIPAA”).
The case against Amazon brings into focus the potential repercussions for companies dealing in health-related data and using modern internet tracking technologies for the operation of their websites.
Businesses—especially those dealing in health-related data—must scrutinize their data privacy practices to ensure alignment with an ever-evolving legal landscape.
* * *
Privacy and health law experts no longer need to hold their breath: the first major lawsuit under Washington’s recently enacted MHMDA was filed against Amazon. (Maxwell v. Amazon.com, Inc., No. 2:25-cv-00261 (W.D. Wash. Filed Feb. 10, 2025)). In broad terms, the Western District of Washington lawsuit alleges that Amazon violated federal wiretapping laws and Washington state privacy and consumer protection rules by gathering location data via its software development kits (“SDKs”), which it then used for targeted advertising and third party data sales, all without affirmative user consent or valid authorization.
At the heart of Maxwell is the alleged violation of the MHMDA. Under the MHMDA, a violation is deemed an unfair or deceptive act under the Washington state consumer protection statute (the “Washington CPA”). The case underscores the growing risks companies engaging with consumer health information face in the modern privacy era.
Washington’s My Health My Data Act
Enacted in April 2023 and effected March 2024, MHMDA (HB 1155) represents a significant stride toward enhancing privacy protections related to health data within Washington. Emerging from growing concerns surrounding the misuse of reproductive health data, the Act aims to safeguard personal health information from unauthorized collection, storage, or sale, except where explicit consent is given by individuals.
Specifically, the MHMDA states that a regulated entity or a “small business” may not collect or share any consumer health data except “with consent from the consumer for such collection for a specified purpose” or “to the extent necessary to provide a product or service that the consumer to whom such consumer health data relates has requested from such regulated entity or small business.” The Act also applies to a wider range of consumer health data than what is typically covered under HIPAA, obliging entities falling under its scope to meticulously manage health-related data practices and paving the way for increased scrutiny over the efficacy of those practices in protecting sensitive consumer information.
Notably, the MHMDA grants a private right of action to impacted plaintiffs, with remedies that include actual damages and attorney’s fees (plus the potential for an additional award of trebled damages) under the Washington CPA.
Maxwell v. Amazon
The Maxwell case marks the debut of the first private right of action for a MHMDA violation. The putative class action complaint alleges that Amazon improperly accessed and monetized user data obtained through certain location-based apps (e.g., OfferUp and the Weather Channel) equipped with its SDKs, taking advantage of geolocation functions inherent in them. According to the lawsuit, these apps transmitted sensitive information, including biometric and precise location data, which might reflect individuals’ engagements with health services or attempts to acquire or receive health services or supplies—a direct breach of the MHMDA’s stringent privacy mandate.
In addition, the complaint alleges that beyond not obtaining consumer consent, Amazon did not make certain MHMDA-required disclosures, such as failing to: “clearly and conspicuously disclose the categories of consumer health data collected or shared; the purpose of the collection or sharing of consumer health data; the categories of entities with whom the consumer health data is shared; and how the consumer can withdraw consent from future collection.to disclose prior to the data collection the categories of consumer health data collected or shared, the purpose of such alleged data collection, the categories of entities with whom the consumer health data is shared; and how the consumer can withdraw consent from future collection.”
According to the plaintiff, Amazon defies the prohibitions outlined by both federal statutes and the MHMDA because users were unaware of—and thus did not consent to—Amazon’s full data access when using those apps. The complaint asserts that when a mobile app using Amazon’s SDK requests location data access, users are “not provided with an opportunity to grant or deny access to Amazon as well.” The suit seeks not only injunctive relief to halt data practices lacking user consent but also damages for the purported privacy violations.
While the outcome remains uncertain, the first-of-its-kind case will serve as a critical data point in evaluating the MHMDA’s strength and definition in legal environments, drawing parallels to prior claims under California’s privacy laws.
Key Takeaways
Implicated business navigating this novel territory will want to pay close attention to the Maxwell case.
More importantly, those businesses should be sure to normalize regular assessments of their privacy policies and tracking technology functionalities to ensure compliance with, among the patchwork of state privacy laws across the country, the MHMDA.
Legal counsel should guide companies involved in the data-driven market in tailoring strategies to mitigate privacy risks, avoiding hefty fines and legal disputes.
