On December 11, 2025, the U.S. House of Representatives passed a bipartisan capital formation bill, H.R. 3383 or the Incentivizing New Ventures and Economic Strength Through Capital Formation (“INVEST”) Act of 2025, with a vote of 302 to 123. Announced by the U.S. House Committee on Financial Services (“Financial Services Committee”) on December 2, 2025, the INVEST Act includes more than twenty bills that advanced out of the Financial Services Committee. The INVEST Act attempts to build on the Jumpstart Our Business Startups (“JOBS”) Act of 2012, with reforms designed to expand access to capital for small businesses, broaden investor participation in the private markets, and reinvigorate U.S. public markets. See the text of H.R. 3383 and the Financial Services Committee’s summary list of the bill’s sections.

The INVEST Act and other recently enacted bills reprise themes from prior legislative proposals and may offer perspective on future legislative initiatives that could shape the way businesses raise capital.

Key Provisions of the INVEST Act at a Glance

Title I: Expanding Access to Capital for Small Businesses

The INVEST Act would establish an Office of Small Business in each of the Securities and Exchange Commission’s Divisions of Corporation Finance, Investment Management, and Trading and Markets to coordinate matters related to capital formation. The bill also proposes to raise multiple exemption thresholds and modernize definitions to reflect current market conditions, including:

• increasing the crowdfunding exemptive offering threshold requiring accountant review to $250,000 from $100,000 (with discretion up to $400,000),
• raising the exemption threshold under the Investment Advisers Act to $175 million from $150 million with inflation indexing, and
• expanding the qualifying venture capital fund size from $10 million to $50 million while increasing the investor cap from 250 to 500.

The legislation would direct the SEC to revise Regulation D to permit presentations at specified sponsored events (e.g., universities, nonprofits, angel groups, accelerators) without these being deemed “general solicitation.”

Title II: Increasing Opportunities for Investors

The bill proposes to modernize the accredited investor definition, allowing inflation-adjusted wealth thresholds and adding criteria based on professional licensure, education, or experience, alongside an SEC-administered exam-based pathway to accredited status. It would authorize electronic delivery of investor documents with safeguards, opt-out rights, and transition rules in an effort to improve disclosure for investors. The INVEST Act would remove constraints on closed-end fund investments in private funds, facilitating professionally managed access to private markets for retail investors. The legislation also focuses on protecting seniors from financial exploitation by creating a Senior Investor Task Force at the SEC and directing a Government Accountability Office study on senior financial exploitation.

Title III: Strengthening Public Markets

The INVEST Act proposes to reduce the registration requirements for Emerging Growth Companies (“EGCs”) from three years to two years of audited financial statements, as well as to broaden the availability of confidential submissions and testing-the-waters to all issuers. The legislation also expands well-known seasoned issuer (“WKSI”) eligibility by lowering the public-float threshold from $700 million to $400 million, thereby streamlining shelf access for additional public companies.

The bill would also update Acquired Fund Fees and Expenses (“AFFE”) disclosure to avoid distortive expense ratios for certain fund-of-funds products. AFFE disclosure requires acquiring funds, including business development companies (“BDCs”) to aggregate and disclose in their prospectuses the amount of total annual acquired fund operating expenses and to express the total amount as a percentage of an acquiring fund’s net assets.

Other Legislative Efforts

Just prior to the announcement of the INVEST Act, the House passed three other bills also intended to promote capital formation on December 1, 2025. All bills have been received in the Senate, with H.R. 4429 and H.R. 4431 referred to the Committee on Banking, Housing, and Urban Affairs and H.R. 2066 referred to the Committee on Small Business and Entrepreneurship:

1. Developing and Empowering Our Aspiring Leaders (“DEAL”) Act (H.R. 4429) would expand the category of qualifying venture investments to include fund-of-funds and secondary investments.
2. Improving Capital Allocation for Newcomers (“ICAN”) Act (H.R. 4431) proposes to increase the size and investor limits for qualifying venture capital funds.
3. Investing in All of America Act (H.R. 2066) would expand access to capital for small businesses in rural and underserved areas, businesses operating in national security or critical tech sectors, and small manufacturers by excluding investments by Small Business Investment Companies (“SBICs”) in these areas from an SBIC’s financing limit calculation.

Why Now?

The focus on capital formation has intensified. The number of U.S. public companies has fallen from roughly 8,800 in 1997 to fewer than 4,000 in 2024, a contraction that has reduced investor choice and limited access to public market growth. The Financial Services Committee concludes that successive layers of regulation, including Sarbanes-Oxley and Dodd-Frank, have raised compliance costs in ways that disproportionately impact smaller issuers, making it more expensive to remain public. It also notes that private market rules have lagged behind inflation and market realities, warranting reform. If enacted as proposed, the legislation would likely reduce transaction costs at the margin, broaden the investor base for private offerings, and streamline pathways to public capital. Read the Financial Services Committee’s statement on the passage of the bill.

On December 5, 2025, Governor Kathy Hochul signed a bill^[1] adopting the 2022 amendments to the Uniform Commercial Code recommended by the American Law Institute and the Uniform Law Commission (“2022 Revisions”).^[2] These 2022 Revisions bring digital assets, including cryptocurrencies and other instruments based on blockchain technology, within the scope of the Uniform Commercial Code (“U.C.C.”),^[3] the nation’s primary body of commercial laws.

Legal developments at the federal level, including the GENIUS Act^[4] and regulatory guidance indicating that banks may engage in crypto-asset activities,^[5] have garnered attention. The 2022 Revisions, less so. Architects of financial products would be remiss to ignore them, however, because the 2022 Revisions provide the raw material with which to build an economy that fully integrates digital assets. The 2022 Revisions introduce entirely new financial assets; create the legal mechanism by which traditional financial instruments can leverage the blockchain and similar distributed ledger technologies; and offer the nascent digital asset market the legal certainty, predictability, and recourse that the U.C.C. has provided to traditional commercial and financial markets for decades.

Recent announcements of tokenized alternative investment products^[6] signal a market acceptance of blockchain technology and an appetite for financial instruments that take advantage of the efficiencies that the blockchain and related technologies offer. The 2022 Revisions offer the means by which blockchain technology can be coupled with established financial products. It is tempting to speculate how such a powerful combination could be put to use. One can imagine, to name a few possibilities, controllable electronic records tethered to limited partnership interests of private equity funds, rights to carried interest payments, or interests based on the outcome of protracted litigation.

The Controllable Electronic Record: A Versatile New Tool

Perhaps the most prominent of the 2022 Revisions is the creation of a new asset category: the controllable electronic record.^[7] This new concept, along with corresponding revisions to Articles 1 and 9, is “a major part of the effort to adapt the UCC to emerging technologies,” such as “distributed ledger technology . . . including blockchain technology.”^[8] Despite its simple definition (“a record stored in an electronic medium that can be subject to control”),^[9] the controllable electronic record is a versatile new tool at the disposal of designers of financial products. This versatility stems from the fact that it can be either a record that has “inherent value,” as is the case with bitcoin and other cryptocurrencies,^[10] or a record associated with another asset of value such as an account, payment intangible, or financial asset.^[11]

When associated or “tethered” to conventional financial instruments and assets, a controllable electronic record that is based on distributed ledger technology (or other innovative technologies) becomes the mechanism by which such technology can be brought to bear to enhance such conventional financial instruments and assets, some of which predate the computer age. In short, the controllable electronic record can link the automation, efficiency, and transparency of the blockchain with the legal certainty, predictability, and market acceptance of established financial products.

This was the express intention of the drafters of the 2022 Revisions. They offer examples of how controllable electronic records can be used as “tokens” to “facilitate transfers of the shares” of a corporation by treating the transfer of control thereof as “instructions to the . . . issuer for the transfer of registration of the share(s) represented by the token.”^[12] They hasten to note, however, that, notwithstanding any efficiencies gained from tethering a traditional asset to a controllable electronic record, parties involved in the transfer of such assets must still comply with applicable laws, including corporate and securities laws and regulations.^[13] Even so, the 2022 Revisions afford legal clarity and certainty to parties seeking to leverage blockchain technology in developing new or enhancing existing financial products.

