Not every lawyer gets the chance to be a privacy and security lawyer. Oddly, not every lawyer may even want to. Yet every lawyer—and every business—should be able to identify how privacy and security law risks, opportunities, and obligations impact their clients or their business activities.

Privacy and security law is a relatively new concept in the United States. It did not exist when I was in law school (prehistoric times). Virtually all of the relevant law for commercial enterprises is less than twenty-five years old, with much of it arising in the past several years (with ongoing changes every year). From humble and narrow beginnings, this body of law now impacts essentially any business of any size in any industry anywhere in the country (and really the world). My goal is not to turn every lawyer into a privacy lawyer (I don’t need the competition); instead, my goal is to teach general business lawyers why they should be familiar with basic privacy and security law issues and how to identify when and where these issues arise.

The General U.S. Privacy Framework

U.S. privacy law—unlike the laws of virtually every other country in the world that has privacy laws—falls into various categories, with many detailed laws to address specific situations and activities. (By contrast, other countries tend to have one generally applicable law.) These U.S. laws fall into four general categories:

• Sector-specific law. U.S. privacy law is often described as “sectoral.” What this means is that there are key federal laws regulating privacy in certain sectors, in theory designed for specific issues related to those sectors. These include the Health Insurance Portability and Accountability Act (“HIPAA”) for the health-care industry, the Gramm-Leach-Bliley Act (“GLBA”) for financial services, and the Family Educational Rights and Privacy Act (“FERPA”) for education.
• Practice-specific laws. We have a variety of federal laws (often with state counterparts) that relate to specific business practices, primarily those that relate to marketing, including the CAN-SPAM Act (email marketing) and the Telephone Consumer Protection Act (“TCPA”) for telemarketing and texting.
• Data-specific laws. We also have a variety of state and federal laws regulating certain categories of data. This can include both federal laws and rules (e.g., the 42 C.F.R. part 2 rules for substance abuse treatment information, the Children’s Online Privacy Protection Act (“COPPA”) rules for children’s data, and the Genetic Information Nondiscrimination Act (“GINA”)), as well as a broad and growing range of state laws such as the Illinois Biometric Information Privacy Act (“BIPA”) and the Washington My Health My Data Act for consumer health information.
• State “comprehensive” laws. Although there is no generally applicable federal privacy law, since California passed the California Consumer Privacy Act, we now have twenty state laws that are said to “comprehensively” regulate privacy law in those states for residents of those states. While these laws generally are less comprehensive than the General Data Protection Regulation (“GDPR”) in Europe, as they exempt smaller companies, generally exempt nonprofits, and generally exempt entities that are subject to other laws, these state laws provide an important gap-filling baseline for a wide variety of previously unregulated businesses.

Accordingly, while U.S. privacy law may not be obviously comprehensive in the way that European law is under the GDPR, our existing (and expanding) legal structure applies multiple overlapping and perhaps inconsistent laws based on who is doing what with what data. This regulatory complexity creates part of the challenge of developing appropriate compliance that addresses a typical business’s full set of privacy risks.

Beyond these privacy laws, we also see two other important categories of relevant and related laws. First, there are multiple laws at both the state and federal level related to data security. These can include sector-specific data security laws, such as with HIPAA or GLBA, or state-specific laws, such as the Massachusetts data security law. These laws create general standards, often couched as “reasonable and appropriate” safeguards; but these provisions can lead to meaningful enforcement, and security breaches are the primary driver of class action litigation and regulatory enforcement in this space. Second, there also are laws related to data breach notification in every state, as well as additional data breach notice laws in other contexts. These laws require notification to consumers and often regulators and/or the media in the event of data breaches involving specific kinds of personal information.

On top of this vast array of laws, we also see additional “law” based on enforcement activities from key regulators that take action on data privacy and security issues often independent of specific laws related to privacy. For example, the Federal Trade Commission (“FTC”)—under section 5 of the Federal Trade Commission Act—regulates “unfair or deceptive acts or practices,” which it regularly views as including issues related to data security incidents, potential improper collection, and use or disclosure of personal information. State attorneys general also engage in similar enforcement of privacy and security principles based on their own consumer protection authority.

Business and Legal Areas Implicated

This complicated set of laws (which is being supplemented on a regular basis, particularly at the state level) encompasses a broad range of businesses across every industry. In addition, these requirements are creating material issues across a wide range of legal practice areas outside of a privacy specialization. For example, lawyers in the following practice areas need to be cognizant of privacy issues in their space:

• Mergers and acquisitions (“M&A”). Virtually every corporate transaction triggers the need for a privacy and security review. Every acquired company has a computer system and employees. Almost all have business contact information. More and more companies collect, use, and disclose a much broader range of consumer information in various contexts than in the past. All of these issues need to be examined in transaction diligence and incorporated into integration plans post-acquisition.
• Litigation. Litigators need to be aware of privacy and security issues for two separate reasons. First, there is a growing range of class action litigation about privacy law. This most frequently includes either class action litigation following a data breach or class action litigation based on other kinds of practices that the plaintiffs’ bar views as problematic (such as the use of tracking technologies on websites). Beyond these privacy-specific litigation matters, litigators also need to understand the impact of privacy law on other kinds of litigation. If you are bringing a medical malpractice case, you need to understand the privacy rules for obtaining information from health-care professionals. If you are conducting discovery (or are subject to discovery) involving your employees’ activities or a review of their communications, you need to understand how privacy law impacts this information-gathering activity. Even where the case is not “about” privacy law, privacy law impacts a wide range of litigation issues in cases that are not directly about privacy at all.
• Employment. Employment law increasingly is about data. Artificial intelligence (“AI”) and data analytics are driving the hiring process. Employee monitoring is growing particularly as the workforce is more remote and more mobile. These issues raise fundamental privacy issues, where formal U.S. law is sparse but growing (with lots of risks from faulty or misused data) and international law is fully developed.
• International trade. Privacy also is impacting international trade and overall international business activities. European privacy law, for example, prohibits the transfer of personal data from Europe to countries that do not have “adequate safeguards” for this data—which often includes the United States. Several efforts to “fix” this inadequacy have been stopped by the European courts—leading to high-level diplomatic negotiations to restart the ability of companies to move data to the U.S. Recent developments in U.S. law have started to impose meaningful restrictions on data flows to certain countries. The overall complexity of international privacy law impacts global compliance and raises costs and the difficulty of operating internationally.
• AI. AI law is largely being modeled on the development of privacy law. As with privacy law, the European Union is moving to a single overall regulatory model. As with privacy law, the U.S. seems to be moving in fits and starts and regulating specific practices, largely at the state level to date. The regulators will be primarily the same as with privacy law (mainly the FTC and state attorneys general in the U.S.).
• Antitrust/competition law. Increasingly, business success is driven by data. More data typically is better, particularly in connection with the development of AI. This race to grow data volumes now turns privacy and collection of personal data into a competition issue on top of being a privacy issue.
• Cybersecurity. Data security also is a broad area of concern for any business, independent of specific legal requirements. These risks can be incidents involving personal information (where consumer protection and regulatory requirements are more extensive) or “cybersecurity” incidents, which can relate to national security concerns, commercial interests, and/or overall systemic interconnections. A company that is shut down because of a ransomware attack freezing corporate information systems may not necessarily have personal data issues—but it makes running a business quite challenging when the company is not able to run its computer systems or website.

