Procedural Foot Faults are a Trap for the Unwary
Whether filing a tax return, a protest, or an appeal, there are countless procedural requirements that must be met in order to avoid penalties or worse. While those requirements are oftentimes tedious, they are a necessary evil to avoid future headaches.
The recent decision of the Supreme Court of Nevada highlighted one such procedural misstep. In Hohl Motorsports, Inc. v. Nevada Department of Taxation, the company filed a petition for judicial review of a deficiency determination. Hohl, No. 87189, (Nev. Feb. 10, 2025). Under Nevada law, prior to filing a petition, the company was required to either (1) pay the amount of the determination or (2) enter into a written agreement with the Department of Taxation (“Department”) to pay later. The Hohl decision centered around what constituted a “written agreement.”
In that case, the company emailed a lawyer representative of the Department prior to filing its petition. The Department’s response to the company stated that the company would have an additional 90 days to pay the determination and should timely file its petition. The company filed its petition and paid the determination a few weeks later.
Despite its email, the Department moved to dismiss the appeal for failure of the company to comply with the procedural requirements. Specifically, the Department claimed that the company did not have a written agreement with the Department to pay the determination at a later date. Upon review, the Court held that the email from the Department constituted a written agreement, which satisfied the procedural requirements.
Significantly, the Court noted that “[t]axpayers should be able to rely on the advice that they receive from the Department.” The Court stated that this is even more true when the taxpayer discusses a particular issue with the Department. The Court admonished the Department for filing the motion to dismiss and asserted that the Department “violated basic notions of justice and fair play.” In today’s world, where courts often chide taxpayers for not seeking guidance from the Department on filing positions, while also alleging that taxpayers cannot rely on information received from the Department, it is a breath of fresh air for the Supreme Court of Nevada to be a voice of reason.
While this case was an important victory for the taxpayer on the procedural requirements in Nevada, the best place to be in is to never have potentially faulted at all. Be sure to dot those i’s and cross those t’s!
LLC’s Splitting into Six Companies Not Subject to Pennsylvania Realty Transfer Tax
The Pennsylvania Commonwealth Court held that the statutory division of a limited liability company (“LLC”) which resulted in the original LLC and five new companies—with each of the new companies owning a portion of the real estate of the original LLC—was not subject to state and local realty transfer tax as there was no transfer of real estate as contemplated by the statute. Kunj Harrisburg LLC, et. al. v. Commonwealth, No. 390 F.R. 2020 (Pa. Cmwlth. Jan. 10, 2025).
The Facts: Kunj Harrisburg LLC (“Kunj”) owned a Condominium Association consisting of seven condominium units in Adams County, Pennsylvania. Pursuant to the Entity Transactions Law (“ETL”), it subsequently filed with the Department of State a Statement of Division and an accompanying Plan of Division which divided Kunj into six companies consisting of Kunj and five new companies. Kunj remained the owner of two condominium units and each of the five new companies became the owner of one condominium unit. The six companies recorded deeds in Adams County reflecting the Plan of Division and claimed exemption from the realty transfer tax.
The Department of Revenue issued Notices of Assessment to the five new companies asserting that the deeds did not qualify for exemption and assessing tax. The companies were unsuccessful in their appeals to the Board of Appeals and the Board of Finance and Revenue.
The Decision: The Commonwealth Court first reviewed the realty transfer tax which imposes tax for the recording of any document and which defines a “document” to include any deed which conveys title to real estate in the Commonwealth. It then looked to the ETL which permits an entity to divide into one or more new associations and which states that the property allocated to a new association vests “without reversion or impairment, and the division shall not constitute a transfer, directly or indirectly, of any of that property.” 15 Pa.C.S. § 367(a)(3)(ii).
Relying on the “unambiguous language” in the ETL that an association created through a statutory division is a successor to the dividing association and does not acquire its property through the transfer of the property’s beneficial interest, the Court concluded that each deed at issue did not convey title to real estate, that each deed was therefore not a “document” as contemplated by the realty transfer tax law, and that no tax was due.
This case demonstrates that when there is unambiguous statutory support for a position, while it may take a couple of levels of appeal, a taxpayer should be victorious despite a taxing agency’s position.