Delaware Court Recognizes D&O Coverage for Non-Cash Settlements
The trend of Delaware court decisions favoring policyholders continues with a favorable ruling in AMC Entertainment Holdings, Inc. v. XL Specialty Insurance Company, et al. The Delaware trial court found that AMC’s settlement payment, made in the form of AMC shares valued at $99.3 million, qualified as a covered “Loss” under its directors and officers (D&O) liability insurance policy. This ruling is noteworthy for a variety of reasons, particularly because it establishes that non-traditional forms of currency, like stock, can be a covered “Loss” under D&O policies.
Background of the Underlying Action
AMC, the movie theater chain, was financially strained during the pandemic. It experienced a dramatic surge in stock price, turning into a “meme stock” due to retail investor activity. To take advantage of the situation, AMC sought to issue more common stock. However, shareholder approval to increase the common stock issuance was blocked, prompting AMC to create a new security—the AMC Preferred Equity Units (APEs). These units carried voting rights similar to common stock and were intended to convert to common stock if authorized by shareholders.
This led to a legal battle with shareholders, who filed lawsuits to prevent AMC’s proposal to convert the APEs into common stock. The suits were consolidated in Delaware’s Court of Chancery.
AMC notified its D&O insurers of the shareholder claims, which proceeded to mediation. The day after mediation, AMC received a settlement offer and had discussions with its insurers about the proposed terms. A week later, AMC settled the litigation, agreeing to issue 6,897,018 shares of common stock and pay the plaintiffs’ attorneys’ fees. AMC recorded this settlement as a contingent liability and expense on its books and valued it at $99.3 million.
AMC’s D&O insurers denied coverage. After AMC commenced coverage litigation, most insurers settled, except for one excess insurer that continued to refuse coverage. AMC and the insurer moved for summary judgment.
The Parties’ Arguments
The insurer argued that there was no coverage for the settlement payment for three reasons. First, it argued that the settlement payment was not a “Loss” under the terms of the policy. The policy defined “Loss”, in relevant part, as “damages . . . settlements . . . or other amounts . . . that any Insured is legally obligated to pay.” Further, the policy provides that the insurer will “pay ‘Loss’ on behalf of AMC.” The insurer contended that because the settlement involved the issuance of stock, not cash, and because the insurer could not pay the settlement on AMC’s behalf, it was not a covered “Loss”.
Second, the insurer argued there was no “Loss” because AMC did not suffer economic harm by issuing the stock. And third, even if settlement in the form of stock issuance was a covered “Loss,” the insurer was not obligated to pay it because AMC did not receive the insurer’s prior written consent.
AMC countered that the settlement met the policy’s definition of “Loss”, which is not limited to cash payments, because it was an amount that AMC was “legally obligated to pay.” AMC also argued that it suffered an economic harm since it recognized a permanent loss in its accounting by issuing new shares and suffered an opportunity cost in providing the shares. Finally, AMC believed it received the insurer’s consent on a conference call about the anticipated settlement.
The Decision
The court found in favor of coverage, granting AMC’s motion.
As for the definition of “Loss,” the court found that “Loss” was not limited to cash payments. It emphasized that, under Delaware law, stock is a form of currency that can be used for a variety of corporate purposes, including settling debts. Thus, AMC’s issuance of stock was deemed a covered “Loss,” which the court refused to limit in a way not explicitly provided for in the D&O policy.
In further support of AMC’s covered “Loss,” the court looked to the policy’s bump-up exclusion, which uses the word “paid” twice. The court stated, “[t]his is exclusion is not applicable to the issue presented, but its use of the word ‘paid’ is relevant” because words used in different parts of a policy are presumed “to bear the same meaning throughout.” The court reasoned that because under Delaware Law the bump-up exclusion, and its use of the word “paid,” can apply to stock transfers, it is “necessarily implie[d] that stock can be an amount AMC ‘pays’ which creates a covered ‘Loss’.” Bump-up exclusions are a common insurer defense and source of frequent coverage disputes, including in Delaware, but here the insurer’s bump-up wording ended up supporting the policyholder’s position in favor of coverage.
The court disposed of the insurer’s “economic harm” argument because the policy did not condition coverage on the existence of such harm. Once again, the court refused to “insert a restricting clause into the Policy.”
Finally, the court ruled that whether AMC sought the insurer’s consent to settle, or waiver of consent, on a phone call was a factual issue to be decided by a jury. However, the court noted that Delaware law allows a policyholder that does not comply with consent requirements to obtain coverage by rebutting the presumption that the insurer was prejudiced by the breach and showing that the settlement was reasonable.