Some Key Areas for Consideration

These issues impact different companies in different ways: a consumer health company has a very different risk profile than a clothing store. But there are some critical common themes that apply to virtually any company operating in the United States (and typically around the world as well):

• Security policies and incident response preparation. Security risks should be top of mind for virtually any company. Data security requires constant, ongoing attention—to stay on top of technological developments, understand how most incidents occur, and evaluate the impact of regulatory enforcement actions on your business. This is an area where thoughtful advance planning is critical not only to build effective information security programs but also to develop a specific incident response plan for how to handle the inevitable incident when it does in fact happen. An easy hint: Evaluate where you do not have multifactor authentication in place, as well as every place in your company that you store or collect Social Security numbers.
• Data minimization / data maximization tensions. Companies need to understand both the privacy issues and the security risks from common efforts to gather as much data as possible. Privacy laws increasingly are mandating specific data minimization or minimum necessary requirements when companies engage in permitted data activities. At the same time, companies thrive in their business analytics—especially if developing appropriate AI is part of the plan—by gathering and analyzing as much data as possible. But the collection and long-term maintenance of data create security risks—security incidents are always bad, but an incident involving data that you should not still have will be worse.
• M&A integration. An extraordinary percentage of large-scale security beaches involve situations where a recently acquired company becomes a target of an attack before its security practices are effectively integrated with the parent company’s approach. Threat actors know to attack this weak spot. An effective and prompt integration plan on data security issues is critical.
• Business expansion issues. There are similar acquisition impacts related to privacy law. The small acquired company may not be subject to many of the U.S. state laws. Once acquired, however, the purchaser (typically a bigger company) will inherit a set of practices that may not have violated law before the acquisition—but now will. Also, companies may face real challenges in integrating data from acquired companies or engaging in specific activities where the two business operations are being combined. These issues involve both the small-company perspective (your potential purchaser may be very concerned about the vendor contracts that you signed as your business was getting going and that contain unlimited liability provisions, or you may have limited data rights because you had little leverage in getting your business going) and the larger-company view (where the benefits of an acquisition may be reduced if there is a data breach or acquired data cannot realistically be integrated under applicable law). Thinking about size, these issues impact both start-ups and much larger companies, although in different ways.
• AI overlay issues. Companies need to evaluate their approach to AI alongside of privacy law. Do you have contractual or legal rights to use the data that you have for AI purposes? Are you making decisions using AI that is regulated by privacy law? Does privacy law impact what permissions you need from consumers before using their data for AI purposes? The law in this area is already confusing and likely will continue to grow in its complexity for the foreseeable future.

U.S. privacy law is increasingly chaotic. It will continue to be challenging to stay on top of all of the different developments and for many companies to understand the full range of relevant concerns. A few key points to think about:

• You should be considering any place in your company (or your client’s company) where you are collecting, using, storing, or disclosing sensitive categories of personal information. These data categories are the most regulated and overall the most risky, both for privacy and potential data security breaches.
• You need to understand the geographic footprint of your business operations. Do you operate nationwide (meaning you will likely be subject to all of the relevant state laws)? Are you subject to the GDPR because you are either in Europe physically or taking steps to seek consumer business from Europe?
• You need to consider whether you are subject to some of the riskier state laws, such as the collection of biometric information in Illinois or the use of consumer health data in Washington.

Conclusion

While privacy and security law will continue to be a specialty area of legal practice, the implications of privacy and security law apply much more broadly. As a lawyer, you are not effectively representing your clients if you do not understand how privacy law impacts their operations. If your business doesn’t yet have a privacy officer, you likely should have one now or will need one soon. And the one you have should be a reasonably high-level person in the company with appropriate compensation and legal authority.

The latest Federal Trade Commission (“FTC”) action in furtherance of its avowed commitment to “restore fairness to the American labor market” involves a no-poach investigation, not a noncompete case. On December 19, 2025, the FTC announced that it and the New Jersey Attorney General’s Office reached settlements with a building services company barring it from using no-hire agreements.

According to New Jersey’s attorney general, “When employers enter into no-hire agreements, employees pay the price. They have fewer job opportunities, lower wages, and weaker benefits. That’s why our office is committed to ending these unlawful labor practices across our state.” The FTC expressed a similar sentiment: “American workers have a right to pursue job opportunities that offer them higher pay and better benefits. Yet anticompetitive no-hire agreements . . . prevent workers from realizing their full earning potential.”

The FTC’s complaint alleges that the no-hire provisions violate both Section 1 of the Sherman Act, which prohibits agreements that unreasonably restrain trade, and Section 5 of the FTC Act, which bars unfair methods of competition. The agency defines “no-hire agreements” in the complaint as an agreement between two or more companies that “restricts, imposes conditions on, or otherwise limits a company’s ability to solicit, recruit, or hire another company’s employee,” directly or indirectly, either during employment or for any period of time after, including by imposing fees.

The injury to competition alleged under Section 1 includes the elimination of “direct, horizontal, and significant forms of competition to attract labor in the U.S. building services industry,” thereby denying employees access to job opportunities, restricting their mobility, and depriving them of competitively significant information that they could have used to negotiate for better terms.

With respect to Section 5, the FTC claims that the no-hire agreements tend or are likely to harm competition, consumers, and employees in the building services industry. Restricting the ability of building owners and competing building service contractors to hire employees harms:

• Employees because it limits their ability to negotiate for higher wages, better benefits, and improved working conditions, and may lead to further hardship if the building where they work changes management, because the no-hire agreements force them to leave their jobs in some circumstances.
• Building owners and managers because they may be foreclosed from seeking or accepting bids from competitor vendors due to the prospect of losing long-serving workers with extensive, building-specific experience.

Neither the complaint nor the analysis in aid of public comment makes allegations related to market power or market share. Based on published information, the vendor told FTC staff that it did not enforce the no-hire provisions. During the course of the investigation, begun in the prior administration, however, the FTC learned that there had been at least one attempt to enforce compliance. An FTC statement also notes that any legitimate objectives of no-hire agreements could have been achieved through significantly less restrictive means. The agency specified that, among other terms, the scope and duration of the restrictions were not reasonably necessary to achieve the purported procompetitive purpose.

Before the most recent government shutdown, the FTC made clear its intent to bring enforcement actions against conduct likely to harm labor markets, although the focus then appeared to be “unfair” employee noncompete agreements. In September 2025, the FTC abandoned its defense of its 2024 rule banning virtually all worker noncompetes, entered into a settlement agreement with a pet cremation company prohibiting use of noncompete clauses in its employment agreements, issued a Request for Information Regarding Employer Noncompete Agreements to enlist the public in identification of “specific employers continu[ing] to impose noncompete agreements,” and announced that it would host a workshop regarding unfair noncompete agreements.

The FTC’s noncompete workshop has been rescheduled for January 27, 2026, with an agenda for three panels: (1) Locked out of Work: Victims of Anticompetitive Noncompetes; (2) Unleashing the American Worker: Policy Perspectives on Noncompetes; and (3) Counting the Costs: The Economics of Noncompetes.

Although the public case materials provide limited information, there are some key takeaways from the latest FTC enforcement action:

• Make certain that any representations made to agency staff are accurate.
• The FTC intends to continue to police labor markets in terms of no-hire and noncompete agreements.
• Restrictions on worker movement should be framed as narrowly as possible to accomplish a specific and demonstrable procompetitive goal.
• “Penalties” or fees designed to prevent worker departures or improved bargaining positions should be avoided. The more significant the fee, the greater the antitrust risk.
• Restraints that go beyond the employees staffed on the specific project that is the subject of the contract are riskier.
• Noncompete and no-hire provisions are riskier when the impacted employees are low-wage workers, largely because it can be difficult to justify the restrictions.
• Even restraints that exceed the term of employment by only six months may be excessive, particularly if low-wage workers are affected.
• Worker restrictions should not be designed to prevent competition in market for the employer’s products or services.

Because modern directors and officers (“D&O”) liability policies are written on a “claims made” basis, coverage is determined based on when the claim for wrongful acts is first made against an insured. If a company does not have a D&O policy in place, it risks being uninsured for claims made during a gap in claims-made coverage. D&O policies also contain “change in control” provisions limiting coverage for wrongful acts occurring after there is a change in ownership. So, what happens when a company is acquired, merges with another company, or sells its assets such that the selling entity no longer is a going company that maintains a D&O policy?

The approach taken in many transactions is securing “runoff” and “tail” coverages, which extend a policy’s coverage period beyond the date of the transaction and allow insureds to recover for claims alleging pre-transaction wrongdoing. However, from a practical standpoint, placing and pursuing coverage under tail policies can be fraught with peril. This article presents an overview of five common coverage issues to consider when runoff provisions are at play.

1. Negotiate Favorable Policy Provisions (and Then Follow Them).

D&O policies are not all created equal. Quite the opposite, as terms are heavily negotiable and customizable. This variety carries over to D&O policy runoff and tail coverage. For instance, many standard forms do not include guaranteed tail coverage with pre-negotiated term and pricing options. Leaving these critical coverage negotiations to chance can lead to real problems, especially when a company is insolvent or in bankruptcy, where cash flow is paramount and large insurance premiums can exacerbate existing financial strain. Negotiating terms in advance can introduce certainty and predictability in the midst of complex transactions and ownership changes.

