SAGE Case Study: What Regulatory Compliance Requirements and Litigation Risks Should a Company Consider When Weighing Opportunities in New Markets?

4 minute read
January.26.2023

The Client: A multinational technology company focused on internet-related services and products.

The Business Question: What regulatory compliance requirements and litigation risks should a company consider when weighing opportunities in new markets?

The Context

Based in Asia, our client was considering starting e-commerce businesses in the United States.
As a company with little direct e-commerce experience in the United States, the client wanted to understand compliance requirements and litigation risks involved.
Our client expanded beyond a core focus on internet services and artificial intelligence to pursue ventures in areas that include financial services, semiconductors, consumer electronics and e-commerce.

The Solution

Recognizing that e-commerce businesses involve an array of intertwined legal issues, we analyzed more than two dozen pertinent areas of law, including those dealing with advertising and marketing, consumer protection, cybersecurity, intellectual property, commercial terms and privacy.

Our team synthesized distinct legal perspectives into a cohesive overview of the regulatory and compliance environment. We also provided operational guidance for implementing compliance safeguards, taking into consideration legal and business risks, enforcement trends and anticipated future evolution of relevant U.S. laws.

We helped our client consider trends in and compliance with laws in areas such as:

Sector-specific guidance: We provided guidance on issues related to ad tech, biometric data and children’s privacy, and drafted relevant privacy disclosures.
Incident response: We outlined the legal requirements for merchants involved in a data breach impacting credit or debit card numbers and advised our client to consider supplementing relevant policies.
State-specific privacy laws: We explained requirements of the California Consumer Privacy Act, including as applicable to ad tech and consumer profiling.
Unfair and deceptive practices: We emphasized the need to carefully review any communications or disclosures about the level of online security, given the vigor with which the FTC and states enforce consumer-protection laws.
Deceptive advertising: We urged our client to scrutinize ad materials and customer acquisition strategies for compliance with relevant laws and regulations. We also identified risk priorities based on recent deceptive advertising enforcement cases.
Marketing communications: We shared insights on laws governing email and text advertising and marketing and recommended our client develop policies and procedures to ensure compliance.
Consumer protection: Our team explained an FTC rule governing how soon after purchase an e-commerce seller must ship a product and helped the client determine whether to update merchant processing agreements. We also noted increased enforcement of laws against price gouging, particularly for products of heightened interest during the pandemic, such as personal protective equipment.
Taxes: We shared an analysis of factors that determine if a company must pay federal income taxes, such as whether the company employs people and / or owns property in the United States, and we provided an overview of state sales tax requirements for e-commerce businesses.
Business strategy: In addition to providing insights on compliance requirements and litigation and regulatory risks, the client looked to us to help evaluate the risks associated with selling its products through an established third-party e-commerce platform versus creating its own e-commerce site in the United States.
- We assessed the risks of such an approach, including the possibility that an existing platform could use data from the client’s activities to compete with the client.
- We also noted that an existing platform would control many aspects of the presentation of product information. And we shared best practices around data acquisition and scraping – the client could repurpose written product specifications, for example, but would need permission to use copyrighted photos or other material.

We also discussed relevant trademark, labeling and product liability laws.

The Value

Our client received a seamless, multidisciplinary perspective on a range of topics from a single firm. Rather than asking one firm for cybersecurity and another about data scraping or email marketing, the client enjoyed a one-stop solution for answers to questions bearing on e-commerce.

The Result

Our overview of compliance requirements and litigation risks helped support the client’s development and execution of a global strategy to diversify its business and expand into new markets. Understanding the level of effort needed to address requirements and mitigate risk helped the client refine and execute its plans to offer e-commerce in the United States using a blend of its own sites and an established third-party platform.

Authors

Xiang Wang Partner, Proprietà intellettuale, Cyber Privacy and Data Innovation

Pechino; New York; Shanghai

See my bio

D:+86 10 8595 5600
E: [email protected]

Practice:

Technology & Innovation Sector
Proprietà intellettuale
Cyber Privacy and Data Innovation
Mass Torts & Product Liability
Trade Secrets Litigation
IP Counseling e due diligence
Patents
Antitrust & Competition
International Trade and Investment
White Collar, Investigations, Securities Litigation & Compliance
Employment Law & Litigation
Trademark, Copyright & Media
Automotive Technology & Mobility
China

vCard

See full bio

Xiang Wang Partner

Pechino; New York; Shanghai

Xiang is a Guiding Expert of the China Overseas IP Dispute Response & Guidance Center.

He also serves several consultancy roles for local regulatory authorities, including as IP Guiding Expert of Shenzhen IP Protection Center; IP Guiding Expect of Zhejiang Province IP Protection Center; IP Consultant of Technology Innovation Bureau of Nanjing Jiangbei New Area Management Committee (Jiangsu Province); Expert of IP Dispute Investigation and Appraisal of Foshan Market Supervision and Administration Bureau (Guangdong Province); and Expert for Overseas IP Protection and Assistance of Foshan Intellectual Property Bureau (Guangdong Province).

