CNIL imposes hefty sanction on French company under GDPR

On May 28 2019, the French data protection authority Commission nationale de l’informatique et des libertés (CNIL) imposed a €400,000 fine on French property management company Sergic for neglecting to maintain the security of and to limit the storage of personal data. This is the first sanction imposed on a French company under the General Data Protection Regulation (GDPR) and is also the most significant financial penalty imposed on a French company for data breaches to date, representing close to 1 percent of the yearly turnover of the fined company.

To learn more, please visit

French Council of State Confirms GDPR Sanction, Lowers Penalty Fee

Following a recent data breach, Optical Center has been fined 250,000 euros by The Commission nationale de l’informatique et des libertés (CNIL). The website breach allowed public access to invoices, purchase orders, and personal data of customers. On appeal, the French Highest administrative Court (Council of State) lowered the penalty to 200,000 euros. The reduction of the fine, although slight, proves that the opportunity to file an appeal may be a strategic option for companies operating in France.

To read more on this recent update, please visit

Recent ‘firsts’ shape UK collective actions

This year marks four years since significant statutory reforms regenerated the UK’s collective actions arena. Following a rocky start to this new regime, it appears that 2019 may finally bring some clarity to potential claimants navigating the first hurdle of competition class actions: the Collective Proceedings Order (‘CPO’) application. This is the first stage in the process whereby the Competition Appeals Tribunal (‘CAT’) considers whether to authorise the proposed class representative to bring the claim on behalf of the class. Read our team’s alert on how these recent key collective actions are shaping the UK’s new regime.

Department of Justice eases prohibition on the use of electronic messaging apps

On March 8, 2019, the United States Department of Justice (the DOJ) announced a key revision to its Foreign Corrupt Practices Act (FCPA) Corporate Enforcement Policy (the Policy) regarding employees’ use of ephemeral messaging platforms. The original Policy required companies to prohibit employees’ use of such messaging platforms in order to receive full cooperation credit and demonstrate adequate remediation. The revised Policy permits such communications, so long as proper guidance and controls are put in place to ensure the appropriate retention of business records. This reflects the DOJ’s recognition that its prior position did not comport with modern business realities. Our team describes the updated Policy and what companies now need to mindful of in our recent alert.

Lorenzo v. SEC restores primary liability for misstatements

Last week, the U.S. Supreme Court decided Lorenzo v. SEC, determining that a person who knowingly disseminates a misstatement about a security can be primarily liable under the antifraud provisions of the federal securities laws. This significant holding opens the door for the SEC and private plaintiffs to charge misstatement cases as scheme cases, and target all parties involved in disseminating the misstatement to the investing public. Our team explains what you need to know in our recent alert.

CFTC signals intention to focus on foreign corrupt practices investigations

On March 6, 2019, the U.S. Commodity Futures Trading Commission’s (the “Commission” or “CFTC”) Enforcement Division published an advisory (the “Advisory”) which discussed the implications of self-reporting and cooperation for violations of the Commodity Exchange Act (“CEA”) that involve foreign corrupt practices. The Advisory marks the first time the CFTC has expressed its intention to investigate the use of derivatives involving foreign corrupt practices and is also indicative of regulators’ realization that in the 21st century most businesses are international and use various complex business structures that may involve the use of commodities and derivatives.

1. The CFTC’s Mission  

The CFTC is an independent agency of the United States federal government that regulates the futures, options and swaps markets (generally, the derivatives). Established in 1974, the CFTC’s role is to “foster open, transparent, competitive, and financially sound markets [and to] protect market users and their funds, consumers, and the public from fraud, manipulation, and abusive practices related to derivatives and other products.” Originally tasked with regulating the futures market for agricultural commodities, the Commission’s jurisdiction has expanded dramatically over the years to include futures (and from 2010 – swaps and options) markets for virtually all derivative products and services, including energy and metals, foreign exchange, various indices, interest rates and credit defaults, and digital assets – all of which are broadly included in the definition of a “commodity.”

The CEA broadly prohibits fraud and manipulation in connection with any transaction involving a “commodity” that is subject to the CFTC’s jurisdiction. Specifically, it is a violation of the CEA to intentionally or recklessly employ any manipulative device, scheme or artifice to defraud in connection with a swap, an option, or a commodity future (i.e., a derivative) as well as in connection with any commodity transaction, including those traded on spot or on a forward basis. Therefore, the CEA gives the CFTC broad authority to police abusive and fraudulent trade practices in derivatives, as well as cash commodity markets.

2. The CFTC’s Advisory 

The Advisory follows on a series of similar advisories issued by the CFTC in 2017 and incentivizes companies and individuals to self-report and remediate violations of the CEA involving foreign corrupt practices, and to cooperate fully with the CFTC following the disclosure. Should they do so, market participants not registered (or required to be registered) with the CFTC will be entitled to a presumption of no civil penalty. Registrants with the CFTC are not entitled to this presumption, however, as they already have existing obligations to report material noncompliance with the CEA, including foreign corrupt practices. However, registrants who self-report, cooperate and remediate CEA violations may still secure substantial penalty reductions.

CFTC Enforcement Director James McDonald announced the CFTC’s new enforcement policy at the American Bar Association’s Conference on White Collar Crime (the “ABA Conference”), the same day that the Advisory was issued by the CFTC. McDonald encouraged individuals with information regarding foreign corrupt practices in the commodities or derivatives markets to share such information with the CFTC’s Whistleblower’s Office. According to Director McDonald, the CFTC has awarded at least $85 million to whistleblowers since 2014.