Policies may also impose varying degrees of requirements to select and effectuate tail coverage. For example, policies can require prompt notice of changes in management control, sometimes accompanied by additional underwriting requirements to secure coverage.

Understanding precisely when and how those provisions operate in practice can minimize conflict based on technicalities in the policy.

To help facilitate seamless insurance continuity in future transactions, policyholders should assess their D&O coverage placements and renewals with an eye towards future M&A activity and how runoff and tail provisions would be treated in those transactions.

2. Understand What Constitutes a Change in Control.

One basic but often overlooked question about tail coverage is when it even may be implicated. Companies and executives may have their own assumptions about when D&O policies will continue in force or require tail coverage, which may not match what the policy actually says. For example, some may assume that simply filing for bankruptcy automatically triggers a change in control. Or conversely, some may assume that a company’s emergence from bankruptcy does not trigger runoff provisions in the absence of a more traditional acquisition or merger. Neither assumption may be true, and the policy will always control.

These kinds of misunderstandings can then lead to the failure to timely elect tail coverage, missed notice deadlines, and similar missteps that insurers can use to deny or limit coverage. Missing these nuances in policy language can leave policyholders exposed to D&O claims without a coverage safety net. Working closely with risk professionals, like brokers and outside coverage counsel, can help navigate these issues and avoid transaction-related gaps in coverage.

3. Be Wary of Straddle Claims.

A company can seemingly do everything right—place robust D&O coverage, monitor forthcoming changes in control, timely elect tail coverage, and submit a post-transaction claim for coverage alleging pre-transaction wrongdoing ostensibly covered by the tail policy. But then comes a surprise denial. Some of the biggest offenders that can seemingly negate tail coverage altogether are exclusions aimed at so-called “straddle” claims. Straddle claims allege misconduct both before and after the effective date of tail coverage.

Coverage grants in tail policies are tailored to respond only to claims alleging pre-closing wrongful acts. But some insurers go a step further in adding exclusions to policies that bar coverage for any claim based upon, arising out of, directly or indirectly resulting from, or in any way involving a wrongful act allegedly committed on or after the runoff date. These provisions eliminate coverage entirely—even for portions of the claim tied exclusively to pre-runoff wrongdoing—based on the presence of a single post-runoff wrongful act. That can lead to finger-pointing between insurers, especially where a surviving entity purchased a going-forward D&O policy that has a similarly broad exclusion barring coverage for any claim involving any pre-closing wrongful acts.

To avert contentious coverage battles, policyholders should closely scrutinize tail policies to eliminate or narrowly tailor these kinds of exclusions. Clarifying how policies address straddle claims can ensure that such claims do not fall through uncovered cracks because of conduct timing. Buyers and sellers should have an understanding of the pre-closing and post-closing insurance regimes that will be in place around a transaction in order to avoid any potential denials of straddle claims.

4. Reckon with Reduced Limits and Coverages.

Policyholders purchasing tail coverage may also assume that all coverage terms remain intact. In addition to new exclusions, however, tail policies may also be accompanied by reduced limits. This can be especially important to monitor because the tail coverage in place as of the runoff date is finite and needs to respond to all claims throughout the entirety of the runoff period, which often lasts six years.

Tail endorsements for management liability policies may also include only certain coverages, most commonly D&O, and omit other coverages, such as employment practices liability. Assessing the full suite of available tail and extended reporting periods can ensure there are no unexpected gaps in coverage for post-closing claims. For example, a selling company would likely want broad coverage, while a buyer who has agreed to pay for some, or all, of a tail policy may argue that including atypical tail endorsements was not contemplated when an insurance cost-sharing arrangement was agreed to. Both sides of a transaction should endeavor to be as precise as possible when allocating costs and specifying expected tail policy terms to avoid disputes and ensure appropriate coverage throughout the transaction.

5. Consider Coverage for the Wind Down.

Tail coverage is especially important in bankruptcy as debtors seek to have plans confirmed and questions arise about protecting against historical or future liabilities. One overlooked aspect can be in liquidations requiring plan administrators or other individuals, like chief restructuring officers (“CROs”), to stay on after a plan is confirmed to wind down operations. Under most tail policies, D&O coverage terminates at the time of plan confirmation, even if exposure to claims challenging the orderly liquidation or winding down of the company does not cease. To address that, policyholders can secure “wind down” coverage to fill that gap and extend protection during wind-down phases to key administrators, CROs, and anyone else facing potential exposure for post-confirmation conduct.

* * *

Runoff and tail coverage should protect companies and directors and officers against claims for legacy liabilities, but pitfalls abound. Proactively negotiating favorable terms and understanding and adhering to key policy provisions can help ensure continuity of coverage and avoid uninsured exposures and surprise denials after closing.

As chairs of the American Bar Association’s Private Target Mergers & Acquisitions Deal Points Study (the Private Target Deal Points Study), we are pleased to announce that we published the latest iteration of the study to the ABA’s website on December 16, 2025.

Congratulations! But Wait. What Exactly Is This Private Target Deal Points Study, Anyway?

The Private Target Deal Points Study is a publication of the Market Trends Subcommittee of the ABA Business Law Section’s M&A Committee. It examines the prevalence of certain provisions in publicly available private target mergers and acquisitions transactions during a specified time period. The Private Target Deal Points Study is the preeminent study of M&A transactions, widely utilized by practitioners, investment bankers, corporate development teams, and other advisors.

The 2025 iteration of the Private Target Deal Points Study analyzes publicly available definitive acquisition agreements for transactions executed and/or completed either during calendar year 2024 or during the first quarter of calendar year 2025. In each case, the transaction involved a private target acquired by a public buyer, with the acquisition material enough to that public buyer for the Securities and Exchange Commission to require public disclosure of the applicable definitive acquisition agreement.

The final sample examined by the 2025 Private Target Deal Points Study is made up of 139 definitive acquisition agreements and excludes agreements for transactions in which the target was in bankruptcy, reverse mergers, and transactions otherwise deemed inappropriate for inclusion.

Although the deals in the 2025 Private Target Deal Points Study reflect a broad array of industries, the health care and technology sectors together made up over 20% of the deals. Asset deals comprised 21% of the study sample, with the remainder either equity purchases or mergers.

Of the 2025 Private Target Deal Points Study sample, 42 deals signed and closed simultaneously, whereas the remaining 97 deals had a deferred closing some time after execution of the definitive acquisition agreement.

The transactions analyzed in the 2025 Private Target Deal Points Study were in the “middle market,” with purchase prices ranging between $25 million and $900 million; purchase prices for a majority of deals in the data pool were below $200 million.

The Private Target Deal Points Study Sounds Great! How Can I Get a Copy?

• All members of the M&A Committee of the Business Law Section received an email alert from Jessica Pearlman with a link when the study was published. If you are not currently a member of the M&A Committee but don’t want to miss future email alerts, committee membership is free to Business Law Section members, and you can sign up on the M&A Committee’s homepage.
• ABA members who are not currently members of the Business Law Section can sign up to join on the Section’s membership webpage.
• The published 2025 Private Target Deal Points Study is available for download by M&A Committee members from the Market Trends Subcommittee’s Deal Points Studies page on the ABA’s website. Also available at that link are the most recently published versions of the other studies published by the Market Trends Subcommittee, including the Canadian Public and Private Target M&A Deal Points Studies, European Private Target M&A Deal Points Study, US Public Target Deal Points Study, and Strategic Buyer/Public Target M&A Deal Points Study.

How Does the 2025 Private Target Deal Points Study Differ from the Prior Version?

The 2025 version of the Private Target Deal Points Study has a number of features that differentiate it from prior iterations.