New York ALJ Upholds Convenience of Employer Rule Despite Employee Working Remotely Out-Of-State During COVID Lockdowns
In yet another challenge to New York’s so-called “convenience of the employer” rule, a New York Administrative Law Judge (“ALJ”) upheld the application of the rule against a Pennsylvania resident who worked remotely for a New York-based employer during the COVID-19 pandemic. In the Matter of the Petition of Myers and Langan, DTA No. 850197 (Jan. 8, 2025).
The Facts: Richard Myers, a resident of Pennsylvania, worked in New York for the Bank of Montreal (“BMO”) which provides a broad range of personal and commercial banking, wealth management, global markets, and investment banking products and services. Due to the COVID-19 pandemic, BMO temporarily closed its New York City office on March 16, 2020 and required employees to find alternative working arrangements. Mr. Myers worked from a BMO disaster recovery site in New Jersey on March 16 and March 17 and worked exclusively from his home in Pennsylvania for the remainder of the year. On his New York State nonresident income tax return, Mr. Myers claimed a refund of $104,182, which the New York Division of Taxation partially disallowed, leading to an audit and subsequent recalculation of his income allocation.
The Decision: The ALJ determined that Mr. Myers’ wages were correctly allocated to New York under the convenience of the employer rule. The rule provides that any allowance claimed for days worked outside New York for a New York-based employer must be based on the necessity of the employer, not the convenience of the employee. While there was an executive order in place requiring businesses to employ work from home policies to the maximum extent possible (the “Executive Order”), the order did not apply to essential businesses, including banks and related financial institutions, such as BMO. The ALJ found that BMO, as an essential business, was not legally mandated to close its New York office, and therefore, Mr. Myers’ remote work from out-of-state was deemed to be for his convenience rather than a necessity imposed by his employer. The ALJ noted that BMO’s decision to close its office did not qualify Mr. Myers’ remote work as a necessity for the company, and there was no evidence or explanation in the record as to why BMO closed its offices.
The Takeaway: The decision underscores the consistent application of the convenience of the employer rule by New York State Tax Appeals Tribunal ALJs, even during the unprecedented circumstances of the COVID-19 pandemic. The decision highlights the challenges nonresident employees face in proving that their remote work is a necessity for their employer. Unless there is clear evidence that the employer required the employee to work from a location outside New York, the convenience of the employer rule will apply, resulting in the allocation of income to New York. Employers need to be aware of the convenience rule, as well, as they may be required to withhold taxes in the state where the employer’s office is located, even if an employee works remotely out-of-state.
The decision suggests that if BMO were not exempt from the Executive Order as a bank or financial institution, the convenience of the employer rule would not apply, and Mr. Myers would be entitled to a refund. But, as discussed in a prior article I authored regarding application of the convenience rule, even in cases where the employer was not a bank or financial institution and was not exempt from the Executive Order, ALJs have still found that the convenience rule applies.
It remains to be seen whether appellate courts will step in to overrule ALJ decisions and find that when New York offices were closed during an unprecedented world-wide pandemic, employees were not working from their homes merely for their own convenience.
U.S. Court of Appeals for the Federal Circuit Affirms Published Patent Applications Become Prior Art on Their Filing Date
Lynk Labs, Inc. v. Samsung Electronics Co., Ltd. concerns an appeal of a decision from the United States Patent and Trademark Office (USPTO) Patent Trial and Appeal Board (Board) that upheld the refusal of claims in a patent application filed by Lynk Labs, Inc. (the ’400 patent) in view of another application (the Martin application) that was filed before the ’400 patent’s filing date, but was published after the ’400 patent application’s filing date.
Those familiar with the patent application process will recognize that prior art can render a claim, or even an entire application, unpatentable. For those new to patenting, if the USPTO finds that an invention is public or if public information makes the new invention obvious, the patent claim will not be allowed. The Board had ruled that the Martin application, though published after the ’400 patent’s filing date and later abandoned, had an effective prior art date of its filing date. Lynk Labs argued that documents become prior art when they are published, and so the Martin application’s effective prior art date was its publication date, because it was not publicly accessible prior to that point.
The DecisionThe Lynk Labs court agreed with the Board, noting that while typical documents, such as journal articles and the like, become prior art on their publication date, patent applications operate under a separate rule when determining prior art. Where printed publications such as journal articles are governed by section 102(a) and (b), patent applications are governed by section 102(e)(1), which notes that the patent application would serve as prior art if it were filed before the claimed invention. Accordingly, even if it were published and publicly accessible only after the filing of the claimed invention, it could still serve as prior art and be used to deny claims.