Controllable Accounts and Controllable Payment Intangibles: A Blueprint as to the New Tool’s Use

Rather than leave it to the reader’s imagination, the 2022 Revisions put the tethering technique into practice. By linking a controllable electronic record with the established U.C.C. concepts of accounts and payment intangibles, the 2022 Revisions mint two additional asset categories: controllable accounts and controllable payment intangibles.^[14] Controllable accounts and controllable payment intangibles offer a blueprint of how to develop new tools of commerce and finance using the controllable electronic record as a bridge between old concepts and new technology. Each can be created via an undertaking by an account debtor to pay the person who has control of the controllable electronic record evidencing the account debtor’s underlying obligation.^[15]

Control: An Alternative Means of Perfection

Because controllable electronic records are general intangibles, a security interest in them may be perfected by filing a financing statement.^[16] Indeed, prior to the 2022 Revisions, filing was the only means of perfection available to lenders wishing to take cryptocurrencies as collateral. The 2022 Revisions offer secured lenders an alternative means of perfection: control, ^[17] which results in a security interest senior to one perfected by filing.^[18]

An accepted way to perfect security interests in deposit and securities accounts, control is not a new concept to the U.C.C.^[19] In the context of a controllable electronic record, control is established if the secured party has (a) the power to avail itself of substantially all of the benefits of the controllable electronic record; (b) the exclusive power to prevent others from availing themselves of such benefits; (c) the exclusive power to transfer these powers to another person; and (d) the ability to identify itself, including by name, identifying number, cryptographic key, office, or account number, as the person having such powers.^[20] It follows that, to serve as collateral that can be perfected by control, a controllable electronic record, such as cryptocurrency, must be maintained on a system that permits a secured party to be identified as the person having the exclusive right to enjoy and transfer the controllable electronic record. This pattern extends to controllable accounts and controllable payment intangibles in that security interests in each are perfected by establishing control over the controllable electronic record associated with them.^[21]

Secured parties should be mindful of the potential of changes to blockchain protocols that may occur after their security interest in a controllable electronic record is perfected. If such a change results in a new controllable electronic record that exists alongside the original controllable electronic record in an event often referred to as a “hard fork,” and the secured party is unable to establish control over the new record, the security interest will remain perfected for only twenty-one days.^[22] A protective measure against this admittedly unlikely scenario is to perfect security interests in controllable electronic records both by filing and by control.^[23]

Adaptations to Blockchain Technology’s Decentralization and Pseudonymity

The 2022 Revisions build upon long-established U.C.C. concepts, adapting them to blockchain technology. These adaptations come into relief in how the 2022 Revisions amend provisions of the U.C.C. dealing with control of electronic documents of title and electronic chattel paper.^[24] The 2022 Revisions change these provisions to accommodate two novel blockchain attributes: decentralization^[25] and pseudonymity.^[26]

Prior to the 2022 Revisions, these provisions of the U.C.C. presumed a “single authoritative copy . . . which is unique” that identifies the individual asserting control, or designated as assignee of, the record in question.^[27] A blockchain ledger, however, provides no such unique record. The ledger is instead decentralized with records of transactions distributed among its users, residing not in one place or computer but in many.^[28] Similarly, because blockchain ledgers assign users random alphanumeric codes instead of capturing their names, there is no way to identify the individual who would have control for purposes of these U.C.C. provisions.^[29]

The 2022 Revisions resolve these inconsistencies with distributed ledger technology. They provide that control may be established using a system that allows “each electronic copy to be identified as an authoritative or nonauthoritative copy”^[30] and the person asserting control to be identified “in any way, including by name, cryptographic key, office or account number.”^[31] Absent these revisions, electronic documents of title and electronic chattel paper maintained on blockchain ledgers would be out of the U.C.C.’s scope, depriving holders of such property of the legal certainty and efficiencies that the U.C.C. affords to holders of more traditional types of personal property.

The Take-Free Principle: Protection of the Good Guys

Among the many useful concepts embedded in the U.C.C. is the principle that the interests of a good-faith purchaser who acquires an asset for value ought to be protected from competing interests regardless of what rights, if any, the seller of that asset may have had.^[32] This “take-free” principle promotes commerce by affording good actors a measure of certainty that would otherwise require costly and lengthy due diligence into the provenance of the asset in question.

Prior to the 2022 Revisions, however, this principle was available only in the context of physical, paper-based transactions. By extending the take-free principle to “qualifying purchasers” of controllable electronic records, controllable accounts, and controllable payment intangibles,^[33] the 2022 Revisions afford the digital economy a substantial degree of legal certainty.^[34] Keeping to the formula established in the analogous U.C.C. provisions, a “qualifying purchaser” is one who obtains control of a controllable electronic record “for value, in good faith, and without notice of a claim of a property right” that competes with the interests of the purchaser.^[35]

These protections have a limit, however. They only extend to controllable electronic records (which includes cryptocurrencies), controllable accounts, and controllable payment intangibles.^[36] A purchaser of other assets, even if tethered to a controllable electronic record, would not enjoy take-free protections unless provided for by laws other than the U.C.C.^[37]

The 2022 Revisions: The Master Crypto Key

Since October 31, 2008, when bitcoin was first proposed,^[38] the idea of cryptocurrencies and other digital assets based on distributed ledger technology has gained wide acceptance. Until recently, despite acceptance of cryptocurrencies,^[39] digital assets have remained apart from the traditional elements of mainstream commerce. With the tools forged by the 2022 Revisions, however, designers of financial products will be equipped to unlock the full potential of the blockchain and similar distributed ledger technology.

1. S. 1840A, 2025–2026 Leg. (N.Y. 2025); Assemb. A3307A, 2025–2026 Leg. (N.Y. 2025). ↑

2. Uniform Commercial Code Amendments with Prefatory Note and Comments (2022) (Am. L. Inst. & Unif. L. Comm’n 2022) [hereinafter 2022 Revisions]. ↑

3. Unif. L. Comm’n, Summary of the 2022 Amendments to the Uniform Commercial Code (2022). ↑

4. 12 U.S.C. §§ 5901–5916. Jessie Cheng offers a good overview of the Act. Jessie Cheng, A GENIUS Act Gameplan: Strategic Paths for Payment Stablecoin Issuers, Bus. L. Today (Aug. 13, 2025). See generally The Genius Act Is Enacted, Davis Polk (July 18, 2025). ↑

5. See, e.g., OCC Interpretive Letters No. 1170 (July 22, 2020) (confirming authority of a national bank to provide cryptocurrency custody services), No. 1172 (Sept. 21, 2020) (concluding that a national bank may hold deposits as reserves for stablecoins), No. 1174 (Jan. 4, 2021) (permitting national banks and federal savings associations to use distributed ledger technology, referred to as independent node verification networks, in the course of performing permitted payment activities), No. 1186 (Nov. 18, 2025) (granting a petitioner bank’s request to pay blockchain network fees and hold “crypto-assets” on its balance sheet as principal for such fees). ↑

6. See, e.g., Vicky Ge Huang, JPMorgan Tokenizes Private-Equity Fund on Its Own Blockchain, Wall Street J. (Oct. 30, 2025). ↑

7. U.C.C. § 12-102 (Am. L. Inst. & Unif. L. Comm’n 2022) (proposed U.C.C. amendments). Unless stated otherwise, references herein to the U.C.C. are to the U.C.C. as amended by the 2022 Revisions. ↑

8. 2022 Revisions, supra note 2, prefatory n. to art. 12, at cmt. 1. ↑

9. U.C.C. § 12-102. ↑

10. 2022 Revisions, supra note 2, prefatory n. to art. 12, at cmt. 4(a). ↑

11. Id.; see also id. official cmt. 9 to U.C.C. § 12-104 (“certain controllable electronic records may carry with them rights to other assets”); id. official cmt. 9 to U.C.C. § 8-102 (discussing treatment of a “digital asset such as a controllable electronic record” as a financial asset); U.C.C. § 9-102(27A) (defining controllable account as an account evidenced by a controllable electronic record); U.C.C. § 9-102(27B) (defining controllable payment intangible as a payment intangible evidenced by a controllable electronic record). ↑

12. 2022 Revisions, supra note 2, official cmt. 18 to U.C.C. § 8-102. ↑

13. Id. ↑

14. U.C.C. §§ 9-102(27A), 9-102(27B). ↑

15. Id. ↑

16. U.C.C. § 9-312. ↑

17. U.C.C. § 9-314 ↑

18. U.C.C. § 9-326A. ↑

19. U.C.C. § 9-314(a). ↑

20. U.C.C. § 12-105 ↑

21. U.C.C. § 9-107A. ↑

22. 2022 Revisions, supra note 2, official cmt. 13(f) to U.C.C. § 9-102. ↑

23. Id. ↑

24. U.C.C. §§ 7-106(b), 9-105(b). ↑

25. 2022 Revisions, supra note 2, official cmt. 6 to U.C.C. § 7-106 (“The utility of distributed ledger technology depends on there being multiple authoritative copies of an electronic record.”). ↑

26. Id. prefatory n. to art. 12, at cmt. 1 (“Many systems for transferring controllable electronic records are pseudonymous, so that the transferee of a controllable electronic record may be unable to verify the identity of the transferor. . . .”). ↑

27. U.C.C. §§ 7-106(b)(1), 9-105(1) (as in effect prior to the 2022 Revisions). ↑

28. Michael J. Casey & Paul Vigna, The Truth Machine 64 (St. Martin’s Press 2018). ↑

29. Id. at 33. ↑

30. U.C.C. §§ 7-106(c)(1), 9-105(c)(1). ↑

31. U.C.C. §§ 7-106(c)(2), 9-105(c)(2). ↑

32. See U.C.C. §§ 2-403, 3-305, 7-502, 9-317. ↑

33. U.C.C. § 12-104(e). ↑

34. 2022 Revisions, supra note 2, official cmt. 7 to U.C.C. § 12-104. ↑

35. U.C.C. § 12-102. ↑

36. U.C.C. §§ 12-104(a), 12-104(e); 2022 Revisions, supra note 2, official cmt. 9 to U.C.C. § 12-104. ↑

37. U.C.C. § 12-104(f); 2022 Revisions, supra note 2, official cmt. 9 to U.C.C. § 12-104 (“Subsection (f) . . . limits the application of the take-free rule . . . to controllable electronic records and . . . controllable accounts and controllable payment intangibles evidenced by a controllable electronic record.”). ↑

38. Casey & Vigna, supra note 28, at 29. ↑

39. See, e.g., Alexander Osipovich & Vicky Ge Huang, Trump 2.0 Era Brings Flurry of Crypto Deals, Wall St. J. (Apr. 26, 2025). ↑

As told to Hon. Elizabeth S. Stong and Mauricio Videla, Esq.^[1]

Have you ever wondered how someone who has a dream job—say, for example, general counsel of a Major League Baseball team—got to that position? Or what kinds of leadership lessons they learned along the way? Matthew J. Shuber, General Counsel and Senior Vice President of Legal Affairs for the Toronto Blue Jays, shares his thoughts and reflections on this subject with the ABA Business Law Section’s Leadership Development Committee, in conversation with past Chair Hon. Elizabeth S. Stong and Mauricio Videla, Esq.