• Earnouts: Earnouts became less prevalent and displayed some buyer-friendly features. Use of earnouts decreased from 26% during the period covered by the 2023 Study to 18% during the period covered by the 2025 Study. Earnouts are often used to address valuation gaps, and this data point suggests that valuation gaps narrowed somewhat during the period covered by the 2025 Study.
• RWI: The use of representations and warranties insurance (RWI) increased compared to the prior Study. 63% of deals during the period covered by the 2025 Study referenced RWI (our proxy for whether a transaction utilized RWI) as compared to 55% of the deals during the period covered by the 2023 Study.
• No Survival Deals: Deals that provide that representations and warranties do not survive closing increased from 30% in the prior Study to 41% in this Study. This increase is likely related to the increase in RWI deals.
• Indemnification for “Actual” vs. “Alleged” Breaches: Indemnity coverage for alleged breaches increased from 17% from to 27% in this year’s Study; this appears to also be driven by an increase in RWI deals.
• Single vs. Double Materiality Scrape: The use of double materiality scrapes increased from 69% to 82% in the prior study. Again, this increase appears to be related to the increase in the use of RWI.
• New Data Points: We added a few additional data points. Look for the “new data” flags (see samples below) to make them easy to spot.
  • 
    Transaction Expenses as Part of Post-Closing Adjustment. We added a data point to track how often transaction expenses are taken into account in the post-closing purchase price adjustments.
  • Existing Fact/Condition as Part of MAE Definition. We wanted to see how often deals that include the definition of “Material Adverse Effect” (MAE) specify that a fact or condition existing at the time of signing the acquisition agreement could constitute an MAE, so we added that data point to this year’s Study.
  • Control of Defense of Third Party Claims—Failure to Adequately Defend and Government Authority Involvement. We have added to this year’s Study a data point on how often the failure/inability to adequately defend a claim could result in a loss of the indemnifying party’s right to control defense of that claim. We added a similar data point on claims involving government regulatory authority.
  • Fraud as a Standalone Indemnity. We added a data point tracking how often fraud is included in purchase agreements as a standalone indemnity.

Please join us in extending a huge thank-you to everyone who worked so hard on this study, from leadership to advisors to issue group leaders to the working groups, all of whom are listed in the credits pages.

For more information, at 1:00pm EST on February 10, 2025, there will be an In the Know webinar with the Study Chairs and Issue Group Leaders providing analysis and key takeaways from the results of the Private Target M&A Deal Points Study.

The legal profession, as an independent pillar of American democracy, commits to upholding the rule of law, whether it is through defending this fundamental principle in the courtroom or zealously advocating for support from major institutions and the American public. With the current U.S. political landscape introducing new challenges for lawyers, one thing is clear—America’s power rests on the strength of its rule of law, which respects differing viewpoints through civil discourse in order to maintain its integrity in policymaking and governance.

In recent years, the heightened geopolitical climate in the United States and globally has left individuals, families, businesses, and communities to grapple with many difficult conversations, challenged by opposing ideological viewpoints of those closest to them. The purpose of this article is to share observations from a dispute resolution practitioner’s perspective on how individuals across the ideological spectrum can aim to restore peace and preserve relationships with those of diverging worldviews.

The following are stories of lessons learned and personal thoughts on how one can bridge ideological splits.

Understanding of the Self

The last few presidential election cycles have caused families, colleagues, and communities to publicly express dissatisfaction if the outcome was not in their favor. Like many, I also fell victim to my own judgments during those moments. Then, I started reflecting and asking myself, “Why is it that some of the friends and family I respected the most and felt most aligned with suddenly, overnight, became the very people I judged due to a single vote? What values did we share that bonded us in the first place—because we clearly have areas in our lives where our minds meet?”

By practicing self-reflection and self-questioning, we can better recognize our own biases and judgments and let those learnings inform how we navigate difficult conversations grounded in respect, empathy, and understanding. Further, by practicing honest self-inquiry, we can more effectively and confidently communicate our ideological positions and beliefs, thereby raising each other’s awareness about the shared values and differing priorities.

To Better Understand the Other

In most households, it is nearly impossible for all family members to agree on personal matters, let alone ideological beliefs. The closer a relationship, the more likely one strongly reacts to feelings of invalidation or judgment. When there is genuine curiosity, mutual respect, and confidence in the relationship, however, any polarizing views will undoubtedly create a productive discussion. In my experience, I have learned that by assuming the other person’s “positive intent,” my relationship with the individual I disagreed with naturally grew closer; we managed to separate our positions from our relationship and not let our minds be clouded by reducing the other person’s entire being to just one single vote.

By validating another person’s feelings and not necessarily their viewpoint, we can foster more trust, openness, and candidness from that individual. Through active listening and sincerity during this “information-gathering phase,” we can gain added context and background that help us better understand what shaped the other person’s decisions. As individuals, all of us—what I like to call multifaceted beings—are shaped by our unique upbringing, experiences, and education, among other things. Therefore, this exercise of “seeking first to understand, then to be understood,” as Stephen Covey says, can help deepen the relationship by successfully moving through crucial conversations to allow everyone their right to feel seen and heard, without judgment.

In Order to Preserve the Relationship

The closest relationships are often the ones that cause deeper emotional wounds and disappointments when ideological viewpoints clash. However, the strength of a relationship only deepens when we have the confidence and knowledge that any crucial conversations will not shake its foundation. To bridge any divide, the power lies in our ability to maintain composure and willingness to talk at critical moments so that productive dialogue can lead to a more profound understanding from both sides.

In summary, bridging the ideological divide does not require individuals with opposing viewpoints to engage in a lengthy debate in defense of their positions. It simply requires each person to be self-aware of their own biases and judgments, reflect on their shared core principles, if any, and invite dialogue, rooted in empathy and curiosity, with those on opposite ends of the ideological spectrum. Conversations about conflicting viewpoints are justifiably difficult to navigate, but without them and without diversity of thought, we would not be the United States of America with an established rule of law that has stood tall for nearly 250 years.

This article is part of a series on the rule of law and its importance for business lawyers created by the American Bar Association Business Law Section’s Rule of Law Working Group. Read more articles in the series.

This is the twelfth installment in the Year in Governance Series from the In-House Subcommittee of the ABA Business Law Section’s Corporate Governance Committee. Each month, the series will share key tips on a different corporate governance topic. To get involved in the Corporate Governance Committee, please visit the committee’s webpage.

A message from Kathy Jaffari: “As Chair of the Corporate Governance Committee, I would like to extend my sincere appreciation to the authors for this publication. The Corporate Governance Committee has ongoing opportunities for writing and volunteering with various projects, whether it’s an article you want to publish or a CLE that you want to present. Our Committee is dedicated to helping you promote informative resources for corporate governance practitioners. You may contact me at [email protected] to get involved.”

Is your board of directors fit for the future? Board evolution should be top of mind for both private and public companies. A forward‑looking board adapts to strategic shifts and leadership changes, maintains an evergreen skills matrix, and balances tenure with age and domain diversity to ensure fresh perspectives alongside stability. When executed effectively, board evolution enhances competitive relevance, decreases governance risk, strengthens resilience, and sets the foundation for the company to outperform its peers. These ten tips offer key factors to consider to ensure an evolving board.