Discussion
This case has a has a variety of takeaways for policyholders.
Non-Cash Settlements: Non-cash settlement payments, including stock, may be covered as a “Loss” under D&O policies in Delaware. While AMC’s non-cash payment was in stock, the court’s ruling may apply equally to a variety of other payment forms, such as cryptocurrency or other amounts that insureds are legally obligated to pay as damages or settlement. Policyholders should carefully review policy language regarding the definition of “Loss” to determine if there is coverage for non-cash settlement payments.
Delaware Coverage Trends: Over the past few years, Delaware courts have issued several significant rulings, many in favor of policyholders. The court’s decision in this case is yet another example of this. Delaware’s leadership in corporate governance and shareholder litigation also bleeds over into insurance disputes. In the recent decision, the court ruled in AMC’s favor by relying on Delaware law recognizing that stock is a form of currency. Insurers and policyholders will continue to pay attention to Delaware’s developing role in issuing important coverage rulings.
Choice of Law Matters: In one such landmark decision, the Delaware Supreme Court held that Delaware corporations and their insured officers and directors should be able to get the benefit of Delaware law governing their D&O coverage disputes. The AMC case exemplifies a Delaware policyholder reaping the benefits of Delaware law.
First, it was the Delaware’s Chancery court’s decision in a non-insurance suit determining whether a claim was a derivative or direct claim that the Superior Court used to support the conclusion that AMC’s settlement was a covered “Loss” because “[s]tock is a form of currency.” Other jurisdictions may not have similar law to support such a conclusion.
Second, the AMC court held that if the company did not seek the insurer’s consent to settle, it may still obtain coverage if it can rebut the presumption that the insurer was prejudiced and show that the settlement was reasonable. This is not true in all jurisdictions. See, e.g., Perini/Tompkins Joint Venture v. Ace Am. Ins. Co., 738 F.3d 95, 104-06 (4th Cir. 2013) (recognizing that, under Maryland and possibly Tennessee law, an insured’s breach of a policy’s consent to settle provision negates coverage without regard to whether the insurer was prejudiced by the breach).
The point is that choice of law is significant, and Delaware policyholders may be able to leverage a growing body of favorable Delaware law on important coverage issues. Conversely, the importance of what law governs an insurance policy makes choice-of-law, choice-of-forum, and similar policy provisions even more significant when insurers mandate application of another state’s law. These provisions often go unnoticed but can have an outsized impact on coverage in the event of a dispute.
Policy Drafting Matters: The court’s refusal to rewrite the policy highlights the importance of clear and unambiguous language. Insurers must ensure that policy’s are drafted precisely, and policyholders must remain vigilant to ensure that insurers are not making inferences or interpreting policy language to support their preferred reading if it is not stated expressly in the policy. It is the terms of the policy—not the insurer’s unstated intentions—that controls.
Consider Insurance Ramifications in Underlying Litigation: Policyholders seeking defense and indemnity coverage under liability policies should be strategic in how they approach settlement in underlying litigations, keeping an eye towards potential coverage and ways to maximize recovery. Small changes, like nuances in settlement agreements or accounting practices, can make or break claims for millions of dollars of potential coverage. In the AMC case, for example, the company recorded the settlement as a contingent liability and expense valued it at $99.3 million, which the court relied on to support a finding that the non-cash payment was covered loss.
Records of Insurer Communications: In the midst of high-stakes settlement negotiations and fast-paced litigation, it is not always feasible to document all communications with insurers. Nonetheless, this case shows the risks of not documenting what is said during conversations held in-person or via phone or video call. This is critical to avoid post-conferral disputes. The AMC court was unable to resolve the question of whether the insurer consented to AMC’s settlement because a factual dispute existed as to what was said during a phone call. It is unclear if a post-call confirmation email would have helped here, but, at a minimum, these kinds of written records can potentially minimize the risk of factual disputes.
New York Attorney General Reaches $650,000 Settlement with Student Social Networking App Developer Over Privacy Violations
On March 7, 2025, New York Attorney (“NY AG”) General Letitia James announced a $650,000 settlement with Saturn Technologies Inc. (“Saturn”), the developer of the Saturn App, a social networking app geared towards high school students and built around customized school calendars.