ESS/MV: So, how do you get to be general counsel of a Major League Baseball team—a dream job in the eyes of many lawyers (and sports fans)?

Matthew Shuber: This is a natural question to ask and one that I am asked frequently. And if I simply respond directly to it, then it tells a story. Is that story one with a lesson in it? Perhaps, but not the one people might expect. So, my guidance to everyone is that if you wish to become general counsel in professional baseball, the surefire steps to take are as follows:

1. Join a band and write and perform music, in high school and into college. Optimally, you should also deeply immerse yourself in recorded music and attend a lot of live music concerts.
2. In college, focus initially on computer science and mathematics.
3. Then, midway through college, change directions entirely, moving away from science and math—and next, head off to law school.
4. Midway through law school, dive into a broad range of different substantive areas of the law, and perhaps develop a bit of a specialty in criminal law.
5. After your second year of law school, work at one of the big national law firms, with a focus on litigation, with particular emphasis on drug patent litigation.
6. When you complete law school, pursue a career in criminal defense work. Be sure to work with a wonderful group of uniquely intelligent and thoughtful lawyers, on complex and interesting cases. If they are high-profile matters, so much the better.
7. Keep assessing your choices—and after about three years, move on from private practice and . . . this part is critical . . . do so without a clear plan for your next position, or even your next step.
8. Pursue an odd and unexpected business opportunity with friends, developing skills in sales and negotiation. Be sure that the business doesn’t ultimately generate substantial revenue, and that it comes to an end on its own.
9. Through networking and some number of events—some random, and others less so—be invited by a professional baseball team to interview for a job that you never applied for.

Of course, I say all of this in jest. The point is that this is only my path. And if I were to try to draw some lessons from that path, it’s that there is no single set of decisions or experiences that definitively lead to a legal or business affairs job in sports. Rather, like many things in life, there are many factors that come together to create any particular outcome. With hindsight, you can see how each experience may have led, one way or another, to the next. I try to advise young lawyers that, while a goal or direction is always a good thing, perhaps equally important are the skills and opportunities that present themselves along the way—and you never know for certain where they will lead, but you can be pretty sure that they will lead somewhere interesting.

ESS/MV: Tell us something about you, or your path, that has made a difference, and that does not come up in your “official” bio.

Matthew Shuber: On the one hand—to state something that is entirely obvious—I’m a product of my training and work experience. Even though I did not ultimately stay in criminal law as my field of practice, I was immersed in the representation of clients in unique and complex matters, exposed to novel concepts and theories, and—probably most important—worked on a close-knit team with great, motivated, highly intelligent people. Those people influenced my work ethic and substantive skills, certainly, but they also challenged me, trusted me, and demonstrated how to maintain core values despite outside challenges.

On the other hand, a great deal of what I’ve done in my commercial legal–general counsel–business leadership role has, in all honesty, been self-taught—or perhaps more accurately, developed through the process of challenging myself deeply: to seek out learning opportunities, to question my own work and decisions, and to continually look to grow and improve.

ESS/MV: What are one or two skills that are especially useful for success in the business of law?

Matthew Shuber: One skill is the ability and willingness to dig deeper—deeper into the project that you are working on, for sure, but really what I mean is really investing in every facet of the work, including the environment in which it is taking place; the processes and norms that affect the work; the people with whom you are working and the people you are negotiating with; and your goals for the relationships or arrangement that you are working to establish. And don’t overlook the more nuanced / less obvious factors that may affect all those details.

When I express these things, I wonder if they sound a bit trite. But in my experience, they are not trite at all. Many people, even very intelligent and hardworking people, tend to stop at a particular point and either assume they know “enough” to complete the task, or that there is some kind of known limit that exists beyond which the return on investment isn’t justified. My experience is different. I’ve found that when you challenge yourself to develop a real understanding of all the components of the task, then you become far more comfortable building on that knowledge in the future. And it allows you to invest in your own continual improvement over time—and you’re worth it.

As a real-world example, businesses negotiate commercial services agreements every single day. It’s possible to negotiate some of these agreements with only a limited understanding of the specific services and, if the services are good and useful, the central goals will be achieved. But for myself, I’ve always found that I will do a better job, and get a better result, if I know as much as possible about the services we are negotiating about. I’m determined that when I conclude a negotiation or sign a contract, I should be able to understand and explain it—and anyone else who reads that contract should also be able to do the same. The benefit of this is that then the contract can truly be tailored for risk allocation and responsibilities with precision. And beyond that, as the parties continue to work together, they will have a clear document—and an effective roadmap—going forward.

Here is another real-world example: take the time to learn from the subject matter experts with whom you come into contact and collaborate. I am at my best when I have knowledgeable and capable people to partner with on the team. I always remember the people from whom I have learned the most. And I’ve seen that the best projects, negotiations, and results of my career have been in circumstances of true collaboration and knowledge-sharing.

ESS/MV: What is the best—or worst—piece of advice that you have ever received?

Matthew Shuber: That’s a good question. The best piece of advice is “there is always a place for someone who makes themself indispensable.” I view this as another way of saying that what matters is what you invest in and contribute. Put another way, it’s advice along the lines of “in each situation and with each opportunity, do the very best you can and don’t spend time or energy thinking about what you get back for it.” I’ve found that following that advice always leads to developing new skills and knowledge, and to new pathways that might not have existed or been visible previously.

The worst piece of advice I’ve ever received is “if you find something you’re good at, stick with that.” If I had followed that advice, I would have stuck with criminal defense work. I was at a good firm, with good people, doing interesting and challenging work. But something inside me told me that there were other paths that I could pursue that I might connect with more deeply and sustainably. And I let myself take that chance. I’m glad I did.

ESS/MV: Staying with advice, what advice would you give your twenty-five-year-old self?

Matthew Shuber: To begin, the possibilities are endless! It’s okay not to know precisely where you will be in five or ten years. At twenty-six, I had already been called to the bar, and I was about to start what I thought would be my career, in criminal law. This may seem contradictory, but I think it’s possible both to be committed to a career (and investing deeply in that career to build skills and relationships) and to be open to the fact that, at some point, you may wish to change directions.

ESS/MV: As you have taken on greater leadership roles in your career, and especially now as general counsel, how has your mindset changed in order to meet the demands and expectations?

Matthew Shuber: Honestly, I’m not sure that my mindset has changed at all. At the core, one of my guiding principles has been to evaluate decisions, plans, arrangements, processes, and opportunities against what is best for the organization (as opposed to any particular person or department), and over the long term (as opposed to a short time frame). I’m thankful to be part of an organization that also values long-term, sustainable thinking and decision-making. And while the external demands and expectations may have evolved, I expect a fair bit of myself, and so those external factors haven’t really changed my way of thinking.

ESS/MV: There’s a saying that “leadership is often baptism by fire.” Tell us about a particular significant or memorable business decision or challenge that you confronted and how you approached it.

Matthew Shuber: I would point to the role I had the privilege to play in connection with our Spring Training facility / player development complex in Dunedin, Florida. These facilities are a unique element of Major League Baseball—as a business and as a sport—to say the least, and that is even more true for the Blue Jays as the lone Canadian team.

For obvious reasons, Spring Training facilities projects don’t happen frequently, and when they do, they are made up of a myriad of different discussions, decisions, and factors, each of which is individually complex and challenging. The tasks include financing, working with multiple levels of government, construction and design, internal organizational needs, and more. And while this was a group project, within that group, at particular times I needed to take on various leadership roles and rely on persuasion as opposed to positional authority or direction. I probably learned as much from that experience and opportunity as from any other in my career.

ESS/MV: We have to ask—what’s your “superpower”?