1. Strategic alignment and leadership changes. As strategic direction and leadership change at a company, so should the board. Directors should always consider whether their contributions can support long-term objectives and increase shareholder value. A new strategic direction may require thoughtful replacement of certain directors. An evolving board proactively aligns its membership with current strategic direction, seeking new expertise where needed to strengthen governance and performance.
2. Diverse perspectives and skillsets. An evolving board thrives on diversity of background, experience, and qualifications. Foundational expertise in leadership, operations, risk management, finance, and governance is expected of all directors, but true effectiveness comes from integrating a wide range of perspectives and capabilities. An evolving board actively identifies skill gaps and seeks complementary competencies that elevate collective impact. Ongoing education, particularly in emerging and trending topics, fosters continuous learning and ensures directors remain current. By combining strong core skills with diverse viewpoints, boards can be better equipped to navigate complexity, challenge assumptions, and drive strategic resilience in today’s rapidly changing business environment.
3. Tenure. Tenure is valuable in creating stability and knowledge continuity at the highest level. Excessive tenure can also limit fresh perspectives, however. An evolving board should balance institutional knowledge with new ideas and diverse viewpoints. Boards can establish guidelines for director tenure to promote renewal and prevent stagnation. These guidelines also provide for a more graceful director exit at the appropriate time.
4. Age diversity. Age-linked policies, such as a mandatory retirement threshold, support board refreshment without compromising valuable experience. An evolving board should consider a mix of generational perspectives, which can strengthen alignment with current market dynamics and current business needs. Younger directors may bring perspectives that resonate with target demographics, while seasoned members can provide stability and institutional knowledge. Striking the right balance ensures inclusivity, continuity, and relevance.
5. Collaboration and camaraderie. Boards should regularly assess how directors build trust and collaborate. Strong trust and camaraderie lead to effective decision-making and reduce noise both in board meetings and in oversight of leadership. An evolving board should incorporate questions on teamwork into annual evaluations, which will help identify areas for improvement and accountability. When necessary, decisive action should be taken to address persistent uncooperative behavior, as a single disruptive director can compromise the effectiveness of the entire board.
6. Self-reflection. As the company evolves, directors should reflect on their own commitment and contributions. Are they making a valuable impact? Do they still have the time to commit to the increasing demands of board service? Questions related to self-evaluation can be added to the annual board evaluation review or can be discussed in quiet conversations with individual directors. An evolving board encourages a culture of self-awareness that fosters accountability and effectiveness.
7. Commitment to thoughtful evolution. The composition of the board and board committees should be refreshed regularly instead of remaining static. Tools like overboarding policies and voluntary rotations create a culture of commitment to change. Committee rotations not only introduce fresh perspectives but also broaden directors’ enterprise‑level knowledge. An evolving board embraces change that revitalizes governance while preserving the continuity necessary for stability.
8. High-risk conflicts. Director conflicts of interest, whether relational or financial, can damage trust and credibility. High-risk conflicts can also call into question the decision-making process of the entire board and lead to litigation risk. An evolving board should implement clear, consistent policies to identify, disclose, and mitigate conflicts of interest. Proactive management of these risks reduces governance vulnerabilities and reinforces the board’s integrity.
9. Activism preparedness. Shareholder activism frequently focuses on the composition of the board and the effectiveness of board members. Unaddressed vulnerabilities are often highlighted by activists or institutional investors, putting the board on the defensive. An evolving board proactively monitors investor sentiment, anticipates stakeholder concerns, and ensures the company is meeting expectations for board composition. By identifying and addressing potential weaknesses in advance, boards can reduce external pressure and maintain credibility.
10. Succession planning. Always anticipate director transitions, both expected and unexpected. An evolving board should revisit succession planning at regular meetings of the governance committee and ensure transparency with a full report to the entire board. Governance committees should engage search firms to maintain an ongoing pipeline of qualified candidates and ensure readiness to refresh the board. Proactive succession discussions build trust, reinforce stability, and strengthen stakeholder confidence by demonstrating foresight rather than reacting to change.

The views expressed in this article are solely those of the authors and not their respective employers, firms or clients.

This is the fourth and final installment in a series on damages available for intellectual property (“IP”) claims, focusing on trade secret damages. Understanding damages is essential for two reasons: it highlights the potential rewards of building a robust IP portfolio, and it offers a benchmark for assessing risk when facing an IP claim. Our previous articles discussed trademark, patent, and copyright damages.

Trade Secret Misappropriation

Trade secrets consist of formulas, practices, processes, designs, instruments, patterns, or compilations of information that confer a business advantage over competitors who do not know or use them.

Misappropriation of trade secrets involves unauthorized acquisition, disclosure, or use of a trade secret, protected under the Uniform Trade Secrets Act (“UTSA”), as adopted by various states, and/or the federal Defend Trade Secrets Act of 2016 (“DTSA”).^[1] The UTSA provides a framework for civil claims while the DTSA grants trade secret owners the ability to seek redress in federal court, along with a clear definition of misappropriation and measures for safeguarding trade secrets, including measures against international espionage.

All states except New York and North Carolina have adopted the UTSA. North Carolina has its own distinct yet similar statutory framework for the UTSA, while New York applies common-law principles to trade secret matters. The DTSA is a federal law that applies nationwide.

Trade Secret Damages

Under the UTSA and the DTSA, trade secret owners can seek damages for actual loss, unjust enrichment, reasonable royalties, or exemplary damages up to double any other remedy when willful and malicious misappropriation exists.

Monetary relief under both the UTSA and the DTSA may be appropriate whether or not injunctive relief is granted.

Monetary damages are only appropriate for the period in which misappropriation overlaps with the period in which information is entitled to protection as a trade secret, plus the additional period, if any, in which a misappropriator retains an advantage over good-faith competitors because of misappropriation.

Actual Loss and Unjust Enrichment

Both the UTSA and the DTSA state that a successful plaintiff is entitled to damages for actual loss and unjust enrichment.

Actual Loss

Actual loss can include lost profits or other measurable harm directly attributable to the defendant’s actions.

A plaintiff bears the burden of proving actual damages with sufficient evidence. A lack of evidence or speculative claims may preclude recovery under these measures. There must be a clear depiction of the financial damage resulting from the misuse or theft of the trade secret.

Unjust Enrichment

A plaintiff may recover for unjust enrichment caused by misappropriation, provided that such enrichment is not already accounted for in the calculation of actual loss. Unjust enrichment may be calculated based on the defendant’s profits, increased productivity, market share gained from the use of the trade secret, or the development costs saved.

The plaintiff must show evidence that the defendant profited at the plaintiff’s (trade secret holder’s) expense. A lack of evidence or speculative claims may preclude recovery under these measures. Courts are hesitant to award damages for unjust enrichment unless the plaintiff can demonstrate that the defendant acquired some calculable profit or benefit from the misappropriation.

Double Counting

A successful plaintiff may recover both actual loss and unjust enrichment damages, but there can be no double counting. This means that, to recover both, the defendant’s unjust enrichment must be distinct from or in excess of the plaintiff’s actual loss.

Reasonable Royalties

If neither actual loss nor unjust enrichment can be proven, the UTSA allows courts to award a reasonable royalty for the period during which the use of the trade secret could have been prohibited.

A reasonable royalty is an approximation of a royalty under a voluntary licensing agreement. Courts typically assess what the parties would have reasonably agreed to in a hypothetical negotiation at the time the misappropriation began. Courts often begin with real-world comparables as a starting point for determining a reasonable royalty. These comparables may include licensing agreements or other transactions involving similar trade secrets. Then the court will adjust the royalty amount using a calculation based on facts specific to the case, often proven by an expert witness. The calculation may consider market value of the trade secret; cost savings or value to the defendant; duration and scope of use; and overall willingness to license the trade secret based on factors like risks of disclosure, competitive advantage, and relationship between the parties.

In order to justify this alternative measure of damages, there must be competent evidence of the amount of a reasonable royalty. This remedy is discretionary and is typically applied when other forms of damages are unprovable. The court may not order payment of a reasonable royalty for longer than the period of time the use of the trade secret could have been prohibited.

Exemplary Damages

If the misappropriation is found to be willful and malicious, the UTSA and the DTSA permit courts to award exemplary damages in an amount not exceeding twice the award for actual loss or unjust enrichment. Courts have interpreted “willful and malicious” to include conduct that is intentional and motivated by ill will or improper motives.

While the courts are granted discretion, judges often look to the following factors to determine the degree to which they will enhance damages: degree of intent, defendant’s state of mind, extent of harm, duration of misuse, efforts to conceal misuse, prior conduct of similar misappropriations, and deterrence.

Attorney Fees

If a claim of misappropriation is made in bad faith, a motion to terminate an injunction is made or resisted in bad faith, or willful and malicious misappropriation exists, the court may award reasonable attorney fees to the prevailing party.

Summation

Trade secret misappropriation presents complex legal challenges, but both the UTSA and the DTSA provide a comprehensive framework for addressing these disputes and awarding damages. Whether through actual loss, unjust enrichment, reasonable royalties, or exemplary damages, courts aim to ensure fair compensation for the harm suffered and to deter future misconduct.

* * *

This concludes our overview of damages for trade secret misappropriation and our series on damages for IP infringement.

1. Defend Trade Secrets Act, Pub. L. No. 114-153 (2016). ↑

Most plaintiffs in lawsuits pay their lawyer via a contingent fee. If the case settles for $1,000,000, the lawyer is paid a percentage, say 40 percent. Checks can be cut in different ways, but in most cases, the lawyer receives the gross proceeds, deducts the fee and expenses, and sends the balance to the client. As a result of these mechanics, many plaintiffs assume that at most, their tax obligations apply to the amount they actually receive (in this example, $600,000).

However, under Commissioner v. Banks,^[1] plaintiffs in contingent fee cases generally must report all the proceeds as gross income, even if the lawyer is paid directly out of the proceeds before the plaintiff receives anything. If the settlement is fully taxable (and defendants tend to assume that most settlements are taxable) the plaintiff is likely to receive an IRS Form 1099 for 100 percent of the settlement amount.

