Category: Technology

Chinese APT41 Attacking State Networks

Although we are receiving frequent alerts from CISA and the FBI about the potential for increased cyber threats coming out of Russia, China continues its cyber threat activity through APT41, which has been linked to China’s Ministry of State Security. According to Mandiant, APT41 has launched a “deliberate campaign targeting U.S. state governments” and has successfully attacked at least six state government networks by exploiting various vulnerabilities, including Log4j.

According to Mandiant, although the Chinese-based hackers are kicked out of state government networks, they repeat the attack weeks later and keep trying to get in to the same networks via different vulnerabilities (a “re-compromise”). One such successful vulnerability that was utilized is the USAHerds zero-day vulnerability, which is a software that state agriculture agencies use to monitor livestock. When the intruders are successful in using the USAHerds vulnerability to get in to the network, they can then leverage the intrusion to migrate to other parts of the network to access and steal information, including personal information.

Mandiant’s outlook on these attacks is sobering:

“APT41’s recent activity against U.S. state governments consists of significant new capabilities, from new attack vectors to post-compromise tools and techniques. APT41 can quickly adapt their initial access techniques by re-compromising an environment through a different vector, or by rapidly operationalizing a fresh vulnerability. The group also demonstrates a willingness to retool and deploy capabilities through new attack vectors as opposed to holding onto them for future use. APT41 exploiting Log4J in close proximity to the USAHerds campaign showed the group’s flexibility to continue targeting U.S state governments through both cultivated and co-opted attack vectors. Through all the new, some things remain unchanged: APT41 continues to be undeterred by the U.S. Department of Justice (DOJ) indictment in September 2020.

Both Russia and China continue to conduct cyber-attacks against both private and public networks in the U.S. and there is no indication that the attacks will subside anytime soon.

Article By Linn F. Freedman of Robinson & Cole LLP

Copyright © 2022 Robinson & Cole LLP. All rights reserved.

Fitness App Agrees to Pay $56 Million to Settle Class Action Alleging Dark Pattern Practices

On February 14, 2022, Noom Inc., a popular weight loss and fitness app, agreed to pay $56 million, and provide an additional $6 million in subscription credits to settle a putative class action in New York federal court. The class is seeking conditional certification and has urged the court to preliminarily approve the settlement.

The suit was filed in May 2020 when a group of Noom users alleged that Noom “actively misrepresents and/or fails to accurately disclose the true characteristics of its trial period, its automatic enrollment policy, and the actual steps customer need to follow in attempting to cancel a 14-day trial and avoid automatic enrollment.” More specifically, users alleged that Noom engaged in an unlawful auto-renewal subscription business model by luring customers in with the opportunity to “try” its programs, then imposing significant barriers to the cancellation process (e.g., only allowing customers to cancel their subscriptions through their virtual coach), resulting in the customers paying a nonrefundable advance lump-sum payment for up to eight (8) months at a time. According to the proposed settlement, Noom will have to substantially enhance its auto-renewal disclosures, as well as require customers to take a separate action (e.g., check box or digital signature) to accept auto-renewal, and provide customers a button on the customer’s account page for easier cancellation.

Regulators at the federal and state level have recently made clear their focus on enforcement actions against “dark patterns.” We previously summarized the FTC’s enforcement policy statement from October 2021 warning companies against using dark patterns that trick consumers into subscription services. More recently, several state attorneys general (e.g., in Indiana, Texas, the District of Columbia, and Washington State) made announcements regarding their commitment to ramp up enforcement work on “dark patterns” that are used to ascertain consumers’ location data.

Article By: Privacy and Cybersecurity Practice Group at Hunton Andrews Kurth

For more cybersecurity legal news, click here to visit the National Law Review.
 
Copyright © 2022, Hunton Andrews Kurth LLP. All Rights Reserved.

Texas AG Sues Meta Over Collection and Use of Biometric Data

On February 14, 2022, Texas Attorney General Ken Paxton brought suit against Meta, the parent company of Facebook and Instagram, over the company’s collection and use of biometric data. The suit alleges that Meta collected and used Texans’ facial geometry data in violation of the Texas Capture or Use of Biometric Identifier Act (“CUBI”) and the Texas Deceptive Trade Practices Act (“DTPA”). The lawsuit is significant because it represents the first time the Texas Attorney General’s Office has brought suit under CUBI.