Xiang has extensive experience in assisting local and foreign-based multinational companies with all aspects of their IP rights in the U.S. and China, including IP litigation and arbitration, patent infringement, industrial espionage, trade secret misappropriation, copyright and trademark infringement, ITC Sec. 337 investigations, patent office proceedings including inter partes reviews (IPR), IP due diligence and portfolio counseling, technology export control, mass torts and product liability, securities litigation, the Foreign Corrupt Practices Act (FCPA) and other investigations and compliance. These matters have implicated a vast array of technologies, from software and electronics to renewable energy and medical devices as well as agricultural and building materials, to name just a few.

Xiang also works extensively on cybersecurity investigations and data privacy compliance matters for both Chinese and international clients.

Xiang has been particularly active in Chinese state-owned enterprises related U.S. litigation. Clients turn to his strategic and innovative advice thanks to his in-depth understanding of their business needs and political risks. Clients appreciate that he “understood the environment in the China legal system and can give nuanced advice”.

Xiang has developed the region’s premier IP practice based on his reputation as one of the few IP lawyers who has a doctorate in electrical and computer engineering, a Juris Doctor, a Chinese Certificate of Laws, and admission to practice law in New York, Indiana and before the U.S. Patent and Trademark Office. Due to its success in patent disputes in the United States and China, involving both foreign and Chinese companies, Orrick IP team was exclusively featured in a documentary film “Patent Wars” by the China Central Television (CCTV).

Xiang is highly regarded for his practical legal advice that results from more than ten years of experience at medical and electronic device businesses before becoming a lawyer. He also has received four U.S. medical-technology patents in his name.

Shannon Yavorsky Partner, Cyber Privacy and Data Innovation, Technology Transactions

San Francisco; Londra

See my bio

D:+1 415 773 5731
E: [email protected]

Practice:

Technology & Innovation Sector
Cyber Privacy and Data Innovation
Technology Transactions
Global Compliance & Regulatory
Government Investigations and Enforcement Actions
Environmental, Social & Corporate Governance (ESG)
Strategic Advisory & Government Enforcement (SAGE)

vCard

See full bio

Shannon Yavorsky Partner

San Francisco; Londra

She advises public and private companies across several sectors, including life sciences and health technology, financial services, private equity, insurance, social media and technology on a range of EU and U.S. federal and state privacy laws. Shannon’s strategic counseling advice includes, but is not limited to:

Advertising and payment card processing self-regulatory frameworks
Controlling the Assault of Non-Solicited Pornography And Marketing Act (CAN-SPAM)
Electronic Communications Privacy Act (ECPA)
EU Artificial Intelligence Act
EU e-Privacy Directive
EU General Data Protection Regulation (GDPR)
Fair Credit Reporting Act (FCRA)
Gramm–Leach–Bliley Act (GLBA)
Health Insurance Portability and Accountability Act (HIPAA)
National Institute of Standards and Technology (NIST) Artificial Intelligence Risk Management Framework
Telephone Consumer Protection Act (TCPA)
U.S. state breach notification laws
U.S. state privacy laws in California, Colorado, Connecticut, Utah and Virginia (CCPA, CPRA, CPA, CTDPA, UCPA, VCDPA)

Shannon also helps clients undertake comprehensive privacy, cybersecurity and artificial intelligence risk assessments, evaluates privacy, security and artificial intelligence risks in corporate transactions and drafts and negotiates data-related contracts. She advises clients on cross-border data transfers, data breaches and developing global privacy and artificial intelligence compliance programs.

Robert L. Uriarte Partner, Proprietà intellettuale, Trademark, Copyright & Media

Silicon Valley; Los Angeles

See my bio

D:+1 650 289 7105
E: [email protected]

Practice:

Technology & Innovation Sector
Proprietà intellettuale
Trademark, Copyright & Media
Trade Secrets Litigation
Patents
Appelli brevetti e diritti di proprietà intellettuale

vCard

See full bio

Robert L. Uriarte Partner

Silicon Valley; Los Angeles

Robert is a technology litigator and trial lawyer focused on software, security technology, and emerging internet law and digital crimes issues. Robert has helped establish landmark precedent under the Copyright Act, the Computer Fraud and Abuse Act, California Penal Code 502, and Digital Millennium Copyright Act, and he has successfully tried multiple cases to verdict, including under the Patent Act. In addition to litigation work, Robert also counsels companies ranging from market leaders to start-ups on issues related to intellectual property, security, and incident response. Robert brings a creative, business-oriented approach to helping clients develop, acquire, and protect their most important assets.

Robert is committed to improving diversity in the legal profession. He co-chaired Orrick's Silicon Valley Diversity Committee for many years and is one of the firm-wide facilitators for Orrick’s Latinx Affinity Group. Robert is also committed to pro bono work. He received Orrick's Pro Bono Award in 2019 and the Legal Aid Association of California's 2015 Family Law Pro Bono Award. Robert currently serves as a member the board of directors for the San Mateo County Legal Aid Society.

