SAGE Case Study: What Regulatory Compliance Requirements and Litigation Risks Should a Company Consider When Weighing Opportunities in New Markets?

4 minute read

The Client: A multinational technology company focused on internet-related services and products.

The Business Question: What regulatory compliance requirements and litigation risks should a company consider when weighing opportunities in new markets?

The Context

  • Based in Asia, our client was considering starting e-commerce businesses in the United States.
  • As a company with little direct e-commerce experience in the United States, the client wanted to understand compliance requirements and litigation risks involved.
  • Our client expanded beyond a core focus on internet services and artificial intelligence to pursue ventures in areas that include financial services, semiconductors, consumer electronics and e-commerce.

The Solution

Recognizing that e-commerce businesses involve an array of intertwined legal issues, we analyzed more than two dozen pertinent areas of law, including those dealing with advertising and marketing, consumer protection, cybersecurity, intellectual property, commercial terms and privacy.

Our team synthesized distinct legal perspectives into a cohesive overview of the regulatory and compliance environment. We also provided operational guidance for implementing compliance safeguards, taking into consideration legal and business risks, enforcement trends and anticipated future evolution of relevant U.S. laws.

We helped our client consider trends in and compliance with laws in areas such as:

  • Sector-specific guidance: We provided guidance on issues related to ad tech, biometric data and children’s privacy, and drafted relevant privacy disclosures.
  • Incident response: We outlined the legal requirements for merchants involved in a data breach impacting credit or debit card numbers and advised our client to consider supplementing relevant policies.
  • State-specific privacy laws: We explained requirements of the California Consumer Privacy Act, including as applicable to ad tech and consumer profiling.
  • Unfair and deceptive practices: We emphasized the need to carefully review any communications or disclosures about the level of online security, given the vigor with which the FTC and states enforce consumer-protection laws.
  • Deceptive advertising: We urged our client to scrutinize ad materials and customer acquisition strategies for compliance with relevant laws and regulations. We also identified risk priorities based on recent deceptive advertising enforcement cases.
  • Marketing communications: We shared insights on laws governing email and text advertising and marketing and recommended our client develop policies and procedures to ensure compliance.
  • Consumer protection: Our team explained an FTC rule governing how soon after purchase an e-commerce seller must ship a product and helped the client determine whether to update merchant processing agreements. We also noted increased enforcement of laws against price gouging, particularly for products of heightened interest during the pandemic, such as personal protective equipment.
  • Taxes: We shared an analysis of factors that determine if a company must pay federal income taxes, such as whether the company employs people and / or owns property in the United States, and we provided an overview of state sales tax requirements for e-commerce businesses.
  • Business strategy: In addition to providing insights on compliance requirements and litigation and regulatory risks, the client looked to us to help evaluate the risks associated with selling its products through an established third-party e-commerce platform versus creating its own e-commerce site in the United States.

    • We assessed the risks of such an approach, including the possibility that an existing platform could use data from the client’s activities to compete with the client.
    • We also noted that an existing platform would control many aspects of the presentation of product information. And we shared best practices around data acquisition and scraping – the client could repurpose written product specifications, for example, but would need permission to use copyrighted photos or other material.

We also discussed relevant trademark, labeling and product liability laws.

The Value

Our client received a seamless, multidisciplinary perspective on a range of topics from a single firm. Rather than asking one firm for cybersecurity and another about data scraping or email marketing, the client enjoyed a one-stop solution for answers to questions bearing on e-commerce.

The Result

Our overview of compliance requirements and litigation risks helped support the client’s development and execution of a global strategy to diversify its business and expand into new markets. Understanding the level of effort needed to address requirements and mitigate risk helped the client refine and execute its plans to offer e-commerce in the United States using a blend of its own sites and an established third-party platform.