In its action against Saturn, the NY AG alleged that the company promised at various times between 2018 and August 2023 to verify users’ school email credentials to ensure (1) that the Saturn App did not allow non-students to join and (2) only users from the same school could interact with each other on the app. The NY AG alleged that, in contrast to these promises, Saturn stopped authenticating high school email credentials in 2021, thereby permitting users from different high schools to message each other and allowing “unverified” non-students to join with almost complete access to all Saturn App features. The NY AG alleged that these practices violated New York Executive Law § 63(12), which prohibits engaging in repeated fraudulent acts in the carrying on, conducting, or transaction of business. The NY AG also alleged that Saturn engaged in deceptive trade practices, violating both New York General Business Law § 349 and Section 5 of the FTC Act.
The AG’s investigation also determined that Saturn:
Did not screen out new users based on birth date to determine they were high-school aged until August 2023, and continues to not screen out fraudulent users based on location.
Copied users’ contact books (with names, personal phone numbers, and other contact information) and continued using the information even when users updated their settings to deny the Saturn App access to their contacts.
Implemented a “friendship verification” process with security vulnerabilities, which enabled unverified users to continue to access certain personal information of verified Saturn App users.
Promoted the Saturn App through other high school students (“Student Ambassadors”) without disclosing that those students received compensation for completing assigned marketing tasks.
Failed to keep sufficient records regarding data privacy, data permissions, user verification, and user privacy.
Under the terms of the settlement, Saturn must pay $650,000 in penalties and costs, provide users under the age of 18 with enhanced privacy options (including hiding social media links from non-friends for all new users under the age of 18 by default), document all changes related to user privacy policies and procedures, submit its user interface for NY AG approval, and develop a marketing training program.
The settlement agreement also requires Saturn to:
Notify users regarding app verification changes and provide them with options to modify privacy settings.
Prompt all users under 18 to review their privacy settings every six months.
Refrain from making future claims about user safety or verification unless the company has a reasonable basis for making the claim based on competent and reliable scientific evidence.
Limit the information about non-Saturn App-users that can be entered into the App by Saturn App users (i.e., the non-Saturn App user’s class enrollment or event attendance).
Allow teachers to block student names, initials or other personal identifiers from appearing in the Saturn App’s class schedule feature.
Delete retained copies of the phone contact books of certain users.
Hide the personal information of current users under 18 until Saturn Technologies obtains informed consent to the new Saturn App terms.
Appeals Court Lifts Injunction on Pair of DEI-Targeting Executive Orders: What It Means for Federal Contractors and Grantees
A panel of the United States Court of Appeals for the Fourth Circuit lifted a nationwide injunction, allowing the Trump administration to resume implementation of a pair of executive orders targeting diversity, equity, and inclusion (“DEI”) and diversity, equity, inclusion, and accessibility (“DEIA”) programs (the “Challenged Executive Orders”). On their face, the Challenged Executive Orders apply only to undefined DEI- and equity-related programs that violate existing federal anti-discrimination law, and do not purport to establish the illegality of all efforts to promote DEI. Our client alert describing those executive orders may be found here.
By way of background, as we previously wrote, on February 21, 2025, the United States District Court for the District of Maryland enjoined the Trump administration from implementing the Challenged Executive Orders.
In short, the underlying lawsuit sought to enjoin certain provisions of the Challenged Executive Orders including the provisions that: (1) directed executive agencies to terminate “equity-related” grants and contracts; and (2) directed all executive agencies to include within every federal contract or grant award a certification, enforceable through the False Claims Act, that the recipient of federal funding does not operate any programs promoting DEIA or DEI in violation of federal anti-discrimination laws (the “Challenged Provisions”). The lower court found the Challenged Provisions to be unconstitutionally vague, as well as unconstitutional content and viewpoint restrictions on speech.
On March 14, 2025, a three-judge panel of the Court of Appeals for the Fourth Circuit overturned the district court’s preliminary injunction that had enjoined key portions of the Challenged Executive Orders.
The panel all agreed that the injunction should be lifted, at least for now, while litigation over the Challenged Executive Orders’ lawfulness continues. Each member of the three-judge panel wrote a concurring opinion to explain their rationale, with two of the judges also expressing their support for principled efforts to promote diversity, equity, and inclusion. In describing why they agreed with the decision to lift the injunction, each judge noted that the underlying case does not challenge any specific agency action implementing the Challenged Executive Orders.