Matthew Shuber: Well, I could say that I have two: neuroticism and self-doubt. I’m being silly, of course. Those aren’t really things I suffer from, but there’s still a nugget of truth there, in that I think we all feel sometimes that we don’t have all the answers.

To be serious, perhaps my “superpower” is my inability to kid myself. If something looks and feels a certain way, then even if there may be outside pressures to ignore that assessment, I simply can’t go there. I ultimately feel driven to tackle reality, even when that reality is unpleasant or seemingly challenging. And I don’t say any of this in any kind of judgmental way. I understand why some people feel that they are facing binary decisions and that they don’t have choices—for example, that either a project or plan must go ahead immediately and without full consideration, or it just won’t be able to go ahead at all.

My experience and approach are more along the lines of “if it’s worth doing, it’s worth doing well.” Not perfectly, mind you, because there’s usually no such thing. Just well. And as I’ve said, I do believe in long-term thinking, so I’ve seen that spending a little more time and energy at the outset pays dividends over time.

ESS/MV: Sometimes a young—or not-so-young—lawyer may find themselves as the only person like them in the room. What tips would you share to deal with that situation?

Matthew Shuber: Honestly, I feel that a mindset that focuses on being the “only” has the potential to be self-limiting. I recognize that there are situations in which people are, in fact, the “only”—there is a reality to that lived experience.

But I think it’s far more productive to take the mental and emotional step that’s needed to emphasize the “in the room” portion, instead of the “the only” portion. That is, once you are in the room, it’s critical to recognize that first, there’s a reason you are there and second, being in that room presents an opportunity. So, own it, try to make a difference by your presence, and don’t limit or sabotage yourself!

Postscript

ESS/MV: When we met, at our Leadership Dialogue program in Toronto, the Blue Jays were in the final weeks of the regular season. Over the course of working on this article, they defeated the New York Yankees in the Division Series and won the American League pennant after an epic matchup with the Seattle Mariners. The World Series between the Blue Jays and the defending champions, the Los Angeles Dodgers, was one for the ages, with the Dodgers ultimately winning Game 7 of the World Series by the slimmest of margins, and then only after 11 innings. I’m sure that the experience of the last six weeks has been something special for you, and I’d be remiss if I didn’t ask you if there are any reflections that you would like to share.

Matthew Shuber: Thank you for asking that. This experience truly has been like no other, and not simply because of the obvious accomplishments of the team on the field. Although the final result wasn’t what any of the Blue Jays players, front office personnel, or our incredible fans would have hoped for, the more I reflect on the experience, the more I’m struck by something even more important than a championship trophy.

Sometimes, in sports and in life, you lose. Although it stings, you know there were specific reasons for the loss and that there was more to do. And so you look to learn from the experience and get better as a result. This experience has been a little bit different. I believe—actually, I know—that everyone in the organization, on and off the field, did all that they could and that we are second to none, whether or not that shows in the final score or the record books.

At this moment I’m struck by the fact that so many people saw—and were moved by—the character, resilience, and fellowship of the Blue Jays players. More than one person has observed and commented to me that this was truly a team, in a way they’ve never seen or experienced before, in any sport.

That makes me enormously proud, because I know that what those people are seeing isn’t an accident. The characteristics of the group of players that competed on the field this October reflects and exemplifies the values and approach of the Blue Jays organization that exists off the field. And I know from many years of working in professional sports that it is hard enough to establish those things in a front office, let alone to have the commitment to do so on the playing field. But our organization has that commitment—and it showed. And it resonated with people. To me, that’s something to be proud of, because in some ways, it’s the most meaningful outcome possible.

* * *

This article is related to a CLE program presented at the ABA Business Law Section’s 2025 Fall Meeting titled “Leadership Defined: A Fireside Chat with Matthew Shuber, Senior Vice President of Legal & Government Affairs and General Counsel of the Toronto Blue Jays (MLB).” For further information, view the program materials.

1. Matthew J. Shuber is Senior Vice President, Legal Affairs and General Counsel of the Toronto Blue Jays Baseball Club (Major League Baseball’s only Canadian franchise) and for Rogers Centre stadium. Hon. Elizabeth S. Stong is a U.S. Bankruptcy Judge for the Eastern District of New York, sitting in Brooklyn. Mauricio Videla, Esq., MPA, is a Banking & Financial Services Counsel and Securities Arbitrator. Judge Stong and Mr. Videla are active in the leadership of the ABA Business Law Section and its Leadership Development Committee. ↑

Not every lawyer gets the chance to be a privacy and security lawyer. Oddly, not every lawyer may even want to. Yet every lawyer—and every business—should be able to identify how privacy and security law risks, opportunities, and obligations impact their clients or their business activities.

Privacy and security law is a relatively new concept in the United States. It did not exist when I was in law school (prehistoric times). Virtually all of the relevant law for commercial enterprises is less than twenty-five years old, with much of it arising in the past several years (with ongoing changes every year). From humble and narrow beginnings, this body of law now impacts essentially any business of any size in any industry anywhere in the country (and really the world). My goal is not to turn every lawyer into a privacy lawyer (I don’t need the competition); instead, my goal is to teach general business lawyers why they should be familiar with basic privacy and security law issues and how to identify when and where these issues arise.

The General U.S. Privacy Framework

U.S. privacy law—unlike the laws of virtually every other country in the world that has privacy laws—falls into various categories, with many detailed laws to address specific situations and activities. (By contrast, other countries tend to have one generally applicable law.) These U.S. laws fall into four general categories:

• Sector-specific law. U.S. privacy law is often described as “sectoral.” What this means is that there are key federal laws regulating privacy in certain sectors, in theory designed for specific issues related to those sectors. These include the Health Insurance Portability and Accountability Act (“HIPAA”) for the health-care industry, the Gramm-Leach-Bliley Act (“GLBA”) for financial services, and the Family Educational Rights and Privacy Act (“FERPA”) for education.
• Practice-specific laws. We have a variety of federal laws (often with state counterparts) that relate to specific business practices, primarily those that relate to marketing, including the CAN-SPAM Act (email marketing) and the Telephone Consumer Protection Act (“TCPA”) for telemarketing and texting.
• Data-specific laws. We also have a variety of state and federal laws regulating certain categories of data. This can include both federal laws and rules (e.g., the 42 C.F.R. part 2 rules for substance abuse treatment information, the Children’s Online Privacy Protection Act (“COPPA”) rules for children’s data, and the Genetic Information Nondiscrimination Act (“GINA”)), as well as a broad and growing range of state laws such as the Illinois Biometric Information Privacy Act (“BIPA”) and the Washington My Health My Data Act for consumer health information.
• State “comprehensive” laws. Although there is no generally applicable federal privacy law, since California passed the California Consumer Privacy Act, we now have twenty state laws that are said to “comprehensively” regulate privacy law in those states for residents of those states. While these laws generally are less comprehensive than the General Data Protection Regulation (“GDPR”) in Europe, as they exempt smaller companies, generally exempt nonprofits, and generally exempt entities that are subject to other laws, these state laws provide an important gap-filling baseline for a wide variety of previously unregulated businesses.

Accordingly, while U.S. privacy law may not be obviously comprehensive in the way that European law is under the GDPR, our existing (and expanding) legal structure applies multiple overlapping and perhaps inconsistent laws based on who is doing what with what data. This regulatory complexity creates part of the challenge of developing appropriate compliance that addresses a typical business’s full set of privacy risks.

Beyond these privacy laws, we also see two other important categories of relevant and related laws. First, there are multiple laws at both the state and federal level related to data security. These can include sector-specific data security laws, such as with HIPAA or GLBA, or state-specific laws, such as the Massachusetts data security law. These laws create general standards, often couched as “reasonable and appropriate” safeguards; but these provisions can lead to meaningful enforcement, and security breaches are the primary driver of class action litigation and regulatory enforcement in this space. Second, there also are laws related to data breach notification in every state, as well as additional data breach notice laws in other contexts. These laws require notification to consumers and often regulators and/or the media in the event of data breaches involving specific kinds of personal information.

On top of this vast array of laws, we also see additional “law” based on enforcement activities from key regulators that take action on data privacy and security issues often independent of specific laws related to privacy. For example, the Federal Trade Commission (“FTC”)—under section 5 of the Federal Trade Commission Act—regulates “unfair or deceptive acts or practices,” which it regularly views as including issues related to data security incidents, potential improper collection, and use or disclosure of personal information. State attorneys general also engage in similar enforcement of privacy and security principles based on their own consumer protection authority.