Some defendants will agree to pay lawyer and plaintiff separately. However, that does not obviate the income to plaintiff, as the Supreme Court made clear in Banks.

Moreover, the Form 1099 regulations generally require defendants to issue a Form 1099 to the plaintiff for the full amount of a settlement to the extent a recovery does not qualify for a tax exclusion, even if part of the money is paid to the plaintiff’s lawyer. The plaintiff would need to use an available tax deduction for the legal fees if their recovery is taxable as ordinary income (including wages), in order to pay tax only on the reduced amount they actually received.

From 2018 through 2025, the Tax Cuts and Jobs Act suspended miscellaneous itemized deductions, which was how many plaintiffs historically deducted legal fees.^[2] The One Big Beautiful Bill Act^[3] made that suspension permanent, so plaintiffs can no longer deduct legal fees as miscellaneous itemized deductions. Is the elimination of miscellaneous itemized deductions a huge blow for plaintiffs?

In 2018, I was alarmed at the change, imagining that many plaintiffs could be saddled with paying taxes on money paid to their lawyer that they could not deduct. However, long before 2018, plaintiffs frequently were displeased with miscellaneous itemized deductions, even though they were legally available. Miscellaneous itemized deductions faced three limitations: (1) Only fees greater than 2 percent of the plaintiff’s adjusted gross income could be deducted; (2) higher incomes were subject to a phaseout of deductions; and (3) legal fees were not deductible for purposes of the alternative minimum tax.

Therefore, long before 2018, a plaintiff who could find a better tax deduction—ideally an above-the-line deduction—claimed it instead of a highly restrictive miscellaneous itemized deduction. The stakes grew larger in 2018 and continue today. A plaintiff whose above-the-line deduction is disallowed can no longer fall back on a miscellaneous itemized deduction as second choice. But I have come to believe that there are still ways for most plaintiffs to claim viable tax deductions despite the elimination of miscellaneous itemized deductions.

Above-the-Line Deductions

It has long been the rule that legal fees in cases involving a taxpayer’s trade or business (other than the trade or business of being an employee) or involving a taxpayer’s efforts to produce rental or royalty income can qualify as an above-the-line deduction. In 2004, shortly before the Banks case was decided by the Supreme Court, Congress enacted an above-the-line deduction for employment, civil rights, and whistleblower claims.^[4] Congress expanded it over the years, and the IRS has made claiming it simpler.^[5]

However, a plaintiff’s deduction for fees cannot exceed the income the plaintiff received from the litigation in the same tax year. That same-year limit presents no problem in a typical contingent fee case since the contingency fee is paid out of the settlement payment nearly contemporaneously with the payment of the settlement. If the plaintiff is paying legal fees hourly over several years, some plaintiffs ask their lawyer to pay back prior fees and bill them again out of the settlement.

Other plaintiffs treat a portion of a current year settlement as a reimbursement of previously paid (and not deducted) legal fees. The latter is a kind of reverse tax benefit theory. Either approach could be attacked on audit, but either one may allow a plaintiff to take a reporting position that the net settlement is taxable, not the gross.

Physical Injury Recoveries

Most physical injury settlements need not worry about the tax treatment of the legal fees. In a physical injury case with no interest and no punitive damages, the plaintiff’s recovery should be fully excludable from income under section 104.^[6] The related attorney fees are taxed only to the lawyer, not to the plaintiff, and the plaintiff does not need to deduct the legal fees. But what if a case is partially taxable and partially tax-free?

Example: Sam is injured in an accident and collects $300,000 in compensatory damages and $5 million in punitive damages. The $300,000 is tax free, but the $5 million is taxable. If Sam pays a 40 percent contingent fee, $2 million of that $5 million in punitive damages goes to the lawyer, with Sam netting $3 million of the punitive damages. Sam must report the full $5 million of punitive damages as gross income and needs a way to deduct the $2 million in legal fees paid out of the punitive damages.

A similar situation arises with interest. Pre- or post-judgment interest is taxable even on physical injury damages. Sometimes, an allocation of legal fees that is not strictly pro rata can help, but this must be documented accordingly. The more conventional answer is to find a tax deduction for the legal fees attributable to the interest.

Employment and Discrimination Claims

Some of the confusion about the tax treatment of legal fees came from unfortunate drafting by Congress. An employment plaintiff can effectively claim a deduction in any kind of employment case, regardless of whether discrimination is alleged. Above-the-line treatment applies to legal fees in any case under any law “regulating any aspect of the employment relationship,”^[7] which is a much broader scope than just employment cases involving discrimination.

Yet as written, the deduction is named by the tax code as a deduction in cases involving claims of “unlawful discrimination,” which can imply to taxpayers that the deduction is narrower than it actually is. The statutory definition of an unlawful discrimination claim is a veritable kitchen sink; section 62(e) defines unlawful discrimination to include any claims brought under one or more of a specifically identified list of federal statutes:^[8]

1. the Fair Labor Standards Act of 1938 (29 U.S.C. §§ 201 et seq.);
2. sections 4 or 15 of the Age Discrimination in Employment Act of 1967 (29 U.S.C. §§ 623 or 633a);
3. sections 501 or 504 of the Rehabilitation Act of 1973 (29 U.S.C. §§ 791 or 794);
4. section 510 of the Employee Retirement Income Security Act of 1974 (29 U.S.C. § 1140);
5. section 105 of the Family and Medical Leave Act of 1993 (29 U.S.C. § 2615);
6. sections 1981, 1983, or 1985 of Title 42 of the United States Code;
7. sections 703, 704, or 717 of the Civil Rights Act of 1964 (42 U.S.C. §§ 2000e–2, 2000e–3, or 2000e–16);
8. section 102, 202, 302, or 503 of the Americans with Disabilities Act of 1990 (42 U.S.C. §§ 12112, 12132, 12182, or 12203); or
9. any whistleblower protection provision of federal law prohibiting the “retaliation or reprisal against an employee for asserting rights or taking other actions permitted under Federal law.”^[9]

The unlawful discrimination deduction also covers whistleblowers who were fired or faced retaliation. Separately, section 62 allows whistleblowers to deduct fees in federal False Claims Act, state whistleblower cases, and IRS, SEC, and Commodity Futures Trading Commission claims.^[10]

Catchall Employment Claims

Critically, there is also a catchall that covers any kind of claim arising in or about employment, making the list illustrative, not finite. Section 62(e)(18) allows a deduction for claims alleged under

[a]ny provision of federal, state or local law, or common law claims permitted under federal, state or local law, that provides for the enforcement of civil rights, or regulates any aspect of the employment relationship, including claims for wages, compensation, or benefits, or prohibiting the discharge of an employee, discrimination against an employee, or any other form of retaliation or reprisal against an employee for asserting rights or taking other actions permitted by law.^[11]

This is an expansive description, and so far, there appears to be little authority. In Letter Ruling 200550004, the IRS ruled that attorney fees and costs to obtain federal pension benefits fell within the catchall category. The case concerned a taxpayer who, after his retirement, discovered that he was being short-changed on his pension. Notably, the IRS ruled that the case fell within the catchall for unlawful discrimination, even though the action was brought under ERISA. Since only actions brought under section 510 of ERISA are expressly allowed under section 62(e), the catchall was needed to cover the taxpayer’s case. This ruling suggests an expansive reading of the catchall, as does its plain language.

Civil Rights Claims

Section 62(e)(18) also provides for deduction for legal fees to enforce civil rights, a term much broader than section 1983 of the Civil Rights Act.^[12] The deduction applies to any claim for the enforcement of civil rights under federal, state, local or common law.^[13] Section 62 does not define “civil rights” for this purpose, nor do the legislative history or committee reports. Yet some legal definitions are expansive:

a privilege accorded to an individual, as well as a right due from one individual to another, the trespassing upon which is a civil injury for which redress may be sought in a civil action. . . . Thus, a civil right is a legally enforceable claim of one person against another. ^[14]

The IRS has used a very broad definition for civil rights in other contexts. For example, in a General Counsel Memorandum, the IRS stated, “We believe that the scope of the term ‘human and civil rights secured by law’ should be construed quite broadly.”^[15] Therefore, invasion of privacy, defamation, debt collection, credit reporting, and many other cases can fairly be classified as involving claims for civil rights. Medical device case, consumer litigation, claims for wrongful death, wrongful birth, wrongful life, and many others could be considered as enforcing the civil rights of the plaintiffs.^[16]

In my view, a path often exists to deduct legal fees in numerous contexts, where I believe it is defensible to characterize claims as involving civil rights, given IRS authorities that give this term a very broad interpretation. There is not 100 percent certainty, but I have written many tax opinions in support of a broad view of civil rights for purposes of legal fee deductions. So far, my IRS audit experience on this issue has been positive.