Accordingly, they wrote, there was not yet any basis to conclude that agencies would do so in an unconstitutional manner.
What does this mean?
Agencies may immediately begin implementing the Challenged Executive Orders. In the near term, this will likely take the form of agencies requiring grant recipients and federal contractors to certify that they do not operate any programs promoting DEIA or DEI that violate any applicable Federal anti-discrimination laws. Importantly, as previously explained, these certifications are a potential source of False Claims Act liability for those who are found to have submitted inaccurate certifications.
It is likely that agencies will seek to penalize federal grantees and contractors who, in the scope of their grant-funded or contract-related activity, engage in discrimination unlawful under current federal anti-discrimination law. Federal anti-discrimination law prohibits the use of preferences, quotas, and set asides, except in very limited circumstances.
If agencies use the Challenged Executive Orders to punish grant recipients and federal contractors for engaging in all DEI or DEIA activities, including well-crafted efforts to promote employee engagement through cultivating a sense of belonging, the Challenged Executive Orders will likely again be challenged as unconstitutional violations of the First and Fifth Amendments.
Action items for grant recipients and federal contractors:
Consider embracing a broad definition of “diversity,” to include background (socio-economic and otherwise), experiences, cultures, opinions, and the like, along with race, gender, ethnicity, and other protected characteristics.
Review their diversity, equity, inclusion, accessibility, and belonging programs to ensure they are strategic and well-designed to foster open opportunities and ensure a level playing field for all by creating an environment and culture where everyone is respected and valued.
Examine their diversity, equity, inclusion, accessibility, and belonging programs, including any training or rewards programs, to ensure they comply with current federal anti-discrimination laws. This would include a review to ensure that programs do not provide an advantage or award benefits to an individual based on a specific demographic trait.
Pay close attention to DEI or DEIA-related guidance from agencies regarding how those agencies interpret the executive orders’ DEI and DEIA prohibitions.
Merely changing some words – replacing “diversity” with “inclusivity,” or “equity” with “equality,” for example – will not make a non-compliant program compliant.
If a decision is made to modify existing diversity, equity, inclusion, accessibility, and belonging programs, consider preparing internal communications explaining the changes and their rationale.
ONCE A BUSINESS NUMBER NOT ALWAYS A BUSINESS NUMBER: Court Finds Shelton Can Sue For B2B Calls to Number That He Used to Use for Business Purposes But Not Anymore
One of the most commonly asked questions I receive is whether B2B calls made to numbers on the DNC list are legal.
It is a bit of a tricky answer. I fully explore it here.
Quickly: the DNC prevents calls to residential numbers, so the purpose of the call does not matter, only the use of the number called. And when a number is used both for business and for residential purposes it is considered a “mix use” number and counts as a residential line.
In essence, therefore, B2B calls to a cellular phone on the DNC list are simply not safe to make without EBR or permission because there’s generally no way to know if the number is a business or residential line.
Just to drive that point home, imagine a situation where a cellular phone was actually found–by a court– to be a business line and a resulting TCPA suit was dismissed as a result of calls to that exact number.
Such a number would be safe to call as a business line right?
Wrong.
Check this out.
In Shelton v. Pro Source 2025 WL 817485 (E.D. Pa March 14, 2025) the Plaintiff–the famous James Shelton–brought suit for allegedly unsolicited marketing calls to his cell phone.
Now this was the very same cell phone number that was previously found to be a business number that was not protected by the DNC rules in Shelton v. Target AdvanceLLC, No. 18-2070, 2019 WL 1641353 (E.D. Pa. Apr. 16, 2019). There the judge held because Plaintiff “held his phone number out to the world as a business phone number” he lacked standing under the TCPA on that claim.
Five years later a lady named Brittney Wilson, an employee of Pro Source Lending Group LLC, called that very same cell phone number apparently in an effort to offer Mr. Shelton a business loan.
Shelton sued Brittney personally–as well as her employer–arguing that he had since STOPPED using the phone for business purposes and that it is now just his residential phone.
Brittney and co. moved to dismiss and guess what? The Court sided with Shelton and found that because he has stopped using the phone for business purposes five years ago his phone was, once again, a residential number.
The Court was also unmoved by the fact that Shelton had filed so many TCPA suits and had hired a lawyer–Andrew Perrrong–who, himself was previously a serial litigant. Indeed, the Court pointed out this “dynamic duo” had joined forces to bring this suit:
In this case, James Shelton, a prolific plaintiff, and his counsel, Andrew Roman Perrong, equally prolific as a litigator under the TCPA, have joined forces to file a class complaint against Defendants.
