Seven Barclay Damon attorneys were quoted in the Corporate Compliance Insights article “Top Stories of 2024.” Yvonne Hennessey, chair of Barclay Damon’s Environmental and Lobbying & Election Law Compliance Practice Areas; Renato Smith-Bornfreedom, Data Security & Technology Practice Area co-chair; Celine Dorsainvil, associate; Kat Delos Reyes, associates; David Burch, White Collar & Government Investigations Practice Area co-chair; Kevin Szczepanski, Data Security & Technology Practice Area co-chair; and Charles Nerko, team leader for data security litigation in Barclay Damon’s Data Security & Technology Practice Area, shared their thoughts on the events that took place in 2024 and what can be expected in 2025.
About the US Supreme Court’s 6–3 decision in Loper Bright Enterprises v. Raimondo, which held that executive agencies would no longer receive deference in lawsuits over rules they issue, Yvonne provided her outlook for 2025:
We can expect even more litigation seeking closer scrutiny of administrative agencies’ interpretation of federal law and their regulatory authority. This litigation will cover a myriad of regulatory areas, ranging from federal financial and tax laws to environmental statutes, such as the Clean Air Act and Clean Water Act to the Affordable Care Act. The result, at least in the near term, is likely inconsistent statutory interpretations of federal laws as lawsuits work their way through the courts. Courts will now be interpreting statutory provisions perhaps never judicially construed before, and judges may or may not agree with judges in other jurisdictions or even ones with different political leanings. Because of this, expect forum shopping. The abandonment of Chevron deference may also trickle down to the doctrine of administrative deference in states with administrative procedures acts similar to that at the federal level.
Trump’s reelection, along with the incoming Republican-controlled Congress, effectively doubles down on reining in administrative agencies. President Trump will continue to appoint federal judges that will narrowly construe federal laws as well as reduce the footprint of federal administrative agencies. All in all, the combined effect will be the narrowing of federal administrative agency authority.
Renato, Celine, and Kat spoke about AI and what businesses can expect in 2025:
Businesses should not only expect further advancements in AI technology but also a growing number of compliance risks, bias and discrimination claims and the erosion of consumer trust and safety. Social media channels and platform providers will likely increase self-regulation as well as “AI-generated” label requirements and related terms. There will likely also be increased efforts to protect vulnerable populations from the detrimental impacts of AI.
David shared his thoughts about what’s to come in 2025 in the wake of the Department of Justice launching its pilot program for corporate whistleblowers:
In 2025, I expect the whistleblower program will continue to grow and gain prominence at the federal level. The program will likely attract more whistleblowers given its clear financial incentives to whistleblowers, the protections provided to whistleblowers and the expanding scope of corporate misconduct it addresses. Businesses in regulated industries should expect to deal with an uptick of investigations based on whistleblowers and will need to be vigilant about defending when inquiries come in from the DOJ.
The first Trump administration generally favored deregulation and reducing government oversight of businesses, and statements during the campaign and by Cabinet appointees over time would suggest this focus on deregulation will continue in his second term. The result could be either a reduction in funding or a scaling back of enforcement efforts against corporate misconduct and will also have the potential to reduce regulatory violations overall over time. Ultimately, time will tell whether the results in Year One and public sentiment will cause the Trump-appointed DOJ leadership to continue the pilot.
The CrowdStrike failure led to worldwide computer system outages, affecting businesses across numerous industries, including hospitals, airlines, and banks. Kevin and Charles provided insight about Delta Air Lines’ lawsuit against CrowdStrike and its implications for the year ahead:
Delta Air Lines’ lawsuit against CrowdStrike challenges pro-vendor contractual shields. The airline accuses CrowdStrike of misrepresentation, gross negligence and even computer trespass. Delta argues that CrowdStrike acted so irresponsibly that its contractual liability limits and disclaimers should not apply. A victory for Delta could weaken the protections tech companies have long relied upon.
In response, companies are likely to ramp up due diligence when selecting technology vendors, scrutinizing their operational reliability and cybersecurity practices. Businesses will also push for more balanced tech contracts, particularly in sectors where system failures or data breaches can paralyze operations, such as healthcare, finance and transportation. Businesses should also consider whether over-relying on a single vendor like CrowdStrike creates excessive risk that could be managed by expanding their lists of potential vendors.
In 2025, litigation over technology failures and data breaches is expected to rise, with businesses increasingly using lawsuits as a strategic tool to hold tech vendors accountable for the damages they cause. These cases will set new precedents for assigning liability to technology providers.
Click here to read the full article.