Business and Legal Areas Implicated

This complicated set of laws (which is being supplemented on a regular basis, particularly at the state level) encompasses a broad range of businesses across every industry. In addition, these requirements are creating material issues across a wide range of legal practice areas outside of a privacy specialization. For example, lawyers in the following practice areas need to be cognizant of privacy issues in their space:

• Mergers and acquisitions (“M&A”). Virtually every corporate transaction triggers the need for a privacy and security review. Every acquired company has a computer system and employees. Almost all have business contact information. More and more companies collect, use, and disclose a much broader range of consumer information in various contexts than in the past. All of these issues need to be examined in transaction diligence and incorporated into integration plans post-acquisition.
• Litigation. Litigators need to be aware of privacy and security issues for two separate reasons. First, there is a growing range of class action litigation about privacy law. This most frequently includes either class action litigation following a data breach or class action litigation based on other kinds of practices that the plaintiffs’ bar views as problematic (such as the use of tracking technologies on websites). Beyond these privacy-specific litigation matters, litigators also need to understand the impact of privacy law on other kinds of litigation. If you are bringing a medical malpractice case, you need to understand the privacy rules for obtaining information from health-care professionals. If you are conducting discovery (or are subject to discovery) involving your employees’ activities or a review of their communications, you need to understand how privacy law impacts this information-gathering activity. Even where the case is not “about” privacy law, privacy law impacts a wide range of litigation issues in cases that are not directly about privacy at all.
• Employment. Employment law increasingly is about data. Artificial intelligence (“AI”) and data analytics are driving the hiring process. Employee monitoring is growing particularly as the workforce is more remote and more mobile. These issues raise fundamental privacy issues, where formal U.S. law is sparse but growing (with lots of risks from faulty or misused data) and international law is fully developed.
• International trade. Privacy also is impacting international trade and overall international business activities. European privacy law, for example, prohibits the transfer of personal data from Europe to countries that do not have “adequate safeguards” for this data—which often includes the United States. Several efforts to “fix” this inadequacy have been stopped by the European courts—leading to high-level diplomatic negotiations to restart the ability of companies to move data to the U.S. Recent developments in U.S. law have started to impose meaningful restrictions on data flows to certain countries. The overall complexity of international privacy law impacts global compliance and raises costs and the difficulty of operating internationally.
• AI. AI law is largely being modeled on the development of privacy law. As with privacy law, the European Union is moving to a single overall regulatory model. As with privacy law, the U.S. seems to be moving in fits and starts and regulating specific practices, largely at the state level to date. The regulators will be primarily the same as with privacy law (mainly the FTC and state attorneys general in the U.S.).
• Antitrust/competition law. Increasingly, business success is driven by data. More data typically is better, particularly in connection with the development of AI. This race to grow data volumes now turns privacy and collection of personal data into a competition issue on top of being a privacy issue.
• Cybersecurity. Data security also is a broad area of concern for any business, independent of specific legal requirements. These risks can be incidents involving personal information (where consumer protection and regulatory requirements are more extensive) or “cybersecurity” incidents, which can relate to national security concerns, commercial interests, and/or overall systemic interconnections. A company that is shut down because of a ransomware attack freezing corporate information systems may not necessarily have personal data issues—but it makes running a business quite challenging when the company is not able to run its computer systems or website.

Some Key Areas for Consideration

These issues impact different companies in different ways: a consumer health company has a very different risk profile than a clothing store. But there are some critical common themes that apply to virtually any company operating in the United States (and typically around the world as well):

• Security policies and incident response preparation. Security risks should be top of mind for virtually any company. Data security requires constant, ongoing attention—to stay on top of technological developments, understand how most incidents occur, and evaluate the impact of regulatory enforcement actions on your business. This is an area where thoughtful advance planning is critical not only to build effective information security programs but also to develop a specific incident response plan for how to handle the inevitable incident when it does in fact happen. An easy hint: Evaluate where you do not have multifactor authentication in place, as well as every place in your company that you store or collect Social Security numbers.
• Data minimization / data maximization tensions. Companies need to understand both the privacy issues and the security risks from common efforts to gather as much data as possible. Privacy laws increasingly are mandating specific data minimization or minimum necessary requirements when companies engage in permitted data activities. At the same time, companies thrive in their business analytics—especially if developing appropriate AI is part of the plan—by gathering and analyzing as much data as possible. But the collection and long-term maintenance of data create security risks—security incidents are always bad, but an incident involving data that you should not still have will be worse.
• M&A integration. An extraordinary percentage of large-scale security beaches involve situations where a recently acquired company becomes a target of an attack before its security practices are effectively integrated with the parent company’s approach. Threat actors know to attack this weak spot. An effective and prompt integration plan on data security issues is critical.
• Business expansion issues. There are similar acquisition impacts related to privacy law. The small acquired company may not be subject to many of the U.S. state laws. Once acquired, however, the purchaser (typically a bigger company) will inherit a set of practices that may not have violated law before the acquisition—but now will. Also, companies may face real challenges in integrating data from acquired companies or engaging in specific activities where the two business operations are being combined. These issues involve both the small-company perspective (your potential purchaser may be very concerned about the vendor contracts that you signed as your business was getting going and that contain unlimited liability provisions, or you may have limited data rights because you had little leverage in getting your business going) and the larger-company view (where the benefits of an acquisition may be reduced if there is a data breach or acquired data cannot realistically be integrated under applicable law). Thinking about size, these issues impact both start-ups and much larger companies, although in different ways.
• AI overlay issues. Companies need to evaluate their approach to AI alongside of privacy law. Do you have contractual or legal rights to use the data that you have for AI purposes? Are you making decisions using AI that is regulated by privacy law? Does privacy law impact what permissions you need from consumers before using their data for AI purposes? The law in this area is already confusing and likely will continue to grow in its complexity for the foreseeable future.

U.S. privacy law is increasingly chaotic. It will continue to be challenging to stay on top of all of the different developments and for many companies to understand the full range of relevant concerns. A few key points to think about:

• You should be considering any place in your company (or your client’s company) where you are collecting, using, storing, or disclosing sensitive categories of personal information. These data categories are the most regulated and overall the most risky, both for privacy and potential data security breaches.
• You need to understand the geographic footprint of your business operations. Do you operate nationwide (meaning you will likely be subject to all of the relevant state laws)? Are you subject to the GDPR because you are either in Europe physically or taking steps to seek consumer business from Europe?
• You need to consider whether you are subject to some of the riskier state laws, such as the collection of biometric information in Illinois or the use of consumer health data in Washington.

Conclusion

While privacy and security law will continue to be a specialty area of legal practice, the implications of privacy and security law apply much more broadly. As a lawyer, you are not effectively representing your clients if you do not understand how privacy law impacts their operations. If your business doesn’t yet have a privacy officer, you likely should have one now or will need one soon. And the one you have should be a reasonably high-level person in the company with appropriate compensation and legal authority.

The latest Federal Trade Commission (“FTC”) action in furtherance of its avowed commitment to “restore fairness to the American labor market” involves a no-poach investigation, not a noncompete case. On December 19, 2025, the FTC announced that it and the New Jersey Attorney General’s Office reached settlements with a building services company barring it from using no-hire agreements.

According to New Jersey’s attorney general, “When employers enter into no-hire agreements, employees pay the price. They have fewer job opportunities, lower wages, and weaker benefits. That’s why our office is committed to ending these unlawful labor practices across our state.” The FTC expressed a similar sentiment: “American workers have a right to pursue job opportunities that offer them higher pay and better benefits. Yet anticompetitive no-hire agreements . . . prevent workers from realizing their full earning potential.”

The FTC’s complaint alleges that the no-hire provisions violate both Section 1 of the Sherman Act, which prohibits agreements that unreasonably restrain trade, and Section 5 of the FTC Act, which bars unfair methods of competition. The agency defines “no-hire agreements” in the complaint as an agreement between two or more companies that “restricts, imposes conditions on, or otherwise limits a company’s ability to solicit, recruit, or hire another company’s employee,” directly or indirectly, either during employment or for any period of time after, including by imposing fees.

The injury to competition alleged under Section 1 includes the elimination of “direct, horizontal, and significant forms of competition to attract labor in the U.S. building services industry,” thereby denying employees access to job opportunities, restricting their mobility, and depriving them of competitively significant information that they could have used to negotiate for better terms.

With respect to Section 5, the FTC claims that the no-hire agreements tend or are likely to harm competition, consumers, and employees in the building services industry. Restricting the ability of building owners and competing building service contractors to hire employees harms:

• Employees because it limits their ability to negotiate for higher wages, better benefits, and improved working conditions, and may lead to further hardship if the building where they work changes management, because the no-hire agreements force them to leave their jobs in some circumstances.
• Building owners and managers because they may be foreclosed from seeking or accepting bids from competitor vendors due to the prospect of losing long-serving workers with extensive, building-specific experience.

Neither the complaint nor the analysis in aid of public comment makes allegations related to market power or market share. Based on published information, the vendor told FTC staff that it did not enforce the no-hire provisions. During the course of the investigation, begun in the prior administration, however, the FTC learned that there had been at least one attempt to enforce compliance. An FTC statement also notes that any legitimate objectives of no-hire agreements could have been achieved through significantly less restrictive means. The agency specified that, among other terms, the scope and duration of the restrictions were not reasonably necessary to achieve the purported procompetitive purpose.

