Insights

A California Court of Appeal recently provided employers with a wage and hour victory and meal period guidance in Bradsbery v. Vicar Operating, Inc. As a matter of first impression, the Court held that upon hire, employees can prospectively waive all meal periods owed during any five-to-six-hour shifts they will work throughout the course of their employment. This decision provides helpful guidance for employers seeking to implement enforceable meal period waivers.

On 8 August, the UK Department for Science, Innovation & Technology (“DSIT”) published a report titled “Emerging technologies and their effect on cyber security” (the “Report”). It examines how the convergence of AI, IoT, Quantum, Edge Computing, Blockchain and other emerging technologies is transforming the cyber threat landscape. We’ve summarised below some of their key findings and takeaways. In the pursuit of growth and efficiencies many companies are considering how to adopt emerging technology into their operational processes, and the Report provides a useful guide as to emerging cyber risks and where the UK Government’s attention is focused as it launches the Cyber Resilience Bill later this year.

On August 5, 2025, Royal Sovereign International Inc. (Royal Sovereign), a defunct New Jersey importer of portable air conditioners, pled guilty to one count of willfully violating the Consumer Product Safety Act (CPSA) for its failure to report dangerous defects in portable air conditioners that had been linked to multiple fires and one death. The company also agreed to a civil settlement with the Department of Justice and the Consumer Product Safety Commission (CPSC) that included $395,786.48 in restitution to victims and a $16,025,000 civil penalty, which was suspended to $100,000 for inability to pay.

On July 24, 2025, President Trump signed an Executive Order titled “Saving College Sports” (the “Order”). The White House also released an accompanying Fact Sheet regarding the Order.

Over the past several months, Missouri and Florida have gone on the offensive against the nation’s largest proxy advisors related to what they deemed “radical” agendas in providing proxy advice. In Texas, two of the largest proxy advisors, Institutional Shareholder Services Inc. (ISS) and Glass, Lewis & Co., LLC (“Glass Lewis”), punched first, filing separate complaints in federal court against Texas Attorney General Ken Paxton in his official capacity, challenging the facial and as applied constitutionality of Senate Bill 2337 (“S.B. 2337” or “the Act”). The Act would require all proxy advisory services to disclose advice or recommendations that are “not provided solely in the financial interest of the shareholders of a company.” Advice and/or a recommendation is defined as being “for nonfinancial reasons” when it “is wholly or partly based on, or otherwise takes into account, one or more nonfinancial factors” including “an environmental, social, or governance (ESG) goal,” “diversity, equity, or inclusion (DEI)”, or “a social credit or sustainability factor or score.” Both Glass Lewis and ISS seek declaratory and injunctive relief enjoining the enforcement of S.B. 2337 as unconstitutional under the First and Fourteenth Amendments. Specifically, they allege the Act violates the First Amendment’s prohibition against viewpoint discrimination, infringes upon their freedom of association, and is unconstitutionally vague. Glass Lewis also argues that the Act violates the Dormant Commerce Clause, and that it is preempted by the Employment Retirement Income Security Act of 1974 (“ERISA”).

On July 23, 2025, the White House released Winning the Race: America’s AI Action Plan (“the Plan”) the Trump Administration’s most significant policy statement on artificial intelligence to date.

Open source data and software play a foundational role in software development, artificial intelligence (AI), education, and research. Open source AI refers to systems where the source code, model parameters, and related components are freely available for anyone to use, study, modify, and distribute.

On July 14, 2025, the FTC announced its enforcement action against telemedicine company NextMed over charges it used misleading prices, fake reviews and deceptive weight-loss claims to sell GLP-1 weight-loss drugs. The FTC has now settled its charges that NextMed used deceptive practices to lure consumers into buying their weight-loss membership programs that had hidden terms and conditions. With the rise of both authentic and counterfeit GLP-1s throughout the nation and the proliferation of the availability of GLP-1s from telemedicine/telehealth companies, online pharmacies and medspas, this announcement is a sign that the federal government will actively monitor these entities to ensure consumers are getting genuine, authentic GLP-1s, that consumers are making informed decisions about weight-loss drugs, and that consumers are not being deceived and duped in the frenzy over GLP-1s.

On July 4, 2025, President Trump signed into law the One Big Beautiful Bill Act (the “Act”), after it was passed by Congress on July 3, 2025. Notably, the Act made significant and welcome changes from the perspective of startup company stockholders and venture capital investors to the qualified small business stock (“QSBS”) rules set forth in Internal Revenue Code (“Code”) Section 1202. In a nutshell, the changes modernize (by adjusting for inflation) and expand the already favorable tax treatment for QSBS under Code Section 1202. The Act also permanently reinstates elective expensing for qualifying domestic research and experimental expenditures that will likely help more startups in research and capital intensive sectors qualify for favorable QSBS treatment.