The suit focuses on Meta’s “tag suggestions” feature, which the company has since retired. The feature scanned faces in users’ photos and videos to suggest “tagging” (i.e., identify by name) users who appeared in the photos and videos. In the complaint, Attorney General Ken Paxton alleged that Meta,  collected and analyzed individuals’ facial geometry data (which constitutes biometric data under CUBI) without their consent, shared the data with third parties, and failed to destroy the data in a timely matter, all in violation of CUBI and the DTPA. CUBI regulates the collection and use of biometric data for commercial purposes, and the DTPA prohibits false, misleading, or deceptive acts or practices in the conduct of any trade or commerce.

Among other forms of relief, the complaint seeks an injunction enjoining Meta from violating these laws, a $25,000 civil penalty for each violation of CUBI, and a $10,000 civil penalty for each violation of the DTPA. The suit follows Facebook’s $650 million class-action settlement over alleged violations of Illinois’ Biometric Privacy Act and the company’s discontinuance of the tag suggestions feature last year.

Article By Hunton Andrews Kurth’s Privacy and Cybersecurity Practice Group

For more privacy and cybersecurity legal news, click here to visit the National Law Review.

Copyright © 2022, Hunton Andrews Kurth LLP. All Rights Reserved.

Retaining a Cell Tower Lease When Selling Property

When selling property with a cell tower lease, keeping the lease is a good option. Done properly, you get the best of both worlds: full value for the property and ongoing lease payments, with the option to sell the lease in the future should you desire.

Selling a property and cell lease together will rarely yield the full value for the lease; however, selling the lease in advance of selling the property may also not be attractive. You may not have other places to invest the proceeds where you will get the same return, for example, and taxes can take a big bite. Additional options, such as 1031 like-kind exchanges, are complicated with short deadlines.

Increasingly, real estate investors are opting to sell property — commercial, residential, land for development and, in a unique case, an office condo — but keeping the cell leases and future leasing rights.

To do this successfully, you should aim to establish balance with purchasers by retaining sufficient future rights to (1) renew the lease, (2) expand it some, and (3) satisfy their requirements for paying full value of the lease, should you decide to sell it in the future. You do not want to grant yourself so many rights that it interferes with a purchaser’s ordinary use and development of the property in question, thus decreasing its selling price.

Essentially, you are trying to attain the balance that would occur in a well-drafted cell lease sale to a third party, whereby keeping the lease is the equivalent of “selling” to yourself!

Specific subject areas where rights must be balanced include:

  • Permitted and restricted uses by both parties within the leased area;
  • Restrictions on uses or devices allowed on portions of the property outside the leased area, such as Wi-Fi using radio frequencies, which cell companies and lease purchasers alike desire;
  • Access rights and rights-of-way for tenants and utilities, as well as who pays for same;
  • Height and building envelope restrictions on new construction outside the leased area;
  • Property owner approval rights of changes in the leased area, and;
  • Relocation.
© 2022 Varnum LLP
For more articles about telecommunications, visit the NLR Cybersecurity, Media & FCC section.

As the California Attorney General Focuses on Loyalty Programs, What Do Companies Need to Remember?

The California attorney general (AG) celebrated data privacy day by doing an “investigative sweep” of the loyalty programs of retailers, supermarkets, home improvement stores, travel companies, and food service companies, and sending out notices of non-compliance to businesses that the AG’s office believes might not be fully compliant with the CCPA. As the AG focuses its attention on loyalty programs, the following provides a reminder of the requirements under the CCPA.

What is a loyalty program?

Loyalty programs are structured in a variety of different ways. Some programs track dollars spent by consumers; others track products purchased. Some programs are free to participate in; others require consumers to purchase membership. Some programs offer consumers additional products; other programs offer prizes, money, or products from third parties. Although neither the CCPA nor the regulations implementing the CCPA define a “loyalty program,” as a practical matter most, if not all, loyalty programs have two things in common: (1) they collect information about consumers, and (2) they provide some form of reward in recognition of (or in exchange for) repeat purchasing patterns.[1]

What are the general obligations under the CCPA?