The Lynk Labs decision has marked consequences for clients with business before the USPTO. First, it underscores the importance of securing an early filing date, as even the most robust patentability search may not be able to find unpublished applications that may serve as prior art if there is delay. Second, the Lynx Labs decision opens opportunities for clients looking to secure and defend their intellectual property rights against potential infringers and competitors by affirming the wider scope of a patent application in being able to prevent others from claiming rights to the same invention. Ultimately, however, it makes clear that there is no safe harbor from others’ patent applications, and so entities are advised to secure early filing dates to protect their intellectual property.
Recent Developments: Nationwide CTA Injunction Lifted, New March 21, 2025, Reporting Deadline Set, and Reporting Rule May Be Modified
Key Takeaways:
The Corporate Transparency Act (CTA) reporting requirements are back in effect following a Texas district court decision entered on February 18.
According to the Financial Crime Enforcement Network (FinCEN), the new general deadline for most reporting companies filing initial, updated, and corrected BOI reports is March 21and the deadline for a reporting company with a previously given later deadline is the later deadline.
In the interim, FinCEN “will assess its options to further modify deadlines, while prioritizing reporting for those entities that pose the most significant national security risks.”
FinCEN also “intends to initiate a process this year to revise the BOI reporting rule to reduce burden for lower-risk entities, including many U.S. small businesses.”
Background:
On January 23, 2025, the United States Supreme Court (SCOTUS) reversed the U.S. district court’s preliminary injunction staying the Corporate Transparency Act (CTA) and the implementing Reporting Rule in Texas Top Cop Shop v McHenry (f/k/a Texas Top Cop Shop v Garland), Case No. 4:24-cv-00478 (E.D. Tex. 2024). For background, see our previous alerts describing the Texas Top Cop Shop district court’s December 3, 2024, opinion and order, and the Fifth Circuit’s decisions lifting and later reinstating the district court’s nationwide stay.[1]
A separate nationwide stay of the CTA Reporting Rule issued on January 7, 2025, by another Texas district court in Smith v U.S. Department of Treasury, Case No. 6:24-cv-00336 (E.D. Tex. Jan 7, 2025) was not affected by the SCOTUS order in Texas Top Cop Shop and remained in effect.[2]
On January 24, 2025, FinCEN published an updated alert acknowledging that, in light of the continuing effect of the nationwide stay in Smith, reporting companies were at that time not required to report beneficial ownership information but could do so voluntarily.[3]
On February 5, 2025, the Department of Justice (DOJ) appealed the Smith nationwide stay to the Fifth Circuit and filed a motion with the Smith district court asking it to lift that stay in view of the SCOTUS order in Texas Top Cop Shop. DOJ stated that, if lifted, FinCEN intended to extend reporting deadlines for 30 days and, during that period, evaluate whether to revise reporting requirements on “low-risk” entities and prioritize enforcement on the “most significant national security risks.”
On February 6, 2025, FinCEN published a new alert acknowledging the DOJ’s pending appeal in Smith and motion requesting the district court to lift the stay in Smith. FinCEN also confirmed its intention, if the stay was lifted, to extend the reporting deadline by 30 days and to assess options to modify further reporting deadlines for “lower-risk” entities during the 30-day period.
Smith District Court Lifts Stay of CTA Reporting Rule:
On February 18, 2025, the Smith district court stayed the preliminary relief granted in its January 5, 2025, order, including the nationwide stay of the CTA Reporting Rule, pending disposition of the Smith appeal to the Fifth Circuit.[4]
CTA Reporting Requirements Back in Effect:
On February 19, 2025, FinCEN published an updated alert stating that, in view of the Smith district court’s decision, “beneficial ownership information (BOI) reporting requirements under the Corporate Transparency Act (CTA) are once again back in effect.” FinCEN generally extended the deadline for most reporting companies filing initial, updated and corrected BOI reports to March 21, 2025 (30 calendar days from February 19, 2025). FinCEN also stated that “during this 30-day period, FinCEN will assess its options to further modify deadlines, while prioritizing reporting for those entities that pose the most significant national security risks” and that “FinCEN also intends to initiate a process this year to revise the BOI reporting rule to reduce burden for lower-risk entities, including many U.S. small businesses.” At the same time, FinCEN also updated two other alerts with respect to Texas Top Cop Shop and National Small Business United v Yellen.[5]
FinCEN Updated CTA Reporting Deadlines:
The updated deadlines, as set forth in the FinCEN updated alert, follow:
For the “vast majority” of reporting companies, the new deadline to file an initial, updated, and/or corrected BOI report is March 21, 2025. FinCEN also stated that it will provide an update before that deadline of any further deadline modifications, recognizing that more time may be needed to meet BOI reporting obligations.