But the court determined that Shelton’s volume of litigation alone did not bar him from bringing suit.
Last, the Court held that Ms. Wilson can be sued personally for the calls at issue. The Court followed the majority of cases that have found an employee, agent or officer of a company engaged in conduct that violates the TCPA can be personally liable for that conduct. The fact she made the call for her employer is irrelevant.
Because she allegedly made the calls at issue from her cell phone she can be personally liable to Plaintiff–and potentially the class.
Eesh.
Take aways:
B2B cold calls ae extremely dangerous; and
Personal lability under the TCPA lurks everywhere. This lady picked up her cell phone to make the calls at issue and was still sued personally. Don’t hang your employees out to dry! Get good counsel and protect yourself (and them).
Chat soon.
“OFF THE RAILS”: Court Refers to Parties in TCPA Suit as “Incompeten[t]” As it Issues Sanctions And I Have Never Seen Anything Like It
You can read thousands of decisions and never see one like this.
Trust me, I know.
In Delfgauw v. Barton 2025 WL 814484 (W.D. Wash. March 13, 2025) the Court opens its ruling with the following words:
[T]his order is about the incompetence and misconduct of the parties that have prevented resolution of this matter for nearly four years. To put it bluntly, this case has gone off the rails in terms of how civil litigation is supposed to proceed in federal court.
My goodness.
Just a couple of pieces are worth noting here.
First, the parties submitted a stipulation admitting the defendant had intentionally destroyed evidence. Crazy right?
Except the parties disagree about whether the stipulation should have been filed or not. Barton says it should have been. Defendant disagrees and says the version striking that line was the only one they agreed should have been filed.
But the Court was not impressed and stated: “The Court will not allow Defendants to simply disregard their own unambiguous stipulation by arguing they should be relieved of the consequences of their stipulation because they failed to diligently review it.”
The Court went on to question the capabilities of the defense counsel: Regardless of how it occurred, the Court is incredulous how any member of the bar could sign and submit a stipulation that their client purposefully destroyed evidence to deprive an adversary of it, absent actual knowledge that such an extraordinary event had occurred.
Indeed.
As a result the Court ordered defendant and his counsel to show cause why they should not be additionally sanctioned.
Meanwhile the defendant also produced call recordings more than two years after the close of discovery despite holding onto the records the entire time.
In the recordings, however, Barton is caught claiming he is named Ivette Martinez, a fact the Court finds disturbing and “circumstantial” evidence Barton may have set up the lawsuit. As a result the court ordered additional discovery as to the issues of the recordings.
So…yeah.
Make sure you have GOOD TCPA defense counsel folks. That’s the take away.
Court: Investment Adviser Has No Duty To Warn Non-Clients
According to the Court of Appeal:
An imposter posing as investment advisor Daniel Corey Payne of Lifetime Financial, Inc. (Lifetime) stole more than $300,000 from Mark Frank Harding. Before this occurred, Lifetime had received several inquiries from other individuals about a potential imposter who was posing as Payne and asking for funds; Lifetime did not post a warning about the imposter on its website or take any other significant action.
Harding v. Lifetime Financial Inc., 2025 WL 815697 (Cal. Ct. App. Mar. 14, 2025). In an effort to recover his life savings, Harding sued Lifetime alleging “if Lifetime and LPI [a related advisory firm] had posted a warning on their website about the imposter, or if they had reported the matter to FINRA, Harding would have realized the person he was communicating with was an imposter, and he would not have lost his life savings”.
Harding’s efforts failed to meet with success in the trial court which granted summary judgment for the defendants. In affirming the trial court, the Court of Appeal noted that as a general matter there is no duty to protect others from the conduct of others. More specifically, it could find “no statutory or case authority holding that an investment advisor owes a duty to nonclients to post a notice on its website or notify law enforcement that someone has been impersonating the investment advisor.”
Harding argued that FINRA Rule 4530 created a duty to warn. That rule requires FINRA members to “promptly report to FINRA . . . after the member knows or should have known . . . [that] [¶] (1) the member or an associated person of the member: [¶] . . . [¶] (B) is the subject of any written customer complaint involving allegations of theft or misappropriation of funds or securities or of forgery.” The Court of Appeal disagreed, finding:
in order for Defendants to have had a reporting duty under this rule, they would have had to receive a written complaint which alleged Defendants engaged in theft, misappropriation of funds or securities, or forgery, and that written complaint would have had to come from a person whom Defendants engaged or sought to engage in security activities. That is not what happened here.