Because loyalty programs collect personal information about their members, if a business that sponsors a loyalty program is itself subject to the CCPA, then its loyalty program will also be subject to the CCPA. In situations in which the CCPA applies to a loyalty program, the following table generally describes the rights conferred upon a consumer in relation to the program:

Right Applicability to Loyalty Program
Notice at collection A loyalty program that collects personal information from its members should provide a notice at the point where information is being collected regarding the categories of personal information that will be collected and how that information will be used.[2]
Privacy notice A loyalty program that collects personal information of its members should make a privacy notice available to its members.[3]
Access to information A member of a loyalty program may request that a business disclose the “specific pieces of personal information” collected about them.[5]
Deletion of information A member of a loyalty program may request that a business delete the personal information collected about them. That said, a company may be able to deny a request by a loyalty program member to delete information in their account based upon one of the exceptions to the right to be forgotten.
Opt-out of sale A loyalty program that sells the personal information of its members should include a “do not sell” link on its homepage and permit consumers to opt-out of the sale of their information. To the extent that a consumer has directed the loyalty program to disclose their information to a third party (e.g., a fulfillment partner) it would not be considered a “sale” of information.
Notice of financial incentive To the extent that a loyalty program qualifies as a “financial incentive” under the regulations implementing the CCPA (discussed below), a business should provide a “notice of financial incentive.”[4]

Are loyalty programs always financial incentive programs?

Whether a loyalty program constitutes a “financial incentive” program as that term is defined by the regulations implementing the CCPA depends on the extent to which the loyalty program’s benefits “relate to” the collection, retention, or sale of personal information.”[6] While the California Attorney General has implied that all loyalty programs “however defined, should receive the same treatment as other financial incentives,” a strong argument may exist that for many loyalty programs the benefits provided are directly related to consumer purchasing patterns (i.e., repeat or volume purchases) and are not “related” to the collection of personal information.[7] If a particular loyalty program qualifies as a financial incentive program, a business should consider the following steps (in addition to the compliance obligations identified above):

  • Notify the consumer of the financial incentive.[8] The regulations implementing the CCPA specify that the financial incentive notice should contain the following information:
    • A summary of the financial incentive offered.[11] In the context of a loyalty program a description of the benefits that the consumer will receive as part of the program would likely provide a sufficient summary of the financial incentive.
    • A description of the material terms of the financial incentive. [12] The regulation specifies that the description should include the categories of personal information that are implicated by the financial incentive program and the “value of the consumer’s data.”[13]
    • How the consumer can opt-in to the financial incentive.[14] Information about how a consumer can opt-in (or join) a financial incentive program is typically conveyed when a consumer reviews an application to join or sign-up with the program.
    • How the consumer can opt-out, or withdraw, from the program. [15] This is an explanation as to how the consumer can invoke their right to withdraw from the program.[16]
    • An explanation of how the financial incentive is “reasonably related” to the value of the consumer’s data.[17] While the regulations state that a notice of financial incentive should provide an explanation as to how the financial incentive “reasonably relates” to the value of the consumer’s data, the CCPA requires only that a reasonable relationship exists if a business intends to discriminate against a consumer “because the consumer exercised any of the consumer’s rights” under the Act.[18] Where a business does not intend to use its loyalty program to discriminate against consumers that exercise CCPA-conferred privacy rights, it’s not clear whether this requirement applies. In the event that a reasonable relationship must be shown, however, the regulations require that a company provide a “good-faith estimate of the value of the consumer’s data that forms the basis” for the financial incentive and that the business provide a “description of the method” used to calculate that value.[19]
  • Obtain the consumer’s “opt in consent” to the “material terms” of the financial incentive,[9] and
  • Permit the consumer to revoke their consent “at any time.”[10]

FOOTNOTES

[1] FSOR Appendix A at 273 (Response 814) (including recognition from the AG that “loyalty programs” are not defined under the CCPA, and declining invitations to provide a definition through regulation).

[2] Cal. Civ. Code § 1798.100(a) (West 2021); Cal. Code Regs. tit. 11, 999.304(b), 305(a)(1) (2021).

[3] Cal. Code Regs. tit. 11, 999.304(a) (2021).

[5] Cal. Civ. Code § 1798.100(a).