For reporting companies that were previously given a reporting deadline later than the March 21, 2025, the applicable deadline is that later deadline. FinCEN included as an example, “if a company’s reporting deadline is in April 2025 because it qualifies for certain disaster relief extensions, it should follow the April deadline, not the March deadline.”
FinCEN also noted that the plaintiffs in National Small Business United v. Yellen are not currently required to report their beneficial ownership information to FinCEN. See FinCEN alert “Notice Regarding National Small Business United v. Yellen, No. 5:22-cv-01448 (N.D. Ala.)”.
For additional information, see the FinCEN February 19, 2025, updated Alert, Beneficial Ownership Information Reporting | FinCEN.gov], and FinCEN Notice, FIN-2025-CTA1, FinCEN Extends Beneficial Ownership Information Reporting Deadline by 30 Days; Announces Intention to Revise Reporting Rule (February 18, 2025).
If you have questions about your CTA-related engagement with the firm, please contact your Miller Canfield lawyer for further guidance.
[1] Corporate Transparency Act: Miller Canfield
[2] See the Smith district court’s opinion and order here: [Smith et al v. United States Department of The Treasury et al, No. 6:2024cv00336 – Document 30 (E.D. Tex. 2025).]
[3] The current FinCEN Alerts can be found here [Beneficial Ownership Information Reporting | FinCEN.gov.]
[4] gov.uscourts.txed.232897.39.0.pdf
[5] [Beneficial Ownership Information Reporting | FinCEN.gov]
Client Alert- Corporate Transparency Act Is Back in Effect – Another Major Update
As has now been well reported, in 2021 Congress enacted the Corporate Transparency Act (the “CTA”), which empowers the U.S. Treasury Department’s Financial Crimes Enforcement Network (“FinCEN”) to collect information about “Beneficial Owners” of certain privately held entities for the purpose of deterring illicit activities through the operation of shell corporations and LLCs.
Entities formed on or after Jan. 1, 2024, that are subject to the CTA were to disclose to FinCEN information about their Beneficial Owners within 90 days of formation or any change for entities (Beneficial Ownership Interest Reports or “BOIR”). Entities formed prior to Jan. 1, 2024, were to have until Dec. 31, 2024, to file BOIRs. However, in the latter part of 2024, a series of lawsuits were brought challenging the constitutionality of the CTA; they have served to delay the reporting requirements of the CTA and have created confusion and uncertainty regarding the CTA for more than 30 million entities.
The most recent event occurred on Feb. 17, 2025, when the U.S. District Court for the Eastern District of Texas, Tyler Division issued a decision in Smith, et al. v. U.S. Department of the Treasury, et al., lifting the stay the Court had ordered on Jan. 7, 2025, that prevented FinCEN from enforcing the BOIR requirements on a nationwide basis.
In view of this decision, FinCEN issued guidance on Feb. 18, 2025, stating that the requirement to file BOIRs under the CTA is once again back in effect. For the vast majority of reporting companies, the new deadline to file an initial, updated, and/ or corrected BOIR is now March 21, 2025. FinCEN indicated that it will provide an update before then of any further modification of this deadline, recognizing that reporting companies may need additional time to comply with their reporting obligations once this update is provided.
The following chronology of events leading up to Feb. 18 underscores the confusion surrounding the CTA:
On Dec. 3, 2024, in the case of Texas Top Cop Shop, Inc., et al. Garland, et al., the U.S. District for the Eastern District of Texas, Sherman Division, issued an order prohibiting the federal government from enforcing the CTA anywhere in the country. The Court determined that the CTA was likely unconstitutional, and that its implementation would irreparably harm companies if they were forced to comply.