To be sure, it would be best if the tax law were amended to make it clear that no plaintiff should have to fear paying taxes on the portions of a settlement or judgment that is paid to their lawyer and does not end up in their pocket. However, until the tax law is clarified, there are viable workarounds for plaintiffs to avoid the topsy-turvy result of a plaintiff paying taxes on more money than they net out of a case.

Business Expenses

For a business, legal fees are a classic business expense. In addition to corporations, LLCs, and partnerships, a sole proprietor is entitled to claim business expenses on Schedule C if the legal fees relate to the business. Before the above-the-line deduction was enacted in 2004, some plaintiffs argued that a lawsuit itself amounts to a business venture so they should be able to deduct legal fees. Some plaintiffs consider filing a Schedule C, even if they have never done so in the past.

But without a Schedule C track record, it can be a tough argument.^[17] Moreover, Schedule C is historically more likely to be audited and also draws self-employment taxes. The extra tax hit can be 15.3 percent, although over the wage base, the rate drops to 2.9 percent. Still, in appropriate cases, a business expense deduction for legal fees is perfectly appropriate.

Capital Recoveries

A plaintiff with a capital recovery does not need to, and technically should not, deduct related legal fees. If a recovery is capital in nature, you should capitalize the legal fees and offset them against the recovery. Whether you capitalize the legal fees or view them as a selling expense, either approach should avoid tax on the attorney fees.

Exceptions to Banks

Although we are focusing on attorney fee deductions, it is worth noting that some plaintiffs may have arguments that they should not be considered to have gross income on the legal fees in the first place. To my mind, it is generally safer to assume that the legal fees will be gross income to the plaintiff, particularly compared with the strained approaches to avoid the income that are sometimes suggested. In Banks, the Supreme Court laid down the general rule that plaintiffs have gross income from contingent legal fees.

However, general rules have exceptions, and the Court alluded to situations in which this general 100 percent gross income rule might not apply. Falling within one of the exceptions to the Banks case is not a way of deducting legal fees, but should rather avoid the income in the first place.

Injunctive Relief

The Supreme Court suggested that legal fees for injunctive relief may not be income to the plaintiff. The bounds of this exception to Banks are still not clear, and in my experience, the issue comes up only rarely. If the plaintiff receives only injunctive relief, but plaintiffs’ counsel is awarded large fees, should the plaintiff be taxed on those fees? Perhaps not, but tax advice and a tax opinion in such a case is appropriate.

Court-Awarded Fees

Court-awarded fees may not be income to the plaintiff, but much depends on how the award is made and the nature of the fee agreement. Suppose that a lawyer and client sign a 40 percent contingent fee agreement. It provides that the lawyer is also entitled to any court-awarded fees. A verdict for plaintiff yields $500,000, split 60/40. The plaintiff has $500,000 of gross income, and should look for a deduction.

However, if the court separately awards another $300,000 to the lawyer alone, that should not be gross income to the plaintiff. What if the court sets aside the fee agreement and separately awards all fees to the lawyer? Does such a court order mean the IRS should not be able to tax the plaintiff on the fees? The terms of the fee agreement will matter. In that case, the statutory fee effectively satisfied the plaintiff’s obligation to pay the contingency fee that they otherwise would owe their counsel. Some private letter rulings suggest that an award of fees or costs that satisfies a plaintiff’s separate obligation to pay a contingency fee is includible in the income of the plaintiff.

Statutory Attorney Fees

This topic may be misunderstood more than many others. If a statute provides for attorney fees, can this be income to the lawyer only, bypassing the plaintiff? Perhaps in some cases, although contingent fee agreements may have to be customized. In Banks, the Court reasoned that the attorney fees were generally taxable to plaintiffs because the payment of the fees discharged a liability of the plaintiffs to pay their counsel under their fee agreements.

However, in statutory fee cases, the fees are not necessarily paid to satisfy a plaintiff’s liability. Instead, a statute (rather than a fee agreement) creates an independent liability on the defendant to pay the attorney fees. If the statutory fees were not awarded, the plaintiff may not be obligated to pay any additional amount to their attorney. Accordingly, some attorneys seem to assume that if a statute calls for attorney fees, the general rule of Banks can never apply. However, the mere availability of attorney fees under a statute does not override the general rule of Banks.

If the contingent fee agreement is like most, the fact that the fees can be awarded by statute may not be enough to distance the plaintiff from the fees. As the Banks decision notes, the relationship between lawyer and client is principal and agent. The fee agreement and the settlement agreement may need to address the payment of statutory fees. On at least two occasions after Banks was decided, the IRS has issued private letter rulings concluding that a plaintiff was not taxable on statutory fees separately paid to and awarded to their counsel that did not substitute for or provide credit against any contingency fee obligation owed by the plaintiff to their counsel.^[18]

Lawyer-Client Partnerships

This was a rather hot topic before and after Banks, but it seems to be only a footnote today. A partnership of lawyer and client arguably should allow each partner to pay tax only on that partner’s share of the profits. However, despite numerous amicus briefs, the Supreme Court in Banks expressly declined to address this long-discussed topic. If ethics rules can be navigated, a partnership tax return with K-1s to lawyer and client could help. However, as a practical matter, lawyer-client partnerships have not been promising,^[19] and they are very rarely discussed or implemented.

Conclusion

No plaintiff believes that it is fair to pay taxes on portions of their recovery paid directly to their lawyer that they never see. Before 2018, alternative minimum tax, the 2 percent AGI threshold, and the phase-out of deductions limited the efficacy of miscellaneous itemized deductions. There was frequent grousing about those rules, but it was relatively rare for them to result in catastrophic tax positions.^[20] Since 2018, miscellaneous itemized deductions have been gone, and while it seemed for a time that they might come back in 2026, they are now gone for good.

As plaintiffs have been doing for years, planning with the existing deduction choices is needed. I may be more aggressive with attorney fee deductions than some other tax advisers, but so far, I have not seen a plaintiff with a contingent fee lawyer actually pay tax on their gross settlement with no deduction. If plaintiffs cannot credibly argue that they avoided the gross income, there is usually a reasonable tax position for them to take to declare the gross income but to only pay taxes on their net recovery.

Robert W. Wood is a tax lawyer with Wood LLP (www.WoodLLP.com). This discussion is not intended as legal advice.

1. Commissioner of Internal Revenue v. Banks, 543 U.S. 426 (2005). ↑

2. Tax Cuts and Jobs Act, Pub. L. 115-97, § 11045 (2017). ↑

3. One Big Beautiful Bill Act, Pub. L. 119-21 (2025). ↑

4. The Civil Rights Tax Relief provision of the American Jobs Creation Act of 2004, H.R. 4520, § 703 (2004). ↑

5. See Robert W. Wood, Tax Write Off of Legal Fees Simplified, Bus. L. Today (Mar. 31, 2022). ↑

6. Internal Revenue Code, 26 U.S.C. § 104. ↑

7. I.R.C. § 62(e)(18). ↑

8. See I.R.C. §§ 62(e)(4)–(7), (11), (13), (14), (16), and (17). ↑

9. I.R.C. § 62(e). ↑

10. See I.R.C. § 62(a)(21). ↑

11. I.R.C. § 62(e)(18). ↑

12. 42 U.S.C. § 1983. ↑

13. See I.R.C. § 62(e)(18). ↑

14. 15 Am. Jur. 2d Civil Rights § 1. ↑

15. IRS Gen. Couns. Mem. 38468 (Aug. 12, 1980). ↑

16. See Civil Rights Fee Deduction Cuts Tax on Settlements, 166 Tax Notes Fed. 1481 (Mar. 2, 2020). ↑

17. See Alexander v. Comm’r, 72 F.3d 938 (1st Cir. 1995). ↑

18. See IRS Private Letter Ruling 201015016 (Jan. 5, 2010); IRS Private Letter Ruling 201552001 (Aug. 25, 2015). ↑

19. Allum v. Comm’r, T.C. Memo 2005-117, aff’d, 231 Fed. Appx. 550 (9th Cir. 2007), cert. denied, 128 S. Ct. 303 (2007). ↑

20. For a famous example, see Spina v. Forest Preserve District of Cook County, 207 F. Supp.2d 764 (N.D. Ill. 2002), as reported in 2002 National Taxpayer Advocate Report to Congress at 166; see also Adam Liptak, Tax Bill Exceeds Award to Officer in Sex Bias Case, N.Y. Times, Aug. 11, 2002, at section 1, p. 18. ↑

Federal appellate courts are currently confronting pivotal questions about hazardous substance designations, cultural natural resource damages, and judicial oversight of U.S. Environmental Protection Agency (“EPA”) settlements.