3. The CFTC’s Focus on Foreign Corrupt Practices

The Advisory signals the Commission’s intention to investigate foreign corrupt practices which unfairly impact the cash commodities and derivatives markets. The basis for this assertion of jurisdiction is the CFTC’s broad authority to prevent abusive practices in commodities trading markets, particularly in those instances where a violation of the CEA and the CFTC’s rules and regulations would also demonstrate engaging in foreign corrupt practices.

At the ABA Conference, McDonald provided examples of foreign corruption that the CFTC would investigate. Notably, the CFTC will investigate bribes that are paid to secure business in foreign countries in relation to regulated activities, such as trading, advising or dealing in derivatives or cash commodities. The CFTC will also investigate corrupt practices in connection with the manipulation of benchmark interest rates, which serve as the basis for related derivatives contracts.

McDonald also confirmed that the CFTC has opened investigations into similar misconduct, and emphasized the Commission’s commitment to its focus on foreign corrupt practices, “regardless of the specific factual scenario.”

4. CFTC to Coordinate with the DOJ and SEC on FCPA Enforcement 

The Foreign Corrupt Practices Act (“FCPA”) has traditionally been enforced by the Department of Justice (“DOJ”) and the Securities and Exchange Commission (“SEC”), respectively, for criminal and civil offenses.

In this regard, the CFTC has clarified that it would continue to focus on subject matters that fall within its core jurisdiction (i.e., the CEA and the CFTC’s rules and regulations applicable to commodities and derivatives), but that it may now also look at corrupt practices that facilitate or induce commodities trading deals.

For example, a commodity trader who pays a bribe to secure business from a sovereign wealth fund or a foreign government may constitute a violation of both the CEA and the FCPA. In such instances, McDonald stated that the CFTC will closely coordinate with the DOJ or SEC to investigate such misconduct. Indeed, a senior DOJ official who attended the ABA Conference stated that the DOJ was looking forward to coordinating with the CFTC in cases involving foreign corrupt practices.

5. No Piling On

McDonald has emphasized that the CFTC’s focus on foreign corrupt practices is not meant to “pile onto” existing FCPA investigations being conducted by the DOJ or the SEC. To reflect this, the CFTC “will give dollar-for-dollar credit for disgorgement or restitution payments in connection with other related actions.”

6. Conclusion 

These developments substantially heighten the need for participants in the commodity, futures and swaps markets to adopt a proactive approach in identifying and addressing overseas corruption issues that may exist in their deal-making and business practices. This is particularly pertinent for deals which involve parties from high-risk jurisdictions.

OFAC addresses North Korea’s illicit shipping practices with updated advisory document

On Thursday March 21, 2019, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) updated the advisory document it published on February 23 regarding North Korea’s illicit shipping practices. The updated guidance provides further information about North Korea’s deceptive shipping practices aimed at evading international sanctions and provides a list of ‘red flags’ aimed at assisting in the identification of these deceptive practices. This guidance follows North Korea’s continued attempts to evade U.S. and UN sanctions and remains applicable despite President Trump’s announcement that the United States would not impose further sanctions on North Korea. Our Sanctions Team summarizes the updated guidance document in our client alert.

Interpreting the DOJ’s recent enforcement campaign against “no-poach” cases

Since 2010, with its cases filed against a number of leading technology companies, the Department of Justice (DOJ) has shined a spotlight on the potential antitrust risks associated with employers’ use of “no-poach” agreements in which companies agree not to hire or solicit each other’s employees. The DOJ and the Federal Trade Commission (FTC) issued joint guidelines in 2016 making clear that they would aggressively enforce the antitrust laws against such agreements between and among competitors as per se unlawful, including through criminal enforcement.  Yet, the DOJ recently filed Statements of Interest in several pending antitrust cases brought against franchisors, taking the position that the no-poach agreements at issue in those cases were not per se unlawful and should be analyzed under the more forgiving rule of reason test. The DOJ’s filings do not reflect a change in the Department’s enforcement policy regarding no-poach agreements. The cases, however, in which the DOJ staked out its position bear watching and could ultimately provide helpful guidance to franchisors, manufacturers who distribute through independent dealers. Our Antitrust and Competition Team summarize and interpret the DOJ’s recent enforcement actions in our recent client alert.

New EU rules promote transparency and fairness in online trading practices

On February 14, 2019, the European Commission, European Parliament, and Council of the European Union reached agreement on new rules designed to ensure a fair, transparent and predictable business environment to the benefit of both end consumers and entrepreneurs using third party online platforms for their business. The new rules will be implemented by way of an EU regulation to be adopted by the Council and European Parliament. Members of our competition team have outlined the main changes that this new regulation brings in our recent alert.

FTC announces revised HSR thresholds for 2019

On February 15, 2019, the Federal Trade Commission (FTC) announced the annual threshold adjustments for premerger filings under the Hart-Scott-Rodino Antitrust Improvements Act of 1976, as amended (15 U.S.C. § 18a) (HSR). The FTC revises the thresholds annually based on the change in gross national product.  The revised HSR thresholds will apply to all transactions that close on or after the effective date, and the effective date will be in late March. Members of our Antitrust team explain what you need to know in our client alert.