[4] CAL. CODE REGS. tit. 11, 999.301(n); 304(d); 307(a), (b).

[6] CAL. CODE REGS. tit. 11, 999.301(j) (2021).

[7] FSOR Appendix A at 75 (Response 254).

[8] Cal. Civ. Code § 1798.125(b)(2) (West 2021).

[11] CAL. CODE REGS. tit. 11, 999.307(b)(1) (2021).

[12] CAL. CODE REGS. tit. 11, 999.307(b)(2) (2021).

[13] CAL. CODE REGS. tit. 11, 999.307(b)(2) (2021).

[14] CAL. CODE REGS. tit. 11, 999.307(b)(3) (2021).

[15] CAL. CODE REGS. tit. 11, 999.307(b)(4) (2021).

[16] Cal. Civ. Code § 1798.125(b)(3) (West 2021).

[17] CAL. CODE REGS. tit. 11, 999.307(b)(5) (2021).

[18] Cal. Civ. Code § 1798.125(a)(1), (2) (West 2021).

[19] CAL. CODE REGS. tit. 11, 999.307(b)(5)(a), (b) (2021).

[9] Cal. Civ. Code § 1798.125(b)(3) (West 2021).

[10] Cal. Civ. Code § 1798.125(b)(3) (West 2021).

©2022 Greenberg Traurig, LLP. All rights reserved.
For more articles about data privacy, visit the NLR Cybersecurity, Media & FCC section.

Electrification of the Fleet is on the Horizon, Preparing Now is Key

While we often hear how EVs will revolutionize the lives of the average consumer, commercial fleet owners are starting to take note of the impact these new powertrain systems will have on their own business and operations. As OEMs find creative ways to increase aerodynamics, extend battery range, and increase charging speeds, the zero emission and lower long-term cost of EVs compared to ICE (internal combustion engine) vehicles makes a compelling argument for adoption, at least on paper. What really matters is how those factors play out as the rubber hits the road, which OEMs are starting to see play out in real time. Over the past few years, there has been an explosion of commercial fleet platforms from existing and new entrants in the commercial vehicle space. From light to heavy trucking to fleet platform automobiles, EV technology is looking to capture every corner of the commercial fleet sector. Coupled with a slow reduction in the number of ICE vehicles produced in future years, the market may start pushing fleet operations towards EVs, whether they like it or not.

According to the Department of Transportation, over eight million vehicles made up commercial fleets in the US in 2020, which includes a mix of trucks and automobiles used in commercial and government operations. Even more make up commercial vehicles on the road that are not considered part of a fleet. As consumer demand drives most traditional OEMs toward EV dominated fleets, commercial fleet owners and operators need to start to prepare now for the same shift in their vehicle suppliers, or risk playing catchup once the market does turn from ICE to EV. This isn’t to say that failure to be an early adopter will be the death-knell to commercial fleet businesses; it likely won’t be. What businesses with commercial fleets should consider is their own business needs and their timeline for their own fleet replacement as EV technology and infrastructure support continues to evolve. Establishing a process and plan for upgrading existing fleets, training personnel, upgrading infrastructure, and understanding available programs for conversion will be key.

The switch from an ICE to EV fleet isn’t as simple as flipping a switch or plugging in a car – EVs bring a new powertrain and new sources of information. EVs in their current state are expensive, new vehicle supply is constantly in question, current operators are unaware of the nuances involved with operating an EV, and the infrastructure necessary to support a commercial fleet of EVs isn’t universally robust. For the average fleet operator, there also is a need to focus on route optimization, installing and maintaining new hardware capable to supporting charging on-site, revamping their maintenance and care procedures, and working with their local energy providers to understand how power demands in their local market may impact their own energy costs and needs. Additionally, although data analytics has improved existing fleet operations over the past few years, expect to see more nuanced data availability to the benefit of fleet operators.  As commercial and consumer EVs come out with ever more connectivity to the web and each other, coupled with the ability for “smart cities” to increase data available to drivers and vehicles, expect future fleet operators to get even more granular and predictive understanding of traffic patterns to optimize commercial routes. Managing these dynamics and capitalizing on new sources of information will better enable operators to adapt to the changing landscape. The ability to adapt to this new frontier will be a key trait for successful fleet operations in the Auto-2.0 operated environment.