Before the most recent government shutdown, the FTC made clear its intent to bring enforcement actions against conduct likely to harm labor markets, although the focus then appeared to be “unfair” employee noncompete agreements. In September 2025, the FTC abandoned its defense of its 2024 rule banning virtually all worker noncompetes, entered into a settlement agreement with a pet cremation company prohibiting use of noncompete clauses in its employment agreements, issued a Request for Information Regarding Employer Noncompete Agreements to enlist the public in identification of “specific employers continu[ing] to impose noncompete agreements,” and announced that it would host a workshop regarding unfair noncompete agreements.

The FTC’s noncompete workshop has been rescheduled for January 27, 2026, with an agenda for three panels: (1) Locked out of Work: Victims of Anticompetitive Noncompetes; (2) Unleashing the American Worker: Policy Perspectives on Noncompetes; and (3) Counting the Costs: The Economics of Noncompetes.

Although the public case materials provide limited information, there are some key takeaways from the latest FTC enforcement action:

• Make certain that any representations made to agency staff are accurate.
• The FTC intends to continue to police labor markets in terms of no-hire and noncompete agreements.
• Restrictions on worker movement should be framed as narrowly as possible to accomplish a specific and demonstrable procompetitive goal.
• “Penalties” or fees designed to prevent worker departures or improved bargaining positions should be avoided. The more significant the fee, the greater the antitrust risk.
• Restraints that go beyond the employees staffed on the specific project that is the subject of the contract are riskier.
• Noncompete and no-hire provisions are riskier when the impacted employees are low-wage workers, largely because it can be difficult to justify the restrictions.
• Even restraints that exceed the term of employment by only six months may be excessive, particularly if low-wage workers are affected.
• Worker restrictions should not be designed to prevent competition in market for the employer’s products or services.

Because modern directors and officers (“D&O”) liability policies are written on a “claims made” basis, coverage is determined based on when the claim for wrongful acts is first made against an insured. If a company does not have a D&O policy in place, it risks being uninsured for claims made during a gap in claims-made coverage. D&O policies also contain “change in control” provisions limiting coverage for wrongful acts occurring after there is a change in ownership. So, what happens when a company is acquired, merges with another company, or sells its assets such that the selling entity no longer is a going company that maintains a D&O policy?

The approach taken in many transactions is securing “runoff” and “tail” coverages, which extend a policy’s coverage period beyond the date of the transaction and allow insureds to recover for claims alleging pre-transaction wrongdoing. However, from a practical standpoint, placing and pursuing coverage under tail policies can be fraught with peril. This article presents an overview of five common coverage issues to consider when runoff provisions are at play.

1. Negotiate Favorable Policy Provisions (and Then Follow Them).

D&O policies are not all created equal. Quite the opposite, as terms are heavily negotiable and customizable. This variety carries over to D&O policy runoff and tail coverage. For instance, many standard forms do not include guaranteed tail coverage with pre-negotiated term and pricing options. Leaving these critical coverage negotiations to chance can lead to real problems, especially when a company is insolvent or in bankruptcy, where cash flow is paramount and large insurance premiums can exacerbate existing financial strain. Negotiating terms in advance can introduce certainty and predictability in the midst of complex transactions and ownership changes.

Policies may also impose varying degrees of requirements to select and effectuate tail coverage. For example, policies can require prompt notice of changes in management control, sometimes accompanied by additional underwriting requirements to secure coverage.

Understanding precisely when and how those provisions operate in practice can minimize conflict based on technicalities in the policy.

To help facilitate seamless insurance continuity in future transactions, policyholders should assess their D&O coverage placements and renewals with an eye towards future M&A activity and how runoff and tail provisions would be treated in those transactions.

2. Understand What Constitutes a Change in Control.

One basic but often overlooked question about tail coverage is when it even may be implicated. Companies and executives may have their own assumptions about when D&O policies will continue in force or require tail coverage, which may not match what the policy actually says. For example, some may assume that simply filing for bankruptcy automatically triggers a change in control. Or conversely, some may assume that a company’s emergence from bankruptcy does not trigger runoff provisions in the absence of a more traditional acquisition or merger. Neither assumption may be true, and the policy will always control.

These kinds of misunderstandings can then lead to the failure to timely elect tail coverage, missed notice deadlines, and similar missteps that insurers can use to deny or limit coverage. Missing these nuances in policy language can leave policyholders exposed to D&O claims without a coverage safety net. Working closely with risk professionals, like brokers and outside coverage counsel, can help navigate these issues and avoid transaction-related gaps in coverage.

3. Be Wary of Straddle Claims.

A company can seemingly do everything right—place robust D&O coverage, monitor forthcoming changes in control, timely elect tail coverage, and submit a post-transaction claim for coverage alleging pre-transaction wrongdoing ostensibly covered by the tail policy. But then comes a surprise denial. Some of the biggest offenders that can seemingly negate tail coverage altogether are exclusions aimed at so-called “straddle” claims. Straddle claims allege misconduct both before and after the effective date of tail coverage.

Coverage grants in tail policies are tailored to respond only to claims alleging pre-closing wrongful acts. But some insurers go a step further in adding exclusions to policies that bar coverage for any claim based upon, arising out of, directly or indirectly resulting from, or in any way involving a wrongful act allegedly committed on or after the runoff date. These provisions eliminate coverage entirely—even for portions of the claim tied exclusively to pre-runoff wrongdoing—based on the presence of a single post-runoff wrongful act. That can lead to finger-pointing between insurers, especially where a surviving entity purchased a going-forward D&O policy that has a similarly broad exclusion barring coverage for any claim involving any pre-closing wrongful acts.

To avert contentious coverage battles, policyholders should closely scrutinize tail policies to eliminate or narrowly tailor these kinds of exclusions. Clarifying how policies address straddle claims can ensure that such claims do not fall through uncovered cracks because of conduct timing. Buyers and sellers should have an understanding of the pre-closing and post-closing insurance regimes that will be in place around a transaction in order to avoid any potential denials of straddle claims.

4. Reckon with Reduced Limits and Coverages.

Policyholders purchasing tail coverage may also assume that all coverage terms remain intact. In addition to new exclusions, however, tail policies may also be accompanied by reduced limits. This can be especially important to monitor because the tail coverage in place as of the runoff date is finite and needs to respond to all claims throughout the entirety of the runoff period, which often lasts six years.

Tail endorsements for management liability policies may also include only certain coverages, most commonly D&O, and omit other coverages, such as employment practices liability. Assessing the full suite of available tail and extended reporting periods can ensure there are no unexpected gaps in coverage for post-closing claims. For example, a selling company would likely want broad coverage, while a buyer who has agreed to pay for some, or all, of a tail policy may argue that including atypical tail endorsements was not contemplated when an insurance cost-sharing arrangement was agreed to. Both sides of a transaction should endeavor to be as precise as possible when allocating costs and specifying expected tail policy terms to avoid disputes and ensure appropriate coverage throughout the transaction.

5. Consider Coverage for the Wind Down.

Tail coverage is especially important in bankruptcy as debtors seek to have plans confirmed and questions arise about protecting against historical or future liabilities. One overlooked aspect can be in liquidations requiring plan administrators or other individuals, like chief restructuring officers (“CROs”), to stay on after a plan is confirmed to wind down operations. Under most tail policies, D&O coverage terminates at the time of plan confirmation, even if exposure to claims challenging the orderly liquidation or winding down of the company does not cease. To address that, policyholders can secure “wind down” coverage to fill that gap and extend protection during wind-down phases to key administrators, CROs, and anyone else facing potential exposure for post-confirmation conduct.

* * *

Runoff and tail coverage should protect companies and directors and officers against claims for legacy liabilities, but pitfalls abound. Proactively negotiating favorable terms and understanding and adhering to key policy provisions can help ensure continuity of coverage and avoid uninsured exposures and surprise denials after closing.

As chairs of the American Bar Association’s Private Target Mergers & Acquisitions Deal Points Study (the Private Target Deal Points Study), we are pleased to announce that we published the latest iteration of the study to the ABA’s website on December 16, 2025.

Congratulations! But Wait. What Exactly Is This Private Target Deal Points Study, Anyway?

The Private Target Deal Points Study is a publication of the Market Trends Subcommittee of the ABA Business Law Section’s M&A Committee. It examines the prevalence of certain provisions in publicly available private target mergers and acquisitions transactions during a specified time period. The Private Target Deal Points Study is the preeminent study of M&A transactions, widely utilized by practitioners, investment bankers, corporate development teams, and other advisors.

The 2025 iteration of the Private Target Deal Points Study analyzes publicly available definitive acquisition agreements for transactions executed and/or completed either during calendar year 2024 or during the first quarter of calendar year 2025. In each case, the transaction involved a private target acquired by a public buyer, with the acquisition material enough to that public buyer for the Securities and Exchange Commission to require public disclosure of the applicable definitive acquisition agreement.

The final sample examined by the 2025 Private Target Deal Points Study is made up of 139 definitive acquisition agreements and excludes agreements for transactions in which the target was in bankruptcy, reverse mergers, and transactions otherwise deemed inappropriate for inclusion.

Although the deals in the 2025 Private Target Deal Points Study reflect a broad array of industries, the health care and technology sectors together made up over 20% of the deals. Asset deals comprised 21% of the study sample, with the remainder either equity purchases or mergers.