Robert served as a law clerk to U.S. District Judge Oliver W. Wanger in the Eastern District of California prior to commencing private practice.

Colleen McDuffie Partner

Washington, D.C.

See my bio

D:+1 202 339 8512
E: [email protected]

Practice:

Technology & Innovation Sector

vCard

See full bio

Colleen McDuffie Partner

Washington, D.C.

She brings a deep understanding of what drives innovative companies and a market reputation for efficiently and effectively getting intellectual property transactions and other complex commercial deals done.

Colleen counsels companies at all stages, from startups to Fortune 100, on the technology license and development agreements that drive their businesses, the strategic alliances that grow their industry relationships, and any other technology- and IP-driven agreements that are needed so companies can meet their business goals.

Colleen has extensive experience drafting and negotiating a wide variety of complex commercial agreements, including: intellectual property and data licenses; software development and license agreements; IT-focused services agreements, including consulting, development, hosting, and various “as-a-service” agreements; manufacturing and distribution agreements; joint venture and joint development agreements; and technology and intellectual property acquisition and disposition agreements. She also provides advice in connection with intellectual property and technology matters attendant to M&A and other corporate transactions.

She brings deep experience in the mobility technologies space, from connected vehicles and their supporting IT platforms to clean fuel technologies. She also has extensive experience in semiconductor design and fabrication, satellites and space technologies, telecommunications, and adtech.

Colleen has been involved in numerous pro bono activities, including: volunteering with voting rights and voter protection organizations; advising Georgetown’s Halcyon House social entrepreneurship fellows on intellectual property matters; hosting a start-up IP licensing webinar; and drafting and negotiating agreements for a PSA supporting equal wages for women.

Before becoming an attorney, Colleen spent several years working as a computer hardware and software engineer and performing research at a scientific think tank.

Emily S. Tabatabai Partner, Cyber Privacy and Data Innovation, Technology Companies Group

Washington, D.C.; Houston

See my bio

D:+1 202 339 8698
E: [email protected]

Practice:

Technology & Innovation Sector
Cyber Privacy and Data Innovation
Technology Companies Group
Internet of Things
Strategic Advisory & Government Enforcement (SAGE)

vCard

See full bio

Emily S. Tabatabai Partner

Washington, D.C.; Houston

Emily provides strategic counseling and advice on privacy, consumer protection and online safety matters to clients across industries, including retail, ecommerce, mobile apps, gaming, social media, advertising technology (adtech), financial services, education, business services and technology. She also represents clients subject to regulatory investigations, including before the FTC and States Attorneys General, Congressional committees and other regulatory agencies and groups.

Emily provides proactive compliance guidance, and regulatory investigation defense, on a variety of privacy and consumer protection laws, including:

U.S. state privacy laws in California, Colorado, Connecticut, Utah and Virginia (CCPA, CPRA, CPA, CTDPA, UCPA, VCDPA)
Children’s Online Privacy Protection Act (COPPA)
Online safety laws for kids and teens, including California Age-Appropriate Design Code Act (AADC), Utah Social Media Regulation Act and others
Section 5 of the Federal Trade Commission Act (FTC Act) and state unfair and deceptive acts and practices (UDAP) laws
Family Educational Rights and Privacy Act (FERPA)
California’s Student Online Personal Information Protection Act (SOPIPA), New York’s Education Law 2-d and other state student data privacy laws
Illinois’ Biometric Information Privacy Act (BIPA) and other biometric privacy laws
Washington My Health My Data Act and other state health privacy laws
Fair Credit Reporting Act (FCRA)
Gramm-Leach-Bliley Act (GLBA)
Telephone Consumer Protection Act (TCPA)
Telemarketing Sales Rule (TSR)
Restore Online Shoppers’ Confidence Act (ROSCA)

Emily is a frequent speaker on data privacy matters, with a particular focus on children’s privacy (COPPA), student data privacy and EdTech and online safety laws for kids and teens. She has been featured as an “Up and Coming” Privacy & Data Security attorney by Chambers USA and Chambers Global. Clients tell Chambers, “She’s been an excellent partner. She has a very good understanding of the practical realities of implementing privacy policies for large companies.” Citing her expertise in the field of educational privacy, student data and EdTech matters, Chambers reports that clients regard her as “very knowledgeable and truly an expert in this space,” with some saying, “On the student data side, she is unmatched,” and The Legal 500 notes that Emily “is the first port of call for child- and student-directed service providers for compliance advice with COPPA, SOPIPA and CalOPPA regulations.”

Emily also has an active consumer protection practice, focused on marketing and promotional issues. She counsels clients on advertisements and endorsements, retail sales and e-commerce, advertising substantiation, SMS and telemarketing, social media and online advertising.