Harding illustrates how difficult it can be to detect an impersonation. The imposter initially contacted the plaintiff by phone and the plaintiff spoke with the imposter several times thereafter. The imposter used the name of a representative at Lifetime and had an email address that included “lifetime” as part of the address. The plaintiff researched Lifetime online and verified Lifetime’s CRD number and Lifetime’s registration.
Fourth Circuit Reopens Trump DEI-Related Executive Orders, Halts Preliminary Injunction
On March 14, 2025, the U.S. Court of Appeals for the Fourth Circuit granted the government’s request to stay a Maryland federal judge’s nationwide preliminary injunction that had blocked key portions of the president’s executive orders (EO) related to diversity, equity, and inclusion (DEI), meaning the provisions are again enforceable as the appellate court mulls the lawfulness of the EOs.
Quick Hits
A panel for the Fourth Circuit granted the government’s request to stay a nationwide preliminary injunction that had blocked three key provisions of President Donald Trump’s DEI-related EOs.
The ruling comes after the federal judge in Maryland who issued the preliminary injunction had raised concerns over reports that federal agencies were potentially violating the ruling.
A three-judge panel for the Fourth Circuit ruled that the government had met its burden to stay, pending appeal, the nationwide preliminary injunction enjoining the termination, certification, and enforcement provisions of President Donald Trump’s DEI-related orders, EO 14151 and EO 14173. But in doing so, all three judges on the Fourth Circuit panel issued separate concurring opinions.
The ruling reverses U.S. District Judge Adam B. Abelson, who, on March 3, 2025, refused to stay the preliminary injunction. Judge Abelson issued the preliminary injunction on February 21, 2025, finding the plaintiffs were likely to succeed on the merits that the EOs are vague and chill free speech in violation of the First and Fifth Amendments.
While agreeing that a stay was appropriate, Fourth Circuit Chief Judge Albert Diaz, in his concurring opinion, questioned the criticism of DEI and the “people of good faith who work to promote diversity, equity, and inclusion.”
“Under the most basic tenets of the First Amendment, there should be room for open discussion and principled debate about DEI programs, and whether its corresponding values should guide admissions, hiring, scholarship, funding, or workplace and educational practices,” Chief Judge Diaz wrote. “And all Americans should be able to freely consider how to continue empowering historically disadvantaged groups while not reducing the individuals within those groups to an assigned racial or sex-based identity.” (Internal quotations omitted.)
On the other hand, Judge Pamela A. Harris wrote, “[w]hat the Orders say on their face and how they are enforced are two different things,” noting that the lawsuit “may well raise serious First Amendment and Due Process concerns” but that it “does not directly challenge” a specific agency action.
Similarly, Judge Allison Jones Rushing criticized the scope of the injunction, which she characterized as enjoining “nondefendants from taking action against nonplaintiffs” and the ripeness of the lawsuit because it “does not challenge any particular agency action implementing the Executive Orders.” (Emphasis in original.)
The Fourth Circuit’s stay comes just hours after Judge Abelson held a status conference to consider the plaintiffs’ emergency motion regarding reports that federal agencies refused to comply with the preliminary injunction.
The plaintiffs presented evidence that one of the plaintiffs, the City of Baltimore, was facing a deadline to sign a recent funding contract from the U.S. Department of Housing and Urban Development (HUD) containing language requiring the city to certify that it does not operate any DEI programs that violate any applicable antidiscrimination laws. The plaintiffs alleged that until the City of Baltimore signs the contract, it cannot recoup from HUD the costs it has already expended for providing services to people without permanent housing.
While Judge Abelson found the government’s representation that it would remedy the provision sufficient for the time being, the judge said he would order an expedited briefing on the matter and called the reports of noncompliance “concerning.” However, that briefing now appears moot as the Fourth Circuit has stayed the preliminary injunction. At this time, it is unclear how Judge Abelson will respond.
On March 10, 2025, Judge Abelson clarified that the preliminary injunction applied to all the named defendants beyond the president, including the “other federal executive branch agencies, departments, and commissions, and their heads, officers, agents, and subdivisions directed pursuant to” the executive orders.