Article By Christopher R. Boll of Foley & Lardner LLP

For more infrastructure and transportation legal news, click here to visit the National Law Review.

© 2022 Foley & Lardner LLP

SEC Rejects Listing of Two Bitcoin ETFs

The SEC rejected two proposals to list and trade shares in two Bitcoin exchange-traded funds (“ETFs”).

The SEC rejected a proposal from NYSE Arca, Inc. (“Arca”) to list and trade shares of the Valkyrie Bitcoin Fund. The SEC also rejected a proposal from CBOE BZX Exchange, Inc. (“BZX”) to list and trade shares of the Kryptoin Bitcoin ETF Trust.

The SEC assessed whether the exchanges (i) had a comprehensive surveillance-sharing agreement with a significant, regulated market, and (ii) could effectively prevent fraudulent and manipulative activity. In the rejected proposals, the SEC noted its concerns over the abilities of the exchanges to adequately meet the requirements under SEA Section 6(b)(5) (“Determination by Commission Requisite to Registration of Applicant as a National Securities Exchange”) in protecting investors and the public interest by preventing fraudulent and manipulative practices.

The SEC rejected Arca’s argument that (i) liquidity, (ii) price arbitrage, and (iii) frameworks to value assets would be sufficient to mitigate potential manipulation.

Similarly, the SEC rejected BZX’s proposal, concluding “that BZX has not established that it has a comprehensive surveillance-sharing agreement with a regulated market of significant size related to bitcoin,” and “that BZX has not established that other means to prevent fraudulent and manipulative acts and practices are sufficient to justify dispensing with the requisite surveillance-sharing agreement.”

As a result, the SEC found that both exchanges had failed to prove that they could meet their burdens under SEA Section 6(b)(5).

© Copyright 2021 Cadwalader, Wickersham & Taft LLP
For more articles on cryptocurrency exchanges, visit the NLR Financial Securities & Banking.

Patch Up – Log4j and How to Avoid a Cybercrime Christmas

A vulnerability so dangerous that Cybersecurity and Infrastructure (CISA) Director Jen Easterly called it “one of the most serious [she’s] seen in [her] entire career, if not the most serious” arrived just in time for the holidays. On December 10, 2021, CISA and the director of cybersecurity at the National Security Agency (NSA) began alerting the public of a critical vulnerability within the Apache Log4j Java logging framework. Civilian government agencies have been instructed to mitigate against the vulnerability by Christmas Eve, and companies should follow suit.

The Log4j vulnerability allows threat actors to remotely execute code both on-premises and within cloud-based application servers, thereby obtaining control of the impacted servers. CISA expects the vulnerability to affect hundreds of millions of devices. This is a widespread critical vulnerability and companies should quickly assess whether, and to what extent, they or their service providers are using Log4j.

Immediate Recommendations

  • Immediately upgrade all versions of Apache Log4j to 2.15.0.
  • Ask your service providers whether their products or environment use Log4j, and if so, whether they have patched to the latest version. Helpfully, CISA sponsors a community-sourced GitHub repository with a list of software related to the vulnerability as a reference guide.
  • Confirm your security operations are monitoring internet-facing systems for indicators of compromise.
  • Review your incident response plan and ensure all response team information is up to date.
  • If your company is involved in an acquisition, discuss the security steps taken within the target company to address the Log4j vulnerability.

The versatility of this vulnerability has already attracted the attention of malicious nation-state actors. For example, government-affiliated cybercriminals in Iran and China have a “wish list” (no holiday pun intended) of entities that they are aggressively targeting with the Log4j vulnerability. Due to this malicious nation-state activity, if your company experiences a ransomware attack related to the Log4j vulnerability, it is particularly important to pay attention to potential sanctions-related issues.

Companies with additional questions about the Log4j vulnerability and its potential impact on technical threats and potential regulatory scrutiny or commercial liability are encouraged to contact counsel.

Article By Philip J. Bezanson, Brittney E. Justice, Claire E. Cahoon, and Seth D. DuCharme of Bracewell LLP

For more cybersecurity legal news, click here to visit the National Law Review.