On Jan. 7, 2025, in the case of Smith case, the U.S. District Court for the Eastern District of Texas, Tyler Division, issued an order enjoining the government from enforcing the CTA against the plaintiffs and staying FinCEN’s regulations relating to the implementation of the CTA’s reporting requirements.
On Jan. 20, 2025, President Trump signed an Executive Order titled “Regulatory Freeze Pending Review,” which provides in part:
“I hereby order all executive departments and agencies to take the following steps:
(1) Do not propose or issue any rule in any manner, including by sending a rule to the Office of the Federal Register (the “OFR”), until a department or agency head appointed or designated by the President after noon on January 20, 2025, reviews and approves the rule.”
The impact of this Order on FinCEN’s ability to issue new filing deadlines is uncertain.
On Jan. 23, 2025, the U.S. Supreme Court stayed (i.e., halted) the injunction issued in the Texas Top Cop Shop decision but did not address the injunction in
On Jan. 24, FinCEN issued the following:
“In light of a recent federal court order, reporting companies are not currently required to file beneficial ownership information with FinCEN and are not subject to liability if they fail to do so while the order remains in force… However, reporting companies may continue to voluntarily submit beneficial ownership information reports.”
On Feb. 5, 2025, the federal government filed an appeal in the Eastern District of Texas challenging the injunction in Smith based on the Supreme Court’s ruling in Texas Top Cop Shop. FinCEN has indicated that if the remaining nationwide injunction in Smith is stayed, it intends to resume enforcement of the CTA and extend the reporting deadline by at least 30 days from the issuance of the stay.
On Feb. 10, 2025, the House of Representatives unanimously passed R. 736 — 119th Congress (2025-2026), the Protect Small Business from Excessive Paperwork Act of 2025. This bill would require reporting companies formed or registered before Jan. 1, 2024, to submit reports to FinCEN by Jan. 1, 2026, instead of by Jan. 1, 2025.
Prior to the above- mentioned Court decision on Feb. 17, some entities were taking take a “wait and see approach,” taking the risk of having to make a filing quickly. Other entities were more proactive and made a voluntary filing. With the February Court decision and FinCEN’s resulting position, a “wait and see approach” is no longer an option, at least not for now. But uncertainty regarding the ultimate fate of the CTA remains in view if the Executive Order described above and the possibility that the U.S. Supreme Court may rule on its constitutionality.
Stay tuned!
READ ALL ABOUT IT: Reuters Faces Privacy Lawsuit But The Court Finds No Story To Tell
Greetings CIPAWorld!
Buckle up because this one’s a big deal. If you’ve been keeping an eye on data privacy litigation, you know courts have been drawing a hard line when it comes to proving harm. The Southern District of New York just handed Reuters a win in Zhizhi Xu v. Reuters News & Media Inc., No. 24 Civ. 2466 (PAE), 2025 U.S. Dist. LEXIS 26013 (S.D.N.Y. Feb. 13, 2025), dismissing a lawsuit accusing the media giant of unlawfully collecting users’ IP addresses through web trackers. Here, the case centered around alleged violations of the California Invasion of Privacy Act (“CIPA”), which ultimately fell apart due to a lack of standing. The Court ruled that Plaintiff failed to show any concrete harm—essential for a lawsuit to survive in federal court. If there’s one thing federal courts don’t have time for, it’s speculative injury.
So, what’s the news flash? Plaintiff, a California resident, filed a putative class action against Reuters, alleging that the company embedded web trackers—Sharethrough, Oinnitag, and TripleLift—on its news website. According to Plaintiff, these trackers automatically install on users’ browsers, collect their IP addresses, and transmit that information to third parties for advertising and analytics purposes. Think of it like an invisible footprint—Plaintiff asserted that Reuters tracked him without his consent, leaving behind digital breadcrumbs that were quietly collected and shared. Plaintiff claimed this amounted to a violation of CIPA Section 638.51(a), which prohibits the installation of a “pen register or trap and trace device” without a court order. In response, Reuters quickly moved to dismiss the case, arguing that Plaintiff lacked standing because he had not suffered any tangible injury. The company maintained that collecting an IP address alone—without any evidence of targeted ads or misuse—did not meet the threshold for a privacy violation. In other words, if a tree falls in the digital forest and no one hears it, does it really make a sound? Well, it depends. Like any good law school exam answer, context is everything. Are we talking about mere data collection, or has someone actually suffered harm? Courts don’t deal in hypotheticals—they want to see real, measurable impact. Without proof that Reuters’ data collection led to some kind of concrete harm, the Court wasn’t willing to entertain a privacy violation claim based on mere technicalities.