Of the 2025 Private Target Deal Points Study sample, 42 deals signed and closed simultaneously, whereas the remaining 97 deals had a deferred closing some time after execution of the definitive acquisition agreement.

The transactions analyzed in the 2025 Private Target Deal Points Study were in the “middle market,” with purchase prices ranging between $25 million and $900 million; purchase prices for a majority of deals in the data pool were below $200 million.

The Private Target Deal Points Study Sounds Great! How Can I Get a Copy?

• All members of the M&A Committee of the Business Law Section received an email alert from Jessica Pearlman with a link when the study was published. If you are not currently a member of the M&A Committee but don’t want to miss future email alerts, committee membership is free to Business Law Section members, and you can sign up on the M&A Committee’s homepage.
• ABA members who are not currently members of the Business Law Section can sign up to join on the Section’s membership webpage.
• The published 2025 Private Target Deal Points Study is available for download by M&A Committee members from the Market Trends Subcommittee’s Deal Points Studies page on the ABA’s website. Also available at that link are the most recently published versions of the other studies published by the Market Trends Subcommittee, including the Canadian Public and Private Target M&A Deal Points Studies, European Private Target M&A Deal Points Study, US Public Target Deal Points Study, and Strategic Buyer/Public Target M&A Deal Points Study.

How Does the 2025 Private Target Deal Points Study Differ from the Prior Version?

The 2025 version of the Private Target Deal Points Study has a number of features that differentiate it from prior iterations.

• Earnouts: Earnouts became less prevalent and displayed some buyer-friendly features. Use of earnouts decreased from 26% during the period covered by the 2023 Study to 18% during the period covered by the 2025 Study. Earnouts are often used to address valuation gaps, and this data point suggests that valuation gaps narrowed somewhat during the period covered by the 2025 Study.
• RWI: The use of representations and warranties insurance (RWI) increased compared to the prior Study. 63% of deals during the period covered by the 2025 Study referenced RWI (our proxy for whether a transaction utilized RWI) as compared to 55% of the deals during the period covered by the 2023 Study.
• No Survival Deals: Deals that provide that representations and warranties do not survive closing increased from 30% in the prior Study to 41% in this Study. This increase is likely related to the increase in RWI deals.
• Indemnification for “Actual” vs. “Alleged” Breaches: Indemnity coverage for alleged breaches increased from 17% from to 27% in this year’s Study; this appears to also be driven by an increase in RWI deals.
• Single vs. Double Materiality Scrape: The use of double materiality scrapes increased from 69% to 82% in the prior study. Again, this increase appears to be related to the increase in the use of RWI.
• New Data Points: We added a few additional data points. Look for the “new data” flags (see samples below) to make them easy to spot.
  • 
    Transaction Expenses as Part of Post-Closing Adjustment. We added a data point to track how often transaction expenses are taken into account in the post-closing purchase price adjustments.
  • Existing Fact/Condition as Part of MAE Definition. We wanted to see how often deals that include the definition of “Material Adverse Effect” (MAE) specify that a fact or condition existing at the time of signing the acquisition agreement could constitute an MAE, so we added that data point to this year’s Study.
  • Control of Defense of Third Party Claims—Failure to Adequately Defend and Government Authority Involvement. We have added to this year’s Study a data point on how often the failure/inability to adequately defend a claim could result in a loss of the indemnifying party’s right to control defense of that claim. We added a similar data point on claims involving government regulatory authority.
  • Fraud as a Standalone Indemnity. We added a data point tracking how often fraud is included in purchase agreements as a standalone indemnity.

Please join us in extending a huge thank-you to everyone who worked so hard on this study, from leadership to advisors to issue group leaders to the working groups, all of whom are listed in the credits pages.

For more information, at 1:00pm EST on February 10, 2025, there will be an In the Know webinar with the Study Chairs and Issue Group Leaders providing analysis and key takeaways from the results of the Private Target M&A Deal Points Study.

The legal profession, as an independent pillar of American democracy, commits to upholding the rule of law, whether it is through defending this fundamental principle in the courtroom or zealously advocating for support from major institutions and the American public. With the current U.S. political landscape introducing new challenges for lawyers, one thing is clear—America’s power rests on the strength of its rule of law, which respects differing viewpoints through civil discourse in order to maintain its integrity in policymaking and governance.

In recent years, the heightened geopolitical climate in the United States and globally has left individuals, families, businesses, and communities to grapple with many difficult conversations, challenged by opposing ideological viewpoints of those closest to them. The purpose of this article is to share observations from a dispute resolution practitioner’s perspective on how individuals across the ideological spectrum can aim to restore peace and preserve relationships with those of diverging worldviews.

The following are stories of lessons learned and personal thoughts on how one can bridge ideological splits.

Understanding of the Self

The last few presidential election cycles have caused families, colleagues, and communities to publicly express dissatisfaction if the outcome was not in their favor. Like many, I also fell victim to my own judgments during those moments. Then, I started reflecting and asking myself, “Why is it that some of the friends and family I respected the most and felt most aligned with suddenly, overnight, became the very people I judged due to a single vote? What values did we share that bonded us in the first place—because we clearly have areas in our lives where our minds meet?”

By practicing self-reflection and self-questioning, we can better recognize our own biases and judgments and let those learnings inform how we navigate difficult conversations grounded in respect, empathy, and understanding. Further, by practicing honest self-inquiry, we can more effectively and confidently communicate our ideological positions and beliefs, thereby raising each other’s awareness about the shared values and differing priorities.

To Better Understand the Other

In most households, it is nearly impossible for all family members to agree on personal matters, let alone ideological beliefs. The closer a relationship, the more likely one strongly reacts to feelings of invalidation or judgment. When there is genuine curiosity, mutual respect, and confidence in the relationship, however, any polarizing views will undoubtedly create a productive discussion. In my experience, I have learned that by assuming the other person’s “positive intent,” my relationship with the individual I disagreed with naturally grew closer; we managed to separate our positions from our relationship and not let our minds be clouded by reducing the other person’s entire being to just one single vote.

By validating another person’s feelings and not necessarily their viewpoint, we can foster more trust, openness, and candidness from that individual. Through active listening and sincerity during this “information-gathering phase,” we can gain added context and background that help us better understand what shaped the other person’s decisions. As individuals, all of us—what I like to call multifaceted beings—are shaped by our unique upbringing, experiences, and education, among other things. Therefore, this exercise of “seeking first to understand, then to be understood,” as Stephen Covey says, can help deepen the relationship by successfully moving through crucial conversations to allow everyone their right to feel seen and heard, without judgment.

In Order to Preserve the Relationship

The closest relationships are often the ones that cause deeper emotional wounds and disappointments when ideological viewpoints clash. However, the strength of a relationship only deepens when we have the confidence and knowledge that any crucial conversations will not shake its foundation. To bridge any divide, the power lies in our ability to maintain composure and willingness to talk at critical moments so that productive dialogue can lead to a more profound understanding from both sides.

In summary, bridging the ideological divide does not require individuals with opposing viewpoints to engage in a lengthy debate in defense of their positions. It simply requires each person to be self-aware of their own biases and judgments, reflect on their shared core principles, if any, and invite dialogue, rooted in empathy and curiosity, with those on opposite ends of the ideological spectrum. Conversations about conflicting viewpoints are justifiably difficult to navigate, but without them and without diversity of thought, we would not be the United States of America with an established rule of law that has stood tall for nearly 250 years.

This article is part of a series on the rule of law and its importance for business lawyers created by the American Bar Association Business Law Section’s Rule of Law Working Group. Read more articles in the series.

This is the twelfth installment in the Year in Governance Series from the In-House Subcommittee of the ABA Business Law Section’s Corporate Governance Committee. Each month, the series will share key tips on a different corporate governance topic. To get involved in the Corporate Governance Committee, please visit the committee’s webpage.

A message from Kathy Jaffari: “As Chair of the Corporate Governance Committee, I would like to extend my sincere appreciation to the authors for this publication. The Corporate Governance Committee has ongoing opportunities for writing and volunteering with various projects, whether it’s an article you want to publish or a CLE that you want to present. Our Committee is dedicated to helping you promote informative resources for corporate governance practitioners. You may contact me at [email protected] to get involved.”

Is your board of directors fit for the future? Board evolution should be top of mind for both private and public companies. A forward‑looking board adapts to strategic shifts and leadership changes, maintains an evergreen skills matrix, and balances tenure with age and domain diversity to ensure fresh perspectives alongside stability. When executed effectively, board evolution enhances competitive relevance, decreases governance risk, strengthens resilience, and sets the foundation for the company to outperform its peers. These ten tips offer key factors to consider to ensure an evolving board.