© 2021 Bracewell LLP

9th Cir. Upholds Antitrust Jury Verdict Against Chinese Telescope Company [PODCAST]

Court affirms evidentiary rulings on market definition and overcharges. Agrees evidence supported verdict for collusion and attempted monopolization.

The Ninth Circuit Court of Appeals this month upheld judgment in favor of Optronic Technologies, Inc., finding there was sufficient evidence that Chinese telescope manufacturer, Ningbo Sunny Electronic (“Sunny”), conspired with a competitor in the U.S. consumer telescope market to allocate customers, fix prices, and monopolize the telescope market in violation of federal antitrust laws (Optronic Technologies, Inc., v. Ningbo Sunny Electronic Co., Ltd., No. 20-15837, 9th Cir. 2021). Ninth Circuit Judge Ronald M. Gould wrote the opinion.

California-based Optronic, known commercially as Orion Telescopes & Binoculars, sued Sunny in November 2014. Orion alleged Sunny violated Sherman Act Sections 1 and 2 by conspiring to allocate customers in the telescope market and conspiring to fix prices or credit terms for Optronics in collusion with Suzhou Synta Optical Technology. Orion further alleged Sunny’s 2014 acquisition of independent manufacturer, Meade, violated Section 7 of the Clayton Act. Orion alleged that Sunny engaged in these anticompetitive acts to force Orion out and further monopolize the telescope market.

A California jury found in favor of Orion on all counts and awarded the company $16.8 million in damages, which the district court trebled to $50.4 million. The district court also ordered injunctive relief, directing Sunny to supply Orion and Synta’s Meade on non-discriminatory terms for five years, and not to communicate with Synta about competitively sensitive information.

Rulings on key elements of plaintiff’s economic evidence affirmed.

Sunny appealed on several grounds, including two that challenged key elements of the plaintiff’s expert economic evidence. The jury had found Sunny liable for attempted monopolization and conspiracy to monopolize in violation of Section 2, which makes it unlawful for any person to monopolize or attempt or conspire to monopolize any relevant market. Sunny argued on appeal that the evidence could not support a Section 2 verdict because Orion’s economist failed to define a relevant market. In particular, Sunny claimed the expert did not examine the cross-elasticity between substitute products in the market or perform a SSNIP test, the standard analysis used to delineate the outer boundaries of a relevant market.

The appeals court found these contentions lacked merit. The plaintiff’s economist had testified that the relevant product market was the market for telescope manufacturing services. The purpose of the SSNIP test is to determine whether the relevant market is drawn too narrowly and should be expanded to include potential substitutes. But because no other manufacturing capacity can substitute for telescope manufacturing services, wholesale purchasers of telescopes cannot turn to other manufacturers to fulfill orders. Without substitutable manufacturers, a SSNIP test boils down to whether new manufacturers would enter the market fast enough to make an increase in price unprofitable for a hypothetical monopolist, which they could not. As a result, the court held that the economist reasonably could forgo performing a SSNIP analysis.

Sunny also challenged the economist’s estimate of anticompetitive overcharges that could not directly be observed. Neither the “benchmark” nor “before-and-after” estimation methods were available. Therefore, to develop a measure of damages, the plaintiff’s expert presented two different methods of estimating the overcharges. In the first method, the expert collected data on cartel overcharges from the economic literature on markets with structures and conditions similar to telescope manufacturing. The average of those overcharges was then used as an estimate of the overcharge resulting from defendants’ collusion. As a check on this estimate, the economist also submitted a theoretical Cournot equilibrium model of market prices based on assumptions drawn from the record in the case. The two methods yielded similar and consistent results. Affirming the admissibility of the expert’s damages estimates, the appellate court found the expert’s report and testimony “were sufficiently tied to the facts of this case such that the district court properly admitted this evidence.”

In rebuttal, the defendant’s economist testified to the high sensitivity of the assumptions used in the plaintiff’s theoretical model. Interestingly, defendants were not permitted to submit their own estimate of damages for the first time on rebuttal, so the defendants’ expert had to limit her testimony to the sensitivity of the model without the ability to show the jury any resulting alternative estimate of the anticompetitive overcharge. The appeals court affirmed the trial court’s limitation on the defendants’ rebuttal expert.

Price fixing and a larger scheme.