On July 8, 2025, the Eighth Circuit vacated the Federal Trade Commission’s (“FTC”) Negative Option Rule, also known as the Click-to-Cancel Rule, on procedural grounds. The Click-to-Cancel Rule, which provided a streamlined path for consumers to cancel subscription services in a few clicks of a mouse, was scheduled to take effect on July 14, 2025, but the Court found that the FTC had failed to follow mandatory procedural requirements.

On July 4, President Trump signed into law the “One Big Beautiful Bill Act” (“the Act”), or H.R. 1, which makes significant changes to federal healthcare programs, including Medicaid, Medicare, and Health Insurance Marketplaces. As proposed in previous versions of the Act, the Act includes cuts to the Medicaid program and imposes new requirements on beneficiaries, states, and healthcare providers.

The Supreme Court declined to hear two key federal environmental enforcement cases, effectively leaving in place lower court rulings that allow for broad private citizen enforcement under the Clean Water Act and Clean Air Act. Because of the Court’s denials, citizen plaintiffs remain free to pursue enforcement cases in the absence of governmental enforcement, thus companies remain at risk of being sued by active watchdog citizen groups.

Supplemental Environmental Projects (SEPs) are voluntary, environmental or public health projects that parties subject to environmental enforcement proceedings can propose as part of an administrative, civil, or criminal settlement. SEPs are unique and used specifically in environmental enforcement cases in part because (1) many environmental law statutes do not require a showing of harm to prove a violation; thus, redressing harm, outside of equitable relief, is not usually statutorily required; and (2) pollution is a public harm that is hard to redress, both individually and collectively.

Twenty years ago, the Supreme Court held that “one who distributes a device with the object of promoting its use to infringe copyright, as shown by clear expression or other affirmative steps taken to foster infringement, is liable for the resulting acts of infringement by third parties.” MGM Studios, Inc. v. Grokster, Ltd., 545 U.S. 913, 919 (2005). In the Grokster case, the Supreme Court found that peer-to-peer file sharing companies could be liable for copyright infringement for their users’ deployment of file sharing software. There, the Court found that liability was warranted because the file sharing companies knew that its users were infringing, and the companies materially contributed to that infringement.

Over the past several months, hundreds of businesses across California have been served with Notices of Violation (NOVs) of California’s Proposition 65 (“Prop 65”) for issuing thermal receipts at the register and using thermal labels and stickers in their stores. The targeted businesses include large and small retailers, restaurants, banks, gas stations, and grocers.

On July 2, 2025, the U.S. Department of Justice (DOJ) Civil Division and the U.S. Department of Health and Human Services (HHS) jointly announced the formation of a False Claims Act (FCA) Working Group. This new initiative underscores a coordinated federal enforcement strategy focused on identifying and addressing fraud in federally funded health care programs, particularly Medicare Advantage and Medicaid managed care. The announcement comes days after Matthew R. Galeotti, Head of DOJ’s Criminal Division, announced the results of the “largest coordinated health care fraud takedown in the history of the Department of Justice”  and the creation of a “Health Care Fraud Data Fusion Center” comprised of data specialists that will “break down information silos, using coordinated data analysis to enable our investigative teams to quickly identify and dismantle emerging fraud schemes.” Taken together, these announcements demonstrate the DOJ’s effort—in both civil and criminal divisions—to strengthen its collaboration with HHS to investigate and prosecute health care fraud.

The U.S. Department of Justice’s (DOJ) reprieve on civil enforcement of its Data Security Program (DSP), which imposes sweeping restrictions on bulk data transfers by U.S. entities to certain “countries of concern” and “covered persons,” is set to expire on July 8, 2025.

Section 230 of the Communications Decency Act of 1996 has been credited with “creating” the internet by immunizing websites and platforms from lawsuits arising from the content posted by third-party users. Specifically, an internet company is not liable for publishing or posting content drafted by another person under conventional common law tort theories such as defamation or slander, however loathsome, violent or otherwise hateful that content is.  At the same time, Section 230 also immunizes a website or platform that engages in good-faith moderation of content it deems to violate its terms of use/conditions or community standards. 

Last week, artificial intelligence companies won two significant copyright infringement lawsuits brought by copyright holders, marking an important milestone in the development of the law around AI. These decisions – Bartz v. Anthropic and Kadrey v. Meta (decided on June 23 and 25, 2025, respectively), along with a February 2025 decision in Thomson Reuters v. ROSS Intelligence – suggest that AI companies have plausible defenses to the intellectual property claims that have dogged them since generative AI technologies became widely available several years ago. Whether AI companies can, in all cases, successfully assert that their use of copyrighted content is “fair” will depend on their circumstances and further development of the law by the courts and Congress.

Crowell attorneys have closely monitored developments related to the California Invasion of Privacy Act (“CIPA”). In particular, we have watched plaintiffs attempt to extend this wiretapping law to encompass website chatbot communications that are managed by third parties.