D.C. Circuit to Hear PFAS CERCLA Hazardous Substance Designation

The U.S. Court of Appeals for the D.C. Circuit is scheduled to hear oral arguments in early 2026 in a high-profile case challenging the EPA’s designation of two per- and polyfluoroalkyl substances (“PFAS”)—perfluorooctanoic acid (“PFOA”) and perfluorooctanesulfonic acid (“PFOS”)—as hazardous substances under the Comprehensive Environmental Response, Compensation, and Liability Act (“CERCLA”) section 102. This marks the first time the EPA has used this provision to regulate a substance through rulemaking.

The case—Chamber of Commerce of the United States v. EPA—is drawing widespread attention due to its potential to set precedent for how PFAS are regulated and how CERCLA is interpreted going forward. The D.C. Circuit has scheduled oral arguments for January 20, 2026, emphasizing that the date is fixed unless modified by court order.

Although the rule designating PFOA and PFOS as CERCLA hazardous substances was finalized under the Biden administration, the Trump-era EPA has opted to defend it. However, industry challengers, led by the U.S. Chamber of Commerce and six other organizations, argue in a November 14 reply brief that the rule is legally flawed and cannot be salvaged by future regulatory reforms.

Specifically, they point to EPA’s admission that its interpretation of the phrase “may present substantial danger” lacks a clear regulatory framework. While the agency intends to issue a “Framework Rule” to guide future designations and incorporate cost considerations, the challengers argue that such efforts come “too late” to validate the current rule.

9th Circuit Considers Cultural NRD Claims in Cross-Border Dispute

In a parallel Superfund battle, the 9th Circuit is reviewing an en banc petition in Confederated Tribes of the Colville Reservation v. Teck Cominco Metals Ltd., where Canadian officials and industry groups are backing efforts to overturn a panel ruling that permitted Washington State tribal nations to seek natural resources damages (“NRD”) for cultural harms caused by toxic discharges into the Columbia River.

Teck Cominco, a Canadian mining firm, is seeking to avoid liability under CERCLA for releases from its smelter upstream in British Columbia. In amicus briefs filed in November, the Province of British Columbia and the Canadian Chamber of Commerce argue that applying CERCLA to cultural harms would violate Canadian sovereignty and expose foreign entities to sweeping liabilities under U.S. environmental laws. The Mining Association of Canada also joined in opposition.

A panel ruling in September allowed the Confederated Tribes to pursue claims that incorporate their unique cultural and spiritual ties to the Upper Columbia River, marking a significant expansion in how courts may interpret NRD liability under CERCLA.

3rd Circuit Weighs Judicial Oversight of Superfund Settlements

Meanwhile, the 3rd Circuit is assessing how much discretion courts should exercise in reviewing Superfund settlements, especially in light of recent Supreme Court decisions on agency deference. The case—USA v. Alden Leeds—involves a $150 million settlement approved by a New Jersey district court that allows a group of smaller potentially responsible parties (“PRPs”), known as the Small Parties Group (“SPG”), to avoid future liability for cleanup costs at the highly contaminated Diamond Alkali site.

Occidental Chemical Corp. (“OxyChem”), the largest PRP, is challenging the settlement, arguing that recent decisions—particularly the 2024 Loper Bright Enterprises v. Raimondo Supreme Court ruling that overturned Chevron deference—mean courts must more closely scrutinize EPA settlements.

SPG, in a brief filed on October 27, counters that the Loper Bright decision applies only to legal interpretations by agencies, not to the courts’ oversight of negotiated settlements. It further cites the Supreme Court’s 2025 National Environmental Policy Act ruling in Seven County Infrastructure Coalition v. Eagle County, which reaffirmed substantial deference to EPA’s discretionary settlement authority.

SPG also disputes arguments from Nokia of America, which was excluded from the settlement, asserting that its claims are premature. The case raises important questions about how EPA balances fairness and efficiency in securing cleanup funding from a wide array of responsible parties.

Takeaway

These cases are poised to redefine the contours of Superfund liability. The outcomes will not only influence how emerging contaminants like PFAS are regulated but also challenge the boundaries of judicial deference and international environmental accountability. Together, they signal a critical inflection point in the evolution of CERCLA—where scientific uncertainty, legal interpretation, and cross-border implications converge to reshape environmental governance in the United States.

On November 10, 2025, the U.S. Environmental Protection Agency (“EPA”) issued a pre-publication version of a proposed rule that would substantially narrow the scope of per- and polyfluoroalkyl substances (“PFAS”) reporting obligations under section 8(a)(7) of the Toxic Substances Control Act (“TSCA”). Notably, this proposal includes an exemption for imported articles, a major shift from the original 2023 rule. The public has until December 29, forty-five days from the rule’s official publication in the Federal Register, to comment.

Background: Original TSCA PFAS Reporting Rule

Finalized in October 2023, the original rule required manufacturers and importers of PFAS and PFAS-containing articles to report detailed data on activities dating back to January 1, 2011. Importantly, the rule lacked standard TSCA exemptions, drawing widespread concern for creating excessive compliance burdens—particularly on companies importing finished products containing trace levels of PFAS.

Key Proposed Exemptions

EPA now proposes to ease compliance by incorporating traditional exemptions found in other TSCA rules. Proposed exemptions include:

1. PFAS imported as part of an article
2. PFAS present in mixtures or articles below 0.1% (de minimis)
3. PFAS present as impurities
4. Byproduct PFAS not used for commercial purposes, including those formed incidentally during end use or exposure
5. Non-isolated intermediates
6. PFAS used in small quantities for research and development

Additionally, EPA is requesting feedback on whether to add a production volume threshold—mirroring the 25,000 lbs. (or 2,500 lbs.) exemption in the TSCA Chemical Data Reporting rule.

Revised Reporting Timeline

EPA is proposing to shift the reporting window from the originally scheduled period of April 13, 2026, to October 13, 2026. Under the new timeline:

• Reporting will begin sixty days after the effective date of the final rule.
• The submission window will last for three months, not six.

The EPA cited the need for additional time to develop and test the electronic reporting software (Central Data Exchange, or CDX) and to potentially incorporate changes based on industry feedback and a recent executive order to reduce regulatory burdens.

Key Provisions Unchanged

Several core aspects of the 2023 rule remain intact:

• The reporting lookback period remains January 1, 2011, to December 31, 2022.
• The PFAS definition is unchanged. Below are the generic chemical formulas used by regulatory bodies upon which EPA relies to define broad categories of PFAS based on their core structures.
  • R-(CF₂)-CF(R’)R”
  • R-CF₂OCF₂-R’
  • CF₃C(CF₃)R’-R”
• The “known to or reasonably ascertainable by” standard for due diligence continues to apply.

EPA is, however, seeking comment on whether to limit reportable PFAS to those with CASRN, TSCA Accession Numbers, or LVE Numbers.

Policy Rationale

According to EPA, the goal of this proposal is to make the rule more implementable, reduce duplicative and unnecessary reporting, and align with congressional intent. EPA Administrator Lee Zeldin emphasized that the initial rule risked imposing nearly $1 billion in compliance costs, labeling it a “crushing regulatory burden,” especially for small businesses. In contrast, the proposed revisions aim to preserve critical data collection without overburdening the regulated community.

What Should Businesses Do?

EPA is explicitly inviting comment on all aspects of the proposed changes, particularly:

• the newly proposed exemptions,
• the revised submission period, and
• the possibility of a production volume threshold.

Stakeholders—especially importers, manufacturers, and those involved in supply chain compliance—should strongly consider submitting comments during the forty-five-day public comment period.