As such, Judge Paul A. Engelmayer sided with Reuters and dismissed the lawsuit under Rule 12(b)(1) for lack of Article III standing. The ruling echoes a growing trend in data privacy cases: collecting an IP address without more doesn’t trigger a legally recognizable harm. In TransUnion L.L.C. v. Ramirez, 594 U.S. 413, 424 (2021), the Court reaffirmed that a plaintiff must demonstrate a concrete injury to establish standing in federal court. The Court emphasized that IP addresses are not inherently sensitive or private information. It functions primarily as routing data rather than revealing the contents of a user’s communication. The Court relied on Heeger v. Facebook, Inc., 509 F. Supp. 3d 1182, 1188 (N.D. Cal. 2020), which held that collecting IP addresses alone does not constitute a privacy invasion. Plaintiff did not allege that he received targeted ads, suffered financial harm, or compromised his identity due to Reuters’ data collection.
Conversely, the Court noted cases like McClung v. AddShopper, Inc., No. 23-cv-01996-VC, 2024 WL 189006, at *1 (N.D. Cal. Jan. 17, 2024), where the defendant’s data collection led to unwanted marketing. That’s the key difference—Plaintiff’s data was allegedly collected, but nothing really happened as a result. Compare that to cases where companies have blasted users with personalized ads based on the data they grabbed. The Court found no historical or legal precedent equating collecting an IP address to a recognized harm like defamation, intrusion upon seclusion, or public disclosure of private facts, noting Liau v. Weed Inc., No. 23 Civ. 1177 (S.D.N.Y. Feb. 22, 2024), which found that an IP address does not constitute “personal information” for privacy claims.
This ruling isn’t just a one-off—it’s part of a larger judicial pattern I’m seeing increasingly. The courts send a message: statutory violations alone won’t cut it in federal court. This aligns with decisions like Lightoller v. JetBlue Airways Corp., No.: 23-cv-00361-H-KSC, 2023 WL 3963823, at *3 (S.D. Cal. June 12, 2023), where the Court held that a mere statutory violation under CIPA does not establish standing without an actual, concrete harm. Plaintiff’s attempt to claim a privacy right over his IP address fell flat, as the Court reiterated that voluntarily conveyed addressing information does not trigger constitutional standing concerns. If plaintiffs want to bring CIPA or similar claims in federal court, they must show tangible harm—like unwanted targeted ads, identity theft, or direct financial consequences.
Law school lecture 101: Federal standing isn’t just some procedural hurdle—it’s the gatekeeper to the courtroom, and judges are making it clear that not all claims get past the front door. Just because a statute grants a right doesn’t mean plaintiffs automatically have standing in federal court. That’s the real kicker here. Courts are increasingly skeptical of claims that hinge on technical violations without real-world consequences. If the only harm is theoretical, don’t expect a federal judge to bite. This ruling doubles down on that message: if you want your case to survive, show the court some real, measurable damage. Otherwise, your complaint might as well be a hypothetical from law school.
What is more, this case aligns with other recent dismissals of privacy lawsuits that fail to show real harm. There’s a growing judicial skepticism of privacy claims that rest on bare statutory violations. Courts are signaling that mere technical violations of privacy statutes won’t cut it—plaintiffs must demonstrate how they were harmed. And this makes sense. Privacy is a big deal, but without actual damage, courts don’t want to police every instance of data collection. It’s the legal equivalent of “no harm, no foul.”
So, where do we go from here? The battle over what qualifies as ‘concrete injury’ in data privacy cases isn’t going away anytime soon. Expect more lawsuits, more motions to dismiss, and more courts refining the boundaries of what actually constitutes harm in data privacy.
As always,
Keep it legal, keep it smart, and stay ahead of the game.
Talk soon!
NewsBank Hit with Class Action over Employee Data Breach
Last week, a class action was filed against NewsBank, Inc., a Florida-based news database company, related to a 2024 breach of employee personal information.
NewsBank provides a database of archived news publications utilized by libraries, higher education institutions, and other organizations. NewsBank suffered a security incident affecting its employees’ personal information between June and July 2024.