1. Strategic alignment and leadership changes. As strategic direction and leadership change at a company, so should the board. Directors should always consider whether their contributions can support long-term objectives and increase shareholder value. A new strategic direction may require thoughtful replacement of certain directors. An evolving board proactively aligns its membership with current strategic direction, seeking new expertise where needed to strengthen governance and performance.
2. Diverse perspectives and skillsets. An evolving board thrives on diversity of background, experience, and qualifications. Foundational expertise in leadership, operations, risk management, finance, and governance is expected of all directors, but true effectiveness comes from integrating a wide range of perspectives and capabilities. An evolving board actively identifies skill gaps and seeks complementary competencies that elevate collective impact. Ongoing education, particularly in emerging and trending topics, fosters continuous learning and ensures directors remain current. By combining strong core skills with diverse viewpoints, boards can be better equipped to navigate complexity, challenge assumptions, and drive strategic resilience in today’s rapidly changing business environment.
3. Tenure. Tenure is valuable in creating stability and knowledge continuity at the highest level. Excessive tenure can also limit fresh perspectives, however. An evolving board should balance institutional knowledge with new ideas and diverse viewpoints. Boards can establish guidelines for director tenure to promote renewal and prevent stagnation. These guidelines also provide for a more graceful director exit at the appropriate time.
4. Age diversity. Age-linked policies, such as a mandatory retirement threshold, support board refreshment without compromising valuable experience. An evolving board should consider a mix of generational perspectives, which can strengthen alignment with current market dynamics and current business needs. Younger directors may bring perspectives that resonate with target demographics, while seasoned members can provide stability and institutional knowledge. Striking the right balance ensures inclusivity, continuity, and relevance.
5. Collaboration and camaraderie. Boards should regularly assess how directors build trust and collaborate. Strong trust and camaraderie lead to effective decision-making and reduce noise both in board meetings and in oversight of leadership. An evolving board should incorporate questions on teamwork into annual evaluations, which will help identify areas for improvement and accountability. When necessary, decisive action should be taken to address persistent uncooperative behavior, as a single disruptive director can compromise the effectiveness of the entire board.
6. Self-reflection. As the company evolves, directors should reflect on their own commitment and contributions. Are they making a valuable impact? Do they still have the time to commit to the increasing demands of board service? Questions related to self-evaluation can be added to the annual board evaluation review or can be discussed in quiet conversations with individual directors. An evolving board encourages a culture of self-awareness that fosters accountability and effectiveness.
7. Commitment to thoughtful evolution. The composition of the board and board committees should be refreshed regularly instead of remaining static. Tools like overboarding policies and voluntary rotations create a culture of commitment to change. Committee rotations not only introduce fresh perspectives but also broaden directors’ enterprise‑level knowledge. An evolving board embraces change that revitalizes governance while preserving the continuity necessary for stability.
8. High-risk conflicts. Director conflicts of interest, whether relational or financial, can damage trust and credibility. High-risk conflicts can also call into question the decision-making process of the entire board and lead to litigation risk. An evolving board should implement clear, consistent policies to identify, disclose, and mitigate conflicts of interest. Proactive management of these risks reduces governance vulnerabilities and reinforces the board’s integrity.
9. Activism preparedness. Shareholder activism frequently focuses on the composition of the board and the effectiveness of board members. Unaddressed vulnerabilities are often highlighted by activists or institutional investors, putting the board on the defensive. An evolving board proactively monitors investor sentiment, anticipates stakeholder concerns, and ensures the company is meeting expectations for board composition. By identifying and addressing potential weaknesses in advance, boards can reduce external pressure and maintain credibility.
10. Succession planning. Always anticipate director transitions, both expected and unexpected. An evolving board should revisit succession planning at regular meetings of the governance committee and ensure transparency with a full report to the entire board. Governance committees should engage search firms to maintain an ongoing pipeline of qualified candidates and ensure readiness to refresh the board. Proactive succession discussions build trust, reinforce stability, and strengthen stakeholder confidence by demonstrating foresight rather than reacting to change.

The views expressed in this article are solely those of the authors and not their respective employers, firms or clients.

This is the fourth and final installment in a series on damages available for intellectual property (“IP”) claims, focusing on trade secret damages. Understanding damages is essential for two reasons: it highlights the potential rewards of building a robust IP portfolio, and it offers a benchmark for assessing risk when facing an IP claim. Our previous articles discussed trademark, patent, and copyright damages.

Trade Secret Misappropriation

Trade secrets consist of formulas, practices, processes, designs, instruments, patterns, or compilations of information that confer a business advantage over competitors who do not know or use them.

Misappropriation of trade secrets involves unauthorized acquisition, disclosure, or use of a trade secret, protected under the Uniform Trade Secrets Act (“UTSA”), as adopted by various states, and/or the federal Defend Trade Secrets Act of 2016 (“DTSA”).^[1] The UTSA provides a framework for civil claims while the DTSA grants trade secret owners the ability to seek redress in federal court, along with a clear definition of misappropriation and measures for safeguarding trade secrets, including measures against international espionage.

All states except New York and North Carolina have adopted the UTSA. North Carolina has its own distinct yet similar statutory framework for the UTSA, while New York applies common-law principles to trade secret matters. The DTSA is a federal law that applies nationwide.

Trade Secret Damages

Under the UTSA and the DTSA, trade secret owners can seek damages for actual loss, unjust enrichment, reasonable royalties, or exemplary damages up to double any other remedy when willful and malicious misappropriation exists.

Monetary relief under both the UTSA and the DTSA may be appropriate whether or not injunctive relief is granted.

Monetary damages are only appropriate for the period in which misappropriation overlaps with the period in which information is entitled to protection as a trade secret, plus the additional period, if any, in which a misappropriator retains an advantage over good-faith competitors because of misappropriation.

Actual Loss and Unjust Enrichment

Both the UTSA and the DTSA state that a successful plaintiff is entitled to damages for actual loss and unjust enrichment.

Actual Loss

Actual loss can include lost profits or other measurable harm directly attributable to the defendant’s actions.

A plaintiff bears the burden of proving actual damages with sufficient evidence. A lack of evidence or speculative claims may preclude recovery under these measures. There must be a clear depiction of the financial damage resulting from the misuse or theft of the trade secret.

Unjust Enrichment

A plaintiff may recover for unjust enrichment caused by misappropriation, provided that such enrichment is not already accounted for in the calculation of actual loss. Unjust enrichment may be calculated based on the defendant’s profits, increased productivity, market share gained from the use of the trade secret, or the development costs saved.

The plaintiff must show evidence that the defendant profited at the plaintiff’s (trade secret holder’s) expense. A lack of evidence or speculative claims may preclude recovery under these measures. Courts are hesitant to award damages for unjust enrichment unless the plaintiff can demonstrate that the defendant acquired some calculable profit or benefit from the misappropriation.

Double Counting

A successful plaintiff may recover both actual loss and unjust enrichment damages, but there can be no double counting. This means that, to recover both, the defendant’s unjust enrichment must be distinct from or in excess of the plaintiff’s actual loss.

Reasonable Royalties

If neither actual loss nor unjust enrichment can be proven, the UTSA allows courts to award a reasonable royalty for the period during which the use of the trade secret could have been prohibited.

A reasonable royalty is an approximation of a royalty under a voluntary licensing agreement. Courts typically assess what the parties would have reasonably agreed to in a hypothetical negotiation at the time the misappropriation began. Courts often begin with real-world comparables as a starting point for determining a reasonable royalty. These comparables may include licensing agreements or other transactions involving similar trade secrets. Then the court will adjust the royalty amount using a calculation based on facts specific to the case, often proven by an expert witness. The calculation may consider market value of the trade secret; cost savings or value to the defendant; duration and scope of use; and overall willingness to license the trade secret based on factors like risks of disclosure, competitive advantage, and relationship between the parties.

In order to justify this alternative measure of damages, there must be competent evidence of the amount of a reasonable royalty. This remedy is discretionary and is typically applied when other forms of damages are unprovable. The court may not order payment of a reasonable royalty for longer than the period of time the use of the trade secret could have been prohibited.

Exemplary Damages

If the misappropriation is found to be willful and malicious, the UTSA and the DTSA permit courts to award exemplary damages in an amount not exceeding twice the award for actual loss or unjust enrichment. Courts have interpreted “willful and malicious” to include conduct that is intentional and motivated by ill will or improper motives.

While the courts are granted discretion, judges often look to the following factors to determine the degree to which they will enhance damages: degree of intent, defendant’s state of mind, extent of harm, duration of misuse, efforts to conceal misuse, prior conduct of similar misappropriations, and deterrence.

Attorney Fees

If a claim of misappropriation is made in bad faith, a motion to terminate an injunction is made or resisted in bad faith, or willful and malicious misappropriation exists, the court may award reasonable attorney fees to the prevailing party.

Summation

Trade secret misappropriation presents complex legal challenges, but both the UTSA and the DTSA provide a comprehensive framework for addressing these disputes and awarding damages. Whether through actual loss, unjust enrichment, reasonable royalties, or exemplary damages, courts aim to ensure fair compensation for the harm suffered and to deter future misconduct.

* * *

This concludes our overview of damages for trade secret misappropriation and our series on damages for IP infringement.

1. Defend Trade Secrets Act, Pub. L. No. 114-153 (2016). ↑