Sunny also argued that Orion failed to present sufficient evidence to support Orion’s Section 1 claims. Section 1 prohibits unreasonable restraints of trade. Horizontal price fixing and market allocation are per se unreasonable and support Section 1 liability without regard to any purported justification or defense. The Ninth Circuit noted that Orion offered evidence that Synta executives encouraged Sunny’s purchase of Meade, an acquisition that was part of a larger scheme by Sunny and Synta to jointly control the telescope manufacturing market, even though federal regulators had already prohibited such a combination. The court also declined to upset the jury’s finding that Sunny conspired with a Synta subsidiary to fix prices and credit terms to Orion, a per se violation of Section 1.

“If you break it, you buy it.”

Finally, it is notable that the appellate court affirmed the award of damages accruing after September 2016, when the defendant and Synta took their last steps to eliminate Meade, and Synta entered a Settlement and Supply Agreement with Orion. The court held that, even if the conspiratorial acts of Sunny and Synta ended in 2016, Orion could still recover post-2016 damages “because it continued to suffer economic harm from the harm to competition caused by the illegal concerted activity.” Thus, where collusion causes a durable change in market structure or sets the pattern of a continuing collusive practice, it is no defense that the conspirators may have ceased engaging in concerted action.

The rule adopted by the Ninth Circuit in Optronics is clear: “[W]here an antitrust plaintiff suffers continuing antitrust injuries from anticompetitive changes to market structure that arose from a proven antitrust violation, we hold that the violation may be a material cause of that injury, and so recovery of damages is permitted, even after the last proven date of the violative conduct. This rule accords with the common-sense principle that ‘if you break it, you buy it.’”

Welcomed clarity.

The Ninth Circuit’s opinion brings welcomed clarity on several points. It demonstrated that plaintiffs need not perform a SSNIP test where market-specific circumstances define a market’s outer boundary. For claimants facing the need to estimate unobservable anticompetitive overcharges, it affirms an ingenious method for arriving at a reasonable and reliable estimate. And, for past conspiracies with continuing anticompetitive effects, the decision announces the common-sense principle that a defendant “remains liable for the continuing injuries suffered by plaintiffs from the structural harm to competition that its unlawful scheme brought about.” Put simply, this is a well-articulated decision by a capable panel that adds precision and certainty to antitrust.

Edited by Tom Hagy for MoginRubin LLP

© MoginRubin LLP

For more articles on 9th Circuit decisions, visit the NLR Litigation section.

Maryland Comptroller Adopts Digital Advertising Gross Revenues Tax Regulations

On December 3, 2021, the Maryland Comptroller published notice of its adoption of the digital advertising gross revenues tax regulations (which was originally proposed on October 8, 2021). Per the Maryland Administrative Procedure Act, the final adopted regulations will go into effect in 10 calendar days, or December 13, 2021. (See Md. Code Ann., State Gov’t § 10-117(a)(1).)

The final regulations were adopted almost entirely as proposed, with just two minor changes that the Attorney General (AG) of Maryland certified as non-substantive. Specifically, the changes to the October 8 proposed regulations concern the information that may be used to determine the location of a device and are described by the AG as follows:

  • Regulation .02(C): The Comptroller is clarifying language regarding the allowable sources of information a taxpayer may use to determine the location of a device. Specifically, this final action amendment changes “both technical information and the terms of the underlying contract” to “both technical information and nontechnical information included in the contract.”
    • Regulation .02(C)(2): The Comptroller is amending the non-exhaustive list of technical information to include “industry standard metrics.”

    Practice Note: While “industry-standard metrics” is a nice addition to the list of sources that may be used to determine the location of devices for sourcing purposes, significant and fundamental questions and concerns submitted as part of the comments were not addressed by the Comptroller in adopting the final digital ad tax regulations. The tax is subject to multiple lawsuits (both state and federal court) and pending a court order to the contrary is scheduled to take effect beginning January 1, 2022, with the first filing obligation for large taxpayers in April 2022. Taxpayers grappling with how to comply with this new tax are encouraged to contact the authors.

    © 2021 McDermott Will & Emery

    Article by Stephen P. Kranz, Eric Carstens, and Jonathan C. Hague with McDermott Will & Emery.

For more updates on tax regulations, visit the NLR Tax section.