The lead plaintiff claims that, as an employee of NewsBank from January 2023 to November 2024, they were required to provide their personal information (i.e., name, date of birth, Social Security number, and financial account information) as part of their employment.
The lead plaintiff alleges they now face a heightened risk of identity theft due to the breach. The complaint states, “Plaintiff and class members must now and for years into the future closely monitor their medical and financial accounts to guard against identity theft. The risk of identity theft is not speculative or hypothetical but is impending and has materialized as there is evidence that the plaintiff’s and class members’ private information was targeted, accessed, has been misused, and disseminated on the dark web.” The lawsuit alleges claims of negligence, breach of implied contract, and breach of fiduciary duty.
Additionally, the lawsuit alleges that NewsBank failed to follow its policies, including those outlined in its website Privacy Policy, stating that NewsBank had implemented security procedures to protect personal information from unauthorized access, use, and disclosure.
The class seeks over $5 million in damages and injunctive relief, requiring NewsBank to implement enhanced security measures and provide affected individuals with lifetime identity theft protection services. The complaint alleges that “[o]nce private information is exposed, there is virtually no way to ensure that the exposed information has been fully recovered or contained against future misuse [. . . ] For this reason, plaintiff and class members will need to maintain these heightened measures for years, and possibly their entire lives, as a result of defendant’s conduct.”
Privacy Tip #432 – DOGE Sued for Unauthorized Access to Our Personal Information
The Department of Government Efficiency’s (DOGE) staggering unfettered access to all Americans’ personal information is highly concerning. DOGE employees’ access includes databases at the Office of Personnel Management, the Department of Education, the Department of Health and Human Services, and the U.S. Treasury.
If you want more information about the DOGE employees who have access to this highly sensitive data, Wired and KrebsOnSecurity have provided fascinating but disturbing accounts.
Meanwhile, New York and other states have filed suit against DOGE, alleging that the unfettered access to the federal databases is a privacy violation. On February 14, 2025, a New York federal judge found “good cause to extend a temporary restraining order” stopping DOGE employees from accessing U.S. Treasury Department databases. However, the next day, another federal judge in Washington, D.C., denied a request to stop DOGE from accessing the databases of the Department of Labor, the Department of Health and Human Services, and the Consumer Financial Protection Bureau. That means that DOGE employees now have access to the sensitive health and claims information of Medicare recipients, as well as the identities of individuals who have made workplace health and safety complaints. NBC News has reported that “the Labor Department authorized DOGE employees to use software to remotely transfer large data sets.”
Currently, 11 lawsuits have been filed against DOGE over access to sensitive information in federal databases, alleging that the access violates privacy laws. The databases include student loan applications at the Department of Education, taxpayer information at the Department of the Treasury, and the personnel records of all federal employees contained in the database of the Office of Personnel Management, the Department of Labor, the Social Security Administration, FEMA, and USAID.
According to a plaintiff, the potential to misuse Americans’ personally identifiable information “is serious and irrevocable….The risks are staggering: identity theft, fraud, and political targeting. Once your data is exposed, it’s virtually impossible to undo the damage.” We will be closely watching the progress of these suits and their impact on the protection of our personal information.
The Path & The Practice Podcast Episode 123: William McKenna, Partner [Podcast]
This episode of The Path & The Practice features a conversation with William McKenna. Bill is a litigation partner in Foley’s Chicago office. In this discussion, he looks back on growing-up in Hinsdale, Illinois, attending Middlebury College for undergrad and earning his J.D. from the University of Chicago Law School. Bill also reflects on over 40 years of practice, including Foley’s merger with Hopkins & Sutter in the early 2000s. He discusses the importance of, as a litigator, being open to new opportunities and learning how to read and ride the waves of litigation. Finally, Bill gives fantastic advice on the importance of big law associates always thinking ahead.
William’s Profile:
Title: Partner
Foley Office: Chicago
Practice Area: Litigation
Hometown: Hinsdale, IL
College: Middlebury College
Law School: University of Chicago Law School
Corporate Transparency Act Back in Effect and Extended Deadline
On February 18, 2025, the U.S. District Court for the Eastern District of Texas lifted the nationwide injunction it had previously issued against the enforcement of the Corporate Transparency Act (CTA).1 As a result, the CTA reporting requirements are effective again.
In response, the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (“FinCEN”) has extended the deadline for most reporting companies by 30 days, moving the new deadline to March 21, 2025. Reporting companies that were granted later deadlines—such as those with disaster relief extensions to April 2025—should continue to follow their original deadlines. Unlike prior deadlines, there is no distinction between companies formed before or after January 1, 2024 in terms of the deadline.
During this 30-day period, FinCEN will assess the possibility of further deadline changes and focus on prioritizing reporting from entities that pose higher national security risks. Additionally, FinCEN plans to revise the BOI reporting rule later this year to reduce the administrative burden on lower-risk businesses, including many small U.S. businesses.
However, it is unclear whether any changes will occur before the March 21, 2025 deadline.
What This Means for Your Reporting Company:
The CTA reporting requirements are back in effect.
If you do not have significant business or privacy concerns, you should submit your filings now.
If you have concerns, prepare your materials to file closer to the deadline if no updated guidelines or deadlines are issued.
New deadline for companies: March 21, 2025 (unless your reporting company has a later deadline).2
1 Background on Court Cases:
On December 3, 2024, the U.S. District Court for the Eastern District of Texas issued a nationwide injunction in Texas Top Cop Shop, Inc., et al. v. Merrick Garland, et al. On January 23, 2025, the Supreme Court ordered that the injunction be lifted.
On January 7, 2025, the same U.S. District Court issued another nationwide injunction in Smith v. U.S. Department of the Treasury. On February 18, 2025, the court lifted its injunction. With no more nationwide injunctions in place, the CTA came back into effect. The Department of Justice has filed an appeal, and the injunction will remain lifted until the appeal is completed.
2 The CTA is still not being enforced against the plaintiffs in National Small Business United v. Yellen.
Small-Market Segment Can Still Satisfy Domestic Industry Requirement
The US Court of Appeals for the Federal Circuit affirmed a US International Trade Commission finding, explaining that small-market segments can be significant and substantial enough to support the Commission’s domestic industry requirement. Wuhan Healthgen Biotechnology Corp. v. International Trade Commission, Case No. 23-1389, (Fed. Cir. Feb. 7, 2025) (Moore, Chen, Murphy, JJ.)
Ventria Bioscience Inc. owns a patent directed to cell-culture media, which supplies nutrients to cells grown in artificial environments. Ventria filed a complaint at the Commission alleging that Wuhan Healthgen Biotechnology violated § 337 of the Tariff Act by importing products that infringed the patent. The Commission ultimately found that Healthgen imported infringing products and that Ventria had satisfied the domestic industry requirement. Healthgen appealed.
The Federal Circuit affirmed the Commission’s domestic industry finding. The Court began by explaining the long-standing principle that patent infringement-based violations of § 337, which establishes unlawful import practices, require that “an industry in the United States, relating to the articles protected by the patent…exists or is in the process of being established.” This requirement is divided into economic and technical prongs. Here, Healthgen conceded that the technical prong was satisfied by a Ventria product (Optibumin) that practiced the patent.
The economic prong considers three factors, any of which are sufficient to satisfy the prong. As identified by the subsections of § 337(a)(3), “there is in the United States, with respect to the articles of the patent…(A) significant investment in plant and equipment; (B) significant employment of labor or capital; or (C) substantial investment in its exploitation, including engineering, research and development, or licensing.” The Commission found that each of these factors was met because, among other things, Ventria had 100% of its relevant investments in Optibumin located within the United States. The conclusion was further supported by a comparison of the investments to Obtibumin’s revenue.
Healthgen argued that the investments were too small to be significant or substantial, and that Optibumin’s revenue was low, which inflated investment-to-revenue ratios. The Federal Circuit rejected Healthgen’s argument, stating that “[s]mall market segments can still be significant and substantial enough to satisfy the domestic industry requirement.” The Court continued, stating that a domestic industry analysis “cannot hinge on a threshold dollar value or require a rigid formula; rather, the analysis requires a holistic review of all relevant considerations that is very context dependent.” Here, the Court found that “[t]hough the dollar amounts of Ventria’s Optibumin investments are small, the Commission found all of the investments are domestic, all market activities occur within the United States, and the high investment-to-revenue ratios indicate this is a valuable market.” The Court found that the Commission’s findings were supported by substantial evidence and affirmed the Commission.